Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Firefox redirects to click.livesearchnow.com [Solved]


  • This topic is locked This topic is locked

#1
byron22

byron22

    Member

  • Member
  • PipPip
  • 23 posts
I am occasionally redirected to junk sites when I click on Google search results on Firefox. Malewarebytes and AVG have not detected the virus. The Kaspersky TDSS Killer also did not catch anything. Thanks for your help.

OTL logfile created on: 1/28/2013 8:14:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brian\Desktop\Netscape\Netscape
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 60.78% Memory free
5.97 Gb Paging File | 4.89 Gb Available in Paging File | 81.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.59 Gb Total Space | 216.50 Gb Free Space | 47.52% Space Free | Partition Type: NTFS
Drive D: | 10.17 Gb Total Space | 1.37 Gb Free Space | 13.45% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/28 16:43:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\Netscape\Netscape\OTL.exe
PRC - [2013/01/22 10:56:50 | 001,101,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/01/22 10:56:49 | 000,945,328 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
PRC - [2013/01/19 13:01:16 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/03/15 17:07:54 | 020,774,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
PRC - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2009/04/10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/26 08:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/22 10:56:50 | 001,101,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/01/22 10:56:50 | 000,156,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll
MOD - [2013/01/19 13:01:16 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/04/08 08:11:13 | 008,797,344 | ---- | M] () -- C:\WINDOWS\System32\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2011/05/26 12:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - [2013/01/22 10:56:49 | 000,945,328 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1)
SRV - [2013/01/19 13:01:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/04/08 08:11:14 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/01/22 10:56:50 | 000,031,576 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/08 19:44:29 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2012/10/02 02:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 02:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 02:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 02:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 02:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/29 07:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/25 14:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/25 14:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/12/12 03:20:00 | 007,629,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/18 10:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/12 10:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {6DBD9950-6248-4720-9E5B-11E20447196D}
IE - HKLM\..\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{6DBD9950-6248-4720-9E5B-11E20447196D}: "URL" = http://search.yahoo....ing}&fr=hp-psdt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKCU\..\SearchScopes\{6DBD9950-6248-4720-9E5B-11E20447196D}: "URL" = http://search.yahoo....ing}&fr=hp-psdt
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-09-27 19:55:35&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.co...d_search?hl=en"
FF - prefs.js..extensions.enabledAddons: %7Bb73ea464-ba8c-4b76-86e4-00eaf7b1b88d%7D:3.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.95
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013/01/22 10:58:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 13:01:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 13:01:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 13:01:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 13:01:10 | 000,000,000 | ---D | M]

[2011/06/06 00:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2013/01/28 17:31:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions
[2013/01/02 23:40:07 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2013/01/23 11:34:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/05/30 18:52:15 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/01/28 17:31:28 | 000,533,221 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/01/13 10:10:23 | 000,004,037 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{b73ea464-ba8c-4b76-86e4-00eaf7b1b88d}.xpi
[2013/01/19 13:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/19 13:01:16 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/22 10:57:36 | 000,003,591 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/08/30 17:59:33 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/13 12:11:37 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/01/28 16:59:13 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files\Opanda\IExif 2.3\IExifMap.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 2.3\IExifCom.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D673272-229C-46B3-8E44-6A872B1F279B}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/05 03:45:19 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{46e2ee23-0ed1-11e1-ac51-001fc6dbe0c6}\Shell - "" = AutoRun
O33 - MountPoints2\{46e2ee23-0ed1-11e1-ac51-001fc6dbe0c6}\Shell\AutoRun\command - "" = K:\MI.exe
O33 - MountPoints2\{e3f07aff-9502-11e0-9d48-001fc6dbe0c6}\Shell - "" = AutoRun
O33 - MountPoints2\{e3f07aff-9502-11e0-9d48-001fc6dbe0c6}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/28 17:25:01 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Brian\Desktop\TDSSKiller.exe
[2013/01/28 16:59:12 | 000,000,000 | ---D | C] -- C:\_OTM
[2013/01/26 11:19:02 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\My muvees
[2013/01/26 11:18:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\muvee Technologies
[2013/01/25 21:29:16 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Malwarebytes
[2013/01/25 21:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/25 21:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/25 21:29:12 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/25 21:29:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/19 13:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/10 12:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/01/09 17:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/01/09 17:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Becker's CPA Exam Review - 2013 Edition
[2013/01/09 17:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Becker Professional Education
[2013/01/09 17:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Becker Professional Education
[2013/01/07 23:11:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Apps
[2013/01/07 23:11:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Deployment
[2013/01/07 21:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/01/07 21:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/01/03 23:05:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\dvdcss
[2013/01/03 23:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Ripper
[2013/01/03 23:04:58 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Digiarty
[2013/01/03 23:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2011/06/07 17:09:30 | 000,812,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\Set-up.exe

========== Files - Modified Within 30 Days ==========

[2013/01/28 20:11:15 | 000,002,595 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel 2010.lnk
[2013/01/28 19:46:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/28 19:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/28 19:36:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/28 19:36:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/28 17:37:17 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/28 17:37:17 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013/01/28 17:36:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/28 17:36:43 | 3085,426,688 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/28 16:59:13 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/01/27 01:17:00 | 003,753,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/26 11:43:42 | 000,002,637 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2013/01/26 11:17:57 | 000,000,600 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\winscp.rnd
[2013/01/25 21:29:14 | 000,000,649 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 10:56:50 | 000,031,576 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/01/13 10:15:39 | 000,006,527 | ---- | M] () -- C:\Users\Brian\AppData\Local\b73ea464-ba8c-4b76-86e4-00eaf7b1b88d.crx
[2013/01/10 12:37:55 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/01/09 22:59:34 | 000,608,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/09 22:59:34 | 000,105,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/09 22:12:05 | 000,002,571 | ---- | M] () -- C:\Users\Brian\Desktop\Microsoft Excel 2010.lnk
[2013/01/09 17:29:52 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Becker's CPA Exam Review - 2013 Edition.lnk
[2013/01/07 12:47:09 | 000,083,456 | ---- | M] () -- C:\Users\Brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/03 23:05:00 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\WinX DVD Ripper.lnk

========== Files Created - No Company Name ==========

[2013/01/25 21:29:14 | 000,000,649 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 10:58:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013/01/10 21:39:48 | 000,006,527 | ---- | C] () -- C:\Users\Brian\AppData\Local\b73ea464-ba8c-4b76-86e4-00eaf7b1b88d.crx
[2013/01/09 17:29:52 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Becker's CPA Exam Review - 2013 Edition.lnk
[2013/01/03 23:05:00 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\WinX DVD Ripper.lnk
[2012/10/08 19:44:29 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Internet Services
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Internet Plug-Ins
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Instrument Library
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\Users\Brian\AppData\Roaming\InkjetPrinter
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\Users\Brian\AppData\Roaming\Importer
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\Users\Brian\AppData\Roaming\Images
[2012/04/14 09:46:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/04/14 09:46:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/04/14 09:46:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/10/29 21:21:59 | 000,000,600 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\winscp.rnd
[2011/08/28 21:13:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/08/28 21:13:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/06/07 17:05:12 | 000,133,280 | ---- | C] () -- C:\Program Files\Creative Suite 5 Design Premium Read Me.pdf
[2011/06/06 23:55:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/06/06 19:54:57 | 000,083,456 | ---- | C] () -- C:\Users\Brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/06 01:02:31 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/06/06 00:28:56 | 000,000,680 | ---- | C] () -- C:\Users\Brian\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2012/10/07 22:32:01 | 000,002,048 | -HS- | M] () -- C:\$Recycle.Bin\S-1-5-18\$f8b3bda3a54541cfc21274301bcaedde\@
[2012/10/08 18:45:06 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$f8b3bda3a54541cfc21274301bcaedde\L
[2013/01/27 01:14:27 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$f8b3bda3a54541cfc21274301bcaedde\U
[2012/10/08 18:45:06 | 000,000,804 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-18\$f8b3bda3a54541cfc21274301bcaedde\L\[email protected]
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2009/04/10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/27 19:22:05 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\AVG2013
[2011/10/31 22:05:13 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/01/03 23:05:06 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Digiarty
[2011/08/14 20:01:16 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\FireShot
[2012/08/07 10:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Foxit Software
[2012/08/23 21:31:03 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Mp3tag
[2013/01/26 11:19:09 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\muvee Technologies
[2011/11/08 23:52:26 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NCH Swift Sound
[2011/06/07 19:48:43 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NeatImage PS 32
[2012/04/14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Nikon
[2011/06/06 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Snapfish
[2011/06/22 21:58:59 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/09/27 18:55:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TuneUp Software
[2011/07/04 10:46:09 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\VitySoft
[2012/07/13 00:27:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WinFF

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D62C83D5

< End of report >
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello byron22 and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply



Step 3

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hello Maliprog. Thanks for your assistance. Here is the TDSS log:

11:02:43.0609 3244 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:02:44.0109 3244 ============================================================
11:02:44.0109 3244 Current date / time: 2013/01/29 11:02:44.0109
11:02:44.0109 3244 SystemInfo:
11:02:44.0109 3244
11:02:44.0109 3244 OS Version: 6.0.6002 ServicePack: 2.0
11:02:44.0109 3244 Product type: Workstation
11:02:44.0109 3244 ComputerName: BRIAN-PC
11:02:44.0109 3244 UserName: Brian
11:02:44.0109 3244 Windows directory: C:\Windows
11:02:44.0109 3244 System windows directory: C:\Windows
11:02:44.0109 3244 Processor architecture: Intel x86
11:02:44.0109 3244 Number of processors: 2
11:02:44.0109 3244 Page size: 0x1000
11:02:44.0109 3244 Boot type: Normal boot
11:02:44.0109 3244 ============================================================
11:02:49.0366 3244 BG loaded
11:02:59.0599 3244 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:02:59.0631 3244 ============================================================
11:02:59.0631 3244 \Device\Harddisk0\DR0:
11:02:59.0724 3244 MBR partitions:
11:02:59.0724 3244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38F2C2D2
11:02:59.0724 3244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38F2C311, BlocksNum 0x1458930
11:02:59.0724 3244 ============================================================
11:02:59.0911 3244 C: <-> \Device\Harddisk0\DR0\Partition1
11:03:00.0333 3244 D: <-> \Device\Harddisk0\DR0\Partition2
11:03:00.0333 3244 ============================================================
11:03:00.0333 3244 Initialize success
11:03:00.0333 3244 ============================================================
11:04:41.0453 3044 ============================================================
11:04:41.0453 3044 Scan started
11:04:41.0453 3044 Mode: Manual; SigCheck; TDLFS;
11:04:41.0453 3044 ============================================================
11:04:41.0890 3044 ================ Scan system memory ========================
11:04:41.0890 3044 System memory - ok
11:04:41.0890 3044 ================ Scan services =============================
11:04:42.0670 3044 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:04:42.0763 3044 ACPI - ok
11:04:43.0231 3044 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
11:04:43.0247 3044 AdobeActiveFileMonitor9.0 - ok
11:04:43.0340 3044 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:04:43.0372 3044 AdobeFlashPlayerUpdateSvc - ok
11:04:43.0418 3044 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:04:43.0434 3044 adp94xx - ok
11:04:43.0465 3044 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:04:43.0481 3044 adpahci - ok
11:04:43.0496 3044 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:04:43.0512 3044 adpu160m - ok
11:04:43.0528 3044 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:04:43.0543 3044 adpu320 - ok
11:04:43.0590 3044 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:04:43.0621 3044 AeLookupSvc - ok
11:04:43.0715 3044 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:04:43.0777 3044 AFD - ok
11:04:43.0808 3044 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:04:43.0840 3044 agp440 - ok
11:04:43.0855 3044 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:04:43.0871 3044 aic78xx - ok
11:04:43.0871 3044 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:04:44.0011 3044 ALG - ok
11:04:44.0027 3044 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
11:04:44.0042 3044 aliide - ok
11:04:44.0058 3044 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:04:44.0074 3044 amdagp - ok
11:04:44.0089 3044 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
11:04:44.0089 3044 amdide - ok
11:04:44.0105 3044 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:04:44.0152 3044 AmdK7 - ok
11:04:44.0167 3044 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:04:44.0214 3044 AmdK8 - ok
11:04:44.0261 3044 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:04:44.0323 3044 Appinfo - ok
11:04:44.0542 3044 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:04:44.0557 3044 Apple Mobile Device - ok
11:04:44.0588 3044 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:04:44.0604 3044 arc - ok
11:04:44.0620 3044 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:04:44.0635 3044 arcsas - ok
11:04:44.0651 3044 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:04:44.0698 3044 AsyncMac - ok
11:04:44.0729 3044 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
11:04:44.0744 3044 atapi - ok
11:04:44.0838 3044 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:04:44.0869 3044 AudioEndpointBuilder - ok
11:04:44.0885 3044 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:04:44.0916 3044 Audiosrv - ok
11:04:45.0509 3044 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
11:04:45.0680 3044 AVGIDSAgent - ok
11:04:45.0774 3044 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
11:04:45.0790 3044 AVGIDSDriver - ok
11:04:45.0868 3044 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
11:04:45.0883 3044 AVGIDSHX - ok
11:04:45.0946 3044 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
11:04:45.0946 3044 AVGIDSShim - ok
11:04:46.0039 3044 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
11:04:46.0055 3044 Avgldx86 - ok
11:04:46.0117 3044 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
11:04:46.0133 3044 Avglogx - ok
11:04:46.0164 3044 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
11:04:46.0180 3044 Avgmfx86 - ok
11:04:46.0211 3044 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
11:04:46.0211 3044 Avgrkx86 - ok
11:04:46.0226 3044 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
11:04:46.0242 3044 Avgtdix - ok
11:04:46.0382 3044 [ 740970262714E0575F23A917A2A53A31 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
11:04:46.0382 3044 avgtp - ok
11:04:46.0460 3044 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
11:04:46.0476 3044 avgwd - ok
11:04:46.0523 3044 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:04:46.0585 3044 Beep - ok
11:04:46.0601 3044 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:04:46.0632 3044 blbdrive - ok
11:04:46.0710 3044 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:04:46.0726 3044 Bonjour Service - ok
11:04:46.0741 3044 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:04:46.0788 3044 bowser - ok
11:04:46.0819 3044 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:04:46.0850 3044 BrFiltLo - ok
11:04:46.0850 3044 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:04:46.0882 3044 BrFiltUp - ok
11:04:46.0913 3044 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:04:46.0944 3044 Browser - ok
11:04:46.0975 3044 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:04:47.0131 3044 Brserid - ok
11:04:47.0162 3044 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:04:47.0240 3044 BrSerWdm - ok
11:04:47.0256 3044 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:04:47.0318 3044 BrUsbMdm - ok
11:04:47.0334 3044 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:04:47.0381 3044 BrUsbSer - ok
11:04:47.0396 3044 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:04:47.0459 3044 BTHMODEM - ok
11:04:47.0490 3044 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:04:47.0521 3044 cdfs - ok
11:04:47.0552 3044 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:04:47.0568 3044 cdrom - ok
11:04:47.0599 3044 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:04:47.0646 3044 CertPropSvc - ok
11:04:47.0662 3044 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:04:47.0693 3044 circlass - ok
11:04:47.0802 3044 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:04:47.0818 3044 CLFS - ok
11:04:47.0927 3044 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:04:47.0958 3044 clr_optimization_v2.0.50727_32 - ok
11:04:48.0083 3044 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:04:48.0098 3044 clr_optimization_v4.0.30319_32 - ok
11:04:48.0114 3044 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:04:48.0130 3044 cmdide - ok
11:04:48.0130 3044 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:04:48.0145 3044 Compbatt - ok
11:04:48.0145 3044 COMSysApp - ok
11:04:48.0161 3044 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:04:48.0176 3044 crcdisk - ok
11:04:48.0176 3044 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:04:48.0223 3044 Crusoe - ok
11:04:48.0286 3044 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:04:48.0348 3044 CryptSvc - ok
11:04:48.0395 3044 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:04:48.0426 3044 DcomLaunch - ok
11:04:48.0488 3044 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:04:48.0535 3044 DfsC - ok
11:04:48.0660 3044 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:04:48.0832 3044 DFSR - ok
11:04:48.0878 3044 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:04:48.0910 3044 Dhcp - ok
11:04:48.0925 3044 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:04:48.0925 3044 disk - ok
11:04:48.0941 3044 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:04:48.0972 3044 Dnscache - ok
11:04:49.0003 3044 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:04:49.0019 3044 dot3svc - ok
11:04:49.0066 3044 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:04:49.0097 3044 DPS - ok
11:04:49.0144 3044 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:04:49.0175 3044 drmkaud - ok
11:04:49.0206 3044 [ FB85F7F69E9B109820409243F578CC4D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:04:49.0237 3044 DXGKrnl - ok
11:04:49.0300 3044 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:04:49.0362 3044 E1G60 - ok
11:04:49.0378 3044 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:04:49.0393 3044 EapHost - ok
11:04:49.0424 3044 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:04:49.0440 3044 Ecache - ok
11:04:49.0487 3044 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:04:49.0534 3044 ehRecvr - ok
11:04:49.0565 3044 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
11:04:49.0674 3044 ehSched - ok
11:04:49.0690 3044 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
11:04:49.0721 3044 ehstart - ok
11:04:49.0736 3044 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:04:49.0799 3044 elxstor - ok
11:04:49.0986 3044 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:04:50.0095 3044 EMDMgmt - ok
11:04:50.0111 3044 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:04:50.0142 3044 ErrDev - ok
11:04:50.0189 3044 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:04:50.0251 3044 EventSystem - ok
11:04:50.0282 3044 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:04:50.0345 3044 exfat - ok
11:04:50.0376 3044 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:04:50.0392 3044 fastfat - ok
11:04:50.0407 3044 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:04:50.0454 3044 fdc - ok
11:04:50.0485 3044 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:04:50.0501 3044 fdPHost - ok
11:04:50.0516 3044 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:04:50.0563 3044 FDResPub - ok
11:04:50.0579 3044 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:04:50.0594 3044 FileInfo - ok
11:04:50.0610 3044 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:04:50.0657 3044 Filetrace - ok
11:04:50.0672 3044 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:04:50.0704 3044 flpydisk - ok
11:04:50.0719 3044 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:04:50.0735 3044 FltMgr - ok
11:04:50.0797 3044 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:04:50.0813 3044 FontCache3.0.0.0 - ok
11:04:50.0828 3044 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:04:50.0844 3044 Fs_Rec - ok
11:04:50.0875 3044 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:04:50.0875 3044 gagp30kx - ok
11:04:50.0938 3044 [ 6139AE70E943B2A57AD04B70A316C0A0 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
11:04:50.0984 3044 GameConsoleService - ok
11:04:51.0031 3044 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:04:51.0031 3044 GEARAspiWDM - ok
11:04:51.0218 3044 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:04:51.0265 3044 gpsvc - ok
11:04:51.0452 3044 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:04:51.0468 3044 gupdate - ok
11:04:51.0484 3044 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:04:51.0499 3044 gupdatem - ok
11:04:51.0530 3044 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:04:51.0562 3044 HDAudBus - ok
11:04:51.0593 3044 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:04:51.0640 3044 HidBth - ok
11:04:51.0655 3044 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:04:51.0702 3044 HidIr - ok
11:04:51.0718 3044 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
11:04:51.0764 3044 hidserv - ok
11:04:51.0796 3044 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:04:51.0842 3044 HidUsb - ok
11:04:51.0874 3044 [ 47EECE68857817F39C8C6F33A7E5E76C ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
11:04:51.0889 3044 hitmanpro36 - ok
11:04:51.0905 3044 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:04:51.0952 3044 hkmsvc - ok
11:04:52.0045 3044 [ CB383AB0B8BA871D893B86D3C9A3ED9F ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
11:04:52.0045 3044 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
11:04:52.0045 3044 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
11:04:52.0076 3044 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:04:52.0108 3044 HpCISSs - ok
11:04:52.0170 3044 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
11:04:52.0232 3044 HSF_DP - ok
11:04:52.0279 3044 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
11:04:52.0310 3044 HSXHWBS2 - ok
11:04:52.0435 3044 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:04:52.0576 3044 HTTP - ok
11:04:52.0638 3044 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:04:52.0654 3044 i2omp - ok
11:04:52.0716 3044 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:04:52.0778 3044 i8042prt - ok
11:04:52.0810 3044 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:04:52.0825 3044 iaStorV - ok
11:04:52.0966 3044 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:04:52.0981 3044 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:04:52.0981 3044 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:04:53.0028 3044 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:04:53.0075 3044 idsvc - ok
11:04:53.0122 3044 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:04:53.0200 3044 iirsp - ok
11:04:53.0231 3044 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:04:53.0262 3044 IKEEXT - ok
11:04:53.0387 3044 [ 4C01298060CF930D26A75A86B874B6AE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:04:53.0434 3044 IntcAzAudAddService - ok
11:04:53.0480 3044 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
11:04:53.0496 3044 intelide - ok
11:04:53.0512 3044 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:04:53.0543 3044 intelppm - ok
11:04:53.0558 3044 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:04:53.0574 3044 IPBusEnum - ok
11:04:53.0590 3044 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:04:53.0636 3044 IpFilterDriver - ok
11:04:53.0636 3044 IpInIp - ok
11:04:53.0668 3044 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:04:53.0699 3044 IPMIDRV - ok
11:04:53.0730 3044 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:04:53.0761 3044 IPNAT - ok
11:04:53.0839 3044 [ 3384D1961CE2698C29914F43A29EF823 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:04:53.0855 3044 iPod Service - ok
11:04:53.0902 3044 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:04:53.0933 3044 IRENUM - ok
11:04:53.0948 3044 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:04:53.0964 3044 isapnp - ok
11:04:53.0995 3044 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:04:54.0011 3044 iScsiPrt - ok
11:04:54.0011 3044 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:04:54.0026 3044 iteatapi - ok
11:04:54.0026 3044 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:04:54.0042 3044 iteraid - ok
11:04:54.0058 3044 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:04:54.0058 3044 kbdclass - ok
11:04:54.0073 3044 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:04:54.0104 3044 kbdhid - ok
11:04:54.0120 3044 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:04:54.0136 3044 KeyIso - ok
11:04:54.0292 3044 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:04:54.0323 3044 KSecDD - ok
11:04:54.0448 3044 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:04:54.0494 3044 KtmRm - ok
11:04:54.0541 3044 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
11:04:54.0588 3044 LanmanServer - ok
11:04:54.0635 3044 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:04:54.0682 3044 LanmanWorkstation - ok
11:04:54.0728 3044 [ C215E09622118383B236DD56C2065183 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:04:54.0775 3044 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:04:54.0775 3044 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:04:54.0806 3044 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:04:54.0853 3044 lltdio - ok
11:04:54.0900 3044 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:04:54.0962 3044 lltdsvc - ok
11:04:54.0978 3044 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:04:55.0040 3044 lmhosts - ok
11:04:55.0072 3044 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:04:55.0087 3044 LSI_FC - ok
11:04:55.0118 3044 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:04:55.0134 3044 LSI_SAS - ok
11:04:55.0150 3044 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:04:55.0165 3044 LSI_SCSI - ok
11:04:55.0181 3044 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:04:55.0228 3044 luafv - ok
11:04:55.0243 3044 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:04:55.0259 3044 Mcx2Svc - ok
11:04:55.0274 3044 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:04:55.0306 3044 mdmxsdk - ok
11:04:55.0337 3044 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:04:55.0384 3044 megasas - ok
11:04:55.0399 3044 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:04:55.0415 3044 MegaSR - ok
11:04:55.0649 3044 Microsoft SharePoint Workspace Audit Service - ok
11:04:55.0680 3044 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:04:55.0727 3044 MMCSS - ok
11:04:55.0742 3044 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:04:55.0805 3044 Modem - ok
11:04:55.0820 3044 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:04:55.0852 3044 monitor - ok
11:04:55.0883 3044 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:04:55.0883 3044 mouclass - ok
11:04:55.0898 3044 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:04:55.0930 3044 mouhid - ok
11:04:55.0976 3044 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:04:55.0976 3044 MountMgr - ok
11:04:56.0070 3044 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:04:56.0070 3044 MozillaMaintenance - ok
11:04:56.0086 3044 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:04:56.0101 3044 mpio - ok
11:04:56.0117 3044 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:04:56.0148 3044 mpsdrv - ok
11:04:56.0179 3044 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:04:56.0195 3044 Mraid35x - ok
11:04:56.0210 3044 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:04:56.0226 3044 MRxDAV - ok
11:04:56.0273 3044 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:04:56.0335 3044 mrxsmb - ok
11:04:56.0366 3044 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:04:56.0382 3044 mrxsmb10 - ok
11:04:56.0398 3044 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:04:56.0413 3044 mrxsmb20 - ok
11:04:56.0460 3044 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
11:04:56.0491 3044 msahci - ok
11:04:56.0522 3044 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:04:56.0538 3044 msdsm - ok
11:04:56.0569 3044 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:04:56.0600 3044 MSDTC - ok
11:04:56.0616 3044 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:04:56.0663 3044 Msfs - ok
11:04:56.0678 3044 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:04:56.0678 3044 msisadrv - ok
11:04:56.0710 3044 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:04:56.0756 3044 MSiSCSI - ok
11:04:56.0756 3044 msiserver - ok
11:04:56.0788 3044 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:04:56.0803 3044 MSKSSRV - ok
11:04:56.0819 3044 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:04:56.0850 3044 MSPCLOCK - ok
11:04:56.0850 3044 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:04:56.0881 3044 MSPQM - ok
11:04:56.0912 3044 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:04:56.0912 3044 MsRPC - ok
11:04:56.0959 3044 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:04:56.0975 3044 mssmbios - ok
11:04:56.0990 3044 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:04:57.0022 3044 MSTEE - ok
11:04:57.0022 3044 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:04:57.0037 3044 Mup - ok
11:04:57.0084 3044 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:04:57.0100 3044 napagent - ok
11:04:57.0131 3044 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:04:57.0162 3044 NativeWifiP - ok
11:04:57.0178 3044 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:04:57.0193 3044 NDIS - ok
11:04:57.0240 3044 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:04:57.0271 3044 NdisTapi - ok
11:04:57.0318 3044 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:04:57.0349 3044 Ndisuio - ok
11:04:57.0380 3044 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:04:57.0412 3044 NdisWan - ok
11:04:57.0427 3044 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:04:57.0458 3044 NDProxy - ok
11:04:57.0474 3044 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:04:57.0521 3044 NetBIOS - ok
11:04:57.0583 3044 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:04:57.0614 3044 netbt - ok
11:04:57.0630 3044 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:04:57.0630 3044 Netlogon - ok
11:04:57.0708 3044 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:04:57.0755 3044 Netman - ok
11:04:57.0770 3044 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:04:57.0817 3044 netprofm - ok
11:04:57.0848 3044 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:04:57.0848 3044 NetTcpPortSharing - ok
11:04:57.0864 3044 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:04:57.0880 3044 nfrd960 - ok
11:04:57.0895 3044 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:04:57.0926 3044 NlaSvc - ok
11:04:58.0020 3044 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:04:58.0036 3044 Npfs - ok
11:04:58.0067 3044 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:04:58.0098 3044 nsi - ok
11:04:58.0098 3044 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:04:58.0160 3044 nsiproxy - ok
11:04:58.0301 3044 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:04:58.0348 3044 Ntfs - ok
11:04:58.0394 3044 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:04:58.0441 3044 ntrigdigi - ok
11:04:58.0457 3044 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:04:58.0488 3044 Null - ok
11:04:58.0535 3044 [ AE78A7285DF03A277415FC62F8CE8F24 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:04:58.0566 3044 NVENETFD - ok
11:04:59.0206 3044 [ 1924B437D113E909ABB7F11623884D77 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:05:00.0220 3044 nvlddmkm - ok
11:05:00.0313 3044 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:05:00.0329 3044 nvraid - ok
11:05:00.0376 3044 [ 0D15327134E5871C922760ACD7449E84 ] nvrd32 C:\Windows\system32\drivers\nvrd32.sys
11:05:00.0454 3044 nvrd32 - ok
11:05:00.0516 3044 [ C44EE36DD84FA95EB81D79C374756003 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
11:05:00.0532 3044 nvsmu - ok
11:05:00.0563 3044 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:05:00.0578 3044 nvstor - ok
11:05:00.0578 3044 [ FA7B8ECA6E845B244B7E30A9DCD82C6C ] nvstor32 C:\Windows\system32\drivers\nvstor32.sys
11:05:00.0594 3044 nvstor32 - ok
11:05:00.0610 3044 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:05:00.0625 3044 nv_agp - ok
11:05:00.0625 3044 NwlnkFlt - ok
11:05:00.0625 3044 NwlnkFwd - ok
11:05:00.0656 3044 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:05:00.0703 3044 ohci1394 - ok
11:05:00.0812 3044 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:05:00.0844 3044 ose - ok
11:05:01.0327 3044 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:05:01.0592 3044 osppsvc - ok
11:05:01.0795 3044 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:05:01.0873 3044 p2pimsvc - ok
11:05:01.0982 3044 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:05:02.0014 3044 p2psvc - ok
11:05:02.0076 3044 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:05:02.0170 3044 Parport - ok
11:05:02.0232 3044 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:05:02.0232 3044 partmgr - ok
11:05:02.0279 3044 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:05:02.0341 3044 Parvdm - ok
11:05:02.0357 3044 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:05:02.0404 3044 PcaSvc - ok
11:05:02.0419 3044 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:05:02.0435 3044 pci - ok
11:05:02.0450 3044 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
11:05:02.0466 3044 pciide - ok
11:05:02.0482 3044 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:05:02.0497 3044 pcmcia - ok
11:05:02.0544 3044 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:05:02.0591 3044 PEAUTH - ok
11:05:02.0653 3044 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:05:02.0747 3044 pla - ok
11:05:02.0809 3044 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:05:02.0887 3044 PlugPlay - ok
11:05:02.0918 3044 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:05:02.0934 3044 PNRPAutoReg - ok
11:05:03.0168 3044 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:05:03.0199 3044 PNRPsvc - ok
11:05:03.0277 3044 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:05:03.0308 3044 PolicyAgent - ok
11:05:03.0371 3044 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:05:03.0386 3044 PptpMiniport - ok
11:05:03.0418 3044 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
11:05:03.0449 3044 Processor - ok
11:05:03.0480 3044 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:05:03.0496 3044 ProfSvc - ok
11:05:03.0496 3044 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:05:03.0511 3044 ProtectedStorage - ok
11:05:03.0542 3044 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:05:03.0574 3044 PSched - ok
11:05:03.0605 3044 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:05:03.0605 3044 PxHelp20 - ok
11:05:03.0652 3044 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:05:03.0714 3044 ql2300 - ok
11:05:03.0761 3044 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:05:03.0776 3044 ql40xx - ok
11:05:03.0808 3044 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:05:03.0839 3044 QWAVE - ok
11:05:03.0870 3044 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:05:03.0870 3044 QWAVEdrv - ok
11:05:03.0886 3044 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:05:03.0932 3044 RasAcd - ok
11:05:03.0948 3044 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:05:03.0995 3044 RasAuto - ok
11:05:04.0010 3044 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:05:04.0057 3044 Rasl2tp - ok
11:05:04.0104 3044 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:05:04.0166 3044 RasMan - ok
11:05:04.0182 3044 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:05:04.0198 3044 RasPppoe - ok
11:05:04.0213 3044 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:05:04.0244 3044 RasSstp - ok
11:05:04.0291 3044 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:05:04.0322 3044 rdbss - ok
11:05:04.0354 3044 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:05:04.0385 3044 RDPCDD - ok
11:05:04.0416 3044 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:05:04.0447 3044 rdpdr - ok
11:05:04.0447 3044 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:05:04.0478 3044 RDPENCDD - ok
11:05:04.0525 3044 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:05:04.0603 3044 RDPWD - ok
11:05:04.0634 3044 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:05:04.0666 3044 RemoteAccess - ok
11:05:04.0712 3044 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:05:04.0790 3044 RemoteRegistry - ok
11:05:04.0806 3044 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:05:04.0868 3044 RpcLocator - ok
11:05:04.0900 3044 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:05:04.0915 3044 RpcSs - ok
11:05:04.0946 3044 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:05:04.0993 3044 rspndr - ok
11:05:05.0009 3044 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:05:05.0024 3044 SamSs - ok
11:05:05.0056 3044 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:05:05.0071 3044 sbp2port - ok
11:05:05.0118 3044 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:05:05.0165 3044 SCardSvr - ok
11:05:05.0196 3044 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:05:05.0274 3044 Schedule - ok
11:05:05.0305 3044 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:05:05.0321 3044 SCPolicySvc - ok
11:05:05.0352 3044 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:05:05.0383 3044 SDRSVC - ok
11:05:05.0446 3044 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:05:05.0477 3044 secdrv - ok
11:05:05.0492 3044 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:05:05.0508 3044 seclogon - ok
11:05:05.0524 3044 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
11:05:05.0570 3044 SENS - ok
11:05:05.0602 3044 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:05:05.0648 3044 Serenum - ok
11:05:05.0680 3044 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:05:05.0726 3044 Serial - ok
11:05:05.0742 3044 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:05:05.0773 3044 sermouse - ok
11:05:05.0836 3044 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:05:05.0882 3044 SessionEnv - ok
11:05:05.0898 3044 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:05:05.0929 3044 sffdisk - ok
11:05:05.0945 3044 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:05:05.0960 3044 sffp_mmc - ok
11:05:05.0976 3044 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:05:05.0992 3044 sffp_sd - ok
11:05:06.0007 3044 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:05:06.0054 3044 sfloppy - ok
11:05:06.0085 3044 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:05:06.0148 3044 ShellHWDetection - ok
11:05:06.0179 3044 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:05:06.0194 3044 sisagp - ok
11:05:06.0194 3044 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:05:06.0210 3044 SiSRaid2 - ok
11:05:06.0226 3044 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:05:06.0241 3044 SiSRaid4 - ok
11:05:06.0506 3044 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:05:06.0631 3044 slsvc - ok
11:05:06.0694 3044 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:05:06.0709 3044 SLUINotify - ok
11:05:06.0709 3044 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:05:06.0740 3044 Smb - ok
11:05:06.0787 3044 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:05:07.0021 3044 SNMPTRAP - ok
11:05:07.0037 3044 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:05:07.0037 3044 spldr - ok
11:05:07.0068 3044 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:05:07.0099 3044 Spooler - ok
11:05:07.0146 3044 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:05:07.0177 3044 srv - ok
11:05:07.0224 3044 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:05:07.0271 3044 srv2 - ok
11:05:07.0302 3044 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:05:07.0333 3044 srvnet - ok
11:05:07.0364 3044 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:05:07.0396 3044 SSDPSRV - ok
11:05:07.0411 3044 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:05:07.0442 3044 SstpSvc - ok
11:05:07.0520 3044 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:05:07.0552 3044 stisvc - ok
11:05:07.0583 3044 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:05:07.0598 3044 swenum - ok
11:05:07.0832 3044 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:05:07.0864 3044 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:05:07.0864 3044 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:05:07.0910 3044 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:05:07.0926 3044 swprv - ok
11:05:07.0957 3044 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:05:07.0973 3044 Symc8xx - ok
11:05:08.0020 3044 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:05:08.0051 3044 Sym_hi - ok
11:05:08.0082 3044 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:05:08.0098 3044 Sym_u3 - ok
11:05:08.0129 3044 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:05:08.0160 3044 SysMain - ok
11:05:08.0207 3044 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:05:08.0285 3044 TabletInputService - ok
11:05:08.0332 3044 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:05:08.0363 3044 TapiSrv - ok
11:05:08.0394 3044 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:05:08.0410 3044 TBS - ok
11:05:08.0534 3044 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:05:08.0550 3044 Tcpip - ok
11:05:08.0675 3044 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:05:08.0800 3044 Tcpip6 - ok
11:05:08.0862 3044 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:05:08.0940 3044 tcpipreg - ok
11:05:08.0971 3044 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:05:09.0080 3044 TDPIPE - ok
11:05:09.0080 3044 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:05:09.0112 3044 TDTCP - ok
11:05:09.0127 3044 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:05:09.0158 3044 tdx - ok
11:05:09.0190 3044 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:05:09.0205 3044 TermDD - ok
11:05:09.0283 3044 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:05:09.0346 3044 TermService - ok
11:05:09.0361 3044 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:05:09.0377 3044 Themes - ok
11:05:09.0377 3044 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:05:09.0392 3044 THREADORDER - ok
11:05:09.0439 3044 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:05:09.0486 3044 TrkWks - ok
11:05:09.0533 3044 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:05:09.0548 3044 TrustedInstaller - ok
11:05:09.0564 3044 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:05:09.0595 3044 tssecsrv - ok
11:05:09.0611 3044 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:05:09.0642 3044 tunmp - ok
11:05:09.0689 3044 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:05:09.0704 3044 tunnel - ok
11:05:09.0720 3044 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:05:09.0736 3044 uagp35 - ok
11:05:09.0767 3044 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:05:09.0798 3044 udfs - ok
11:05:09.0845 3044 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:05:09.0876 3044 UI0Detect - ok
11:05:09.0892 3044 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:05:09.0923 3044 uliagpkx - ok
11:05:09.0954 3044 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:05:10.0001 3044 uliahci - ok
11:05:10.0016 3044 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:05:10.0048 3044 UlSata - ok
11:05:10.0063 3044 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:05:10.0079 3044 ulsata2 - ok
11:05:10.0079 3044 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:05:10.0110 3044 umbus - ok
11:05:10.0172 3044 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:05:10.0204 3044 upnphost - ok
11:05:10.0266 3044 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
11:05:10.0360 3044 USBAAPL - ok
11:05:10.0406 3044 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:05:10.0438 3044 usbccgp - ok
11:05:10.0469 3044 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:05:10.0516 3044 usbcir - ok
11:05:10.0531 3044 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:05:10.0562 3044 usbehci - ok
11:05:10.0578 3044 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:05:10.0609 3044 usbhub - ok
11:05:10.0640 3044 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:05:10.0656 3044 usbohci - ok
11:05:10.0718 3044 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:05:10.0750 3044 usbprint - ok
11:05:10.0781 3044 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:05:10.0796 3044 USBSTOR - ok
11:05:10.0812 3044 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:05:10.0890 3044 usbuhci - ok
11:05:10.0921 3044 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:05:10.0952 3044 UxSms - ok
11:05:10.0984 3044 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:05:10.0999 3044 vds - ok
11:05:11.0046 3044 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:05:11.0077 3044 vga - ok
11:05:11.0093 3044 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:05:11.0108 3044 VgaSave - ok
11:05:11.0202 3044 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:05:11.0264 3044 viaagp - ok
11:05:11.0280 3044 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:05:11.0311 3044 ViaC7 - ok
11:05:11.0342 3044 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
11:05:11.0358 3044 viaide - ok
11:05:11.0374 3044 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:05:11.0374 3044 volmgr - ok
11:05:11.0498 3044 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:05:11.0514 3044 volmgrx - ok
11:05:11.0545 3044 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:05:11.0561 3044 volsnap - ok
11:05:11.0608 3044 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:05:11.0639 3044 vsmraid - ok
11:05:11.0670 3044 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:05:11.0842 3044 VSS - ok
11:05:12.0060 3044 [ 50D3941555FEFDF46424431702EC5FB6 ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
11:05:12.0107 3044 vToolbarUpdater14.0.1 - ok
11:05:12.0169 3044 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:05:12.0216 3044 W32Time - ok
11:05:12.0247 3044 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:05:12.0294 3044 WacomPen - ok
11:05:12.0325 3044 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:05:12.0341 3044 Wanarp - ok
11:05:12.0356 3044 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:05:12.0372 3044 Wanarpv6 - ok
11:05:12.0528 3044 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:05:12.0559 3044 wcncsvc - ok
11:05:12.0622 3044 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:05:12.0762 3044 WcsPlugInService - ok
11:05:12.0809 3044 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:05:12.0856 3044 Wd - ok
11:05:12.0887 3044 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:05:12.0965 3044 Wdf01000 - ok
11:05:13.0012 3044 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:05:13.0043 3044 WdiServiceHost - ok
11:05:13.0058 3044 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:05:13.0090 3044 WdiSystemHost - ok
11:05:13.0105 3044 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:05:13.0121 3044 WebClient - ok
11:05:13.0183 3044 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:05:13.0230 3044 Wecsvc - ok
11:05:13.0246 3044 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:05:13.0277 3044 wercplsupport - ok
11:05:13.0292 3044 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:05:13.0308 3044 WerSvc - ok
11:05:13.0402 3044 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:05:13.0448 3044 winachsf - ok
11:05:13.0464 3044 WinHttpAutoProxySvc - ok
11:05:13.0542 3044 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:05:13.0558 3044 Winmgmt - ok
11:05:13.0854 3044 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:05:13.0916 3044 WinRM - ok
11:05:14.0072 3044 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:05:14.0228 3044 Wlansvc - ok
11:05:14.0260 3044 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:05:14.0291 3044 WmiAcpi - ok
11:05:14.0306 3044 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:05:14.0338 3044 wmiApSrv - ok
11:05:14.0494 3044 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:05:14.0556 3044 WMPNetworkSvc - ok
11:05:14.0618 3044 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:05:14.0681 3044 WPCSvc - ok
11:05:14.0712 3044 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:05:14.0759 3044 WPDBusEnum - ok
11:05:14.0790 3044 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:05:14.0837 3044 WpdUsb - ok
11:05:15.0040 3044 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:05:15.0102 3044 WPFFontCache_v0400 - ok
11:05:15.0149 3044 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:05:15.0211 3044 ws2ifsl - ok
11:05:15.0227 3044 WSearch - ok
11:05:15.0242 3044 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:15.0289 3044 WUDFRd - ok
11:05:15.0320 3044 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:05:15.0367 3044 wudfsvc - ok
11:05:15.0398 3044 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
11:05:15.0430 3044 XAudio - ok
11:05:15.0461 3044 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
11:05:15.0476 3044 XAudioService - ok
11:05:15.0492 3044 ================ Scan global ===============================
11:05:15.0554 3044 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:05:15.0586 3044 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:05:15.0601 3044 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:05:15.0632 3044 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:05:15.0632 3044 [Global] - ok
11:05:15.0632 3044 ================ Scan MBR ==================================
11:05:15.0648 3044 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
11:05:17.0255 3044 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:05:17.0255 3044 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:05:17.0255 3044 ================ Scan VBR ==================================
11:05:17.0317 3044 [ 69FDA23A32627507DD3E2D8159707166 ] \Device\Harddisk0\DR0\Partition1
11:05:17.0364 3044 \Device\Harddisk0\DR0\Partition1 - ok
11:05:17.0395 3044 [ 7FB60660A905D476465CB23C8E85903B ] \Device\Harddisk0\DR0\Partition2
11:05:17.0442 3044 \Device\Harddisk0\DR0\Partition2 - ok
11:05:17.0442 3044 ================ Scan active images ========================
11:05:17.0442 3044 [ 36975327EF03949CC378AB01E316B574 ] C:\WINDOWS\System32\drivers\crashdmp.sys
11:05:17.0442 3044 C:\WINDOWS\System32\drivers\crashdmp.sys - ok
11:05:17.0442 3044 [ 494075282E23D838F43A4C9FB7143959 ] C:\WINDOWS\System32\drivers\Diskdump.sys
11:05:17.0442 3044 C:\WINDOWS\System32\drivers\Diskdump.sys - ok
11:05:17.0458 3044 [ FA7B8ECA6E845B244B7E30A9DCD82C6C ] C:\WINDOWS\System32\drivers\nvstor32.sys
11:05:17.0458 3044 C:\WINDOWS\System32\drivers\nvstor32.sys - ok
11:05:17.0458 3044 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\WINDOWS\System32\drivers\tunnel.sys
11:05:17.0458 3044 C:\WINDOWS\System32\drivers\tunnel.sys - ok
11:05:17.0458 3044 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] C:\WINDOWS\System32\drivers\amdk8.sys
11:05:17.0458 3044 C:\WINDOWS\System32\drivers\amdk8.sys - ok
11:05:17.0473 3044 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\WINDOWS\System32\drivers\i8042prt.sys
11:05:17.0473 3044 C:\WINDOWS\System32\drivers\i8042prt.sys - ok
11:05:17.0473 3044 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\WINDOWS\System32\drivers\kbdclass.sys
11:05:17.0473 3044 C:\WINDOWS\System32\drivers\kbdclass.sys - ok
11:05:17.0489 3044 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\WINDOWS\System32\drivers\1394bus.sys
11:05:17.0489 3044 C:\WINDOWS\System32\drivers\1394bus.sys - ok
11:05:17.0489 3044 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\WINDOWS\System32\drivers\ohci1394.sys
11:05:17.0489 3044 C:\WINDOWS\System32\drivers\ohci1394.sys - ok
11:05:17.0489 3044 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\WINDOWS\System32\drivers\usbehci.sys
11:05:17.0489 3044 C:\WINDOWS\System32\drivers\usbehci.sys - ok
11:05:17.0504 3044 [ CE697FEE0D479290D89BEC80DFE793B7 ] C:\WINDOWS\System32\drivers\usbohci.sys
11:05:17.0504 3044 C:\WINDOWS\System32\drivers\usbohci.sys - ok
11:05:17.0504 3044 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\WINDOWS\System32\drivers\usbport.sys
11:05:17.0504 3044 C:\WINDOWS\System32\drivers\usbport.sys - ok
11:05:17.0504 3044 [ FE440536BD98AF772130DC3A6FE1915F ] C:\WINDOWS\System32\drivers\HSXHWBS2.sys
11:05:17.0504 3044 C:\WINDOWS\System32\drivers\HSXHWBS2.sys - ok
11:05:17.0520 3044 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\WINDOWS\System32\drivers\ks.sys
11:05:17.0520 3044 C:\WINDOWS\System32\drivers\ks.sys - ok
11:05:17.0520 3044 [ 88749FBF8BEB18C90E7D6626C8C1910B ] C:\WINDOWS\System32\drivers\HSX_DP.sys
11:05:17.0520 3044 C:\WINDOWS\System32\drivers\HSX_DP.sys - ok
11:05:17.0536 3044 [ 72CC6A8CA7891031D6380DB5025C773C ] C:\WINDOWS\System32\drivers\HSX_CNXT.sys
11:05:17.0536 3044 C:\WINDOWS\System32\drivers\HSX_CNXT.sys - ok
11:05:17.0536 3044 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\WINDOWS\System32\drivers\modem.sys
11:05:17.0536 3044 C:\WINDOWS\System32\drivers\modem.sys - ok
11:05:17.0536 3044 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\WINDOWS\System32\drivers\hdaudbus.sys
11:05:17.0536 3044 C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
11:05:17.0551 3044 [ AE78A7285DF03A277415FC62F8CE8F24 ] C:\WINDOWS\System32\drivers\nvmfdx32.sys
11:05:17.0551 3044 C:\WINDOWS\System32\drivers\nvmfdx32.sys - ok
11:05:17.0551 3044 [ 6B4BFFB9BECD728097024276430DB314 ] C:\WINDOWS\System32\drivers\cdrom.sys
11:05:17.0551 3044 C:\WINDOWS\System32\drivers\cdrom.sys - ok
11:05:17.0567 3044 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
11:05:17.0567 3044 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys - ok
11:05:17.0567 3044 [ 1924B437D113E909ABB7F11623884D77 ] C:\WINDOWS\System32\drivers\nvlddmkm.sys
11:05:17.0567 3044 C:\WINDOWS\System32\drivers\nvlddmkm.sys - ok
11:05:17.0582 3044 [ FB85F7F69E9B109820409243F578CC4D ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:05:17.0582 3044 C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
11:05:17.0582 3044 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\WINDOWS\System32\drivers\watchdog.sys
11:05:17.0582 3044 C:\WINDOWS\System32\drivers\watchdog.sys - ok
11:05:17.0582 3044 [ 232FA340531D940AAC623B121A595034 ] C:\WINDOWS\System32\drivers\msiscsi.sys
11:05:17.0582 3044 C:\WINDOWS\System32\drivers\msiscsi.sys - ok
11:05:17.0598 3044 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\WINDOWS\System32\drivers\rasl2tp.sys
11:05:17.0598 3044 C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
11:05:17.0598 3044 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\WINDOWS\System32\drivers\tdi.sys
11:05:17.0598 3044 C:\WINDOWS\System32\drivers\tdi.sys - ok
11:05:17.0614 3044 [ 0E186E90404980569FB449BA7519AE61 ] C:\WINDOWS\System32\drivers\ndistapi.sys
11:05:17.0614 3044 C:\WINDOWS\System32\drivers\ndistapi.sys - ok
11:05:17.0614 3044 [ 818F648618AE34F729FDB47EC68345C3 ] C:\WINDOWS\System32\drivers\ndiswan.sys
11:05:17.0614 3044 C:\WINDOWS\System32\drivers\ndiswan.sys - ok
11:05:17.0614 3044 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\WINDOWS\System32\drivers\raspppoe.sys
11:05:17.0614 3044 C:\WINDOWS\System32\drivers\raspppoe.sys - ok
11:05:17.0629 3044 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\WINDOWS\System32\drivers\raspptp.sys
11:05:17.0629 3044 C:\WINDOWS\System32\drivers\raspptp.sys - ok
11:05:17.0629 3044 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\WINDOWS\System32\drivers\rassstp.sys
11:05:17.0629 3044 C:\WINDOWS\System32\drivers\rassstp.sys - ok
11:05:17.0645 3044 [ 5BF6A1326A335C5298477754A506D263 ] C:\WINDOWS\System32\drivers\mouclass.sys
11:05:17.0645 3044 C:\WINDOWS\System32\drivers\mouclass.sys - ok
11:05:17.0645 3044 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\WINDOWS\System32\drivers\termdd.sys
11:05:17.0645 3044 C:\WINDOWS\System32\drivers\termdd.sys - ok
11:05:17.0660 3044 [ E384487CB84BE41D09711C30CA79646C ] C:\WINDOWS\System32\drivers\mssmbios.sys
11:05:17.0660 3044 C:\WINDOWS\System32\drivers\mssmbios.sys - ok
11:05:17.0660 3044 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\WINDOWS\System32\drivers\swenum.sys
11:05:17.0660 3044 C:\WINDOWS\System32\drivers\swenum.sys - ok
11:05:17.0660 3044 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\WINDOWS\System32\drivers\umbus.sys
11:05:17.0660 3044 C:\WINDOWS\System32\drivers\umbus.sys - ok
11:05:17.0676 3044 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\WINDOWS\System32\drivers\usbhub.sys
11:05:17.0676 3044 C:\WINDOWS\System32\drivers\usbhub.sys - ok
11:05:17.0676 3044 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\WINDOWS\System32\drivers\ndproxy.sys
11:05:17.0676 3044 C:\WINDOWS\System32\drivers\ndproxy.sys - ok
11:05:17.0692 3044 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\WINDOWS\System32\drivers\drmk.sys
11:05:17.0692 3044 C:\WINDOWS\System32\drivers\drmk.sys - ok
11:05:17.0692 3044 [ 218286724EC530FF252648369E05B090 ] C:\WINDOWS\System32\drivers\portcls.sys
11:05:17.0692 3044 C:\WINDOWS\System32\drivers\portcls.sys - ok
11:05:17.0692 3044 [ 4C01298060CF930D26A75A86B874B6AE ] C:\WINDOWS\System32\drivers\RTKVHDA.sys
11:05:17.0692 3044 C:\WINDOWS\System32\drivers\RTKVHDA.sys - ok
11:05:17.0707 3044 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\WINDOWS\System32\drivers\fs_rec.sys
11:05:17.0707 3044 C:\WINDOWS\System32\drivers\fs_rec.sys - ok
11:05:17.0707 3044 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\WINDOWS\System32\drivers\beep.sys
11:05:17.0707 3044 C:\WINDOWS\System32\drivers\beep.sys - ok
11:05:17.0723 3044 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\WINDOWS\System32\drivers\null.sys
11:05:17.0723 3044 C:\WINDOWS\System32\drivers\null.sys - ok
11:05:17.0723 3044 [ 740970262714E0575F23A917A2A53A31 ] C:\WINDOWS\System32\drivers\avgtpx86.sys
11:05:17.0723 3044 C:\WINDOWS\System32\drivers\avgtpx86.sys - ok
11:05:17.0723 3044 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\WINDOWS\System32\drivers\vga.sys
11:05:17.0723 3044 C:\WINDOWS\System32\drivers\vga.sys - ok
11:05:17.0738 3044 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\WINDOWS\System32\drivers\videoprt.sys
11:05:17.0738 3044 C:\WINDOWS\System32\drivers\videoprt.sys - ok
11:05:17.0738 3044 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
11:05:17.0738 3044 C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
11:05:17.0754 3044 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\WINDOWS\System32\drivers\msfs.sys
11:05:17.0754 3044 C:\WINDOWS\System32\drivers\msfs.sys - ok
11:05:17.0754 3044 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\WINDOWS\System32\drivers\npfs.sys
11:05:17.0754 3044 C:\WINDOWS\System32\drivers\npfs.sys - ok
11:05:17.0754 3044 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
11:05:17.0754 3044 C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
11:05:17.0770 3044 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\WINDOWS\System32\drivers\rasacd.sys
11:05:17.0770 3044 C:\WINDOWS\System32\drivers\rasacd.sys - ok
11:05:17.0770 3044 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\WINDOWS\System32\drivers\tdx.sys
11:05:17.0770 3044 C:\WINDOWS\System32\drivers\tdx.sys - ok
11:05:17.0770 3044 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\WINDOWS\System32\drivers\smb.sys
11:05:17.0770 3044 C:\WINDOWS\System32\drivers\smb.sys - ok
11:05:17.0785 3044 [ BA73B38E9033FC6018DB736B635706AE ] C:\WINDOWS\System32\drivers\avgtdix.sys
11:05:17.0785 3044 C:\WINDOWS\System32\drivers\avgtdix.sys - ok
11:05:17.0785 3044 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\WINDOWS\System32\drivers\netbt.sys
11:05:17.0785 3044 C:\WINDOWS\System32\drivers\netbt.sys - ok
11:05:17.0801 3044 [ 3911B972B55FEA0478476B2E777B29FA ] C:\WINDOWS\System32\drivers\afd.sys
11:05:17.0801 3044 C:\WINDOWS\System32\drivers\afd.sys - ok
11:05:17.0801 3044 [ 5961CADB7CAD938368D2028725EF771D ] C:\WINDOWS\System32\drivers\hidclass.sys
11:05:17.0801 3044 C:\WINDOWS\System32\drivers\hidclass.sys - ok
11:05:17.0801 3044 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\WINDOWS\System32\drivers\hidparse.sys
11:05:17.0801 3044 C:\WINDOWS\System32\drivers\hidparse.sys - ok
11:05:17.0816 3044 [ CCA4B519B17E23A00B826C55716809CC ] C:\WINDOWS\System32\drivers\hidusb.sys
11:05:17.0816 3044 C:\WINDOWS\System32\drivers\hidusb.sys - ok
11:05:17.0816 3044 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\WINDOWS\System32\drivers\usbd.sys
11:05:17.0816 3044 C:\WINDOWS\System32\drivers\usbd.sys - ok
11:05:17.0832 3044 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\WINDOWS\System32\drivers\netbios.sys
11:05:17.0832 3044 C:\WINDOWS\System32\drivers\netbios.sys - ok
11:05:17.0832 3044 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\WINDOWS\System32\drivers\pacer.sys
11:05:17.0832 3044 C:\WINDOWS\System32\drivers\pacer.sys - ok
11:05:17.0832 3044 [ 93B8D4869E12CFBE663915502900876F ] C:\WINDOWS\System32\drivers\mouhid.sys
11:05:17.0832 3044 C:\WINDOWS\System32\drivers\mouhid.sys - ok
11:05:17.0848 3044 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\WINDOWS\System32\drivers\wanarp.sys
11:05:17.0848 3044 C:\WINDOWS\System32\drivers\wanarp.sys - ok
11:05:17.0848 3044 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\WINDOWS\System32\drivers\rdbss.sys
11:05:17.0848 3044 C:\WINDOWS\System32\drivers\rdbss.sys - ok
11:05:17.0863 3044 [ 609773E344A97410CE4EBF74A8914FCF ] C:\WINDOWS\System32\drivers\nsiproxy.sys
11:05:17.0863 3044 C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
11:05:17.0863 3044 [ D53D35031365A0ECCB1DC1BC1B15B18E ] C:\WINDOWS\System32\drivers\avgldx86.sys
11:05:17.0863 3044 C:\WINDOWS\System32\drivers\avgldx86.sys - ok
11:05:17.0863 3044 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\WINDOWS\System32\drivers\dfsc.sys
11:05:17.0863 3044 C:\WINDOWS\System32\drivers\dfsc.sys - ok
11:05:17.0879 3044 [ BE3DA31C191BC222D9AD503C5224F2AD ] C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:05:17.0879 3044 C:\WINDOWS\System32\drivers\USBSTOR.SYS - ok
11:05:17.0879 3044 [ A8DE230CC8536790CA07D37FBCD87A74 ] C:\WINDOWS\System32\drivers\avgidsshimx.sys
11:05:17.0879 3044 C:\WINDOWS\System32\drivers\avgidsshimx.sys - ok
11:05:17.0894 3044 [ 7BB2C605094DBCA536D127B434214862 ] C:\WINDOWS\System32\drivers\avgidsdriverx.sys
11:05:17.0894 3044 C:\WINDOWS\System32\drivers\avgidsdriverx.sys - ok
11:05:17.0894 3044 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\WINDOWS\System32\ntdll.dll
11:05:17.0894 3044 C:\WINDOWS\System32\ntdll.dll - ok
11:05:17.0894 3044 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\WINDOWS\System32\smss.exe
11:05:17.0894 3044 C:\WINDOWS\System32\smss.exe - ok
11:05:17.0910 3044 [ 10761177A6EBE45843F443E99509F5E7 ] C:\WINDOWS\System32\autochk.exe
11:05:17.0910 3044 C:\WINDOWS\System32\autochk.exe - ok
11:05:17.0910 3044 [ 544D486301588C8199187C9AB5778B4B ] C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
11:05:17.0910 3044 C:\PROGRA~1\AVG\AVG2013\avgrsx.exe - ok
11:05:17.0926 3044 [ 484987420BC8DED2CB26C6F4EC9BA7F2 ] C:\Program Files\AVG\AVG2013\avgsysx.dll
11:05:17.0926 3044 C:\Program Files\AVG\AVG2013\avgsysx.dll - ok
11:05:17.0926 3044 [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files\AVG\AVG2013\avgntopensslx.dll
11:05:17.0926 3044 C:\Program Files\AVG\AVG2013\avgntopensslx.dll - ok
11:05:17.0926 3044 [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files\AVG\AVG2013\avglogx.dll
11:05:17.0926 3044 C:\Program Files\AVG\AVG2013\avglogx.dll - ok
11:05:17.0941 3044 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\WINDOWS\System32\drivers\cdfs.sys
11:05:17.0941 3044 C:\WINDOWS\System32\drivers\cdfs.sys - ok
11:05:17.0941 3044 [ 0E297F71CBFAA611F830407D1054DC70 ] C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll
11:05:17.0941 3044 C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll - ok
11:05:17.0957 3044 [ 76FFA2433FEB42E78FB5421A50C8FBE3 ] C:\PROGRA~1\AVG\AVG2013\avgclitx.dll
11:05:17.0957 3044 C:\PROGRA~1\AVG\AVG2013\avgclitx.dll - ok
11:05:17.0957 3044 [ CCF775179F42797A3EE8BA5678543621 ] C:\PROGRA~1\AVG\AVG2013\avgcclix.dll
11:05:17.0957 3044 C:\PROGRA~1\AVG\AVG2013\avgcclix.dll - ok
11:05:17.0957 3044 [ 99997FA9056ACB38AA388BDA134CEF6E ] C:\Program Files\AVG\AVG2013\avgcsrvx.exe
11:05:17.0957 3044 C:\Program Files\AVG\AVG2013\avgcsrvx.exe - ok
11:05:17.0972 3044 [ 43B6BD4F2702A4704DCB02172E7B6C30 ] C:\Program Files\AVG\AVG2013\avgcorex.dll
11:05:17.0972 3044 C:\Program Files\AVG\AVG2013\avgcorex.dll - ok
11:05:17.0972 3044 [ 95EFDCB44DD093EDAD447F1D21C8A3F7 ] C:\Program Files\AVG\AVG2013\avgcertx.dll
11:05:17.0972 3044 C:\Program Files\AVG\AVG2013\avgcertx.dll - ok
11:05:17.0988 3044 [ 6F19639188F792BBB234B2A3FCB0C8C9 ] C:\Program Files\AVG\AVG2013\avgchclx.dll
11:05:17.0988 3044 C:\Program Files\AVG\AVG2013\avgchclx.dll - ok
11:05:17.0988 3044 [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files\AVG\AVG2013\avgcommx.dll
11:05:17.0988 3044 C:\Program Files\AVG\AVG2013\avgcommx.dll - ok
11:05:17.0988 3044 [ F820B93E4ABCCABD698A175FD5FC83FE ] C:\Program Files\AVG\AVG2013\avgntsqlitex.dll
11:05:17.0988 3044 C:\Program Files\AVG\AVG2013\avgntsqlitex.dll - ok
11:05:18.0004 3044 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\WINDOWS\System32\imm32.dll
11:05:18.0004 3044 C:\WINDOWS\System32\imm32.dll - ok
11:05:18.0004 3044 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\WINDOWS\System32\msctf.dll
11:05:18.0004 3044 C:\WINDOWS\System32\msctf.dll - ok
11:05:18.0019 3044 [ 75510147B94598407666F4802797C75A ] C:\WINDOWS\System32\user32.dll
11:05:18.0019 3044 C:\WINDOWS\System32\user32.dll - ok
11:05:18.0019 3044 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\WINDOWS\System32\rpcrt4.dll
11:05:18.0019 3044 C:\WINDOWS\System32\rpcrt4.dll - ok
11:05:18.0019 3044 [ 69D83FEF59F46E9EBF06E805547DB534 ] C:\WINDOWS\System32\wininet.dll
11:05:18.0019 3044 C:\WINDOWS\System32\wininet.dll - ok
11:05:18.0035 3044 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\WINDOWS\System32\ws2_32.dll
11:05:18.0035 3044 C:\WINDOWS\System32\ws2_32.dll - ok
11:05:18.0035 3044 [ 7856E3B4594714EF89BB97375E8644EE ] C:\WINDOWS\System32\gdi32.dll
11:05:18.0035 3044 C:\WINDOWS\System32\gdi32.dll - ok
11:05:18.0035 3044 [ E01CCC2789F79507CD64DBA563675F9A ] C:\WINDOWS\System32\iertutil.dll
11:05:18.0035 3044 C:\WINDOWS\System32\iertutil.dll - ok
11:05:18.0050 3044 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\WINDOWS\System32\imagehlp.dll
11:05:18.0050 3044 C:\WINDOWS\System32\imagehlp.dll - ok
11:05:18.0050 3044 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\WINDOWS\System32\shell32.dll
11:05:18.0050 3044 C:\WINDOWS\System32\shell32.dll - ok
11:05:18.0066 3044 [ C394079EB162E812D682C73FA96AF6E4 ] C:\WINDOWS\System32\clbcatq.dll
11:05:18.0066 3044 C:\WINDOWS\System32\clbcatq.dll - ok
11:05:18.0066 3044 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\WINDOWS\System32\nsi.dll
11:05:18.0066 3044 C:\WINDOWS\System32\nsi.dll - ok
11:05:18.0066 3044 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\WINDOWS\System32\Wldap32.dll
11:05:18.0066 3044 C:\WINDOWS\System32\Wldap32.dll - ok
11:05:18.0082 3044 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\WINDOWS\System32\lpk.dll
11:05:18.0082 3044 C:\WINDOWS\System32\lpk.dll - ok
11:05:18.0082 3044 [ 17AF64D727545F2804F6E6D998327E3F ] C:\WINDOWS\System32\msvcrt.dll
11:05:18.0082 3044 C:\WINDOWS\System32\msvcrt.dll - ok
11:05:18.0097 3044 [ 9586E7CB2255A8B097A7E4538202585E ] C:\WINDOWS\System32\ole32.dll
11:05:18.0097 3044 C:\WINDOWS\System32\ole32.dll - ok
11:05:18.0097 3044 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\WINDOWS\System32\oleaut32.dll
11:05:18.0097 3044 C:\WINDOWS\System32\oleaut32.dll - ok
11:05:18.0097 3044 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\WINDOWS\System32\usp10.dll
11:05:18.0097 3044 C:\WINDOWS\System32\usp10.dll - ok
11:05:18.0113 3044 [ 574B473FACAA0E91702B86578440B525 ] C:\WINDOWS\System32\kernel32.dll
11:05:18.0113 3044 C:\WINDOWS\System32\kernel32.dll - ok
11:05:18.0113 3044 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\WINDOWS\System32\setupapi.dll
11:05:18.0113 3044 C:\WINDOWS\System32\setupapi.dll - ok
11:05:18.0128 3044 [ 50CAA7072C171B9887215C83D52069E4 ] C:\WINDOWS\System32\advapi32.dll
11:05:18.0128 3044 C:\WINDOWS\System32\advapi32.dll - ok
11:05:18.0128 3044 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\WINDOWS\System32\comdlg32.dll
11:05:18.0128 3044 C:\WINDOWS\System32\comdlg32.dll - ok
11:05:18.0128 3044 [ 6F29236AB5926100972924BD29D9D225 ] C:\WINDOWS\System32\normaliz.dll
11:05:18.0128 3044 C:\WINDOWS\System32\normaliz.dll - ok
11:05:18.0144 3044 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\WINDOWS\System32\shlwapi.dll
11:05:18.0144 3044 C:\WINDOWS\System32\shlwapi.dll - ok
11:05:18.0144 3044 [ 58FCB40BB21F2397BA6F053A4A693D04 ] C:\WINDOWS\System32\urlmon.dll
11:05:18.0144 3044 C:\WINDOWS\System32\urlmon.dll - ok
11:05:18.0160 3044 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\WINDOWS\System32\comctl32.dll
11:05:18.0160 3044 C:\WINDOWS\System32\comctl32.dll - ok
11:05:18.0160 3044 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\WINDOWS\System32\psapi.dll
11:05:18.0160 3044 C:\WINDOWS\System32\psapi.dll - ok
11:05:18.0160 3044 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\WINDOWS\System32\drivers\dxapi.sys
11:05:18.0160 3044 C:\WINDOWS\System32\drivers\dxapi.sys - ok
11:05:18.0175 3044 [ 92D85E8A4129FE44A3266266AC8D151D ] C:\WINDOWS\System32\win32k.sys
11:05:18.0175 3044 C:\WINDOWS\System32\win32k.sys - ok
11:05:18.0175 3044 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\WINDOWS\System32\basesrv.dll
11:05:18.0175 3044 C:\WINDOWS\System32\basesrv.dll - ok
11:05:18.0191 3044 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\WINDOWS\System32\csrsrv.dll
11:05:18.0191 3044 C:\WINDOWS\System32\csrsrv.dll - ok
11:05:18.0191 3044 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\WINDOWS\System32\csrss.exe
11:05:18.0191 3044 C:\WINDOWS\System32\csrss.exe - ok
11:05:18.0191 3044 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\WINDOWS\System32\winsrv.dll
11:05:18.0191 3044 C:\WINDOWS\System32\winsrv.dll - ok
11:05:18.0206 3044 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\WINDOWS\System32\drivers\monitor.sys
11:05:18.0206 3044 C:\WINDOWS\System32\drivers\monitor.sys - ok
11:05:18.0206 3044 [ CC21507D246861671A0BF97E75CE1B00 ] C:\WINDOWS\System32\tsddd.dll
11:05:18.0206 3044 C:\WINDOWS\System32\tsddd.dll - ok
11:05:18.0222 3044 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\WINDOWS\System32\wininit.exe
11:05:18.0222 3044 C:\WINDOWS\System32\wininit.exe - ok
11:05:18.0222 3044 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\WINDOWS\System32\secur32.dll
11:05:18.0222 3044 C:\WINDOWS\System32\secur32.dll - ok
11:05:18.0222 3044 [ 665417528489096BBCB8AEA46D3DA924 ] C:\WINDOWS\System32\userenv.dll
11:05:18.0222 3044 C:\WINDOWS\System32\userenv.dll - ok
11:05:18.0238 3044 [ 12C8D6C564702B0776512932290A3F6B ] C:\WINDOWS\System32\KBDUS.DLL
11:05:18.0238 3044 C:\WINDOWS\System32\KBDUS.DLL - ok
11:05:18.0238 3044 [ 1E8F6E00EB118B7F381E437337856A46 ] C:\WINDOWS\System32\cdd.dll
11:05:18.0238 3044 C:\WINDOWS\System32\cdd.dll - ok
11:05:18.0253 3044 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\WINDOWS\System32\apphelp.dll
11:05:18.0253 3044 C:\WINDOWS\System32\apphelp.dll - ok
11:05:18.0253 3044 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\WINDOWS\System32\WlS0WndH.dll
11:05:18.0253 3044 C:\WINDOWS\System32\WlS0WndH.dll - ok
11:05:18.0253 3044 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\WINDOWS\System32\services.exe
11:05:18.0253 3044 C:\WINDOWS\System32\services.exe - ok
11:05:18.0269 3044 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\WINDOWS\System32\sxs.dll
11:05:18.0269 3044 C:\WINDOWS\System32\sxs.dll - ok
11:05:18.0269 3044 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\WINDOWS\System32\winlogon.exe
11:05:18.0269 3044 C:\WINDOWS\System32\winlogon.exe - ok
11:05:18.0284 3044 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\WINDOWS\System32\winsta.dll
11:05:18.0284 3044 C:\WINDOWS\System32\winsta.dll - ok
11:05:18.0284 3044 [ A3E186B4B935905B829219502557314E ] C:\WINDOWS\System32\lsass.exe
11:05:18.0284 3044 C:\WINDOWS\System32\lsass.exe - ok
11:05:18.0284 3044 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\WINDOWS\System32\authz.dll
11:05:18.0284 3044 C:\WINDOWS\System32\authz.dll - ok
11:05:18.0300 3044 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\WINDOWS\System32\lsasrv.dll
11:05:18.0300 3044 C:\WINDOWS\System32\lsasrv.dll - ok
11:05:18.0300 3044 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\WINDOWS\System32\lsm.exe
11:05:18.0300 3044 C:\WINDOWS\System32\lsm.exe - ok
11:05:18.0300 3044 [ D90911B3FA05D7B930C1286084B404DE ] C:\WINDOWS\System32\scesrv.dll
11:05:18.0300 3044 C:\WINDOWS\System32\scesrv.dll - ok
11:05:18.0316 3044 [ 459B48188494490707DCA8BAA91AA185 ] C:\WINDOWS\System32\cryptdll.dll
11:05:18.0316 3044 C:\WINDOWS\System32\cryptdll.dll - ok
11:05:18.0316 3044 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\WINDOWS\System32\ncobjapi.dll
11:05:18.0316 3044 C:\WINDOWS\System32\ncobjapi.dll - ok
11:05:18.0316 3044 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\WINDOWS\System32\netapi32.dll
11:05:18.0316 3044 C:\WINDOWS\System32\netapi32.dll - ok
11:05:18.0331 3044 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\WINDOWS\System32\samsrv.dll
11:05:18.0331 3044 C:\WINDOWS\System32\samsrv.dll - ok
11:05:18.0331 3044 [ F180EDE9CFC3FF218D4B45155119F4D9 ] C:\WINDOWS\System32\crypt32.dll
11:05:18.0331 3044 C:\WINDOWS\System32\crypt32.dll - ok
11:05:18.0347 3044 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\WINDOWS\System32\dnsapi.dll
11:05:18.0347 3044 C:\WINDOWS\System32\dnsapi.dll - ok
11:05:18.0347 3044 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\WINDOWS\System32\feclient.dll
11:05:18.0347 3044 C:\WINDOWS\System32\feclient.dll - ok
11:05:18.0347 3044 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\WINDOWS\System32\mpr.dll
11:05:18.0347 3044 C:\WINDOWS\System32\mpr.dll - ok
11:05:18.0362 3044 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\WINDOWS\System32\msasn1.dll
11:05:18.0362 3044 C:\WINDOWS\System32\msasn1.dll - ok
11:05:18.0362 3044 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\WINDOWS\System32\ntdsapi.dll
11:05:18.0362 3044 C:\WINDOWS\System32\ntdsapi.dll - ok
11:05:18.0378 3044 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\WINDOWS\System32\samlib.dll
11:05:18.0378 3044 C:\WINDOWS\System32\samlib.dll - ok
11:05:18.0378 3044 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\WINDOWS\System32\sysntfy.dll
11:05:18.0378 3044 C:\WINDOWS\System32\sysntfy.dll - ok
11:05:18.0378 3044 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\WINDOWS\System32\wmsgapi.dll
11:05:18.0378 3044 C:\WINDOWS\System32\wmsgapi.dll - ok
11:05:18.0394 3044 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\WINDOWS\System32\SLC.dll
11:05:18.0394 3044 C:\WINDOWS\System32\SLC.dll - ok
11:05:18.0394 3044 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\WINDOWS\System32\wevtapi.dll
11:05:18.0394 3044 C:\WINDOWS\System32\wevtapi.dll - ok
11:05:18.0409 3044 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\WINDOWS\System32\aelupsvc.dll
11:05:18.0409 3044 C:\WINDOWS\System32\aelupsvc.dll - ok
11:05:18.0409 3044 [ A1545B731579895D8CC44FC0481C1192 ] C:\WINDOWS\System32\alg.exe
11:05:18.0409 3044 C:\WINDOWS\System32\alg.exe - ok
11:05:18.0409 3044 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\WINDOWS\System32\appinfo.dll
11:05:18.0409 3044 C:\WINDOWS\System32\appinfo.dll - ok
11:05:18.0425 3044 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\WINDOWS\System32\IPHLPAPI.DLL
11:05:18.0425 3044 C:\WINDOWS\System32\IPHLPAPI.DLL - ok
11:05:18.0425 3044 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\WINDOWS\System32\rascfg.dll
11:05:18.0425 3044 C:\WINDOWS\System32\rascfg.dll - ok
11:05:18.0425 3044 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\WINDOWS\System32\audiosrv.dll
11:05:18.0425 3044 C:\WINDOWS\System32\audiosrv.dll - ok
11:05:18.0440 3044 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\WINDOWS\System32\browser.dll
11:05:18.0440 3044 C:\WINDOWS\System32\browser.dll - ok
11:05:18.0440 3044 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\WINDOWS\System32\certprop.dll
11:05:18.0440 3044 C:\WINDOWS\System32\certprop.dll - ok
11:05:18.0456 3044 [ 9028559C132146FB75EB7ACF384B086A ] C:\WINDOWS\System32\dhcpcsvc.dll
11:05:18.0456 3044 C:\WINDOWS\System32\dhcpcsvc.dll - ok
11:05:18.0456 3044 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\WINDOWS\System32\dhcpcsvc6.dll
11:05:18.0456 3044 C:\WINDOWS\System32\dhcpcsvc6.dll - ok
11:05:18.0456 3044 [ 6B09105742C75DF80CEF21700F20F55A ] C:\WINDOWS\System32\winnsi.dll
11:05:18.0456 3044 C:\WINDOWS\System32\winnsi.dll - ok
11:05:18.0472 3044 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\WINDOWS\System32\bcrypt.dll
11:05:18.0472 3044 C:\WINDOWS\System32\bcrypt.dll - ok
11:05:18.0472 3044 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\WINDOWS\System32\cngaudit.dll
11:05:18.0472 3044 C:\WINDOWS\System32\cngaudit.dll - ok
11:05:18.0487 3044 [ 4211249955AF9133E2E357CC92B54DFD ] C:\WINDOWS\System32\comres.dll
11:05:18.0487 3044 C:\WINDOWS\System32\comres.dll - ok
11:05:18.0487 3044 [ 75C6A297E364014840B48ECCD7525E30 ] C:\WINDOWS\System32\cryptsvc.dll
11:05:18.0487 3044 C:\WINDOWS\System32\cryptsvc.dll - ok
11:05:18.0487 3044 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\WINDOWS\System32\ncrypt.dll
11:05:18.0487 3044 C:\WINDOWS\System32\ncrypt.dll - ok
11:05:18.0503 3044 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\WINDOWS\System32\oleres.dll
11:05:18.0503 3044 C:\WINDOWS\System32\oleres.dll - ok
11:05:18.0503 3044 [ 26F139DDEC6407508071930D3D07337E ] C:\WINDOWS\System32\credssp.dll
11:05:18.0503 3044 C:\WINDOWS\System32\credssp.dll - ok
11:05:18.0518 3044 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\WINDOWS\System32\dfsrres.dll
11:05:18.0518 3044 C:\WINDOWS\System32\dfsrres.dll - ok
11:05:18.0518 3044 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\WINDOWS\System32\kerberos.dll
11:05:18.0518 3044 C:\WINDOWS\System32\kerberos.dll - ok
11:05:18.0518 3044 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\WINDOWS\System32\msprivs.dll
11:05:18.0518 3044 C:\WINDOWS\System32\msprivs.dll - ok
11:05:18.0534 3044 [ 22CFAEB9172F5F198048401485CD0571 ] C:\WINDOWS\System32\WSHTCPIP.DLL
11:05:18.0534 3044 C:\WINDOWS\System32\WSHTCPIP.DLL - ok
11:05:18.0534 3044 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\WINDOWS\System32\dot3svc.dll
11:05:18.0534 3044 C:\WINDOWS\System32\dot3svc.dll - ok
11:05:18.0534 3044 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\WINDOWS\System32\wship6.dll
11:05:18.0534 3044 C:\WINDOWS\System32\wship6.dll - ok
11:05:18.0550 3044 [ 9BE3744D295A7701EB425332014F0797 ] C:\WINDOWS\ehome\ehrecvr.exe
11:05:18.0550 3044 C:\WINDOWS\ehome\ehrecvr.exe - ok
11:05:18.0550 3044 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\WINDOWS\ehome\ehsched.exe
11:05:18.0550 3044 C:\WINDOWS\ehome\ehsched.exe - ok
11:05:18.0565 3044 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\WINDOWS\System32\dps.dll
11:05:18.0565 3044 C:\WINDOWS\System32\dps.dll - ok
11:05:18.0565 3044 [ C0B95E40D85CD807D614E264248A45B9 ] C:\WINDOWS\System32\eapsvc.dll
11:05:18.0565 3044 C:\WINDOWS\System32\eapsvc.dll - ok
11:05:18.0565 3044 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\WINDOWS\System32\wshqos.dll
11:05:18.0565 3044 C:\WINDOWS\System32\wshqos.dll - ok
11:05:18.0581 3044 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\WINDOWS\ehome\ehstart.dll
11:05:18.0581 3044 C:\WINDOWS\ehome\ehstart.dll - ok
11:05:18.0581 3044 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\WINDOWS\System32\emdmgmt.dll
11:05:18.0581 3044 C:\WINDOWS\System32\emdmgmt.dll - ok
11:05:18.0581 3044 [ FC62A635063B762E1C3C60EA77279378 ] C:\WINDOWS\System32\NapiNSP.dll
11:05:18.0581 3044 C:\WINDOWS\System32\NapiNSP.dll - ok
11:05:18.0596 3044 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\WINDOWS\System32\nlasvc.dll
11:05:18.0596 3044 C:\WINDOWS\System32\nlasvc.dll - ok
11:05:18.0596 3044 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\WINDOWS\System32\pnrpnsp.dll
11:05:18.0596 3044 C:\WINDOWS\System32\pnrpnsp.dll - ok
11:05:18.0612 3044 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\WINDOWS\System32\wevtsvc.dll
11:05:18.0612 3044 C:\WINDOWS\System32\wevtsvc.dll - ok
11:05:18.0612 3044 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\WINDOWS\System32\fdPHost.dll
11:05:18.0612 3044 C:\WINDOWS\System32\fdPHost.dll - ok
11:05:18.0612 3044 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\WINDOWS\System32\FDResPub.dll
11:05:18.0612 3044 C:\WINDOWS\System32\FDResPub.dll - ok
11:05:18.0628 3044 [ 8617350C9B590B63E620881092751BCB ] C:\WINDOWS\System32\mswsock.dll
11:05:18.0628 3044 C:\WINDOWS\System32\mswsock.dll - ok
11:05:18.0628 3044 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\WINDOWS\System32\msv1_0.dll
11:05:18.0628 3044 C:\WINDOWS\System32\msv1_0.dll - ok
11:05:18.0628 3044 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\WINDOWS\System32\netlogon.dll
11:05:18.0643 3044 C:\WINDOWS\System32\netlogon.dll - ok
11:05:18.0643 3044 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\WINDOWS\System32\winbrand.dll
11:05:18.0643 3044 C:\WINDOWS\System32\winbrand.dll - ok
11:05:18.0643 3044 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\WINDOWS\System32\schannel.dll
11:05:18.0643 3044 C:\WINDOWS\System32\schannel.dll - ok
11:05:18.0659 3044 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\WINDOWS\System32\wdigest.dll
11:05:18.0659 3044 C:\WINDOWS\System32\wdigest.dll - ok
11:05:18.0659 3044 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\WINDOWS\System32\PresentationHost.exe
11:05:18.0659 3044 C:\WINDOWS\System32\PresentationHost.exe - ok
11:05:18.0659 3044 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\WINDOWS\System32\rsaenh.dll
11:05:18.0659 3044 C:\WINDOWS\System32\rsaenh.dll - ok
11:05:18.0674 3044 [ F8873D15018F411588BEC02C1725BADA ] C:\WINDOWS\System32\TSpkg.dll
11:05:18.0674 3044 C:\WINDOWS\System32\TSpkg.dll - ok
11:05:18.0674 3044 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\WINDOWS\System32\gpapi.dll
11:05:18.0674 3044 C:\WINDOWS\System32\gpapi.dll - ok
11:05:18.0690 3044 [ 84067081F3318162797385E11A8F0582 ] C:\WINDOWS\System32\hidserv.dll
11:05:18.0690 3044 C:\WINDOWS\System32\hidserv.dll - ok
11:05:18.0690 3044 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\WINDOWS\System32\KMSVC.DLL
11:05:18.0690 3044 C:\WINDOWS\System32\KMSVC.DLL - ok
11:05:18.0690 3044 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
11:05:18.0690 3044 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
11:05:18.0706 3044 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\WINDOWS\System32\IKEEXT.DLL
11:05:18.0706 3044 C:\WINDOWS\System32\IKEEXT.DLL - ok
11:05:18.0706 3044 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\WINDOWS\System32\IPBusEnum.dll
11:05:18.0706 3044 C:\WINDOWS\System32\IPBusEnum.dll - ok
11:05:18.0721 3044 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\WINDOWS\System32\keyiso.dll
11:05:18.0721 3044 C:\WINDOWS\System32\keyiso.dll - ok
11:05:18.0721 3044 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\WINDOWS\System32\srvsvc.dll
11:05:18.0721 3044 C:\WINDOWS\System32\srvsvc.dll - ok
11:05:18.0737 3044 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\WINDOWS\System32\wkssvc.dll
11:05:18.0737 3044 C:\WINDOWS\System32\wkssvc.dll - ok
11:05:18.0737 3044 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\WINDOWS\System32\lltdres.dll
11:05:18.0737 3044 C:\WINDOWS\System32\lltdres.dll - ok
11:05:18.0752 3044 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\WINDOWS\System32\lmhsvc.dll
11:05:18.0752 3044 C:\WINDOWS\System32\lmhsvc.dll - ok
11:05:18.0752 3044 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\WINDOWS\ehome\ehres.dll
11:05:18.0752 3044 C:\WINDOWS\ehome\ehres.dll - ok
11:05:18.0752 3044 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\WINDOWS\System32\FirewallAPI.dll
11:05:18.0752 3044 C:\WINDOWS\System32\FirewallAPI.dll - ok
11:05:18.0768 3044 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\WINDOWS\System32\mmcss.dll
11:05:18.0768 3044 C:\WINDOWS\System32\mmcss.dll - ok
11:05:18.0768 3044 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\WINDOWS\System32\iscsidsc.dll
11:05:18.0768 3044 C:\WINDOWS\System32\iscsidsc.dll - ok
11:05:18.0784 3044 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\WINDOWS\System32\msimsg.dll
11:05:18.0784 3044 C:\WINDOWS\System32\msimsg.dll - ok
11:05:18.0784 3044 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\WINDOWS\System32\QAGENTRT.DLL
11:05:18.0784 3044 C:\WINDOWS\System32\QAGENTRT.DLL - ok
11:05:18.0784 3044 [ C8052711DAECC48B982434C5116CA401 ] C:\WINDOWS\System32\netman.dll
11:05:18.0784 3044 C:\WINDOWS\System32\netman.dll - ok
11:05:18.0799 3044 [ ED640F4CE585058119B824CC76591D9C ] C:\WINDOWS\System32\netprof.dll
11:05:18.0799 3044 C:\WINDOWS\System32\netprof.dll - ok
11:05:18.0799 3044 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\WINDOWS\System32\nsisvc.dll
11:05:18.0799 3044 C:\WINDOWS\System32\nsisvc.dll - ok
11:05:18.0815 3044 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\WINDOWS\System32\p2psvc.dll
11:05:18.0815 3044 C:\WINDOWS\System32\p2psvc.dll - ok
11:05:18.0815 3044 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\WINDOWS\System32\pcasvc.dll
11:05:18.0815 3044 C:\WINDOWS\System32\pcasvc.dll - ok
11:05:18.0815 3044 [ B1689DF169143F57053F795390C99DB3 ] C:\WINDOWS\System32\pla.dll
11:05:18.0815 3044 C:\WINDOWS\System32\pla.dll - ok
11:05:18.0830 3044 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\WINDOWS\System32\umpnpmgr.dll
11:05:18.0830 3044 C:\WINDOWS\System32\umpnpmgr.dll - ok
11:05:18.0830 3044 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\WINDOWS\System32\polstore.dll
11:05:18.0830 3044 C:\WINDOWS\System32\polstore.dll - ok
11:05:18.0830 3044 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\WINDOWS\System32\profsvc.dll
11:05:18.0830 3044 C:\WINDOWS\System32\profsvc.dll - ok
11:05:18.0846 3044 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\WINDOWS\System32\drivers\qwavedrv.sys
11:05:18.0846 3044 C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
11:05:18.0846 3044 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\WINDOWS\System32\psbase.dll
11:05:18.0846 3044 C:\WINDOWS\System32\psbase.dll - ok
11:05:18.0846 3044 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\WINDOWS\System32\qwave.dll
11:05:18.0846 3044 C:\WINDOWS\System32\qwave.dll - ok
11:05:18.0862 3044 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\WINDOWS\System32\rasauto.dll
11:05:18.0862 3044 C:\WINDOWS\System32\rasauto.dll - ok
11:05:18.0862 3044 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\WINDOWS\System32\rasmans.dll
11:05:18.0862 3044 C:\WINDOWS\System32\rasmans.dll - ok
11:05:18.0877 3044 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\WINDOWS\System32\sstpsvc.dll
11:05:18.0877 3044 C:\WINDOWS\System32\sstpsvc.dll - ok
11:05:18.0877 3044 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\WINDOWS\System32\mprdim.dll
11:05:18.0877 3044 C:\WINDOWS\System32\mprdim.dll - ok
11:05:18.0893 3044 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\WINDOWS\System32\regsvc.dll
11:05:18.0893 3044 C:\WINDOWS\System32\regsvc.dll - ok
11:05:18.0893 3044 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\WINDOWS\System32\Locator.exe
11:05:18.0893 3044 C:\WINDOWS\System32\Locator.exe - ok
11:05:18.0893 3044 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\WINDOWS\System32\SCardSvr.dll
11:05:18.0893 3044 C:\WINDOWS\System32\SCardSvr.dll - ok
11:05:18.0908 3044 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\WINDOWS\System32\schedsvc.dll
11:05:18.0908 3044 C:\WINDOWS\System32\schedsvc.dll - ok
11:05:18.0908 3044 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\WINDOWS\System32\sdrsvc.dll
11:05:18.0908 3044 C:\WINDOWS\System32\sdrsvc.dll - ok
11:05:18.0924 3044 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\WINDOWS\System32\seclogon.dll
11:05:18.0924 3044 C:\WINDOWS\System32\seclogon.dll - ok
11:05:18.0924 3044 [ A9BBAB5759771E523F55563D6CBE140F ] C:\WINDOWS\System32\Sens.dll
11:05:18.0924 3044 C:\WINDOWS\System32\Sens.dll - ok
11:05:18.0924 3044 [ D2193326F729B163125610DBF3E17D57 ] C:\WINDOWS\System32\SessEnv.dll
11:05:18.0924 3044 C:\WINDOWS\System32\SessEnv.dll - ok
11:05:18.0940 3044 [ C7230FBEE14437716701C15BE02C27B8 ] C:\WINDOWS\System32\shsvcs.dll
11:05:18.0940 3044 C:\WINDOWS\System32\shsvcs.dll - ok
11:05:18.0940 3044 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\WINDOWS\System32\SLsvc.exe
11:05:18.0940 3044 C:\WINDOWS\System32\SLsvc.exe - ok
11:05:18.0955 3044 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\WINDOWS\System32\SLUINotify.dll
11:05:18.0955 3044 C:\WINDOWS\System32\SLUINotify.dll - ok
11:05:18.0955 3044 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\WINDOWS\System32\snmptrap.exe
11:05:18.0955 3044 C:\WINDOWS\System32\snmptrap.exe - ok
11:05:18.0955 3044 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\WINDOWS\System32\spoolsv.exe
11:05:18.0955 3044 C:\WINDOWS\System32\spoolsv.exe - ok
11:05:18.0971 3044 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\WINDOWS\System32\ssdpsrv.dll
11:05:18.0971 3044 C:\WINDOWS\System32\ssdpsrv.dll - ok
11:05:18.0971 3044 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\WINDOWS\System32\tcpipcfg.dll
11:05:18.0971 3044 C:\WINDOWS\System32\tcpipcfg.dll - ok
11:05:18.0986 3044 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\WINDOWS\System32\swprv.dll
11:05:18.0986 3044 C:\WINDOWS\System32\swprv.dll - ok
11:05:18.0986 3044 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\WINDOWS\System32\sysmain.dll
11:05:18.0986 3044 C:\WINDOWS\System32\sysmain.dll - ok
11:05:18.0986 3044 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\WINDOWS\System32\TabSvc.dll
11:05:18.0986 3044 C:\WINDOWS\System32\TabSvc.dll - ok
11:05:19.0002 3044 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\WINDOWS\System32\tapisrv.dll
11:05:19.0002 3044 C:\WINDOWS\System32\tapisrv.dll - ok
11:05:19.0002 3044 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\WINDOWS\System32\tbssvc.dll
11:05:19.0002 3044 C:\WINDOWS\System32\tbssvc.dll - ok
11:05:19.0018 3044 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\WINDOWS\System32\wiaservc.dll
11:05:19.0018 3044 C:\WINDOWS\System32\wiaservc.dll - ok
11:05:19.0018 3044 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\WINDOWS\servicing\TrustedInstaller.exe
11:05:19.0018 3044 C:\WINDOWS\servicing\TrustedInstaller.exe - ok
11:05:19.0018 3044 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\WINDOWS\System32\termsrv.dll
11:05:19.0018 3044 C:\WINDOWS\System32\termsrv.dll - ok
11:05:19.0033 3044 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\WINDOWS\System32\trkwks.dll
11:05:19.0033 3044 C:\WINDOWS\System32\trkwks.dll - ok
11:05:19.0033 3044 [ ECEF404F62863755951E09C802C94AD5 ] C:\WINDOWS\System32\UI0Detect.exe
11:05:19.0033 3044 C:\WINDOWS\System32\UI0Detect.exe - ok
11:05:19.0049 3044 [ 01DD1004181FD46ECDC3628228EB269D ] C:\WINDOWS\System32\dwm.exe
11:05:19.0049 3044 C:\WINDOWS\System32\dwm.exe - ok
11:05:19.0049 3044 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\WINDOWS\System32\upnphost.dll
11:05:19.0049 3044 C:\WINDOWS\System32\upnphost.dll - ok
11:05:19.0049 3044 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\WINDOWS\System32\vds.exe
11:05:19.0049 3044 C:\WINDOWS\System32\vds.exe - ok
11:05:19.0064 3044 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\WINDOWS\System32\VSSVC.exe
11:05:19.0064 3044 C:\WINDOWS\System32\VSSVC.exe - ok
11:05:19.0064 3044 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\WINDOWS\System32\w32time.dll
11:05:19.0064 3044 C:\WINDOWS\System32\w32time.dll - ok
11:05:19.0080 3044 [ A3CD60FD826381B49F03832590E069AF ] C:\WINDOWS\System32\wcncsvc.dll
11:05:19.0080 3044 C:\WINDOWS\System32\wcncsvc.dll - ok
11:05:19.0080 3044 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\WINDOWS\System32\WcsPlugInService.dll
11:05:19.0080 3044 C:\WINDOWS\System32\WcsPlugInService.dll - ok
11:05:19.0080 3044 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\WINDOWS\System32\wdi.dll
11:05:19.0080 3044 C:\WINDOWS\System32\wdi.dll - ok
11:05:19.0096 3044 [ 04C37D8107320312FBAE09926103D5E2 ] C:\WINDOWS\System32\WebClnt.dll
11:05:19.0096 3044 C:\WINDOWS\System32\WebClnt.dll - ok
11:05:19.0096 3044 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\WINDOWS\System32\wecsvc.dll
11:05:19.0096 3044 C:\WINDOWS\System32\wecsvc.dll - ok
11:05:19.0096 3044 [ 670FF720071ED741206D69BD995EA453 ] C:\WINDOWS\System32\wercplsupport.dll
11:05:19.0096 3044 C:\WINDOWS\System32\wercplsupport.dll - ok
11:05:19.0111 3044 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\WINDOWS\System32\wersvc.dll
11:05:19.0111 3044 C:\WINDOWS\System32\wersvc.dll - ok
11:05:19.0111 3044 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\WINDOWS\System32\winhttp.dll
11:05:19.0111 3044 C:\WINDOWS\System32\winhttp.dll - ok
11:05:19.0111 3044 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\WINDOWS\System32\wbem\WMIsvc.dll
11:05:19.0111 3044 C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
11:05:19.0127 3044 [ C008405E4FEEB069E30DA1D823910234 ] C:\WINDOWS\System32\wlansvc.dll
11:05:19.0127 3044 C:\WINDOWS\System32\wlansvc.dll - ok
11:05:19.0127 3044 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\WINDOWS\System32\WsmSvc.dll
11:05:19.0127 3044 C:\WINDOWS\System32\WsmSvc.dll - ok
11:05:19.0142 3044 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
11:05:19.0142 3044 C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
11:05:19.0142 3044 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
11:05:19.0142 3044 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
11:05:19.0142 3044 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\WINDOWS\System32\wpcsvc.dll
11:05:19.0142 3044 C:\WINDOWS\System32\wpcsvc.dll - ok
11:05:19.0158 3044 [ 396D406292B0CD26E3504FFE82784702 ] C:\WINDOWS\System32\wpdbusenum.dll
11:05:19.0158 3044 C:\WINDOWS\System32\wpdbusenum.dll - ok
11:05:19.0158 3044 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:05:19.0158 3044 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
11:05:19.0174 3044 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\WINDOWS\System32\SearchIndexer.exe
11:05:19.0174 3044 C:\WINDOWS\System32\SearchIndexer.exe - ok
11:05:19.0174 3044 [ 575A4190D989F64732119E4114045A4F ] C:\WINDOWS\System32\WUDFSvc.dll
11:05:19.0174 3044 C:\WINDOWS\System32\WUDFSvc.dll - ok
11:05:19.0174 3044 [ 8FC182167381E9915651267044105EE1 ] C:\WINDOWS\System32\scecli.dll
11:05:19.0174 3044 C:\WINDOWS\System32\scecli.dll - ok
11:05:19.0189 3044 [ B44A7AC9E801C38F54F7340351313E85 ] C:\WINDOWS\System32\atmfd.dll
11:05:19.0189 3044 C:\WINDOWS\System32\atmfd.dll - ok
11:05:19.0189 3044 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\WINDOWS\System32\ntmarta.dll
11:05:19.0189 3044 C:\WINDOWS\System32\ntmarta.dll - ok
11:05:19.0205 3044 [ 3794B461C45882E06856F282EEF025AF ] C:\WINDOWS\System32\svchost.exe
11:05:19.0205 3044 C:\WINDOWS\System32\svchost.exe - ok
11:05:19.0205 3044 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\WINDOWS\System32\powrprof.dll
11:05:19.0205 3044 C:\WINDOWS\System32\powrprof.dll - ok
11:05:19.0205 3044 [ 8F5C7426567798E62A3B3614965D62CC ] C:\WINDOWS\System32\drivers\luafv.sys
11:05:19.0205 3044 C:\WINDOWS\System32\drivers\luafv.sys - ok
11:05:19.0220 3044 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\WINDOWS\System32\rpcss.dll
11:05:19.0220 3044 C:\WINDOWS\System32\rpcss.dll - ok
11:05:19.0220 3044 [ 69827805A221C21450BA22F4326A2EE3 ] C:\WINDOWS\System32\version.dll
11:05:19.0220 3044 C:\WINDOWS\System32\version.dll - ok
11:05:19.0236 3044 [ 62D577288B48998FC6667BF22DC5B690 ] C:\WINDOWS\System32\LogonUI.exe
11:05:19.0236 3044 C:\WINDOWS\System32\LogonUI.exe - ok
11:05:19.0236 3044 [ 58C2521D87C494831A625202C80354AD ] C:\WINDOWS\System32\authui.dll
11:05:19.0236 3044 C:\WINDOWS\System32\authui.dll - ok
11:05:19.0236 3044 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\WINDOWS\System32\msimg32.dll
11:05:19.0236 3044 C:\WINDOWS\System32\msimg32.dll - ok
11:05:19.0252 3044 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
11:05:19.0252 3044 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
11:05:19.0252 3044 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\WINDOWS\System32\duser.dll
11:05:19.0252 3044 C:\WINDOWS\System32\duser.dll - ok
11:05:19.0252 3044 [ 999D69DEB576C2C424294DF025891CC6 ] C:\WINDOWS\System32\uxtheme.dll
11:05:19.0252 3044 C:\WINDOWS\System32\uxtheme.dll - ok
11:05:19.0267 3044 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
11:05:19.0267 3044 C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
11:05:19.0267 3044 [ 84ABB260A81130D39126EF79F2624E15 ] C:\WINDOWS\System32\xmllite.dll
11:05:19.0267 3044 C:\WINDOWS\System32\xmllite.dll - ok
11:05:19.0283 3044 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\WINDOWS\System32\rasplap.dll
11:05:19.0283 3044 C:\WINDOWS\System32\rasplap.dll - ok
11:05:19.0283 3044 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
11:05:19.0283 3044 C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
11:05:19.0298 3044 [ 3CB863B78642405371CB3A71C07E2382 ] C:\WINDOWS\System32\rasapi32.dll
11:05:19.0298 3044 C:\WINDOWS\System32\rasapi32.dll - ok
11:05:19.0298 3044 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\WINDOWS\System32\rasman.dll
11:05:19.0298 3044 C:\WINDOWS\System32\rasman.dll - ok
11:05:19.0298 3044 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\WINDOWS\System32\tapi32.dll
11:05:19.0298 3044 C:\WINDOWS\System32\tapi32.dll - ok
11:05:19.0314 3044 [ 56B5914070B2C243DFB3D186070DA89D ] C:\WINDOWS\System32\MMDevAPI.dll
11:05:19.0314 3044 C:\WINDOWS\System32\MMDevAPI.dll - ok
11:05:19.0314 3044 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\WINDOWS\System32\oleacc.dll
11:05:19.0314 3044 C:\WINDOWS\System32\oleacc.dll - ok
11:05:19.0314 3044 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\WINDOWS\System32\rtutils.dll
11:05:19.0314 3044 C:\WINDOWS\System32\rtutils.dll - ok
11:05:19.0330 3044 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\WINDOWS\System32\winmm.dll
11:05:19.0330 3044 C:\WINDOWS\System32\winmm.dll - ok
11:05:19.0330 3044 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\WINDOWS\System32\WinSCard.dll
11:05:19.0330 3044 C:\WINDOWS\System32\WinSCard.dll - ok
11:05:19.0345 3044 [ F42483814FC39170B3982A184EC5AAA2 ] C:\WINDOWS\System32\wtsapi32.dll
11:05:19.0345 3044 C:\WINDOWS\System32\wtsapi32.dll - ok
11:05:19.0345 3044 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\WINDOWS\System32\shgina.dll
11:05:19.0345 3044 C:\WINDOWS\System32\shgina.dll - ok
11:05:19.0345 3044 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\WINDOWS\System32\propsys.dll
11:05:19.0345 3044 C:\WINDOWS\System32\propsys.dll - ok
11:05:19.0361 3044 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\WINDOWS\System32\shacct.dll
11:05:19.0361 3044 C:\WINDOWS\System32\shacct.dll - ok
11:05:19.0361 3044 [ E253E5DA1249A471D913F7EA4C81FAF6 ] C:\WINDOWS\System32\wintrust.dll
11:05:19.0361 3044 C:\WINDOWS\System32\wintrust.dll - ok
11:05:19.0361 3044 [ 399BB52AD0668472717498E97CF28341 ] C:\WINDOWS\System32\WUDFPlatform.dll
11:05:19.0361 3044 C:\WINDOWS\System32\WUDFPlatform.dll - ok
11:05:19.0376 3044 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\WINDOWS\System32\avrt.dll
11:05:19.0376 3044 C:\WINDOWS\System32\avrt.dll - ok
11:05:19.0376 3044 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\WINDOWS\System32\adtschema.dll
11:05:19.0376 3044 C:\WINDOWS\System32\adtschema.dll - ok
11:05:19.0392 3044 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\WINDOWS\System32\drivers\fltMgr.sys
11:05:19.0392 3044 C:\WINDOWS\System32\drivers\fltMgr.sys - ok
11:05:19.0392 3044 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\WINDOWS\System32\audiodg.exe
11:05:19.0392 3044 C:\WINDOWS\System32\audiodg.exe - ok
11:05:19.0392 3044 [ 57418956DDAE128D1023C508E7D07071 ] C:\WINDOWS\System32\PSHED.DLL
11:05:19.0392 3044 C:\WINDOWS\System32\PSHED.DLL - ok
11:05:19.0408 3044 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\WINDOWS\System32\gpsvc.dll
11:05:19.0408 3044 C:\WINDOWS\System32\gpsvc.dll - ok
11:05:19.0408 3044 [ 409F36C8BD06FCE184631EB4142B009A ] C:\WINDOWS\System32\atl.dll
11:05:19.0408 3044 C:\WINDOWS\System32\atl.dll - ok
11:05:19.0423 3044 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\WINDOWS\System32\nlaapi.dll
11:05:19.0423 3044 C:\WINDOWS\System32\nlaapi.dll - ok
11:05:19.0423 3044 [ 67058C46504BC12D821F38CF99B7B28F ] C:\WINDOWS\System32\es.dll
11:05:19.0423 3044 C:\WINDOWS\System32\es.dll - ok
11:05:19.0423 3044 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\WINDOWS\System32\drivers\spsys.sys
11:05:19.0423 3044 C:\WINDOWS\System32\drivers\spsys.sys - ok
11:05:19.0439 3044 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\WINDOWS\System32\uxsms.dll
11:05:19.0439 3044 C:\WINDOWS\System32\uxsms.dll - ok
11:05:19.0439 3044 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\WINDOWS\System32\hid.dll
11:05:19.0439 3044 C:\WINDOWS\System32\hid.dll - ok
11:05:19.0454 3044 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\WINDOWS\System32\drivers\lltdio.sys
11:05:19.0454 3044 C:\WINDOWS\System32\drivers\lltdio.sys - ok
11:05:19.0454 3044 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\WINDOWS\System32\drivers\rspndr.sys
11:05:19.0454 3044 C:\WINDOWS\System32\drivers\rspndr.sys - ok
11:05:19.0454 3044 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\WINDOWS\System32\dnsrslvr.dll
11:05:19.0454 3044 C:\WINDOWS\System32\dnsrslvr.dll - ok
11:05:19.0470 3044 [ F7F4AD3D174CB5EC3C12F04C99478B84 ] C:\WINDOWS\System32\WindowsCodecs.dll
11:05:19.0470 3044 C:\WINDOWS\System32\WindowsCodecs.dll - ok
11:05:19.0470 3044 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
11:05:19.0470 3044 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
11:05:19.0486 3044 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\WINDOWS\System32\ktmw32.dll
11:05:19.0486 3044 C:\WINDOWS\System32\ktmw32.dll - ok
11:05:19.0486 3044 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\WINDOWS\System32\taskcomp.dll
11:05:19.0486 3044 C:\WINDOWS\System32\taskcomp.dll - ok
11:05:19.0486 3044 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\WINDOWS\System32\wiarpc.dll
11:05:19.0486 3044 C:\WINDOWS\System32\wiarpc.dll - ok
11:05:19.0501 3044 [ F870AA3E254628EBEAFE754108D664DE ] C:\WINDOWS\System32\drivers\http.sys
11:05:19.0501 3044 C:\WINDOWS\System32\drivers\http.sys - ok
11:05:19.0501 3044 [ E79FDA8D320147FDC347C504B3487F87 ] C:\WINDOWS\System32\spoolss.dll
11:05:19.0501 3044 C:\WINDOWS\System32\spoolss.dll - ok
11:05:19.0517 3044 [ 35F376253F687BDE63976CCB3F2108CA ] C:\WINDOWS\System32\drivers\bowser.sys
11:05:19.0517 3044 C:\WINDOWS\System32\drivers\bowser.sys - ok
11:05:19.0517 3044 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\WINDOWS\System32\drivers\mrxdav.sys
11:05:19.0517 3044 C:\WINDOWS\System32\drivers\mrxdav.sys - ok
11:05:19.0517 3044 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\WINDOWS\System32\drivers\mrxsmb.sys
11:05:19.0517 3044 C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
11:05:19.0532 3044 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\WINDOWS\System32\drivers\srvnet.sys
11:05:19.0532 3044 C:\WINDOWS\System32\drivers\srvnet.sys - ok
11:05:19.0532 3044 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
11:05:19.0532 3044 C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
11:05:19.0548 3044 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
11:05:19.0548 3044 C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
11:05:19.0548 3044 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\WINDOWS\System32\drivers\srv2.sys
11:05:19.0548 3044 C:\WINDOWS\System32\drivers\srv2.sys - ok
11:05:19.0548 3044 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\WINDOWS\System32\drivers\srv.sys
11:05:19.0548 3044 C:\WINDOWS\System32\drivers\srv.sys - ok
11:05:19.0564 3044 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\WINDOWS\System32\wdmaud.drv
11:05:19.0564 3044 C:\WINDOWS\System32\wdmaud.drv - ok
11:05:19.0564 3044 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\WINDOWS\System32\AudioEng.dll
11:05:19.0564 3044 C:\WINDOWS\System32\AudioEng.dll - ok
11:05:19.0564 3044 [ 7258434974EA735725FD2D4A65C5E821 ] C:\WINDOWS\System32\AudioSes.dll
11:05:19.0564 3044 C:\WINDOWS\System32\AudioSes.dll - ok
11:05:19.0579 3044 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\WINDOWS\System32\ksuser.dll
11:05:19.0579 3044 C:\WINDOWS\System32\ksuser.dll - ok
11:05:19.0579 3044 [ 83199EF88D691E730B80666E29F90D58 ] C:\WINDOWS\System32\midimap.dll
11:05:19.0579 3044 C:\WINDOWS\System32\midimap.dll - ok
11:05:19.0595 3044 [ BDBB449425991154135E5ED1559927E6 ] C:\WINDOWS\System32\msacm32.dll
11:05:19.0595 3044 C:\WINDOWS\System32\msacm32.dll - ok
11:05:19.0595 3044 [ 166F004D73EA2CF4AC61800CA469458D ] C:\WINDOWS\System32\msacm32.drv
11:05:19.0595 3044 C:\WINDOWS\System32\msacm32.drv - ok
11:05:19.0595 3044 [ 296937202E4D930AAE98085B99D744D8 ] C:\WINDOWS\System32\AUDIOKSE.dll
11:05:19.0595 3044 C:\WINDOWS\System32\AUDIOKSE.dll - ok
11:05:19.0610 3044 [ 68C5BC34D7FBDA51EEC12D305806EAFD ] C:\WINDOWS\System32\RtkAPO.dll
11:05:19.0610 3044 C:\WINDOWS\System32\RtkAPO.dll - ok
11:05:19.0610 3044 [ C732992FF9798F2ACBF86314F0E4A6F5 ] C:\WINDOWS\System32\mfplat.dll
11:05:19.0610 3044 C:\WINDOWS\System32\mfplat.dll - ok
11:05:19.0626 3044 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
11:05:19.0626 3044 C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
11:05:19.0626 3044 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\WINDOWS\System32\dllhost.exe
11:05:19.0626 3044 C:\WINDOWS\System32\dllhost.exe - ok
11:05:19.0626 3044 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\WINDOWS\System32\shimeng.dll
11:05:19.0626 3044 C:\WINDOWS\System32\shimeng.dll - ok
11:05:19.0642 3044 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\WINDOWS\System32\taskeng.exe
11:05:19.0642 3044 C:\WINDOWS\System32\taskeng.exe - ok
11:05:19.0642 3044 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\WINDOWS\System32\userinit.exe
11:05:19.0642 3044 C:\WINDOWS\System32\userinit.exe - ok
11:05:19.0642 3044 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\WINDOWS\System32\dwmapi.dll
11:05:19.0642 3044 C:\WINDOWS\System32\dwmapi.dll - ok
11:05:19.0657 3044 [ D80C6539C00CB4F5D59066865479C308 ] C:\WINDOWS\System32\dwmredir.dll
11:05:19.0657 3044 C:\WINDOWS\System32\dwmredir.dll - ok
11:05:19.0657 3044 [ C99403A5B641520DAED0021DDA06F272 ] C:\WINDOWS\System32\milcore.dll
11:05:19.0657 3044 C:\WINDOWS\System32\milcore.dll - ok
11:05:19.0673 3044 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\WINDOWS\System32\d3d9.dll
11:05:19.0673 3044 C:\WINDOWS\System32\d3d9.dll - ok
11:05:19.0673 3044 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\WINDOWS\System32\d3d8thk.dll
11:05:19.0673 3044 C:\WINDOWS\System32\d3d8thk.dll - ok
11:05:19.0673 3044 [ BEB902AE8117A7DFFA0383C3E97FF9BF ] C:\WINDOWS\System32\nvd3dum.dll
11:05:19.0673 3044 C:\WINDOWS\System32\nvd3dum.dll - ok
11:05:19.0688 3044 [ 37BC9E0E4B3657B54037777135569D1E ] C:\Program Files\Bonjour\mdnsNSP.dll
11:05:19.0688 3044 C:\Program Files\Bonjour\mdnsNSP.dll - ok
11:05:19.0688 3044 [ C411C80F90D6732380352B98B37BBD53 ] C:\WINDOWS\System32\winrnr.dll
11:05:19.0688 3044 C:\WINDOWS\System32\winrnr.dll - ok
11:05:19.0704 3044 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\WINDOWS\System32\rasadhlp.dll
11:05:19.0704 3044 C:\WINDOWS\System32\rasadhlp.dll - ok
11:05:19.0704 3044 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\WINDOWS\System32\TSChannel.dll
11:05:19.0704 3044 C:\WINDOWS\System32\TSChannel.dll - ok
11:05:19.0704 3044 [ E45051C374F845EDF3DB02A35BA13193 ] C:\WINDOWS\System32\umb.dll
11:05:19.0704 3044 C:\WINDOWS\System32\umb.dll - ok
11:05:19.0720 3044 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
11:05:19.0720 3044 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
11:05:19.0720 3044 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\WINDOWS\System32\localspl.dll
11:05:19.0720 3044 C:\WINDOWS\System32\localspl.dll - ok
11:05:19.0720 3044 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\WINDOWS\System32\sfc.dll
11:05:19.0720 3044 C:\WINDOWS\System32\sfc.dll - ok
11:05:19.0735 3044 [ 782EA1BD540F243D9A55F8145DE1CBFF ] C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
11:05:19.0735 3044 C:\Program Files\AVG Secure Search\PostInstall\ROC.exe - ok
11:05:19.0735 3044 [ 2D1179CDEC6B7400105E68F6AC9B4EFE ] C:\WINDOWS\System32\winspool.drv
11:05:19.0735 3044 C:\WINDOWS\System32\winspool.drv - ok
11:05:19.0751 3044 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
11:05:19.0751 3044 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
11:05:19.0751 3044 [ EC760B0B76A4353DE49D66520EB2141F ] C:\WINDOWS\System32\SensApi.dll
11:05:19.0751 3044 C:\WINDOWS\System32\SensApi.dll - ok
11:05:19.0751 3044 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\WINDOWS\System32\oledlg.dll
11:05:19.0751 3044 C:\WINDOWS\System32\oledlg.dll - ok
11:05:19.0766 3044 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\WINDOWS\System32\msi.dll
11:05:19.0766 3044 C:\WINDOWS\System32\msi.dll - ok
11:05:19.0766 3044 [ D922592AB65C5D9B88B30B4510A3464E ] C:\WINDOWS\System32\cscapi.dll
11:05:19.0766 3044 C:\WINDOWS\System32\cscapi.dll - ok
11:05:19.0782 3044 [ 4934241CD20AC87D78121352E3BA8318 ] C:\WINDOWS\System32\dbghelp.dll
11:05:19.0782 3044 C:\WINDOWS\System32\dbghelp.dll - ok
11:05:19.0782 3044 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\WINDOWS\explorer.exe
11:05:19.0782 3044 C:\WINDOWS\explorer.exe - ok
11:05:19.0798 3044 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\WINDOWS\System32\mstask.dll
11:05:19.0798 3044 C:\WINDOWS\System32\mstask.dll - ok
11:05:19.0798 3044 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
11:05:19.0798 3044 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
11:05:19.0798 3044 [ 2AA4117EE5F4765AD8404DCF9D552C71 ] C:\WINDOWS\System32\shdocvw.dll
11:05:19.0798 3044 C:\WINDOWS\System32\shdocvw.dll - ok
11:05:19.0813 3044 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\WINDOWS\System32\browseui.dll
11:05:19.0813 3044 C:\WINDOWS\System32\browseui.dll - ok
11:05:19.0813 3044 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\WINDOWS\System32\tcpmon.dll
11:05:19.0813 3044 C:\WINDOWS\System32\tcpmon.dll - ok
11:05:19.0829 3044 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\WINDOWS\System32\HotStartUserAgent.dll
11:05:19.0829 3044 C:\WINDOWS\System32\HotStartUserAgent.dll - ok
11:05:19.0829 3044 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\WINDOWS\System32\snmpapi.dll
11:05:19.0829 3044 C:\WINDOWS\System32\snmpapi.dll - ok
11:05:19.0829 3044 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\WINDOWS\System32\wsnmp32.dll
11:05:19.0829 3044 C:\WINDOWS\System32\wsnmp32.dll - ok
11:05:19.0844 3044 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\WINDOWS\System32\EhStorShell.dll
11:05:19.0844 3044 C:\WINDOWS\System32\EhStorShell.dll - ok
11:05:19.0844 3044 [ 024528E25BBE8768536861EA09BE1672 ] C:\WINDOWS\System32\msxml6.dll
11:05:19.0844 3044 C:\WINDOWS\System32\msxml6.dll - ok
11:05:19.0860 3044 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\WINDOWS\System32\PlaySndSrv.dll
11:05:19.0860 3044 C:\WINDOWS\System32\PlaySndSrv.dll - ok
11:05:19.0860 3044 [ 43E1054C713C48D252A1826C5E14AACA ] C:\WINDOWS\System32\MsCtfMonitor.dll
11:05:19.0860 3044 C:\WINDOWS\System32\MsCtfMonitor.dll - ok
11:05:19.0860 3044 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\WINDOWS\System32\msutb.dll
11:05:19.0860 3044 C:\WINDOWS\System32\msutb.dll - ok
11:05:19.0876 3044 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\WINDOWS\System32\mgmtapi.dll
11:05:19.0876 3044 C:\WINDOWS\System32\mgmtapi.dll - ok
11:05:19.0876 3044 [ 5091452DC719281CF1DD69367E13B494 ] C:\WINDOWS\System32\tcpmib.dll
11:05:19.0876 3044 C:\WINDOWS\System32\tcpmib.dll - ok
11:05:19.0891 3044 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\WINDOWS\System32\usbmon.dll
11:05:19.0891 3044 C:\WINDOWS\System32\usbmon.dll - ok
11:05:19.0891 3044 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\WINDOWS\System32\WSDApi.dll
11:05:19.0891 3044 C:\WINDOWS\System32\WSDApi.dll - ok
11:05:19.0891 3044 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\WINDOWS\System32\WSDMon.dll
11:05:19.0891 3044 C:\WINDOWS\System32\WSDMon.dll - ok
11:05:19.0907 3044 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
11:05:19.0907 3044 C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok
11:05:19.0907 3044 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\WINDOWS\System32\cfgmgr32.dll
11:05:19.0907 3044 C:\WINDOWS\System32\cfgmgr32.dll - ok
11:05:19.0907 3044 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\WINDOWS\System32\httpapi.dll
11:05:19.0907 3044 C:\WINDOWS\System32\httpapi.dll - ok
11:05:19.0922 3044 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\WINDOWS\System32\fundisc.dll
11:05:19.0922 3044 C:\WINDOWS\System32\fundisc.dll - ok
11:05:19.0922 3044 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\WINDOWS\System32\msxml3.dll
11:05:19.0922 3044 C:\WINDOWS\System32\msxml3.dll - ok
11:05:19.0938 3044 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
11:05:19.0938 3044 C:\WINDOWS\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
11:05:19.0938 3044 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
11:05:19.0938 3044 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
11:05:19.0954 3044 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
11:05:19.0954 3044 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
11:05:19.0954 3044 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
11:05:19.0954 3044 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
11:05:19.0954 3044 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\WINDOWS\System32\win32spl.dll
11:05:19.0954 3044 C:\WINDOWS\System32\win32spl.dll - ok
11:05:19.0969 3044 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\WINDOWS\System32\inetpp.dll
11:05:19.0969 3044 C:\WINDOWS\System32\inetpp.dll - ok
11:05:19.0969 3044 [ 4BF053944E973C073339BE841C9ECF28 ] C:\WINDOWS\System32\netrap.dll
11:05:19.0969 3044 C:\WINDOWS\System32\netrap.dll - ok
11:05:19.0985 3044 [ E340845C8E96D107C36420065D7A5733 ] C:\WINDOWS\System32\printcom.dll
11:05:19.0985 3044 C:\WINDOWS\System32\printcom.dll - ok
11:05:19.0985 3044 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
11:05:19.0985 3044 C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll - ok
11:05:19.0985 3044 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\WINDOWS\System32\imageres.dll
11:05:19.0985 3044 C:\WINDOWS\System32\imageres.dll - ok
11:05:20.0000 3044 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\WINDOWS\System32\IconCodecService.dll
11:05:20.0000 3044 C:\WINDOWS\System32\IconCodecService.dll - ok
11:05:20.0000 3044 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\WINDOWS\System32\TMM.dll
11:05:20.0000 3044 C:\WINDOWS\System32\TMM.dll - ok
11:05:20.0016 3044 [ 5DDD39256E650A9BB96A41B06E1056CC ] C:\WINDOWS\System32\nvapi.dll
11:05:20.0016 3044 C:\WINDOWS\System32\nvapi.dll - ok
11:05:20.0016 3044 [ A324D72A06C110152E7607745F39BFA1 ] C:\WINDOWS\System32\netmsg.dll
11:05:20.0016 3044 C:\WINDOWS\System32\netmsg.dll - ok
11:05:20.0032 3044 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\WINDOWS\System32\activeds.dll
11:05:20.0032 3044 C:\WINDOWS\System32\activeds.dll - ok
11:05:20.0032 3044 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\WINDOWS\System32\adsldpc.dll
11:05:20.0032 3044 C:\WINDOWS\System32\adsldpc.dll - ok
11:05:20.0032 3044 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\WINDOWS\System32\clusapi.dll
11:05:20.0032 3044 C:\WINDOWS\System32\clusapi.dll - ok
11:05:20.0047 3044 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\WINDOWS\System32\credui.dll
11:05:20.0047 3044 C:\WINDOWS\System32\credui.dll - ok
11:05:20.0047 3044 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\WINDOWS\System32\resutils.dll
11:05:20.0047 3044 C:\WINDOWS\System32\resutils.dll - ok
11:05:20.0063 3044 [ 452341E471D2D961229DFE0842957272 ] C:\WINDOWS\System32\sscore.dll
11:05:20.0063 3044 C:\WINDOWS\System32\sscore.dll - ok
11:05:20.0063 3044 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\WINDOWS\System32\QAGENT.DLL
11:05:20.0063 3044 C:\WINDOWS\System32\QAGENT.DLL - ok
11:05:20.0063 3044 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\WINDOWS\System32\FWPUCLNT.DLL
11:05:20.0063 3044 C:\WINDOWS\System32\FWPUCLNT.DLL - ok
11:05:20.0078 3044 [ 769D027B977CED05658C85E698D3C5B1 ] C:\WINDOWS\System32\QUTIL.DLL
11:05:20.0078 3044 C:\WINDOWS\System32\QUTIL.DLL - ok
11:05:20.0078 3044 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\WINDOWS\System32\drivers\parport.sys
11:05:20.0078 3044 C:\WINDOWS\System32\drivers\parport.sys - ok
11:05:20.0078 3044 [ 1474F121C3DF1232D3E7239C03691EE6 ] C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
11:05:20.0078 3044 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe - ok
11:05:20.0094 3044 [ 232C0B9155F6A2C3736A9488F0C456DA ] C:\Program Files\Adobe\Elements 9 Organizer\platform.DLL
11:05:20.0094 3044 C:\Program Files\Adobe\Elements 9 Organizer\platform.DLL - ok
11:05:20.0094 3044 [ 20F6F19FE9E753F2780DC2FA083AD597 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:05:20.0094 3044 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
11:05:20.0110 3044 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
11:05:20.0110 3044 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
11:05:20.0110 3044 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
11:05:20.0110 3044 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
11:05:20.0125 3044 [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
11:05:20.0125 3044 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
11:05:20.0125 3044 [ DC70310B3D079D667B67F0C7067209F3 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
11:05:20.0125 3044 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
11:05:20.0125 3044 [ E582816A4855914DEFFC212E12B3B744 ] C:\WINDOWS\System32\wsock32.dll
11:05:20.0125 3044 C:\WINDOWS\System32\wsock32.dll - ok
11:05:20.0141 3044 [ 3B9E8E49E86D22690E08B1350FA9A4D4 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
11:05:20.0141 3044 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
11:05:20.0141 3044 [ 258D35F5F5F5F3F6045488ECDC14FAAB ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
11:05:20.0141 3044 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
11:05:20.0156 3044 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
11:05:20.0156 3044 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
11:05:20.0156 3044 [ 38711BB50D27B7145186F61CE31B3336 ] C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
11:05:20.0156 3044 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll - ok
11:05:20.0156 3044 [ 9E515554A3EA7B70C975F61971C6977D ] C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
11:05:20.0156 3044 C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll - ok
11:05:20.0172 3044 [ 7EF0C8A9A1A57756F4868E3693173C08 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
11:05:20.0172 3044 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
11:05:20.0172 3044 [ D30DD708F05FB85EF2C53727ED3573D2 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
11:05:20.0172 3044 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll - ok
11:05:20.0188 3044 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] C:\Program Files\AVG\AVG2013\avgidsagent.exe
11:05:20.0188 3044 C:\Program Files\AVG\AVG2013\avgidsagent.exe - ok
11:05:20.0188 3044 [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\System32\msvcp100.dll
11:05:20.0188 3044 C:\WINDOWS\System32\msvcp100.dll - ok
11:05:20.0188 3044 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\System32\msvcr100.dll
11:05:20.0188 3044 C:\WINDOWS\System32\msvcr100.dll - ok
11:05:20.0203 3044 [ F036DB9CF05B3C21405403FF074A78D9 ] C:\Program Files\AVG\AVG2013\avgopensslx.dll
11:05:20.0203 3044 C:\Program Files\AVG\AVG2013\avgopensslx.dll - ok
11:05:20.0203 3044 [ A99871BA522CB2539AE275AC18CACC8F ] C:\WINDOWS\System32\cabinet.dll
11:05:20.0203 3044 C:\WINDOWS\System32\cabinet.dll - ok
11:05:20.0219 3044 [ B40F5DCD59ED2A46EED8AE340CC167FB ] C:\Program Files\AVG\AVG2013\avgcfgx.dll
11:05:20.0219 3044 C:\Program Files\AVG\AVG2013\avgcfgx.dll - ok
11:05:20.0219 3044 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] C:\Program Files\AVG\AVG2013\avgwdsvc.exe
11:05:20.0219 3044 C:\Program Files\AVG\AVG2013\avgwdsvc.exe - ok
11:05:20.0219 3044 [ F2060A34C8A75BC24A9222EB4F8C07BD ] C:\Program Files\Bonjour\mDNSResponder.exe
11:05:20.0219 3044 C:\Program Files\Bonjour\mDNSResponder.exe - ok
11:05:20.0234 3044 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\WINDOWS\System32\vssapi.dll
11:05:20.0234 3044 C:\WINDOWS\System32\vssapi.dll - ok
11:05:20.0234 3044 [ F798A893C8C214F74889DBF9D3A412DE ] C:\WINDOWS\System32\cryptnet.dll
11:05:20.0234 3044 C:\WINDOWS\System32\cryptnet.dll - ok
11:05:20.0250 3044 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\WINDOWS\System32\vsstrace.dll
11:05:20.0250 3044 C:\WINDOWS\System32\vsstrace.dll - ok
11:05:20.0250 3044 [ C215E09622118383B236DD56C2065183 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:05:20.0250 3044 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
11:05:20.0250 3044 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\WINDOWS\System32\wdscore.dll
11:05:20.0250 3044 C:\WINDOWS\System32\wdscore.dll - ok
11:05:20.0266 3044 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\WINDOWS\System32\taskschd.dll
11:05:20.0266 3044 C:\WINDOWS\System32\taskschd.dll - ok
11:05:20.0266 3044 [ F5054C87E1035F7ECE54B4BA7D32251F ] C:\Program Files\Common Files\LightScribe\LSLog.dll
11:05:20.0266 3044 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
11:05:20.0281 3044 [ D942F41C920EF342BCA4800036A4E1FE ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
11:05:20.0281 3044 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
11:05:20.0281 3044 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\WINDOWS\System32\diagperf.dll
11:05:20.0281 3044 C:\WINDOWS\System32\diagperf.dll - ok
11:05:20.0281 3044 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\WINDOWS\System32\drivers\mdmxsdk.sys
11:05:20.0281 3044 C:\WINDOWS\System32\drivers\mdmxsdk.sys - ok
11:05:20.0297 3044 [ 21322832C99E8DE85BD047689A2A69DB ] C:\WINDOWS\System32\pnpts.dll
11:05:20.0297 3044 C:\WINDOWS\System32\pnpts.dll - ok
11:05:20.0297 3044 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\WINDOWS\System32\drivers\PEAuth.sys
11:05:20.0297 3044 C:\WINDOWS\System32\drivers\PEAuth.sys - ok
11:05:20.0312 3044 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\System32\drivers\secdrv.sys
11:05:20.0312 3044 C:\WINDOWS\System32\drivers\secdrv.sys - ok
11:05:20.0312 3044 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\WINDOWS\System32\drivers\tcpipreg.sys
11:05:20.0312 3044 C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
11:05:20.0312 3044 [ 50D3941555FEFDF46424431702EC5FB6 ] C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
11:05:20.0312 3044 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe - ok
11:05:20.0328 3044 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\WINDOWS\System32\wiatrace.dll
11:05:20.0328 3044 C:\WINDOWS\System32\wiatrace.dll - ok
11:05:20.0328 3044 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\WINDOWS\System32\ncsi.dll
11:05:20.0328 3044 C:\WINDOWS\System32\ncsi.dll - ok
11:05:20.0344 3044 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\WINDOWS\System32\wsdchngr.dll
11:05:20.0344 3044 C:\WINDOWS\System32\wsdchngr.dll - ok
11:05:20.0344 3044 [ 0C84B6AFFA7486422235584110D7176F ] C:\WINDOWS\System32\icaapi.dll
11:05:20.0344 3044 C:\WINDOWS\System32\icaapi.dll - ok
11:05:20.0344 3044 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\WINDOWS\System32\ssdpapi.dll
11:05:20.0344 3044 C:\WINDOWS\System32\ssdpapi.dll - ok
11:05:20.0359 3044 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\WINDOWS\System32\sfc_os.dll
11:05:20.0359 3044 C:\WINDOWS\System32\sfc_os.dll - ok
11:05:20.0359 3044 [ 57616A5583E6406F88BC71A5A5E0C165 ] C:\Program Files\AVG\AVG2013\avgwd.dll
11:05:20.0359 3044 C:\Program Files\AVG\AVG2013\avgwd.dll - ok
11:05:20.0375 3044 [ B26C0D2B2186AC508B5EFF976BB7FF9D ] C:\WINDOWS\System32\PortableDeviceApi.dll
11:05:20.0375 3044 C:\WINDOWS\System32\PortableDeviceApi.dll - ok
11:05:20.0375 3044 [ DEB9D08750423069647C3A066CEC7A1B ] C:\WINDOWS\System32\tquery.dll
11:05:20.0375 3044 C:\WINDOWS\System32\tquery.dll - ok
11:05:20.0375 3044 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\WINDOWS\System32\wbemcomn.dll
11:05:20.0375 3044 C:\WINDOWS\System32\wbemcomn.dll - ok
11:05:20.0390 3044 [ 218B73EA8341EA9FDF018D43052E790A ] C:\WINDOWS\System32\mssrch.dll
11:05:20.0390 3044 C:\WINDOWS\System32\mssrch.dll - ok
11:05:20.0390 3044 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
11:05:20.0390 3044 C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
11:05:20.0406 3044 [ 13B5F255E90624A5BA0441D39CFB6BE2 ] C:\WINDOWS\System32\drivers\WUDFPf.sys
11:05:20.0406 3044 C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
11:05:20.0406 3044 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] C:\WINDOWS\System32\drivers\WUDFRd.sys
11:05:20.0406 3044 C:\WINDOWS\System32\drivers\WUDFRd.sys - ok
11:05:20.0406 3044 [ DAB33CFA9DD24251AAA389FF36B64D4B ] C:\WINDOWS\System32\drivers\XAudio.sys
11:05:20.0406 3044 C:\WINDOWS\System32\drivers\XAudio.sys - ok
11:05:20.0422 3044 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\WINDOWS\System32\msidle.dll
11:05:20.0422 3044 C:\WINDOWS\System32\msidle.dll - ok
11:05:20.0422 3044 [ CD5F291A1161F15896D1A4D63DAFF5DF ] C:\WINDOWS\System32\drivers\XAudio.exe
11:05:20.0422 3044 C:\WINDOWS\System32\drivers\XAudio.exe - ok
11:05:20.0422 3044 [ FEA6D21F78922D641A0C9346D885133B ] C:\WINDOWS\System32\mssprxy.dll
11:05:20.0422 3044 C:\WINDOWS\System32\mssprxy.dll - ok
11:05:20.0437 3044 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\WINDOWS\System32\Query.dll
11:05:20.0437 3044 C:\WINDOWS\System32\Query.dll - ok
11:05:20.0437 3044 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\WINDOWS\System32\netprofm.dll
11:05:20.0437 3044 C:\WINDOWS\System32\netprofm.dll - ok
11:05:20.0453 3044 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\WINDOWS\System32\npmproxy.dll
11:05:20.0453 3044 C:\WINDOWS\System32\npmproxy.dll - ok
11:05:20.0453 3044 [ 9E30B21B14FB24C383AC255BDFA47E0E ] C:\Program Files\AVG\AVG2013\avgsecapix.dll
11:05:20.0453 3044 C:\Program Files\AVG\AVG2013\avgsecapix.dll - ok
11:05:20.0453 3044 [ 09C7859269563C240AB2AAAB574483DD ] C:\WINDOWS\System32\WUDFHost.exe
11:05:20.0453 3044 C:\WINDOWS\System32\WUDFHost.exe - ok
11:05:20.0468 3044 [ 4B72B5B342ADA4DE8DEEA39CCE465B58 ] C:\WINDOWS\System32\WUDFx.dll
11:05:20.0468 3044 C:\WINDOWS\System32\WUDFx.dll - ok
11:05:20.0468 3044 [ 45A9B22EF9A4FADFA02D60ACCB4E8202 ] C:\WINDOWS\System32\drivers\UMDF\WpdFs.dll
11:05:20.0468 3044 C:\WINDOWS\System32\drivers\UMDF\WpdFs.dll - ok
11:05:20.0468 3044 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\WINDOWS\System32\WMVCORE.DLL
11:05:20.0468 3044 C:\WINDOWS\System32\WMVCORE.DLL - ok
11:05:20.0484 3044 [ 491918E4C46ED4CEB6E7A90F7B73924D ] C:\Program Files\AVG\AVG2013\avgxpl.dll
11:05:20.0484 3044 C:\Program Files\AVG\AVG2013\avgxpl.dll - ok
11:05:20.0484 3044 [ F67480EE1AC3CB32C63AF86B0AE57AC9 ] C:\Program Files\AVG\AVG2013\avgwdwsc.dll
11:05:20.0484 3044 C:\Program Files\AVG\AVG2013\avgwdwsc.dll - ok
11:05:20.0500 3044 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\WINDOWS\System32\wscapi.dll
11:05:20.0500 3044 C:\WINDOWS\System32\wscapi.dll - ok
11:05:20.0500 3044 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\WINDOWS\System32\wbem\wbemprox.dll
11:05:20.0500 3044 C:\WINDOWS\System32\wbem\wbemprox.dll - ok
11:05:20.0500 3044 [ 1CA7C04957F8419E426E334B5FF2D0FA ] C:\Program Files\AVG\AVG2013\avgnsx.exe
11:05:20.0500 3044 C:\Program Files\AVG\AVG2013\avgnsx.exe - ok
11:05:20.0515 3044 [ A4932026499FFE9A493E3E9BBFDAA682 ] C:\Program Files\AVG\AVG2013\avgemcx.exe
11:05:20.0515 3044 C:\Program Files\AVG\AVG2013\avgemcx.exe - ok
11:05:20.0515 3044 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\WINDOWS\System32\en-US\tquery.dll.mui
11:05:20.0515 3044 C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
11:05:20.0531 3044 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\WINDOWS\System32\wbem\wbemcore.dll
11:05:20.0531 3044 C:\WINDOWS\System32\wbem\wbemcore.dll - ok
11:05:20.0531 3044 [ E9296800685ED622132C0E1FA9241F92 ] C:\Program Files\AVG\AVG2013\avgkrnlapix.dll
11:05:20.0531 3044 C:\Program Files\AVG\AVG2013\avgkrnlapix.dll - ok
11:05:20.0531 3044 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\WINDOWS\System32\esent.dll
11:05:20.0531 3044 C:\WINDOWS\System32\esent.dll - ok
11:05:20.0546 3044 [ 8622AE563E2AC2F8BF9FAFEE726FC7B8 ] C:\Program Files\AVG\AVG2013\avgsched.dll
11:05:20.0546 3044 C:\Program Files\AVG\AVG2013\avgsched.dll - ok
11:05:20.0546 3044 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\WINDOWS\System32\wbem\esscli.dll
11:05:20.0546 3044 C:\WINDOWS\System32\wbem\esscli.dll - ok
11:05:20.0562 3044 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\WINDOWS\System32\wbem\fastprox.dll
11:05:20.0562 3044 C:\WINDOWS\System32\wbem\fastprox.dll - ok
11:05:20.0562 3044 [ FF9AFBD2864BBEA6A9E7F90F8C94F6B7 ] C:\Program Files\AVG\AVG2013\avgidpsdkx.dll
11:05:20.0562 3044 C:\Program Files\AVG\AVG2013\avgidpsdkx.dll - ok
11:05:20.0562 3044 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\WINDOWS\System32\WMASF.DLL
11:05:20.0562 3044 C:\WINDOWS\System32\WMASF.DLL - ok
11:05:20.0578 3044 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\WINDOWS\System32\msscb.dll
11:05:20.0578 3044 C:\WINDOWS\System32\msscb.dll - ok
11:05:20.0578 3044 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\WINDOWS\System32\wbem\wbemsvc.dll
11:05:20.0578 3044 C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
11:05:20.0593 3044 [ 5A87FD90634C9A05157469DA2441EBB4 ] C:\WINDOWS\System32\PortableDeviceClassExtension.dll
11:05:20.0593 3044 C:\WINDOWS\System32\PortableDeviceClassExtension.dll - ok
11:05:20.0593 3044 [ 290A5AA84C6F06E0B82E94F419FEE9C5 ] C:\WINDOWS\System32\PortableDeviceTypes.dll
11:05:20.0593 3044 C:\WINDOWS\System32\PortableDeviceTypes.dll - ok
11:05:20.0593 3044 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\WINDOWS\System32\wbem\wmiutils.dll
11:05:20.0593 3044 C:\WINDOWS\System32\wbem\wmiutils.dll - ok
11:05:20.0609 3044 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\WINDOWS\System32\wbem\repdrvfs.dll
11:05:20.0609 3044 C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
11:05:20.0609 3044 [ F0062778F50838145AC46B384FFB4FA3 ] C:\WINDOWS\System32\pcadm.dll
11:05:20.0609 3044 C:\WINDOWS\System32\pcadm.dll - ok
11:05:20.0624 3044 [ B288FF7C1987A736726E87C79148C360 ] C:\WINDOWS\System32\PortableDeviceWiaCompat.dll
11:05:20.0624 3044 C:\WINDOWS\System32\PortableDeviceWiaCompat.dll - ok
11:05:20.0624 3044 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
11:05:20.0624 3044 C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
11:05:20.0624 3044 [ A609A192E98934A8D352704C99AB8577 ] C:\WINDOWS\System32\wbem\wbemess.dll
11:05:20.0624 3044 C:\WINDOWS\System32\wbem\wbemess.dll - ok
11:05:20.0640 3044 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\WINDOWS\System32\runonce.exe
11:05:20.0640 3044 C:\WINDOWS\System32\runonce.exe - ok
11:05:20.0640 3044 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\WINDOWS\System32\cmd.exe
11:05:20.0640 3044 C:\WINDOWS\System32\cmd.exe - ok
11:05:20.0656 3044 [ BA7488EA536BCDD2F551A075BBE62C76 ] C:\WINDOWS\System32\ieframe.dll
11:05:20.0656 3044 C:\WINDOWS\System32\ieframe.dll - ok
11:05:20.0656 3044 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Brian\AppData\Local\Temp\4403CF49-5C1D-47B1-A67C-12EA8E34FF42.exe
11:05:20.0656 3044 C:\Users\Brian\AppData\Local\Temp\4403CF49-5C1D-47B1-A67C-12EA8E34FF42.exe - ok
11:05:20.0656 3044 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\WINDOWS\System32\p2pcollab.dll
11:05:20.0656 3044 C:\WINDOWS\System32\p2pcollab.dll - ok
11:05:20.0671 3044 [ 906171762AC9BFE8C94310749DE2B7A6 ] C:\WINDOWS\System32\iedkcs32.dll
11:05:20.0671 3044 C:\WINDOWS\System32\iedkcs32.dll - ok
11:05:20.0671 3044 [ 4B19A9A4191353007E9819A832B81186 ] C:\WINDOWS\System32\timedate.cpl
11:05:20.0671 3044 C:\WINDOWS\System32\timedate.cpl - ok
11:05:20.0687 3044 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\WINDOWS\System32\actxprxy.dll
11:05:20.0687 3044 C:\WINDOWS\System32\actxprxy.dll - ok
11:05:20.0687 3044 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\WINDOWS\System32\linkinfo.dll
11:05:20.0687 3044 C:\WINDOWS\System32\linkinfo.dll - ok
11:05:20.0687 3044 [ 151B2D097C7182898387994CEA34890B ] C:\WINDOWS\RtHDVCpl.exe
11:05:20.0687 3044 C:\WINDOWS\RtHDVCpl.exe - ok
11:05:20.0687 3044 [ 9A4322EE420D6FACD4D4B1FF6CB856B1 ] C:\hp\support\hpsysdrv.exe
11:05:20.0687 3044 C:\hp\support\hpsysdrv.exe - ok
11:05:20.0702 3044 [ 4B555106290BD117334E9A08761C035A ] C:\WINDOWS\System32\rundll32.exe
11:05:20.0702 3044 C:\WINDOWS\System32\rundll32.exe - ok
11:05:20.0702 3044 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\WINDOWS\System32\dsound.dll
11:05:20.0702 3044 C:\WINDOWS\System32\dsound.dll - ok
11:05:20.0718 3044 [ 8B9145D229D4E89D15ACB820D4A3A90F ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
11:05:20.0718 3044 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
11:05:20.0718 3044 [ BB7481A1306823D1B6592263F1AB8DD7 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
11:05:20.0718 3044 C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
11:05:20.0718 3044 [ D6804F089CBB6749E95124E7C4D80900 ] C:\WINDOWS\AppPatch\AcLayers.dll
11:05:20.0718 3044 C:\WINDOWS\AppPatch\AcLayers.dll - ok
11:05:20.0734 3044 [ 114A0EC86D92E2C1E5F66A4FA64024F6 ] C:\WINDOWS\System32\nvcpl.dll
11:05:20.0734 3044 C:\WINDOWS\System32\nvcpl.dll - ok
11:05:20.0734 3044 [ 27CFFB1E41A2BE2A25957A679BD84E10 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
11:05:20.0734 3044 C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
11:05:20.0749 3044 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:05:20.0749 3044 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
11:05:20.0749 3044 [ 0AEE5668EB59912F32FF245BFA72465F ] C:\Program Files\QuickTime\QTTask.exe
11:05:20.0749 3044 C:\Program Files\QuickTime\QTTask.exe - ok
11:05:20.0749 3044 [ 7D906E10C9442B5FEF043D6C20A202B9 ] C:\WINDOWS\System32\nvmctray.dll
11:05:20.0749 3044 C:\WINDOWS\System32\nvmctray.dll - ok
11:05:20.0765 3044 [ 2EFEDB3A2883CDCA299D26BF20803F5C ] C:\WINDOWS\System32\nvsvc.dll
11:05:20.0765 3044 C:\WINDOWS\System32\nvsvc.dll - ok
11:05:20.0765 3044 [ 14D24A2B96069A48A578C605F6D68E29 ] C:\Program Files\iTunes\iTunesHelper.exe
11:05:20.0765 3044 C:\Program Files\iTunes\iTunesHelper.exe - ok
11:05:20.0780 3044 [ 5016B8FC59AD616F03813FBE63295081 ] C:\WINDOWS\System32\thumbcache.dll
11:05:20.0780 3044 C:\WINDOWS\System32\thumbcache.dll - ok
11:05:20.0780 3044 [ 836731F87FED9282FF708B1825E56DAE ] C:\Program Files\iTunes\iTunesHelper.dll
11:05:20.0780 3044 C:\Program Files\iTunes\iTunesHelper.dll - ok
11:05:20.0780 3044 [ 3B104EE76B142ECDFCD38ED80F0098A5 ] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe
11:05:20.0780 3044 C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe - ok
11:05:20.0796 3044 [ 9DADF1A809ECEC86F04BDE35190D59FE ] C:\Program Files\AVG\AVG2013\avgui.exe
11:05:20.0796 3044 C:\Program Files\AVG\AVG2013\avgui.exe - ok
11:05:20.0796 3044 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
11:05:20.0796 3044 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
11:05:20.0812 3044 [ BF08674925F151BD4537B89A493E3E0C ] C:\WINDOWS\ehome\ehtray.exe
11:05:20.0812 3044 C:\WINDOWS\ehome\ehtray.exe - ok
11:05:20.0812 3044 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\WINDOWS\System32\mfc100u.dll
11:05:20.0812 3044 C:\WINDOWS\System32\mfc100u.dll - ok
11:05:20.0812 3044 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
11:05:20.0812 3044 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
11:05:20.0827 3044 [ 5C1008C2C84844B2155979A53D1E273B ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
11:05:20.0827 3044 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
11:05:20.0827 3044 [ 79BED8CAB3E3292643B90BFBAEC8330B ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
11:05:20.0827 3044 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
11:05:20.0843 3044 [ 5F68C19BAB20142D62F6867F762CCC7F ] C:\Program Files\AVG Secure Search\vprot.exe
11:05:20.0843 3044 C:\Program Files\AVG Secure Search\vprot.exe - ok
11:05:20.0843 3044 [ 2CAC5F1C11BA3163BBE7A2E5302BDCC8 ] C:\Program Files\Nikon\Nikon Message Center 2\NkRSSLib.dll
11:05:20.0843 3044 C:\Program Files\Nikon\Nikon Message Center 2\NkRSSLib.dll - ok
11:05:20.0843 3044 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\WINDOWS\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
11:05:20.0843 3044 C:\WINDOWS\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
11:05:20.0858 3044 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\WINDOWS\System32\ntshrui.dll
11:05:20.0858 3044 C:\WINDOWS\System32\ntshrui.dll - ok
11:05:20.0858 3044 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\WINDOWS\System32\msiltcfg.dll
11:05:20.0858 3044 C:\WINDOWS\System32\msiltcfg.dll - ok
11:05:20.0874 3044 [ 8734923280253A06E315995375FF342B ] C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe
11:05:20.0874 3044 C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe - ok
11:05:20.0874 3044 [ E5E317948D5F2B28A7D7A2E8F29F1008 ] C:\Program Files\Internet Explorer\iexplore.exe
11:05:20.0874 3044 C:\Program Files\Internet Explorer\iexplore.exe - ok
11:05:20.0874 3044 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe
11:05:20.0874 3044 C:\Program Files\Windows Mail\WinMail.exe - ok
11:05:20.0890 3044 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe
11:05:20.0890 3044 C:\Program Files\Windows Media Player\wmplayer.exe - ok
11:05:20.0890 3044 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\WINDOWS\System32\notepad.exe
11:05:20.0890 3044 C:\WINDOWS\System32\notepad.exe - ok
11:05:20.0905 3044 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\WINDOWS\System32\control.exe
11:05:20.0905 3044 C:\WINDOWS\System32\control.exe - ok
11:05:20.0905 3044 [ 941486AB385556BF6A62342F8CA15BD8 ] C:\WINDOWS\System32\accessibilitycpl.dll
11:05:20.0905 3044 C:\WINDOWS\System32\accessibilitycpl.dll - ok
11:05:20.0921 3044 [ EC69B16644C613F41A57169F8D068F1D ] C:\WINDOWS\System32\batmeter.dll
11:05:20.0921 3044 C:\WINDOWS\System32\batmeter.dll - ok
11:05:20.0921 3044 [ 8EAE44A2EBCBB5D12C5454573EA1F621 ] C:\WINDOWS\System32\stobject.dll
11:05:20.0921 3044 C:\WINDOWS\System32\stobject.dll - ok
11:05:20.0921 3044 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\WINDOWS\System32\Magnify.exe
11:05:20.0921 3044 C:\WINDOWS\System32\Magnify.exe - ok
11:05:20.0936 3044 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\WINDOWS\System32\Narrator.exe
11:05:20.0936 3044 C:\WINDOWS\System32\Narrator.exe - ok
11:05:20.0936 3044 [ 30F02D9C55053367E26A11482F51E255 ] C:\WINDOWS\System32\SndVolSSO.dll
11:05:20.0936 3044 C:\WINDOWS\System32\SndVolSSO.dll - ok
11:05:20.0952 3044 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\System32\drivers\76764277.sys
11:05:20.0952 3044 C:\WINDOWS\System32\drivers\76764277.sys - ok
11:05:20.0952 3044 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\WINDOWS\System32\osk.exe
11:05:20.0952 3044 C:\WINDOWS\System32\osk.exe - ok
11:05:20.0968 3044 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\WINDOWS\System32\networkexplorer.dll
11:05:20.0968 3044 C:\WINDOWS\System32\networkexplorer.dll - ok
11:05:20.0968 3044 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\WINDOWS\ehome\ehSSO.dll
11:05:20.0968 3044 C:\WINDOWS\ehome\ehSSO.dll - ok
11:05:20.0968 3044 [ C6D9383C4119A59AAD70DBC4A974B8B4 ] C:\Program Files\IrfanView\i_view32.exe
11:05:20.0968 3044 C:\Program Files\IrfanView\i_view32.exe - ok
11:05:20.0983 3044 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\WINDOWS\System32\mfc100enu.dll
11:05:20.0983 3044 C:\WINDOWS\System32\mfc100enu.dll - ok
11:05:20.0983 3044 [ 0F4195B9B348DE5CF9B822F81704B20E ] C:\WINDOWS\ehome\ehmsas.exe
11:05:20.0983 3044 C:\WINDOWS\ehome\ehmsas.exe - ok
11:05:20.0999 3044 [ E98E402067978DB38282158F9E8609CA ] C:\WINDOWS\System32\netshell.dll
11:05:20.0999 3044 C:\WINDOWS\System32\netshell.dll - ok
11:05:20.0999 3044 [ 4A938E44BEB41641B70175DACAB1BBB0 ] C:\WINDOWS\ehome\ehProxy.dll
11:05:20.0999 3044 C:\WINDOWS\ehome\ehProxy.dll - ok
11:05:21.0014 3044 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
11:05:21.0014 3044 C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
11:05:21.0014 3044 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\WINDOWS\System32\pnidui.dll
11:05:21.0014 3044 C:\WINDOWS\System32\pnidui.dll - ok
11:05:21.0014 3044 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\WINDOWS\System32\wlanutil.dll
11:05:21.0014 3044 C:\WINDOWS\System32\wlanutil.dll - ok
11:05:21.0030 3044 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\WINDOWS\System32\fdProxy.dll
11:05:21.0030 3044 C:\WINDOWS\System32\fdProxy.dll - ok
11:05:21.0030 3044 [ 61216539E55DDF2F78E421E7EF140650 ] C:\WINDOWS\System32\ExplorerFrame.dll
11:05:21.0030 3044 C:\WINDOWS\System32\ExplorerFrame.dll - ok
11:05:21.0046 3044 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\WINDOWS\System32\fdWSD.dll
11:05:21.0046 3044 C:\WINDOWS\System32\fdWSD.dll - ok
11:05:21.0046 3044 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\WINDOWS\System32\mlang.dll
11:05:21.0046 3044 C:\WINDOWS\System32\mlang.dll - ok
11:05:21.0046 3044 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\WINDOWS\System32\fdSSDP.dll
11:05:21.0046 3044 C:\WINDOWS\System32\fdSSDP.dll - ok
11:05:21.0061 3044 [ 8D28B41A5092EFE3D09E16E97A51BA1A ] C:\Program Files\IrfanView\iv_uninstall.exe
11:05:21.0061 3044 C:\Program Files\IrfanView\iv_uninstall.exe - ok
11:05:21.0061 3044 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\WINDOWS\System32\rasdlg.dll
11:05:21.0061 3044 C:\WINDOWS\System32\rasdlg.dll - ok
11:05:21.0077 3044 [ DF121B3EDFDAFE1F8ADF352AD733DC23 ] C:\Users\Brian\AppData\Roaming\NCH Swift Sound\Program Files\ToolBox\toolbox.exe
11:05:21.0077 3044 C:\Users\Brian\AppData\Roaming\NCH Swift Sound\Program Files\ToolBox\toolbox.exe - ok
11:05:21.0077 3044 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\WINDOWS\System32\mprapi.dll
11:05:21.0077 3044 C:\WINDOWS\System32\mprapi.dll - ok
11:05:21.0077 3044 [ 9A2FEB8986FD0277547B9A9D4A37DA76 ] C:\Users\Brian\AppData\Roaming\NCH Swift Sound\Program Files\ToolBox\uninst.exe
11:05:21.0077 3044 C:\Users\Brian\AppData\Roaming\NCH Swift Sound\Program Files\ToolBox\uninst.exe - ok
11:05:21.0092 3044 [ 250ADEEEE07348C9E2F130F009A8A20C ] C:\WINDOWS\System32\shutdown.exe
11:05:21.0092 3044 C:\WINDOWS\System32\shutdown.exe - ok
11:05:21.0092 3044 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
11:05:21.0092 3044 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
11:05:21.0108 3044 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\WINDOWS\System32\wlanapi.dll
11:05:21.0108 3044 C:\WINDOWS\System32\wlanapi.dll - ok
11:05:21.0108 3044 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
11:05:21.0108 3044 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
11:05:21.0108 3044 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\WINDOWS\System32\onex.dll
11:05:21.0108 3044 C:\WINDOWS\System32\onex.dll - ok
11:05:21.0124 3044 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\WINDOWS\System32\eappprxy.dll
11:05:21.0124 3044 C:\WINDOWS\System32\eappprxy.dll - ok
11:05:21.0124 3044 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\WINDOWS\System32\eappcfg.dll
11:05:21.0124 3044 C:\WINDOWS\System32\eappcfg.dll - ok
11:05:21.0139 3044 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\WINDOWS\System32\wmpmde.dll
11:05:21.0139 3044 C:\WINDOWS\System32\wmpmde.dll - ok
11:05:21.0139 3044 [ 8BCCD8E66C94135E88D401F0331B6DEF ] C:\WINDOWS\System32\mf.dll
11:05:21.0139 3044 C:\WINDOWS\System32\mf.dll - ok
11:05:21.0139 3044 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\WINDOWS\System32\AltTab.dll
11:05:21.0139 3044 C:\WINDOWS\System32\AltTab.dll - ok
11:05:21.0155 3044 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\WINDOWS\System32\evr.dll
11:05:21.0155 3044 C:\WINDOWS\System32\evr.dll - ok
11:05:21.0155 3044 [ A216F1C708CA4CBB7E1EB096C3A7EC5F ] C:\WINDOWS\System32\WPDShServiceObj.dll
11:05:21.0155 3044 C:\WINDOWS\System32\WPDShServiceObj.dll - ok
11:05:21.0170 3044 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\WINDOWS\System32\srchadmin.dll
11:05:21.0170 3044 C:\WINDOWS\System32\srchadmin.dll - ok
11:05:21.0170 3044 [ 4DF10CE50010D70152944B51E03588B0 ] C:\WINDOWS\System32\wmdrmsdk.dll
11:05:21.0170 3044 C:\WINDOWS\System32\wmdrmsdk.dll - ok
11:05:21.0170 3044 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\System32\webcheck.dll
11:05:21.0170 3044 C:\WINDOWS\System32\webcheck.dll - ok
11:05:21.0186 3044 [ 069385484EA57B663D688894C88975C5 ] C:\WINDOWS\System32\wuapp.exe
11:05:21.0186 3044 C:\WINDOWS\System32\wuapp.exe - ok
11:05:21.0186 3044 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\WINDOWS\System32\dxva2.dll
11:05:21.0186 3044 C:\WINDOWS\System32\dxva2.dll - ok
11:05:21.0202 3044 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\WINDOWS\System32\upnp.dll
11:05:21.0202 3044 C:\WINDOWS\System32\upnp.dll - ok
11:05:21.0202 3044 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\WINDOWS\System32\wmp.dll
11:05:21.0202 3044 C:\WINDOWS\System32\wmp.dll - ok
11:05:21.0202 3044 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\WINDOWS\System32\SyncCenter.dll
11:05:21.0202 3044 C:\WINDOWS\System32\SyncCenter.dll - ok
11:05:21.0217 3044 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\WINDOWS\System32\wucltux.dll
11:05:21.0217 3044 C:\WINDOWS\System32\wucltux.dll - ok
11:05:21.0217 3044 [ C3D3839CD36FBBD7C6FA5D06B34161E2 ] C:\Program Files\WinSCP\DragExt.dll
11:05:21.0217 3044 C:\Program Files\WinSCP\DragExt.dll - ok
11:05:21.0217 3044 [ 8F58544719E1C435BC36A8B207096581 ] C:\WINDOWS\System32\verclsid.exe
11:05:21.0217 3044 C:\WINDOWS\System32\verclsid.exe - ok
11:05:21.0233 3044 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\WINDOWS\System32\imapi2.dll
11:05:21.0233 3044 C:\WINDOWS\System32\imapi2.dll - ok
11:05:21.0233 3044 [ 47FAE63BEEEECCADDDC33C0CCC40DB08 ] C:\Program Files\Adobe\Adobe Help\Adobe Help.exe
11:05:21.0233 3044 C:\Program Files\Adobe\Adobe Help\Adobe Help.exe - ok
11:05:21.0248 3044 [ 6BC3AF86A3E60A29917097046E4CF771 ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.1\lightroom.exe
11:05:21.0248 3044 C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.1\lightroom.exe - ok
11:05:21.0248 3044 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\WINDOWS\System32\msvfw32.dll
11:05:21.0248 3044 C:\WINDOWS\System32\msvfw32.dll - ok
11:05:21.0248 3044 [ 5F51BD7F22289AFCD65C00A57605D0EA ] C:\WINDOWS\Installer\{C1575982-F1CA-46DC-A77D-43FF12F2EFC7}\NewShortcut4_C2C2101F05384548B5AF39E0D3B3CB50.exe
11:05:21.0248 3044 C:\WINDOWS\Installer\{C1575982-F1CA-46DC-A77D-43FF12F2EFC7}\NewShortcut4_C2C2101F05384548B5AF39E0D3B3CB50.exe - ok
11:05:21.0264 3044 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\WINDOWS\System32\wmploc.DLL
11:05:21.0264 3044 C:\WINDOWS\System32\wmploc.DLL - ok
11:05:21.0264 3044 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\WINDOWS\System32\bthprops.cpl
11:05:21.0264 3044 C:\WINDOWS\System32\bthprops.cpl - ok
11:05:21.0280 3044 [ F3522A6614899A9A0CDAB30B6E086E7E ] C:\Program Files\Adobe\Adobe Premiere Elements 9\Adobe Premiere Elements 9.exe
11:05:21.0280 3044 C:\Program Files\Adobe\Adobe Premiere Elements 9\Adobe Premiere Elements 9.exe - ok
11:05:21.0280 3044 [ 0D4219A8CE01F558ACE85D6A14FCB6AE ] C:\WINDOWS\Installer\{EB9955F8-467C-47FC-90F8-12CD5DF684C3}\NewShortcut2_EB9955F8467C47FC90F812CD5DF684C3.exe
11:05:21.0280 3044 C:\WINDOWS\Installer\{EB9955F8-467C-47FC-90F8-12CD5DF684C3}\NewShortcut2_EB9955F8467C47FC90F812CD5DF684C3.exe - ok
11:05:21.0280 3044 [ 11BD448FD93F7B92D101CCC0C7473FD8 ] C:\WINDOWS\Installer\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\AppleSoftwareUpdateIco.exe
11:05:21.0280 3044 C:\WINDOWS\Installer\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\AppleSoftwareUpdateIco.exe - ok
11:05:21.0295 3044 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\eBay\WizLink.exe
11:05:21.0295 3044 C:\Program Files\Online Services\eBay\WizLink.exe - ok
11:05:21.0295 3044 [ B7ED332A57FC78CA29E40D3619550225 ] C:\WINDOWS\ehome\ehshell.exe
11:05:21.0295 3044 C:\WINDOWS\ehome\ehshell.exe - ok
11:05:21.0311 3044 [ 8728A91948AC0FE779BDF47BC551BAF5 ] C:\WINDOWS\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
11:05:21.0311 3044 C:\WINDOWS\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe - ok
11:05:21.0311 3044 [ 6D796D59977EB52B33B966EAB9C73E6A ] C:\Program Files\Microsoft Works\MSWorks.exe
11:05:21.0311 3044 C:\Program Files\Microsoft Works\MSWorks.exe - ok
11:05:21.0311 3044 [ 8BC00165083171F8DE760AE39D76D003 ] C:\Program Files\Microsoft Works\wksdb.exe
11:05:21.0311 3044 C:\Program Files\Microsoft Works\wksdb.exe - ok
11:05:21.0326 3044 [ D7826A7440444F40E0406CF37FD2FA88 ] C:\Program Files\Mozilla Firefox\firefox.exe
11:05:21.0326 3044 C:\Program Files\Mozilla Firefox\firefox.exe - ok
11:05:21.0326 3044 [ FCAB63DD4E9CE22FC46D48C1DB21E72E ] C:\Program Files\Java\jre1.6.0_01\bin\jpinscp.dll
11:05:21.0326 3044 C:\Program Files\Java\jre1.6.0_01\bin\jpinscp.dll - ok
11:05:21.0342 3044 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\quickenfc\WizLink.exe
11:05:21.0342 3044 C:\Program Files\Online Services\quickenfc\WizLink.exe - ok
11:05:21.0342 3044 [ BA874CF1A0875177D323D40CA43E9A1C ] C:\Program Files\NCH Software\Switch\switch.exe
11:05:21.0342 3044 C:\Program Files\NCH Software\Switch\switch.exe - ok
11:05:21.0342 3044 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
11:05:21.0342 3044 C:\WINDOWS\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
11:05:21.0358 3044 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\WINDOWS\System32\wmpps.dll
11:05:21.0358 3044 C:\WINDOWS\System32\wmpps.dll - ok
11:05:21.0358 3044 [ F8044D9F855EAC06956E09AE0DF0AB04 ] C:\Program Files\NCH Software\WavePad\wavepad.exe
11:05:21.0358 3044 C:\Program Files\NCH Software\WavePad\wavepad.exe - ok
11:05:21.0373 3044 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
11:05:21.0373 3044 C:\Program Files\Windows Calendar\WinCal.exe - ok
11:05:21.0373 3044 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
11:05:21.0373 3044 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
11:05:21.0373 3044 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
11:05:21.0373 3044 C:\Program Files\Windows Mail\wab.exe - ok
11:05:21.0389 3044 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
11:05:21.0389 3044 C:\Program Files\Windows Defender\MSASCui.exe - ok
11:05:21.0389 3044 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
11:05:21.0389 3044 C:\Program Files\Movie Maker\DVDMaker.exe - ok
11:05:21.0404 3044 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
11:05:21.0404 3044 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
11:05:21.0404 3044 [ F723422A11CD6FA13036746272200993 ] C:\WINDOWS\System32\wbem\cimwin32.dll
11:05:21.0404 3044 C:\WINDOWS\System32\wbem\cimwin32.dll - ok
11:05:21.0404 3044 [ 10DE220BDFE330073762F89974DB8403 ] C:\WINDOWS\System32\wbem\wmiprov.dll
11:05:21.0404 3044 C:\WINDOWS\System32\wbem\wmiprov.dll - ok
11:05:21.0420 3044 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\WINDOWS\System32\wmi.dll
11:05:21.0420 3044 C:\WINDOWS\System32\wmi.dll - ok
11:05:21.0420 3044 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
11:05:21.0420 3044 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
11:05:21.0436 3044 [ 1BCE2C02487972FF0D5E6702D79E7A75 ] C:\Program Files\7-Zip\7zFM.exe
11:05:21.0436 3044 C:\Program Files\7-Zip\7zFM.exe - ok
11:05:21.0436 3044 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\WINDOWS\System32\riched20.dll
11:05:21.0436 3044 C:\WINDOWS\System32\riched20.dll - ok
11:05:21.0436 3044 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\WINDOWS\System32\dimsjob.dll
11:05:21.0436 3044 C:\WINDOWS\System32\dimsjob.dll - ok
11:05:21.0451 3044 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\WINDOWS\System32\pautoenr.dll
11:05:21.0451 3044 C:\WINDOWS\System32\pautoenr.dll - ok
11:05:21.0451 3044 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\WINDOWS\System32\certcli.dll
11:05:21.0451 3044 C:\WINDOWS\System32\certcli.dll - ok
11:05:21.0467 3044 [ 1ED2124313CCE34C877247574212EFC8 ] C:\WINDOWS\System32\calc.exe
11:05:21.0467 3044 C:\WINDOWS\System32\calc.exe - ok
11:05:21.0467 3044 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\WINDOWS\System32\framedynos.dll
11:05:21.0467 3044 C:\WINDOWS\System32\framedynos.dll - ok
11:05:21.0467 3044 [ 338104E0E18307CD65604FE317B5FB8D ] C:\WINDOWS\System32\mblctr.exe
11:05:21.0467 3044 C:\WINDOWS\System32\mblctr.exe - ok
11:05:21.0482 3044 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\WINDOWS\System32\CertEnroll.dll
11:05:21.0482 3044 C:\WINDOWS\System32\CertEnroll.dll - ok
11:05:21.0482 3044 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\WINDOWS\System32\security.dll
11:05:21.0482 3044 C:\WINDOWS\System32\security.dll - ok
11:05:21.0482 3044 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\WINDOWS\System32\dssenh.dll
11:05:21.0482 3044 C:\WINDOWS\System32\dssenh.dll - ok
11:05:21.0498 3044 [ B1AFF0B6DED627A1D22A6817DD58AC0F ] C:\WINDOWS\System32\NetProj.exe
11:05:21.0498 3044 C:\WINDOWS\System32\NetProj.exe - ok
11:05:21.0498 3044 [ A577868F76CEE16D6A82625FD55F379A ] C:\WINDOWS\System32\NetProjW.dll
11:05:21.0498 3044 C:\WINDOWS\System32\NetProjW.dll - ok
11:05:21.0514 3044 [ 7D1A10A1F3562CCA1FD38E9BADA8FEC0 ] C:\WINDOWS\System32\perfos.dll
11:05:21.0514 3044 C:\WINDOWS\System32\perfos.dll - ok
11:05:21.0514 3044 [ 694AF8B27C9A0A99399E02CE977F986B ] C:\WINDOWS\System32\mspaint.exe
11:05:21.0514 3044 C:\WINDOWS\System32\mspaint.exe - ok
11:05:21.0514 3044 [ 16FEE292E95EDC274385103E6B498019 ] C:\WINDOWS\System32\mstsc.exe
11:05:21.0514 3044 C:\WINDOWS\System32\mstsc.exe - ok
11:05:21.0529 3044 [ E80DB295132C5EF0C623935422BD0FC7 ] C:\WINDOWS\System32\SnippingTool.exe
11:05:21.0529 3044 C:\WINDOWS\System32\SnippingTool.exe - ok
11:05:21.0529 3044 [ 248F33A6C2380757BC1E20E34D9E827B ] C:\WINDOWS\System32\SoundRecorder.exe
11:05:21.0529 3044 C:\WINDOWS\System32\SoundRecorder.exe - ok
11:05:21.0545 3044 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\WINDOWS\System32\mobsync.exe
11:05:21.0545 3044 C:\WINDOWS\System32\mobsync.exe - ok
11:05:21.0545 3044 [ 19D0FC69D4E68D5CE2E4B34940529727 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
11:05:21.0545 3044 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
11:05:21.0545 3044 [ 105A4D87C8DCF2CF5DB042830B203E5F ] C:\WINDOWS\Speech\Common\sapisvr.exe
11:05:21.0545 3044 C:\WINDOWS\Speech\Common\sapisvr.exe - ok
11:05:21.0560 3044 [ 9AD8AEAAB3EB89277AF1DDF31B14F90F ] C:\WINDOWS\System32\Speech\SpeechUX\sapi.cpl
11:05:21.0560 3044 C:\WINDOWS\System32\Speech\SpeechUX\sapi.cpl - ok
11:05:21.0560 3044 [ A623666C8A8EC9A57DCA07915A3F1EC6 ] C:\WINDOWS\System32\sdclt.exe
11:05:21.0560 3044 C:\WINDOWS\System32\sdclt.exe - ok
11:05:21.0576 3044 [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\WINDOWS\System32\charmap.exe
11:05:21.0576 3044 C:\WINDOWS\System32\charmap.exe - ok
11:05:21.0576 3044 [ 2327C11B043FCEB80BE00CC8D077E9AA ] C:\WINDOWS\System32\dfrgui.exe
11:05:21.0576 3044 C:\WINDOWS\System32\dfrgui.exe - ok
11:05:21.0576 3044 [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\WINDOWS\System32\cleanmgr.exe
11:05:21.0576 3044 C:\WINDOWS\System32\cleanmgr.exe - ok
11:05:21.0592 3044 [ FBF628702A408977FEB0845D48F4F154 ] C:\WINDOWS\System32\migwiz\migwiz.exe
11:05:21.0592 3044 C:\WINDOWS\System32\migwiz\migwiz.exe - ok
11:05:21.0592 3044 [ D3D1CE8FF30786D50272DA3085149904 ] C:\WINDOWS\System32\msinfo32.exe
11:05:21.0592 3044 C:\WINDOWS\System32\msinfo32.exe - ok
11:05:21.0607 3044 [ 95D5AC5CCBE10E8B4B8A0DF41022568D ] C:\WINDOWS\System32\rstrui.exe
11:05:21.0607 3044 C:\WINDOWS\System32\rstrui.exe - ok
11:05:21.0607 3044 [ B13A8D6F708AA2034A9DE0979F81D890 ] C:\WINDOWS\System32\miguiresource.dll
11:05:21.0607 3044 C:\WINDOWS\System32\miguiresource.dll - ok
11:05:21.0607 3044 [ C9B520028498E5DA23651619F8A556D4 ] C:\WINDOWS\System32\StikyNot.exe
11:05:21.0607 3044 C:\WINDOWS\System32\StikyNot.exe - ok
11:05:21.0623 3044 [ 7122B0AA2212B07BBFC49BD22215BF3B ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
11:05:21.0623 3044 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok
11:05:21.0623 3044 [ C20436B4F0596ACD5569749206F99265 ] C:\Program Files\Windows Journal\Journal.exe
11:05:21.0623 3044 C:\Program Files\Windows Journal\Journal.exe - ok
11:05:21.0638 3044 [ 36B6F71B6D7D280302B348145DB05A9F ] C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell_ise.exe
11:05:21.0638 3044 C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok
11:05:21.0638 3044 [ DF4217DDB34A0B73DC7AAC7829371C0C ] C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe
11:05:21.0638 3044 C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe - ok
11:05:21.0638 3044 [ 4CAAD229A00C0DEFFF51841AE2B93B46 ] C:\WINDOWS\System32\WindowsPowerShell\v1.0\pwrshmsg.dll
11:05:21.0638 3044 C:\WINDOWS\System32\WindowsPowerShell\v1.0\pwrshmsg.dll - ok
11:05:21.0654 3044 [ 2CB350B72FEA6FB5A010099A4444B636 ] C:\WINDOWS\System32\mycomput.dll
11:05:21.0654 3044 C:\WINDOWS\System32\mycomput.dll - ok
11:05:21.0654 3044 [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\WINDOWS\System32\odbcad32.exe
11:05:21.0654 3044 C:\WINDOWS\System32\odbcad32.exe - ok
11:05:21.0670 3044 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\WINDOWS\System32\odbcint.dll
11:05:21.0670 3044 C:\WINDOWS\System32\odbcint.dll - ok
11:05:21.0670 3044 [ 39560DCA50F0564F80A5929C4FD40774 ] C:\Program Files\Nikon\Nikon Message Center 2\MCARecLib.dll
11:05:21.0670 3044 C:\Program Files\Nikon\Nikon Message Center 2\MCARecLib.dll - ok
11:05:21.0670 3044 [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\WINDOWS\System32\iscsicpl.exe
11:05:21.0670 3044 C:\WINDOWS\System32\iscsicpl.exe - ok
11:05:21.0685 3044 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\WINDOWS\System32\wbem\NCProv.dll
11:05:21.0685 3044 C:\WINDOWS\System32\wbem\NCProv.dll - ok
11:05:21.0685 3044 [ F84D0B1B90404D0A27E86F159FBDAC81 ] C:\WINDOWS\System32\iscsicpl.dll
11:05:21.0685 3044 C:\WINDOWS\System32\iscsicpl.dll - ok
11:05:21.0701 3044 [ 8D865A3E7E2C78317EDE4EAE8316284F ] C:\WINDOWS\System32\MdSched.exe
11:05:21.0701 3044 C:\WINDOWS\System32\MdSched.exe - ok
11:05:21.0701 3044 [ 1959E5AAEE0D988C10F19CEC7DFF2242 ] C:\WINDOWS\System32\wdc.dll
11:05:21.0701 3044 C:\WINDOWS\System32\wdc.dll - ok
11:05:21.0701 3044 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\WINDOWS\System32\wbem\wbemcons.dll
11:05:21.0701 3044 C:\WINDOWS\System32\wbem\wbemcons.dll - ok
11:05:21.0716 3044 [ 90438B514A5AC6A23602484A907E20A7 ] C:\WINDOWS\System32\filemgmt.dll
11:05:21.0716 3044 C:\WINDOWS\System32\filemgmt.dll - ok
11:05:21.0716 3044 [ 7629E9BB2FF06EACA62580A2C1D4FE6A ] C:\WINDOWS\System32\msconfig.exe
11:05:21.0716 3044 C:\WINDOWS\System32\msconfig.exe - ok
11:05:21.0732 3044 [ 0ADED25D371AE14665CE514E413988E7 ] C:\WINDOWS\System32\AuthFWGP.dll
11:05:21.0732 3044 C:\WINDOWS\System32\AuthFWGP.dll - ok
11:05:21.0732 3044 [ 475DF5742BC3151428DAFFF449910FFE ] C:\Program Files\Adobe Media Player\Adobe Media Player.exe
11:05:21.0732 3044 C:\Program Files\Adobe Media Player\Adobe Media Player.exe - ok
11:05:21.0732 3044 [ 1216C1BCA79B3D2B89D4F32C47175753 ] C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe
11:05:21.0732 3044 C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe - ok
11:05:21.0748 3044 [ 22CA9BB95AC4153E014584B18F0569A8 ] C:\Program Files\Mozilla Firefox\mozglue.dll
11:05:21.0748 3044 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
11:05:21.0748 3044 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
11:05:21.0748 3044 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
11:05:21.0748 3044 [ 16E2E44C4EC4B22BFB925508D22DD37B ] C:\Program Files\Mozilla Firefox\nspr4.dll
11:05:21.0748 3044 C:\Program Files\Mozilla Firefox\nspr4.dll - ok
11:05:21.0763 3044 [ E0BA6578EED3E9035955D690E271EF4B ] C:\Program Files\Mozilla Firefox\mozjs.dll
11:05:21.0763 3044 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
11:05:21.0763 3044 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
11:05:21.0763 3044 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
11:05:21.0779 3044 [ 8C41E308B8B6F2C1DFFD8293C724900E ] C:\Program Files\Mozilla Firefox\nssutil3.dll
11:05:21.0779 3044 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
11:05:21.0779 3044 [ C171D1C50118976EFDB66D2EAE4BC470 ] C:\Program Files\Mozilla Firefox\plc4.dll
11:05:21.0779 3044 C:\Program Files\Mozilla Firefox\plc4.dll - ok
11:05:21.0779 3044 [ 92B9E0393145FDA7B8A159A3EC32E3E7 ] C:\Program Files\Mozilla Firefox\plds4.dll
11:05:21.0779 3044 C:\Program Files\Mozilla Firefox\plds4.dll - ok
11:05:21.0794 3044 [ 18BE75843430C4F05AC060AE4D574A6B ] C:\Program Files\Mozilla Firefox\nss3.dll
11:05:21.0794 3044 C:\Program Files\Mozilla Firefox\nss3.dll - ok
11:05:21.0794 3044 [ 193FCD8A8ED27A6FF02E073C536C06AA ] C:\Program Files\Mozilla Firefox\smime3.dll
11:05:21.0794 3044 C:\Program Files\Mozilla Firefox\smime3.dll - ok
11:05:21.0810 3044 [ 0176B178B0ABE6AB25FE42326C64559A ] C:\Program Files\Mozilla Firefox\ssl3.dll
11:05:21.0810 3044 C:\Program Files\Mozilla Firefox\ssl3.dll - ok
11:05:21.0810 3044 [ 12BBEBAD91CF6374E94F737E6DB0C507 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
11:05:21.0810 3044 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
11:05:21.0810 3044 [ 93472AF8EFB1E63DFBF2F74BE0BD4033 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
11:05:21.0810 3044 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
11:05:21.0826 3044 [ 9AD324B5AF7F7EEDF0E3F28D3B6C5973 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
11:05:21.0826 3044 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
11:05:21.0826 3044 [ DD6EED8F1EA31FA36B8247F97E807968 ] C:\Program Files\Mozilla Firefox\xul.dll
11:05:21.0826 3044 C:\Program Files\Mozilla Firefox\xul.dll - ok
11:05:21.0841 3044 [ 17BCF928D9183CBEDDF95BAA4B83AD27 ] C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe
11:05:21.0841 3044 C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe - ok
11:05:21.0841 3044 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\WINDOWS\System32\msdmo.dll
11:05:21.0841 3044 C:\WINDOWS\System32\msdmo.dll - ok
11:05:21.0841 3044 [ D9BCB480F298718F38C45B3DDEBF0DA7 ] C:\Program Files\Mozilla Firefox\xpcom.dll
11:05:21.0841 3044 C:\Program Files\Mozilla Firefox\xpcom.dll - ok
11:05:21.0857 3044 [ B326F15FEAA40BEE1B2C1CB717CB42DF ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
11:05:21.0857 3044 C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
11:05:21.0857 3044 [ 0561B0B6442F596548C1FE9CB885DF83 ] C:\Program Files\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe
11:05:21.0857 3044 C:\Program Files\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe - ok
11:05:21.0872 3044 [ BFA034AAC103D8A6F591AC9364688339 ] C:\WINDOWS\System32\t2embed.dll
11:05:21.0872 3044 C:\WINDOWS\System32\t2embed.dll - ok
11:05:21.0872 3044 [ DCBC61C33A1BBE0D9C9101C4C529BC72 ] C:\Program Files\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe
11:05:21.0872 3044 C:\Program Files\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe - ok
11:05:21.0872 3044 [ 98BCE5A36F3D6A0B34507D5D9921B257 ] C:\Program Files\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe
11:05:21.0872 3044 C:\Program Files\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe - ok
11:05:21.0888 3044 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\WINDOWS\System32\mscms.dll
11:05:21.0888 3044 C:\WINDOWS\System32\mscms.dll - ok
11:05:21.0888 3044 [ 66FC543011314B0DA6FC240C31A2C58E ] C:\Program Files\Mozilla Firefox\softokn3.dll
11:05:21.0888 3044 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
11:05:21.0904 3044 [ A10F1B5754D53DA13C43AB3A174177BF ] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2RuleLibrary.dll
11:05:21.0904 3044 C:\Program Files\Nikon\Nikon Message Center 2\NkMC2RuleLibrary.dll - ok
11:05:21.0904 3044 [ 4681163B5282A9F83B88570989306925 ] C:\Program Files\NCH Swift Sound\Slice\slice.exe
11:05:21.0904 3044 C:\Program Files\NCH Swift Sound\Slice\slice.exe - ok
11:05:21.0904 3044 [ 1D6B95871DC006190964B04E5657E35F ] C:\WINDOWS\System32\rastapi.dll
11:05:21.0904 3044 C:\WINDOWS\System32\rastapi.dll - ok
11:05:21.0919 3044 [ 131F7B10411507306D3049D19E86F97B ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
11:05:21.0919 3044 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
11:05:21.0919 3044 [ 279BF886819E8679BE77B2BB81A400C8 ] C:\Program Files\Mozilla Firefox\freebl3.dll
11:05:21.0919 3044 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
11:05:21.0935 3044 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\WINDOWS\System32\unimdm.tsp
11:05:21.0935 3044 C:\WINDOWS\System32\unimdm.tsp - ok
11:05:21.0935 3044 [ 9AFBC017FDD2D1F2120F14BE0C38B00C ] C:\Program Files\Mozilla Firefox\nssckbi.dll
11:05:21.0935 3044 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
11:05:21.0950 3044 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\WINDOWS\System32\uniplat.dll
11:05:21.0950 3044 C:\WINDOWS\System32\uniplat.dll - ok
11:05:21.0950 3044 [ 0B71899E60D1265229BF3D080EAB573D ] C:\WINDOWS\System32\unimdmat.dll
11:05:21.0950 3044 C:\WINDOWS\System32\unimdmat.dll - ok
11:05:21.0950 3044 [ 2E837F3D406224DF131C34BC8F71621E ] C:\WINDOWS\System32\modemui.dll
11:05:21.0950 3044 C:\WINDOWS\System32\modemui.dll - ok
11:05:21.0966 3044 [ FBDEFE6421B3919C70E9B6EFF050CA4F ] C:\Program Files\Becker Professional Education\CPA 2013\BPESelfStudy.exe
11:05:21.0966 3044 C:\Program Files\Becker Professional Education\CPA 2013\BPESelfStudy.exe - ok
11:05:21.0966 3044 [ 953193A9DEA40348C1086D171F6440AE ] C:\WINDOWS\System32\kmddsp.tsp
11:05:21.0966 3044 C:\WINDOWS\System32\kmddsp.tsp - ok
11:05:21.0982 3044 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\WINDOWS\System32\ndptsp.tsp
11:05:21.0982 3044 C:\WINDOWS\System32\ndptsp.tsp - ok
11:05:21.0982 3044 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\WINDOWS\System32\hidphone.tsp
11:05:21.0982 3044 C:\WINDOWS\System32\hidphone.tsp - ok
11:05:21.0982 3044 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\WINDOWS\System32\rasppp.dll
11:05:21.0982 3044 C:\WINDOWS\System32\rasppp.dll - ok
11:05:21.0997 3044 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\WINDOWS\System32\rasqec.dll
11:05:21.0997 3044 C:\WINDOWS\System32\rasqec.dll - ok
11:05:21.0997 3044 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\WINDOWS\System32\raschap.dll
11:05:21.0997 3044 C:\WINDOWS\System32\raschap.dll - ok
11:05:21.0997 3044 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\WINDOWS\System32\rastls.dll
11:05:21.0997 3044 C:\WINDOWS\System32\rastls.dll - ok
11:05:22.0013 3044 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\WINDOWS\System32\cryptui.dll
11:05:22.0013 3044 C:\WINDOWS\System32\cryptui.dll - ok
11:05:22.0013 3044 [ D2B01C4A3F97F4C73E1704B90CE67888 ] C:\WINDOWS\Installer\{21548F9B-1132-474C-968C-EC197316529C}\NewShortcut1_F6431E96B76D42449B9F88DFF9FE80FB.exe
11:05:22.0013 3044 C:\WINDOWS\Installer\{21548F9B-1132-474C-968C-EC197316529C}\NewShortcut1_F6431E96B76D42449B9F88DFF9FE80FB.exe - ok
11:05:22.0028 3044 [ C559672F31ABE6BA7277DD73C4502238 ] C:\WINDOWS\System32\msiexec.exe
11:05:22.0028 3044 C:\WINDOWS\System32\msiexec.exe - ok
11:05:22.0028 3044 [ 626F198768F67A0FEB3AD909E638F551 ] C:\WINDOWS\System32\WindowsAnytimeUpgrade.exe
11:05:22.0028 3044 C:\WINDOWS\System32\WindowsAnytimeUpgrade.exe - ok
11:05:22.0044 3044 [ 554BF617B3BBE4F2F73BF201B05438DE ] C:\WINDOWS\System32\WindowsAnytimeUpgradeCPL.dll
11:05:22.0044 3044 C:\WINDOWS\System32\WindowsAnytimeUpgradeCPL.dll - ok
11:05:22.0044 3044 [ 9E03CFA327E6894FEDD5BBB2536366CE ] C:\Program Files\Nikon\Nikon Message Center 2\ProductInfoLib.dll
11:05:22.0044 3044 C:\Program Files\Nikon\Nikon Message Center 2\ProductInfoLib.dll - ok
11:05:22.0044 3044 [ 1D856E6E7490447FCFAA46E09A2BF9C9 ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
11:05:22.0044 3044 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
11:05:22.0060 3044 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
11:05:22.0060 3044 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
11:05:22.0060 3044 [ 5C988251C8D8C6427EA521F9006BE697 ] C:\Program Files\HP Games\onplay\onplay.exe
11:05:22.0060 3044 C:\Program Files\HP Games\onplay\onplay.exe - ok
11:05:22.0075 3044 [ 72B02491EDCAB1B9F8F03B6181B26F11 ] C:\Program Files\HP Games\My HP Game Console\GameConsole-wt.exe
11:05:22.0075 3044 C:\Program Files\HP Games\My HP Game Console\GameConsole-wt.exe - ok
11:05:22.0075 3044 [ 4304D04DFDAAE621171A2F955981016E ] C:\Program Files\Microsoft Games\Chess\Chess.exe
11:05:22.0075 3044 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
11:05:22.0091 3044 [ 21AD332BE723EFE40D9F32AD97BA8376 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
11:05:22.0091 3044 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
11:05:22.0091 3044 [ 9A75518600FBA10980EE94267CA98489 ] C:\WINDOWS\System32\gameux.dll
11:05:22.0091 3044 C:\WINDOWS\System32\gameux.dll - ok
11:05:22.0091 3044 [ 6ED28075D6D9E0C0464048A30432A142 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
11:05:22.0091 3044 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
11:05:22.0106 3044 [ EFF7DBEE92519EB96F70E1E31FDE7098 ] C:\Program Files\Microsoft Games\inkball\inkball.exe
11:05:22.0106 3044 C:\Program Files\Microsoft Games\inkball\inkball.exe - ok
11:05:22.0106 3044 [ 7A88900F2F11882FFCE3BF3D4EAEFB4B ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
11:05:22.0106 3044 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
11:05:22.0122 3044 [ C8C383E6AA546780B2AD3034D6F6ACEF ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
11:05:22.0122 3044 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
11:05:22.0122 3044 [ 3F903BDD206EB3C688651048B5E304E1 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
11:05:22.0122 3044 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
11:05:22.0122 3044 [ 07302F014858D038CB93CC349505D0E6 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
11:05:22.0122 3044 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
11:05:22.0138 3044 [ 401A203AB058DEC44BD44AA81BF2CB64 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
11:05:22.0138 3044 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
11:05:22.0138 3044 [ A963352EDFCC13E84741B578E23FDCCC ] C:\Program Files\Google\Google Earth\client\googleearth.exe
11:05:22.0138 3044 C:\Program Files\Google\Google Earth\client\googleearth.exe - ok
11:05:22.0153 3044 [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
11:05:22.0153 3044 C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
11:05:22.0153 3044 [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
11:05:22.0153 3044 C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe - ok
11:05:22.0169 3044 [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
11:05:22.0169 3044 C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe - ok
11:05:22.0169 3044 [ 3287AFFC2CB27F5AE72A679221AA2016 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
11:05:22.0169 3044 C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
11:05:22.0169 3044 [ 143F230DD975F2EE1862C8BC259A0480 ] C:\Program Files\Indiana University\Get Connected Engine 2.5\Get Connected Engine.exe
11:05:22.0169 3044 C:\Program Files\Indiana University\Get Connected Engine 2.5\Get Connected Engine.exe - ok
11:05:22.0184 3044 [ 4ADDBD46E633A1EEFD561F9E50850E23 ] C:\Program Files\iTunes\iTunes.exe
11:05:22.0184 3044 C:\Program Files\iTunes\iTunes.exe - ok
11:05:22.0184 3044 [ EC3D1A16E221E6B27850FDD278EB6929 ] C:\Program Files\QuickTime\QuickTimePlayer.exe
11:05:22.0184 3044 C:\Program Files\QuickTime\QuickTimePlayer.exe - ok
11:05:22.0200 3044 [ 394289FAEC0A43FAEA574588CB367018 ] C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
11:05:22.0200 3044 C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe - ok
11:05:22.0200 3044 [ 759F4FD42D4EF27B82AD706F9DE9B1A1 ] C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll
11:05:22.0200 3044 C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll - ok
11:05:22.0216 3044 [ 1700FDE70F0DAC00293837B7490A0D39 ] C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
11:05:22.0216 3044 C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax - ok
11:05:22.0216 3044 [ 80988E29B182D7C0B5D1D941F4EA3928 ] C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
11:05:22.0216 3044 C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax - ok
11:05:22.0216 3044 [ 4E0659A4EA24F86A93254C56D764677D ] C:\Program Files\K-Lite Codec Pack\unins000.exe
11:05:22.0216 3044 C:\Program Files\K-Lite Codec Pack\unins000.exe - ok
11:05:22.0231 3044 [ F455C95757E89ACF1DFF9FD68F91BF1C ] C:\Program Files\Common Files\LightScribe\LSLauncher.exe
11:05:22.0231 3044 C:\Program Files\Common Files\LightScribe\LSLauncher.exe - ok
11:05:22.0231 3044 [ D7D7C1AEBFD48476147C10E8A0A562D8 ] C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe
11:05:22.0231 3044 C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe - ok
11:05:22.0247 3044 [ E2E23061FE1314F857A8E16805E170D1 ] C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe
11:05:22.0247 3044 C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe - ok
11:05:22.0247 3044 [ 6DE8F3D91387412AC2E869FFA0F6ABA6 ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
11:05:22.0247 3044 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe - ok
11:05:22.0262 3044 [ A664E1973A6DAE364E56FA97B64F4E18 ] C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\NewShortcut1_FE82206EF6124B479F4EDD27A1E056A4.exe
11:05:22.0262 3044 C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\NewShortcut1_FE82206EF6124B479F4EDD27A1E056A4.exe - ok
11:05:22.0262 3044 [ 5F26E4C71E2B7F414962848C7FAFB08F ] C:\Program Files\LightScribeTemplateLabeler\TemplateLabeler.exe
11:05:22.0262 3044 C:\Program Files\LightScribeTemplateLabeler\TemplateLabeler.exe - ok
11:05:22.0262 3044 [ D66C2A1A1A896FC75A44F6189D327523 ] C:\WINDOWS\Installer\{305D4B08-5807-4475-B1C8-D54685534864}\NewShortcut1_3BC5BC30773746439FA3047F389574CE.exe
11:05:22.0262 3044 C:\WINDOWS\Installer\{305D4B08-5807-4475-B1C8-D54685534864}\NewShortcut1_3BC5BC30773746439FA3047F389574CE.exe - ok
11:05:22.0278 3044 [ D18F91F3916565134AF8138DF912C461 ] C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\LightScribeWebsite_9607541794D946E89D5752F753E35CC4.exe
11:05:22.0278 3044 C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\LightScribeWebsite_9607541794D946E89D5752F753E35CC4.exe - ok
11:05:22.0278 3044 [ D18F91F3916565134AF8138DF912C461 ] C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\QuickDemoUrl_E9752251A5AD4678977047FD65566D18.exe
11:05:22.0278 3044 C:\WINDOWS\Installer\{004C5DA2-2051-4D25-94BA-51CF810C91EB}\QuickDemoUrl_E9752251A5AD4678977047FD65566D18.exe - ok
11:05:22.0294 3044 [ A5CBDC87E694154F90DBA134733E7E8B ] C:\WINDOWS\System32\brcpl.dll
11:05:22.0294 3044 C:\WINDOWS\System32\brcpl.dll - ok
11:05:22.0294 3044 [ BF899F57858B8C6F162D9EEB2370641C ] C:\WINDOWS\System32\wercon.exe
11:05:22.0294 3044 C:\WINDOWS\System32\wercon.exe - ok
11:05:22.0294 3044 [ 3141224EEBA075BC085175E60CD14782 ] C:\WINDOWS\System32\msra.exe
11:05:22.0294 3044 C:\WINDOWS\System32\msra.exe - ok
11:05:22.0309 3044 [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
11:05:22.0309 3044 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
11:05:22.0309 3044 [ B68770B9ED42428A11DE53796EC46BB0 ] C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
11:05:22.0309 3044 C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe - ok
11:05:22.0325 3044 [ F4977AA4F0C2D1A0444BC2D300959CB0 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
11:05:22.0325 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe - ok
11:05:22.0325 3044 [ 10EE09FE06FDA85B05B78873BAD66AD0 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
11:05:22.0325 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok
11:05:22.0325 3044 [ 6460C048642E585A2152534494E76C25 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
11:05:22.0325 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - ok
11:05:22.0340 3044 [ E12ABD7A0E2558A7A3AD6EEFE709D42C ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
11:05:22.0340 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe - ok
11:05:22.0340 3044 [ E9FEE7B0D843D565A89ED7791DCE3642 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
11:05:22.0340 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe - ok
11:05:22.0356 3044 [ 4E7C3166C3F414CA1E4CCA96168B68AB ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
11:05:22.0356 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe - ok
11:05:22.0356 3044 [ 9685BF8B3CF2CF3FD437E2DC32112D64 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
11:05:22.0356 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe - ok
11:05:22.0372 3044 [ DA3E705680312F2483F04CF667926B69 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
11:05:22.0372 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe - ok
11:05:22.0372 3044 [ 1818D024AB938E05C2D97A0B1C1004BC ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
11:05:22.0372 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
11:05:22.0372 3044 [ D75E7F29044AC6713AEABE3936490D30 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
11:05:22.0372 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe - ok
11:05:22.0387 3044 [ E85D3155D40F86279E6A5A3489ACC095 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
11:05:22.0387 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe - ok
11:05:22.0387 3044 [ 0AE8BFCD467ED749575EBF2A5CC7E732 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
11:05:22.0387 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe - ok
11:05:22.0403 3044 [ B61315F9701F911648524F77308899A5 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
11:05:22.0403 3044 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe - ok
11:05:22.0403 3044 [ 29431C7A28278A9EBF4FEF38DB61D86B ] C:\Program Files\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe
11:05:22.0403 3044 C:\Program Files\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe - ok
11:05:22.0418 3044 [ EFC376FDA886DF2652B34D153D019F0C ] C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
11:05:22.0418 3044 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - ok
11:05:22.0418 3044 [ 206EE4B42D11585EB53C47FB69F69E54 ] C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
11:05:22.0418 3044 C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe - ok
11:05:22.0418 3044 [ AFDAE59FE562A7CDB44F9D4ABEDAC316 ] C:\Program Files\QuickTime\QTSystem\QTCF.dll
11:05:22.0418 3044 C:\Program Files\QuickTime\QTSystem\QTCF.dll - ok
11:05:22.0434 3044 [ 8BC00165083171F8DE760AE39D76D003 ] C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe
11:05:22.0434 3044 C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe - ok
11:05:22.0434 3044 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\WINDOWS\System32\SearchProtocolHost.exe
11:05:22.0434 3044 C:\WINDOWS\System32\SearchProtocolHost.exe - ok
11:05:22.0450 3044 [ 528DA0632ACC3EC0DABF0EE8F1DD5C20 ] C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe
11:05:22.0450 3044 C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe - ok
11:05:22.0450 3044 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\WINDOWS\System32\msshooks.dll
11:05:22.0450 3044 C:\WINDOWS\System32\msshooks.dll - ok
11:05:22.0450 3044 [ 771AF583BC58373A84496CCD52C36E33 ] C:\WINDOWS\System32\mssvp.dll
11:05:22.0450 3044 C:\WINDOWS\System32\mssvp.dll - ok
11:05:22.0465 3044 [ 08BC7211E4E06A47CAC85D5A73D006E2 ] C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
11:05:22.0465 3044 C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe - ok
11:05:22.0465 3044 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\WINDOWS\System32\mapi32.dll
11:05:22.0465 3044 C:\WINDOWS\System32\mapi32.dll - ok
11:05:22.0481 3044 [ 351319EF11C263C95FB721AC76F436D6 ] C:\WINDOWS\System32\mssph.dll
11:05:22.0481 3044 C:\WINDOWS\System32\mssph.dll - ok
11:05:22.0481 3044 [ 14FC8F36BF4AC96DEFFD5602D90B3DE6 ] C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL
11:05:22.0481 3044 C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL - ok
11:05:22.0481 3044 [ 9C88AF1E803B3DCBCD83DF5F9AE921BA ] C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL
11:05:22.0481 3044 C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL - ok
11:05:22.0496 3044 [ 5C373483418D410C75BD3E53FEEC9070 ] C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
11:05:22.0496 3044 C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe - ok
11:05:22.0496 3044 [ B5EED5E000DDA3610A341EFB422A2B17 ] C:\Program Files\Mp3tag\Mp3tag.exe
11:05:22.0496 3044 C:\Program Files\Mp3tag\Mp3tag.exe - ok
11:05:22.0512 3044 [ 554446B4C9B3FD663F183F77FC74E7CA ] C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
11:05:22.0512 3044 C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL - ok
11:05:22.0512 3044 [ 5B057197ABA3D7DA2265000AE03ECDC2 ] C:\WINDOWS\System32\msfeeds.dll
11:05:22.0512 3044 C:\WINDOWS\System32\msfeeds.dll - ok
11:05:22.0512 3044 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\WINDOWS\System32\SearchFilterHost.exe
11:05:22.0512 3044 C:\WINDOWS\System32\SearchFilterHost.exe - ok
11:05:22.0528 3044 [ BA959CCC44CCFE0E532D8870AC711826 ] C:\Program Files\Mp3tag\Mp3tagUninstall.exe
11:05:22.0528 3044 C:\Program Files\Mp3tag\Mp3tagUninstall.exe - ok
11:05:22.0528 3044 [ D88A8C9361D1AB68AADBD0E183CCC8E5 ] C:\Program Files\Neat Image for Photoshop\unins000.exe
11:05:22.0528 3044 C:\Program Files\Neat Image for Photoshop\unins000.exe - ok
11:05:22.0543 3044 [ E0FF38D8C01B52F8AF07B43FCA182A5F ] C:\WINDOWS\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\NewShortcut1_205DE669FE4D464586AB7C8893422164.exe
11:05:22.0543 3044 C:\WINDOWS\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\NewShortcut1_205DE669FE4D464586AB7C8893422164.exe - ok
11:05:22.0543 3044 [ 928DA6D3AA629966F0DB510EFDF67340 ] C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe
11:05:22.0543 3044 C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe - ok
11:05:22.0543 3044 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\libcurl.dll
11:05:22.0543 3044 C:\Program Files\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
11:05:22.0559 3044 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\libeay32.dll
11:05:22.0559 3044 C:\Program Files\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
11:05:22.0559 3044 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
11:05:22.0559 3044 C:\Program Files\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
11:05:22.0574 3044 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\zlib1.dll
11:05:22.0574 3044 C:\Program Files\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
11:05:22.0574 3044 [ E952C981228FFF5C014CFB7C6D82EE65 ] C:\Program Files\Online Services\MSN90\msnsusii.exe
11:05:22.0574 3044 C:\Program Files\Online Services\MSN90\msnsusii.exe - ok
11:05:22.0574 3044 [ 707A19FFC158ABA45F1CA94CB470A1C5 ] C:\Program Files\Online Services\MSN90\LaunchMsn.exe
11:05:22.0574 3044 C:\Program Files\Online Services\MSN90\LaunchMsn.exe - ok
11:05:22.0590 3044 [ AC4BE6114FEB2B225D92BAE8D11ACFE4 ] C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe
11:05:22.0590 3044 C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe - ok
11:05:22.0590 3044 [ AC4BE6114FEB2B225D92BAE8D11ACFE4 ] C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe
11:05:22.0590 3044 C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe - ok
11:05:22.0606 3044 [ 08A227BAF3DAD84C50B48658990CEB36 ] C:\Program Files\Opanda\IExif 2.3\IExif.exe
11:05:22.0606 3044 C:\Program Files\Opanda\IExif 2.3\IExif.exe - ok
11:05:22.0606 3044 [ 5F1A2D6D562B258B98B6801A3D3F020F ] C:\Program Files\Opanda\IExif 2.3\unins000.exe
11:05:22.0606 3044 C:\Program Files\Opanda\IExif 2.3\unins000.exe - ok
11:05:22.0621 3044 [ 5DC5AE84BB03D291893461018BD05D2A ] C:\Program Files\PC-Doctor 5 for Windows\pcdr5cuiw32.exe
11:05:22.0621 3044 C:\Program Files\PC-Doctor 5 for Windows\pcdr5cuiw32.exe - ok
11:05:22.0621 3044 [ FFF5FEC0C5C727D79F0A893DEAFBA564 ] C:\hp\support\HPSysInfo.exe
11:05:22.0621 3044 C:\hp\support\HPSysInfo.exe - ok
11:05:22.0621 3044 [ 9D5998D0D7D24708E31A52531BB6C3DD ] C:\WINDOWS\SMINST\CD Creator.exe
11:05:22.0621 3044 C:\WINDOWS\SMINST\CD Creator.exe - ok
11:05:22.0637 3044 [ 2DC7E2F210C4EB5EE8BEB486426DC6FC ] C:\WINDOWS\SMINST\Restore7.exe
11:05:22.0637 3044 C:\WINDOWS\SMINST\Restore7.exe - ok
11:05:22.0637 3044 [ B7AAE9122D432F079E1E711FFEF04D84 ] C:\hp\bin\MSOffice\MSOfficeTrialInstaller.exe
11:05:22.0637 3044 C:\hp\bin\MSOffice\MSOfficeTrialInstaller.exe - ok
11:05:22.0652 3044 [ 95B8A4245A6CD37D36E56FAE5A23E2B1 ] C:\hp\bin\MSOffice\setup.exe
11:05:22.0652 3044 C:\hp\bin\MSOffice\setup.exe - ok
11:05:22.0652 3044 [ BB4AD1CE37EF839C56FCAC7EB5BEB077 ] C:\WINDOWS\Installer\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}\New_Shortcut_6DB64B9A9BEB4D9E8CDEC7D0D1527938.exe
11:05:22.0652 3044 C:\WINDOWS\Installer\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}\New_Shortcut_6DB64B9A9BEB4D9E8CDEC7D0D1527938.exe - ok
11:05:22.0652 3044 [ FC9885C628714822933B908521FE8848 ] C:\Program Files\Nikon\ViewNX 2\ViewNX2.exe
11:05:22.0652 3044 C:\Program Files\Nikon\ViewNX 2\ViewNX2.exe - ok
11:05:22.0668 3044 [ 077295B004A59A0F1E0D866C5B9E69CB ] C:\WINDOWS\Installer\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}\NewShortcut1_1BE9964BBF2F417D8DBB2A848A542DBA.exe
11:05:22.0668 3044 C:\WINDOWS\Installer\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}\NewShortcut1_1BE9964BBF2F417D8DBB2A848A542DBA.exe - ok
11:05:22.0668 3044 [ 401441529DAAAFFFE710AC133163667B ] C:\Program Files\WinFF\unins000.exe
11:05:22.0668 3044 C:\Program Files\WinFF\unins000.exe - ok
11:05:22.0684 3044 [ 15CE03FC6FBD1F3D025030065CC37130 ] C:\Program Files\WinFF\winff.exe
11:05:22.0684 3044 C:\Program Files\WinFF\winff.exe - ok
11:05:22.0684 3044 [ D7B543ACAFEB87BC8C2DFAE195D18427 ] C:\Program Files\WinSCP\WinSCP.exe
11:05:22.0684 3044 C:\Program Files\WinSCP\WinSCP.exe - ok
11:05:22.0684 3044 [ 5905DF65EDFBEA7D0B47789EF03BC43C ] C:\Program Files\WinSCP\PuTTY\pageant.exe
11:05:22.0684 3044 C:\Program Files\WinSCP\PuTTY\pageant.exe - ok
11:05:22.0699 3044 [ D4571111030888F28CAB810720D98475 ] C:\Program Files\WinSCP\PuTTY\puttygen.exe
11:05:22.0699 3044 C:\Program Files\WinSCP\PuTTY\puttygen.exe - ok
11:05:22.0699 3044 [ A1D3F0482EBC17D87F5FD4C92E69CE6E ] C:\Program Files\Digiarty\WinX_DVD_Ripper\unins000.exe
11:05:22.0699 3044 C:\Program Files\Digiarty\WinX_DVD_Ripper\unins000.exe - ok
11:05:22.0715 3044 [ CD57C474AA8D04A97B42DE1135852A48 ] C:\Program Files\Digiarty\WinX_DVD_Ripper\WinX_DVD_Ripper.exe
11:05:22.0715 3044 C:\Program Files\Digiarty\WinX_DVD_Ripper\WinX_DVD_Ripper.exe - ok
11:05:22.0715 3044 [ BD206A63E0DCE289C623815D75E8DF60 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
11:05:22.0715 3044 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
11:05:22.0715 3044 [ 9730643AB698D3B7F19D9192E4D3E4B0 ] C:\Program Files\AVG\AVG2013\avgidpmx.dll
11:05:22.0715 3044 C:\Program Files\AVG\AVG2013\avgidpmx.dll - ok
11:05:22.0730 3044 [ DF3BF36F93945062B85B02EA408E716F ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
11:05:22.0730 3044 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
11:05:22.0730 3044 [ BE7C04C89126072D368D3DDCE0710985 ] C:\WINDOWS\System32\PhotoMetadataHandler.dll
11:05:22.0730 3044 C:\WINDOWS\System32\PhotoMetadataHandler.dll - ok
11:05:22.0746 3044 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\WINDOWS\System32\ntlanman.dll
11:05:22.0746 3044 C:\WINDOWS\System32\ntlanman.dll - ok
11:05:22.0746 3044 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\WINDOWS\System32\drprov.dll
11:05:22.0746 3044 C:\WINDOWS\System32\drprov.dll - ok
11:05:22.0746 3044 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\WINDOWS\System32\davclnt.dll
11:05:22.0746 3044 C:\WINDOWS\System32\davclnt.dll - ok
11:05:22.0762 3044 [ 90044039365B06CECDD8E347AC08BBAE ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
11:05:22.0762 3044 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
11:05:22.0762 3044 [ F1DDBF8D05F1700982ECFFEE05C2A821 ] C:\Program Files\Nikon\Nikon Message Center 2\Localization\EN\NkMC2Lang.dll
11:05:22.0762 3044 C:\Program Files\Nikon\Nikon Message Center 2\Localization\EN\NkMC2Lang.dll - ok
11:05:22.0777 3044 [ DE35D659575C700BA4E8E912671EA4BA ] C:\Program Files\AVG\AVG2013\avgdiagex.exe
11:05:22.0777 3044 C:\Program Files\AVG\AVG2013\avgdiagex.exe - ok
11:05:22.0777 3044 [ 751EEDB874FD17A6F26B9E2CC5E19170 ] C:\Program Files\AVG\AVG2013\avglngx.dll
11:05:22.0777 3044 C:\Program Files\AVG\AVG2013\avglngx.dll - ok
11:05:22.0777 3044 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\WINDOWS\System32\ddraw.dll
11:05:22.0777 3044 C:\WINDOWS\System32\ddraw.dll - ok
11:05:22.0793 3044 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\WINDOWS\System32\dciman32.dll
11:05:22.0793 3044 C:\WINDOWS\System32\dciman32.dll - ok
11:05:22.0793 3044 [ EB74C861075ECFA1B51B396615387657 ] C:\Program Files\AVG\AVG2013\avguires.dll
11:05:22.0793 3044 C:\Program Files\AVG\AVG2013\avguires.dll - ok
11:05:22.0808 3044 [ E6748A0ADC22F0595E31448CAC746D3F ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
11:05:22.0808 3044 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
11:05:22.0808 3044 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\WINDOWS\System32\NaturalLanguage6.dll
11:05:22.0808 3044 C:\WINDOWS\System32\NaturalLanguage6.dll - ok
11:05:22.0808 3044 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\WINDOWS\System32\NlsData0009.dll
11:05:22.0808 3044 C:\WINDOWS\System32\NlsData0009.dll - ok
11:05:22.0824 3044 [ 3491B87C62D14768C7393C90EA57B02F ] C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
11:05:22.0824 3044 C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll - ok
11:05:22.0824 3044 [ 295363D4317820AED0D527E15B90A8ED ] C:\WINDOWS\System32\pdh.dll
11:05:22.0824 3044 C:\WINDOWS\System32\pdh.dll - ok
11:05:22.0824 3044 [ F7E915FA38C119101873AE5E0E7C8B66 ] C:\Program Files\AVG\AVG2013\avgapps.dll
11:05:22.0824 3044 C:\Program Files\AVG\AVG2013\avgapps.dll - ok
11:05:22.0840 3044 [ 3384D1961CE2698C29914F43A29EF823 ] C:\Program Files\iPod\bin\iPodService.exe
11:05:22.0840 3044 C:\Program Files\iPod\bin\iPodService.exe - ok
11:05:22.0840 3044 [ 2507C6E4CB6E4A335B63440331634A52 ] C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll
11:05:22.0840 3044 C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll - ok
11:05:22.0855 3044 [ 47FF3870703E514D5873E6007441455C ] C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.0.1\avgdttbx.dll
11:05:22.0855 3044 C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.0.1\avgdttbx.dll - ok
11:05:22.0855 3044 [ 48F8B49ADB3DBBDC0812672D844948C5 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
11:05:22.0855 3044 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
11:05:22.0871 3044 [ 8629B71343F61E1140243581C63BC0C7 ] C:\WINDOWS\System32\NlsLexicons0009.dll
11:05:22.0871 3044 C:\WINDOWS\System32\NlsLexicons0009.dll - ok
11:05:22.0871 3044 [ A93D1A852E9EEEBC759C7725C4F42C1E ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
11:05:22.0871 3044 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
11:05:22.0871 3044 [ 73B702923D1CB50E2CCB3A7C1EBD8F22 ] C:\WINDOWS\System32\WindowsCodecsExt.dll
11:05:22.0871 3044 C:\WINDOWS\System32\WindowsCodecsExt.dll - ok
11:05:22.0886 3044 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:05:22.0886 3044 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
11:05:22.0886 3044 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\System32\msvcr100_clr0400.dll
11:05:22.0886 3044 C:\WINDOWS\System32\msvcr100_clr0400.dll - ok
11:05:22.0902 3044 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\System32\mscoree.dll
11:05:22.0902 3044 C:\WINDOWS\System32\mscoree.dll - ok
11:05:22.0902 3044 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_en.dll
11:05:22.0902 3044 C:\Program Files\Google\Update\1.3.21.123\goopdateres_en.dll - ok
11:05:22.0902 3044 [ CB383AB0B8BA871D893B86D3C9A3ED9F ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
11:05:22.0902 3044 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
11:05:22.0918 3044 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
11:05:22.0918 3044 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
11:05:22.0918 3044 [ C42AE64F5DB6BC5E947B7E3E1B1E633E ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
11:05:22.0918 3044 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
11:05:22.0933 3044 [ 015A9D857726C083144CA352A273378A ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
11:05:22.0933 3044 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll - ok
11:05:22.0933 3044 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
11:05:22.0933 3044 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
11:05:22.0949 3044 [ 1E03BABB4D6CA5C27BD2C822F7F95788 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
11:05:22.0949 3044 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll - ok
11:05:22.0949 3044 [ 708A3BBDBFF717F678B64854B7BAF9D3 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
11:05:22.0949 3044 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll - ok
11:05:22.0949 3044 [ 5CAD3395A4720BF735836D125297229A ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
11:05:22.0949 3044 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll - ok
11:05:22.0964 3044 [ DD719E64D36D2E2E0A279845B898CDA4 ] C:\WINDOWS\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
11:05:22.0964 3044 C:\WINDOWS\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - ok
11:05:22.0964 3044 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\WINDOWS\System32\msdtckrm.dll
11:05:22.0964 3044 C:\WINDOWS\System32\msdtckrm.dll - ok
11:05:22.0964 3044 ============================================================
11:05:22.0964 3044 Scan finished
11:05:22.0964 3044 ============================================================
11:05:22.0980 3532 Detected object count: 5
11:05:22.0980 3532 Actual detected object count: 5
11:06:30.0234 3532 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:06:30.0234 3532 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:06:30.0234 3532 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:06:30.0234 3532 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:06:30.0234 3532 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:06:30.0234 3532 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:06:30.0234 3532 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:06:30.0234 3532 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:06:30.0234 3532 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:06:30.0234 3532 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#4
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
And here is the ComboFix:

ComboFix 13-01-29.01 - Brian 01/29/2013 12:06:52.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1894 [GMT -5:00]
Running from: c:\users\Brian\Desktop\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
C:\yisycw.pif
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-12-28 to 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 17:14 . 2013-01-29 17:17 -------- d-----w- c:\users\Brian\AppData\Local\temp
2013-01-28 21:59 . 2013-01-28 21:59 -------- d-----w- C:\_OTM
2013-01-26 16:18 . 2013-01-26 16:19 -------- d-----w- c:\users\Brian\AppData\Roaming\muvee Technologies
2013-01-26 02:29 . 2013-01-26 02:29 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes
2013-01-26 02:29 . 2013-01-26 02:29 -------- d-----w- c:\programdata\Malwarebytes
2013-01-26 02:29 . 2013-01-26 02:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-26 02:29 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-09 22:29 . 2013-01-09 22:29 -------- d-----w- c:\program files\Becker Professional Education
2013-01-09 22:29 . 2013-01-09 22:29 -------- d-----w- c:\programdata\Becker Professional Education
2013-01-08 04:11 . 2013-01-08 04:11 -------- d-----w- c:\users\Brian\AppData\Local\Apps
2013-01-08 04:11 . 2013-01-08 04:25 -------- d-----w- c:\users\Brian\AppData\Local\Deployment
2013-01-08 02:19 . 2013-01-08 02:19 -------- d-----w- c:\program files\Microsoft Silverlight
2013-01-04 04:05 . 2013-01-04 04:05 -------- d-----w- c:\users\Brian\AppData\Roaming\dvdcss
2013-01-04 04:04 . 2013-01-04 04:05 -------- d-----w- c:\users\Brian\AppData\Roaming\Digiarty
2013-01-04 04:04 . 2013-01-04 04:04 -------- d-----w- c:\program files\Digiarty
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-29 17:17 . 2013-01-29 17:17 103140 --sh--r- C:\jhrhs.pif
2012-12-17 02:10 . 2012-12-17 02:10 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-17 02:10 . 2012-12-17 02:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-17 02:10 . 2011-06-06 04:55 746984 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-10 03:11 . 2011-06-07 22:09 812496 ----a-w- c:\program files\Set-up.exe
2013-01-19 18:01 . 2013-01-19 18:01 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-12 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-12 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 109424]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 480256]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-05 421160]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 700928]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 334768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 13:11]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-27 00:19]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-27 00:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Locate Spot on Map by GPS - c:\program files\Opanda\IExif 2.3\IExifMap.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: View Exif/GPS/IPTC with IExif - c:\program files\Opanda\IExif 2.3\IExifCom.htm
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/advanced_search?hl=en
FF - ExtSQL: 2013-01-13 10:09; {b73ea464-ba8c-4b76-86e4-00eaf7b1b88d}; c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{b73ea464-ba8c-4b76-86e4-00eaf7b1b88d}.xpi
FF - ExtSQL: 2013-01-28 17:31; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: !HIDDEN! 2011-06-08 14:56; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-29 12:18
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3996)
c:\program files\WinSCP\DragExt.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\WUDFHost.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2013-01-29 12:24:39 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-29 17:24
.
Pre-Run: 234,400,702,464 bytes free
Post-Run: 234,813,825,024 bytes free
.
- - End Of File - - EAAA8D605B40E87AC37954F2F680865F
  • 0

#5
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi byron22,

Step 1

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.

Step 2

Please don't forget to include these items in your reply:

  • New OTL scan log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#6
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hello again. Here is my new OTL:

OTL logfile created on: 1/30/2013 1:11:53 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brian\Desktop\Netscape\Netscape
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 2.16 Gb Available Physical Memory | 75.34% Memory free
5.95 Gb Paging File | 5.33 Gb Available in Paging File | 89.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.59 Gb Total Space | 217.88 Gb Free Space | 47.82% Space Free | Partition Type: NTFS
Drive D: | 10.17 Gb Total Space | 1.36 Gb Free Space | 13.32% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/28 16:43:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\Netscape\Netscape\OTL.exe
PRC - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2009/04/10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/26 08:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/04/18 10:01:34 | 000,143,360 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/05/26 12:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - [2013/01/19 13:01:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/08 08:11:14 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/10/08 19:44:29 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/29 07:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/25 14:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/25 14:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/12/12 03:20:00 | 007,629,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/18 10:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/12 10:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {6DBD9950-6248-4720-9E5B-11E20447196D}
IE - HKLM\..\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{6DBD9950-6248-4720-9E5B-11E20447196D}: "URL" = http://search.yahoo....ing}&fr=hp-psdt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKCU\..\SearchScopes\{6DBD9950-6248-4720-9E5B-11E20447196D}: "URL" = http://search.yahoo....ing}&fr=hp-psdt
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...d_search?hl=en"
FF - prefs.js..extensions.enabledAddons: %7Bb73ea464-ba8c-4b76-86e4-00eaf7b1b88d%7D:3.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.95
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 13:01:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 13:01:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 13:01:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 13:01:10 | 000,000,000 | ---D | M]

[2011/06/06 00:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2013/01/28 17:31:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions
[2013/01/02 23:40:07 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2013/01/23 11:34:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/05/30 18:52:15 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/01/28 17:31:28 | 000,533,221 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/01/13 10:10:23 | 000,004,037 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{b73ea464-ba8c-4b76-86e4-00eaf7b1b88d}.xpi
[2013/01/19 13:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/19 13:01:16 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/08/30 17:59:33 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/13 12:11:37 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/01/29 12:16:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files\Opanda\IExif 2.3\IExifMap.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 2.3\IExifCom.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D673272-229C-46B3-8E44-6A872B1F279B}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/05 03:45:19 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/01/29 12:17:16 | 000,000,288 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/01/29 12:17:17 | 000,000,263 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/29 12:24:53 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/01/29 12:24:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\temp
[2013/01/29 12:16:36 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/01/29 12:01:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\Desktop\Desktop
[2013/01/29 11:34:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/01/29 11:34:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/01/29 11:34:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/01/29 11:31:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/29 11:30:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/29 10:58:33 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Brian\Desktop\TDSSKiller.exe
[2013/01/28 16:59:12 | 000,000,000 | ---D | C] -- C:\_OTM
[2013/01/26 11:19:02 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\My muvees
[2013/01/26 11:18:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\muvee Technologies
[2013/01/25 21:29:16 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Malwarebytes
[2013/01/25 21:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/25 21:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/25 21:29:12 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/25 21:29:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/19 13:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/09 17:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/01/09 17:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Becker's CPA Exam Review - 2013 Edition
[2013/01/09 17:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Becker Professional Education
[2013/01/09 17:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Becker Professional Education
[2013/01/07 23:11:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Apps
[2013/01/07 23:11:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Deployment
[2013/01/07 21:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/01/07 21:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/01/03 23:05:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\dvdcss
[2013/01/03 23:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Ripper
[2013/01/03 23:04:58 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Digiarty
[2013/01/03 23:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2011/06/07 17:09:30 | 000,812,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\Set-up.exe

========== Files - Modified Within 30 Days ==========

[2013/01/30 01:10:11 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/30 01:09:54 | 003,753,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/30 01:08:55 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/30 01:08:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/30 01:08:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/30 01:07:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/30 01:06:57 | 3085,324,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/30 00:44:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/29 23:56:34 | 000,002,595 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel 2010.lnk
[2013/01/29 23:47:38 | 000,002,637 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2013/01/29 12:17:17 | 000,103,140 | RHS- | M] () -- C:\jhrhs.pif
[2013/01/29 12:17:16 | 000,000,288 | RHS- | M] () -- C:\autorun.inf
[2013/01/29 12:16:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/01/29 10:58:39 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Brian\Desktop\TDSSKiller.exe
[2013/01/26 11:17:57 | 000,000,600 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\winscp.rnd
[2013/01/25 21:29:14 | 000,000,649 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/13 10:15:39 | 000,006,527 | ---- | M] () -- C:\Users\Brian\AppData\Local\b73ea464-ba8c-4b76-86e4-00eaf7b1b88d.crx
[2013/01/09 22:59:34 | 000,608,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/09 22:59:34 | 000,105,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/09 22:12:05 | 000,002,571 | ---- | M] () -- C:\Users\Brian\Desktop\Microsoft Excel 2010.lnk
[2013/01/09 17:29:52 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Becker's CPA Exam Review - 2013 Edition.lnk
[2013/01/07 12:47:09 | 000,083,456 | ---- | M] () -- C:\Users\Brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/03 23:05:00 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\WinX DVD Ripper.lnk

========== Files Created - No Company Name ==========

[2013/01/29 12:17:24 | 000,000,288 | RHS- | C] () -- C:\autorun.inf
[2013/01/29 12:17:16 | 000,103,140 | RHS- | C] () -- C:\jhrhs.pif
[2013/01/29 11:34:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/29 11:34:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/29 11:34:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/29 11:34:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/29 11:34:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/25 21:29:14 | 000,000,649 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/10 21:39:48 | 000,006,527 | ---- | C] () -- C:\Users\Brian\AppData\Local\b73ea464-ba8c-4b76-86e4-00eaf7b1b88d.crx
[2013/01/09 17:29:52 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Becker's CPA Exam Review - 2013 Edition.lnk
[2013/01/03 23:05:00 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\WinX DVD Ripper.lnk
[2012/10/08 19:44:29 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Internet Services
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Internet Plug-Ins
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Instrument Library
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\Users\Brian\AppData\Roaming\InkjetPrinter
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\Users\Brian\AppData\Roaming\Importer
[2012/04/14 09:46:22 | 000,000,268 | RH-- | C] () -- C:\Users\Brian\AppData\Roaming\Images
[2012/04/14 09:46:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/04/14 09:46:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/04/14 09:46:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/10/29 21:21:59 | 000,000,600 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\winscp.rnd
[2011/08/28 21:13:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/08/28 21:13:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/06/07 17:05:12 | 000,133,280 | ---- | C] () -- C:\Program Files\Creative Suite 5 Design Premium Read Me.pdf
[2011/06/06 23:55:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/06/06 19:54:57 | 000,083,456 | ---- | C] () -- C:\Users\Brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/06 01:02:31 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/06/06 00:28:56 | 000,000,680 | ---- | C] () -- C:\Users\Brian\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/27 19:22:05 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\AVG2013
[2011/10/31 22:05:13 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/01/03 23:05:06 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Digiarty
[2011/08/14 20:01:16 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\FireShot
[2012/08/07 10:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Foxit Software
[2012/08/23 21:31:03 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Mp3tag
[2013/01/26 11:19:09 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\muvee Technologies
[2011/11/08 23:52:26 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NCH Swift Sound
[2011/06/07 19:48:43 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NeatImage PS 32
[2012/04/14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Nikon
[2011/06/06 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Snapfish
[2011/06/22 21:58:59 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/09/27 18:55:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TuneUp Software
[2011/07/04 10:46:09 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\VitySoft
[2012/07/13 00:27:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WinFF

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D62C83D5

< End of report >
  • 0

#7
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
How is your system now? Problems?

This scan could take up to 5h to finish so please be patient.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#8
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Yeah the virus is still there redirecting my search results. I will run the scan and get back to you as soon as possible.
  • 0

#9
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Maliprog, this scan is only 20% through after about 23 hours of runtime. It is projected to finish in 3 days. 294 threats have been detected so far--identified as the Sality virus. I went through with 2 special disinfection procedures recommended by the software. They scanned for and disinfected active threats and rebooted my machine upon completion. I will keep running the scan and wait for further instructions, just wanted to give an update.

Edited by byron22, 30 January 2013 - 10:28 PM.

  • 0

#10
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts

.... 294 threats have been detected so far--identified as the Sality virus.


Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web.

There is no guarantee can be given that the system will be usable or safe after this cleanup.
For a file infector the best recommendation would be to reformat and reinstall, but the choice is yours.

If you wish to continue just let me know. VRT log will be very long so please try to ZIP it and attach it here for me.

To ZIP file:

  • Right-click that file, point to Send To, and then click Compressed (zipped) Folder.
  • A new compressed file is created.
  • Please attach that file in your next reply.
How to add an attachment to a new topic or reply
  • 0

Advertisements


#11
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I'd like to continue. Should I stop the scan or wait for it to finish in 4 days?
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I would personally like to do the scan. I hope it will finish the scan sooner then 4 days. That's just estimated time.

VRT will remove as much infection as it can and we will have cleaner system to work with.

Also please try to CLEAN (disinfection) infected files first, if you can't then QUARANTINE all files, don't DELETE them, because the system files could be infected too. If you remove system files there is great chance you won't be able to start your system again.
  • 0

#13
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Virus Removal log attached

Attached Files


  • 0

#14
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. VRT deleted a lot of executables. Let's try to kill this thing.

Step 1

The following programme may need to be run several times and no guarantee can be given

Download Sality Killer zip to your desktop and extract SalityKiller.exe

Run the utility SalityKiller.exe on the infected computer
A reboot might require after disinfection.

Download the file Sality_RegKeys.zip
unpack the file Sality_RegKeys.zip
run the file Disable_autorun.reg from the archive Sality_RegKeys.zip

Once the scan is over, from the archive Sality_RegKeys.zip run the file of the registry key:

under Windows 2000 run the registry file SafeBootWin200.reg
under Windows XP run the registry file SafeBootWinXP.reg
under Windows 2003 run the registry file SafeBootWinServer2003.reg
under Windows Vista / 2008 run the registry file SafebootVista.reg
under Windows 7 / 2008 R2 run the registry file SafebootWin7.reg


Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 3

Please don't forget to include these items in your reply:

  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#15
byron22

byron22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I couldn't run the registry file SafebootVista.reg. A message popped up that said "Not all data was successfully written to the registry. Some keys are open by the system or other processes."

-------------


ComboFix 13-01-30.04 - Brian 01/31/2013 5:00.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1856 [GMT -5:00]
Running from: c:\users\Brian\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-12-28 to 2013-01-31 )))))))))))))))))))))))))))))))
.
.
2013-01-31 10:08 . 2013-01-31 10:08 -------- d-----w- c:\users\Brian\AppData\Local\temp
2013-01-31 10:08 . 2013-01-31 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-31 07:27 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2013-01-31 07:26 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-31 07:13 . 2013-01-03 18:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-31 07:12 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2013-01-31 07:12 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2013-01-31 07:12 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-01-31 07:08 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-31 07:06 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2013-01-31 07:06 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-01-31 07:06 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-01-31 07:06 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-01-31 07:05 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-31 07:05 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-30 06:46 . 2013-01-30 06:46 -------- d-----w- c:\programdata\Kaspersky Lab
2013-01-30 05:52 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-30 05:52 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-30 05:38 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-01-30 05:38 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-28 21:59 . 2013-01-28 21:59 -------- d-----w- C:\_OTM
2013-01-26 16:18 . 2013-01-26 16:19 -------- d-----w- c:\users\Brian\AppData\Roaming\muvee Technologies
2013-01-26 02:29 . 2013-01-26 02:29 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes
2013-01-26 02:29 . 2013-01-26 02:29 -------- d-----w- c:\programdata\Malwarebytes
2013-01-26 02:29 . 2013-01-30 07:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-26 02:29 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-09 22:29 . 2013-01-09 22:29 -------- d-----w- c:\program files\Becker Professional Education
2013-01-09 22:29 . 2013-01-09 22:29 -------- d-----w- c:\programdata\Becker Professional Education
2013-01-08 04:11 . 2013-01-08 04:11 -------- d-----w- c:\users\Brian\AppData\Local\Apps
2013-01-08 04:11 . 2013-01-08 04:25 -------- d-----w- c:\users\Brian\AppData\Local\Deployment
2013-01-08 02:19 . 2013-01-08 02:19 -------- d-----w- c:\program files\Microsoft Silverlight
2013-01-04 04:05 . 2013-01-04 04:05 -------- d-----w- c:\users\Brian\AppData\Roaming\dvdcss
2013-01-04 04:04 . 2013-01-04 04:05 -------- d-----w- c:\users\Brian\AppData\Roaming\Digiarty
2013-01-04 04:04 . 2013-01-04 04:04 -------- d-----w- c:\program files\Digiarty
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-17 02:10 . 2012-12-17 02:10 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-17 02:10 . 2012-12-17 02:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-17 02:10 . 2011-06-06 04:55 746984 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-10 03:11 . 2011-06-07 22:09 812496 ----a-w- c:\program files\Set-up.exe
2013-01-19 18:01 . 2013-01-19 18:01 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-12 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-12 81920]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-05 421160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 13:11]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Locate Spot on Map by GPS - c:\program files\Opanda\IExif 2.3\IExifMap.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: View Exif/GPS/IPTC with IExif - c:\program files\Opanda\IExif 2.3\IExifCom.htm
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/advanced_search?hl=en
FF - ExtSQL: 2013-01-13 10:09; {b73ea464-ba8c-4b76-86e4-00eaf7b1b88d}; c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{b73ea464-ba8c-4b76-86e4-00eaf7b1b88d}.xpi
FF - ExtSQL: 2013-01-28 17:31; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\6yykqdrg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: !HIDDEN! 2011-06-08 14:56; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-7-Zip - c:\program files\7-Zip\Uninstall.exe
AddRemove-CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1 - c:\program files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe
AddRemove-HTC_WModemDriver - c:\program files\HTC\WModem_Installer\WModemDriver.exe
AddRemove-InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B} - c:\program files\InstallShield Installation Information\{6748E773-5DA0-4D19-8AA5-273B4133A09B}\setup.exe
AddRemove-InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} - c:\program files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe
AddRemove-IrfanView - c:\program files\IrfanView\iv_uninstall.exe
AddRemove-KLiteCodecPack_is1 - c:\program files\K-Lite Codec Pack\unins000.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\program files\Malwarebytes' Anti-Malware\unins000.exe
AddRemove-My HP Game Console - c:\program files\HP Games\My HP Game Console\Uninstall.exe
AddRemove-WildTangent hp Master Uninstall - c:\program files\HP Games\Uninstall.exe
AddRemove-WinX DVD Ripper_is1 - c:\program files\Digiarty\WinX_DVD_Ripper\unins000.exe
AddRemove-WT034695 - c:\program files\HP Games\Amazing Adventures The Lost Tomb\Uninstall.exe
AddRemove-WT034697 - c:\program files\HP Games\Blackhawk Striker 2\Uninstall.exe
AddRemove-WT034699 - c:\program files\HP Games\Blasterball 3\Uninstall.exe
AddRemove-WT034700 - c:\program files\HP Games\Boggle\Uninstall.exe
AddRemove-WT034703 - c:\program files\HP Games\Build-a-lot\Uninstall.exe
AddRemove-WT034710 - c:\program files\HP Games\Crystal Maze\Uninstall.exe
AddRemove-WT034711 - c:\program files\HP Games\Diner Dash Hometown Hero\Uninstall.exe
AddRemove-WT034712 - c:\program files\HP Games\Family Feud\Uninstall.exe
AddRemove-WT034713 - c:\program files\HP Games\FATE\Uninstall.exe
AddRemove-WT034718 - c:\program files\HP Games\Jewel Quest Solitaire 2\Uninstall.exe
AddRemove-WT034722 - c:\program files\HP Games\Luxor 3\Uninstall.exe
AddRemove-WT034724 - c:\program files\HP Games\Mah Jong Quest\Uninstall.exe
AddRemove-WT034725 - c:\program files\HP Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe
AddRemove-WT034728 - c:\program files\HP Games\Paradise Pet Salon\Uninstall.exe
AddRemove-WT034730 - c:\program files\HP Games\Penguins!\Uninstall.exe
AddRemove-WT034732 - c:\program files\HP Games\Pirateville\Uninstall.exe
AddRemove-WT034733 - c:\program files\HP Games\Plant Tycoon\Uninstall.exe
AddRemove-WT034734 - c:\program files\HP Games\Poker Superstars 2\Uninstall.exe
AddRemove-WT034735 - c:\program files\HP Games\Polar Bowler\Uninstall.exe
AddRemove-WT034736 - c:\program files\HP Games\Polar Golfer\Uninstall.exe
AddRemove-WT034742 - c:\program files\HP Games\Supercow\Uninstall.exe
AddRemove-WT034744 - c:\program files\HP Games\Tradewinds\Uninstall.exe
AddRemove-WT034747 - c:\program files\HP Games\Virtual Villagers - A New Home\Uninstall.exe
AddRemove-WT034748 - c:\program files\HP Games\Wedding Dash\Uninstall.exe
AddRemove-WT034943 - c:\program files\HP Games\Belle's Beauty Boutique\Uninstall.exe
AddRemove-WT035900 - c:\program files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe
AddRemove-WT035914 - c:\program files\HP Games\Zuma Deluxe\Uninstall.exe
AddRemove-{25175695-4B20-4298-9F34-C2C57CD277B3} - c:\program files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
AddRemove-{9F320B99-4F38-43F3-B51B-2242F458684F} - c:\program files\InstallShield Installation Information\{9F320B99-4F38-43F3-B51B-2242F458684F}\setup.exe
AddRemove-{A1BC7068-C1BA-410F-8B9A-DB807C803DE2} - c:\program files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
AddRemove-{E0810CC2-4B5B-4439-B1D0-452306AF2D64} - c:\program files\InstallShield Installation Information\{E0810CC2-4B5B-4439-B1D0-452306AF2D64}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-31 05:08
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-01-31 05:09:12
ComboFix-quarantined-files.txt 2013-01-31 10:09
ComboFix2.txt 2013-01-29 17:24
.
Pre-Run: 232,275,927,040 bytes free
Post-Run: 232,301,637,632 bytes free
.
- - End Of File - - CA5C335360CAD8B40F7C48F6B386D822
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP