Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus - blue screen - not sure which [Solved]


  • This topic is locked This topic is locked

#16
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
I would like you to send me a new scan from FRST again please
  • 0

Advertisements


#17
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
FRST scan log below

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 10 days old)
Ran by SYSTEM at 23-03-2013 14:49:55
Running from K:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM-x32\...\Run: [] [x]
HKU\Joe\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex [247968 2011-12-20] (Adobe Systems, Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-11-26] (Dell)
HKLM-x32\...\Runonce: [EE9D3A3C-B9C6-4920-9301-2B72210E0509] cmd.exe /C start /D "C:\Users\Joe\AppData\Local\Temp" /B EE9D3A3C-B9C6-4920-9301-2B72210E0509.exe -activeimages -postboot [x]
HKLM-x32\...\Runonce: [B631ECF5-7AC5-4C5D-9CBB-DCD770679394] cmd.exe /C start /D "C:\Users\Joe\AppData\Local\Temp" /B B631ECF5-7AC5-4C5D-9CBB-DCD770679394.exe -activeimages -postboot [x]
HKLM-x32\...\RunOnce: [Z1] cmd /c "C:\Users\Joe\Desktop\mbar-1.01.0.1021\mbar\mbar.exe" /cleanup /s [1363016 2013-03-20] (Malwarebytes Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Services (Whitelisted) ===================

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [282624 2013-02-19] (AVG Technologies CZ, s.r.o.)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
2 PMBDeviceInfoProvider; "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" [479840 2012-11-27] (Sony Corporation)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 msav; C:\Program Files (x86)\Moon Secure Antivirus\msavcore.exe [x]
2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) =====================

1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.)
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.)
1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-17] (AVG Technologies)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
1 RxFilter; C:\Windows\SysWow64\Drivers\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
3 79791410; [x]
3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-03-21 19:02 - 2013-03-21 19:02 - 00275112 ____A C:\Windows\Minidump\032113-70450-01.dmp
2013-03-21 18:42 - 2013-03-21 18:42 - 00000000 ____D C:\FRST
2013-03-21 15:02 - 2013-03-21 19:00 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-03-20 21:15 - 2009-07-13 20:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2013-03-20 21:14 - 2013-03-20 21:14 - 00270984 ____A C:\Windows\Minidump\032013-69779-01.dmp
2013-03-20 21:04 - 2013-03-20 21:04 - 13786977 ____A C:\Users\Joe\Desktop\mbar-1.01.0.1021.zip
2013-03-20 21:04 - 2013-03-20 21:04 - 00000000 ____D C:\Users\Joe\Desktop\mbar-1.01.0.1021
2013-03-20 21:01 - 2013-03-20 21:01 - 00299864 ____A C:\Windows\Minidump\032013-66082-01.dmp
2013-03-20 20:53 - 2013-03-20 20:53 - 00299864 ____A C:\Windows\Minidump\032013-65520-01.dmp
2013-03-20 20:47 - 2013-03-20 20:47 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Joe\Desktop\tdsskiller.exe
2013-03-20 20:14 - 2013-03-20 20:14 - 00291640 ____A C:\Windows\Minidump\032013-72337-01.dmp
2013-03-20 20:01 - 2013-03-20 20:01 - 00015092 ____A C:\ComboFix.txt
2013-03-20 19:44 - 2011-06-26 01:45 - 00256000 ____A C:\Windows\PEV.exe
2013-03-20 19:44 - 2010-11-07 12:20 - 00208896 ____A C:\Windows\MBR.exe
2013-03-20 19:44 - 2009-04-19 23:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-03-20 19:44 - 2000-08-30 19:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-03-20 19:44 - 2000-08-30 19:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-03-20 19:44 - 2000-08-30 19:00 - 00098816 ____A C:\Windows\sed.exe
2013-03-20 19:44 - 2000-08-30 19:00 - 00080412 ____A C:\Windows\grep.exe
2013-03-20 19:44 - 2000-08-30 19:00 - 00068096 ____A C:\Windows\zip.exe
2013-03-20 19:33 - 2013-03-20 20:01 - 00000000 ____D C:\Qoobox
2013-03-20 19:33 - 2013-03-20 19:59 - 00000000 ____D C:\Windows\erdnt
2013-03-20 19:33 - 2013-03-20 19:33 - 05042364 ____R (Swearware) C:\Users\Joe\Desktop\ComboFix.exe
2013-03-19 16:23 - 2013-03-19 16:23 - 00003194 ____A C:\Users\Joe\Desktop\RKreport[1]_S_03192013_02d1723.txt
2013-03-19 16:23 - 2013-03-19 16:23 - 00003078 ____A C:\Users\Joe\Desktop\RKreport[2]_D_03192013_02d1723.txt
2013-03-19 16:22 - 2013-03-19 16:23 - 00000000 ____D C:\Users\Joe\Desktop\RK_Quarantine
2013-03-19 16:21 - 2013-03-19 16:21 - 00816128 ____A C:\Users\Joe\Desktop\RogueKiller.exe
2013-03-19 16:13 - 2013-03-19 16:13 - 00016747 ____A C:\AdwCleaner[S1].txt
2013-03-19 16:12 - 2013-03-20 20:02 - 00000000 ____D C:\Users\Joe\Desktop\geekstogofiles
2013-03-19 16:12 - 2013-03-19 16:12 - 00609993 ____A C:\Users\Joe\Desktop\adwcleaner.exe
2013-03-18 19:45 - 2013-03-18 19:45 - 00061052 ____A C:\Users\Joe\Desktop\Extras.Txt
2013-03-18 19:42 - 2013-03-18 19:42 - 130977792 ____A C:\Users\Joe\Desktop\VIPRERescue16126.exe
2013-03-18 19:34 - 2013-03-20 21:17 - 00003194 ____A C:\Users\Joe\Desktop\Rkill.txt
2013-03-18 19:34 - 2013-03-18 19:44 - 00080292 ____A C:\Users\Joe\Desktop\OTL.Txt
2013-03-18 19:34 - 2013-03-18 19:36 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Joe\Desktop\rkill.exe
2013-03-18 19:27 - 2013-03-18 19:28 - 00602112 ____A (OldTimer Tools) C:\Users\Joe\Desktop\OTL.scr
2013-03-18 19:26 - 2013-03-18 19:26 - 00602112 ____A (OldTimer Tools) C:\Users\Joe\Desktop\OTL.exe
2013-03-18 19:14 - 2013-03-18 19:14 - 00291640 ____A C:\Windows\Minidump\031813-34772-01.dmp
2013-03-18 19:10 - 2013-03-18 19:10 - 00270984 ____A C:\Windows\Minidump\031813-42806-01.dmp
2013-03-18 18:30 - 2013-03-18 18:30 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Joe\Downloads\mbam-setup-1.70.0.1100.exe
2013-03-18 18:30 - 2013-03-18 18:30 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-03-18 18:30 - 2013-03-18 18:30 - 00001111 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-03-18 18:29 - 2013-03-18 18:29 - 04717984 ____A (Red Dog Media) C:\Users\Joe\Downloads\PC Utility Kit Installer.exe
2013-03-17 19:25 - 2013-03-17 19:25 - 00000000 ____D C:\Windows\Sun
2013-03-17 19:22 - 2013-03-17 19:22 - 00291640 ____A C:\Windows\Minidump\031713-38547-01.dmp
2013-03-17 19:17 - 2013-03-17 19:17 - 00291640 ____A C:\Windows\Minidump\031713-41901-01.dmp
2013-03-17 16:18 - 2013-03-17 16:18 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-03-17 16:18 - 2013-03-17 16:18 - 00000000 ____D C:\ProgramData\Application Data\AVG SafeGuard toolbar
2013-03-17 15:27 - 2013-03-17 15:27 - 00000000 ____D C:\Users\Joe\Application Data\AVG2013
2013-03-17 15:27 - 2013-03-17 15:27 - 00000000 ____D C:\Users\Joe\AppData\Roaming\AVG2013
2013-03-17 15:26 - 2013-03-17 15:26 - 00000967 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-03-17 15:26 - 2013-03-17 15:26 - 00000967 ____A C:\ProgramData\Desktop\AVG 2013.lnk
2013-03-17 15:26 - 2013-03-17 15:26 - 00000000 ____D C:\Users\Joe\Local Settings\AVG SafeGuard toolbar
2013-03-17 15:26 - 2013-03-17 15:26 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\AVG SafeGuard toolbar
2013-03-17 15:26 - 2013-03-17 15:26 - 00000000 ____D C:\Users\Joe\AppData\Local\AVG SafeGuard toolbar
2013-03-17 15:25 - 2013-03-17 15:24 - 00039768 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-03-17 15:24 - 2013-03-17 15:24 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-03-17 15:23 - 2013-03-17 19:06 - 00000000 ____D C:\ProgramData\AVG2013
2013-03-17 15:23 - 2013-03-17 19:06 - 00000000 ____D C:\ProgramData\Application Data\AVG2013
2013-03-17 15:23 - 2013-03-17 15:23 - 00000000 ____D C:\$AVG
2013-03-17 15:15 - 2013-03-17 15:15 - 04447072 ____A (AVG Technologies) C:\Users\Joe\Downloads\avg_free_stb_all_2013_3258_cnet.exe
2013-03-17 15:10 - 2013-03-17 19:24 - 00000000 ____D C:\Users\Joe\Local Settings\Avg2013
2013-03-17 15:10 - 2013-03-17 19:24 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\Avg2013
2013-03-17 15:10 - 2013-03-17 19:24 - 00000000 ____D C:\Users\Joe\AppData\Local\Avg2013
2013-03-17 15:08 - 2013-03-17 15:08 - 00172032 ____A (McAfee, Inc.) C:\Users\Joe\Downloads\McPreInstall.exe
2013-03-17 15:08 - 2013-03-17 15:08 - 00001590 ____A C:\Users\Joe\Downloads\runme.bat
2013-03-17 14:52 - 2013-03-17 14:52 - 00803688 ____A C:\Users\Joe\Local Settings\census.cache
2013-03-17 14:52 - 2013-03-17 14:52 - 00803688 ____A C:\Users\Joe\Local Settings\Application Data\census.cache
2013-03-17 14:52 - 2013-03-17 14:52 - 00803688 ____A C:\Users\Joe\AppData\Local\census.cache
2013-03-17 14:51 - 2013-03-17 14:51 - 00100996 ____A C:\Users\Joe\Local Settings\ars.cache
2013-03-17 14:51 - 2013-03-17 14:51 - 00100996 ____A C:\Users\Joe\Local Settings\Application Data\ars.cache
2013-03-17 14:51 - 2013-03-17 14:51 - 00100996 ____A C:\Users\Joe\AppData\Local\ars.cache
2013-03-17 14:42 - 2013-03-17 14:42 - 02406064 ____A (Trend Micro Inc.) C:\Users\Joe\Downloads\HousecallLauncher64.exe
2013-03-17 14:34 - 2013-03-17 14:34 - 00000000 ____D C:\Windows\pss
2013-03-17 11:22 - 2013-03-17 19:48 - 00027679 ____A C:\Users\Joe\Desktop\avgrep.txt
2013-03-17 11:07 - 2013-03-17 11:07 - 00291640 ____A C:\Windows\Minidump\031713-49374-01.dmp
2013-03-17 11:01 - 2013-03-17 11:01 - 00291640 ____A C:\Windows\Minidump\031713-66518-01.dmp
2013-03-16 20:12 - 2013-03-16 20:12 - 00291640 ____A C:\Windows\Minidump\031613-71432-01.dmp
2013-03-16 19:53 - 2013-03-16 19:53 - 00003608 ____N C:\bootsqm.dat
2013-03-16 18:11 - 2013-03-16 18:11 - 00000000 ____D C:\found.000
2013-03-16 18:05 - 2013-03-16 18:06 - 00270984 ____A C:\Windows\Minidump\031613-64178-01.dmp
2013-03-16 17:59 - 2013-03-16 17:59 - 00270864 ____A C:\Windows\Minidump\031613-26270-01.dmp
2013-03-16 17:52 - 2013-03-16 17:53 - 00291640 ____A C:\Windows\Minidump\031613-35864-01.dmp
2013-03-16 17:44 - 2013-03-16 17:44 - 00291640 ____A C:\Windows\Minidump\031613-21621-01.dmp
2013-03-16 17:41 - 2013-03-22 17:59 - 00000000 ____D C:\Windows\Minidump
2013-03-16 17:41 - 2013-03-22 17:58 - 337804155 ____A C:\Windows\MEMORY.DMP
2013-03-16 17:41 - 2013-03-16 17:41 - 00291640 ____A C:\Windows\Minidump\031613-38111-01.dmp
2013-03-14 02:01 - 2013-03-17 06:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 02:01 - 2013-03-17 06:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-13 14:38 - 2013-02-28 08:57 - 12296192 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 09061376 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 02458112 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 01493504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 00735744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-03-13 14:38 - 2013-02-28 08:57 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 11020800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 06032384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 02078208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 01231872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-03-13 14:38 - 2013-02-28 08:37 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-03-13 14:38 - 2013-02-28 07:03 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-03-13 14:38 - 2013-02-28 06:38 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-03-11 16:39 - 2013-03-11 16:39 - 00000000 ____D C:\Users\Joe\Application Data\Sling Media
2013-03-11 16:39 - 2013-03-11 16:39 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Sling Media
2013-03-07 15:18 - 2013-03-07 15:18 - 00000000 ____D C:\Users\Joe\Desktop\New folder (2)
2013-02-28 03:00 - 2013-01-13 16:17 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:17 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:16 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:11 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 16:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:35 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:35 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:35 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:31 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-02-28 03:00 - 2013-01-13 15:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:31 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 03:00 - 2013-01-13 15:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-02-28 03:00 - 2013-01-13 15:20 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-02-28 03:00 - 2013-01-13 15:09 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-02-28 03:00 - 2013-01-13 15:08 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-02-28 03:00 - 2013-01-13 15:08 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-02-28 03:00 - 2013-01-13 14:59 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-02-28 03:00 - 2013-01-13 14:58 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-02-28 03:00 - 2013-01-13 14:54 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-02-28 03:00 - 2013-01-13 14:53 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-02-28 03:00 - 2013-01-13 14:53 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-02-28 03:00 - 2013-01-13 14:51 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-02-28 03:00 - 2013-01-13 14:49 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-02-28 03:00 - 2013-01-13 14:48 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-02-28 03:00 - 2013-01-13 14:46 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-02-28 03:00 - 2013-01-13 14:43 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-02-28 03:00 - 2013-01-13 14:38 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-02-28 03:00 - 2013-01-13 14:38 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-02-28 03:00 - 2013-01-13 14:38 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-02-28 03:00 - 2013-01-13 14:37 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-02-28 03:00 - 2013-01-13 14:25 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-02-28 03:00 - 2013-01-13 14:24 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-02-28 03:00 - 2013-01-13 14:24 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-02-28 03:00 - 2013-01-13 14:20 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-02-28 03:00 - 2013-01-13 14:20 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-02-28 03:00 - 2013-01-13 14:15 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-02-28 03:00 - 2013-01-13 14:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-02-28 03:00 - 2013-01-13 14:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-02-28 03:00 - 2013-01-13 13:34 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-02-28 03:00 - 2013-01-13 13:32 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-02-28 03:00 - 2013-01-13 13:09 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-02-28 03:00 - 2013-01-13 12:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-02-28 03:00 - 2013-01-13 12:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-02-28 03:00 - 2013-01-04 01:11 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-02-28 03:00 - 2013-01-04 01:11 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-02-26 22:40 - 2013-02-26 22:40 - 00246072 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgidsdrivera.sys


==================== One Month Modified Files and Folders =======

2013-03-22 21:18 - 2011-03-14 17:00 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Net
2013-03-22 17:59 - 2013-03-22 17:59 - 00299864 ____A C:\Windows\Minidump\032213-63055-01.dmp
2013-03-22 17:59 - 2013-03-16 17:41 - 00000000 ____D C:\Windows\Minidump
2013-03-22 17:58 - 2013-03-16 17:41 - 337804155 ____A C:\Windows\MEMORY.DMP
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Joe\Local Settings\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Joe\AppData\Local\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2013-03-22 17:57 - 2010-03-29 15:11 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-03-22 17:57 - 2010-03-22 09:19 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-03-22 17:55 - 2011-02-22 12:27 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-03-22 17:54 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-03-22 17:54 - 2009-07-13 23:51 - 00049420 ____A C:\Windows\setupact.log
2013-03-22 17:45 - 2009-07-14 00:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2013-03-22 17:45 - 2009-07-14 00:10 - 01091537 ____A C:\Windows\WindowsUpdate.log
2013-03-21 19:02 - 2013-03-21 19:02 - 00275112 ____A C:\Windows\Minidump\032113-70450-01.dmp
2013-03-21 19:00 - 2013-03-21 15:02 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-03-21 18:42 - 2013-03-21 18:42 - 00000000 ____D C:\FRST
2013-03-20 21:17 - 2013-03-18 19:34 - 00003194 ____A C:\Users\Joe\Desktop\Rkill.txt
2013-03-20 21:14 - 2013-03-20 21:14 - 00270984 ____A C:\Windows\Minidump\032013-69779-01.dmp
2013-03-20 21:04 - 2013-03-20 21:04 - 13786977 ____A C:\Users\Joe\Desktop\mbar-1.01.0.1021.zip
2013-03-20 21:04 - 2013-03-20 21:04 - 00000000 ____D C:\Users\Joe\Desktop\mbar-1.01.0.1021
2013-03-20 21:01 - 2013-03-20 21:01 - 00299864 ____A C:\Windows\Minidump\032013-66082-01.dmp
2013-03-20 20:53 - 2013-03-20 20:53 - 00299864 ____A C:\Windows\Minidump\032013-65520-01.dmp
2013-03-20 20:47 - 2013-03-20 20:47 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Joe\Desktop\tdsskiller.exe
2013-03-20 20:14 - 2013-03-20 20:14 - 00291640 ____A C:\Windows\Minidump\032013-72337-01.dmp
2013-03-20 20:08 - 2012-03-02 17:50 - 00000000 ____D C:\ProgramData\MFAData
2013-03-20 20:08 - 2012-03-02 17:50 - 00000000 ____D C:\ProgramData\Application Data\MFAData
2013-03-20 20:04 - 2010-03-22 10:59 - 00661040 ____A C:\Windows\PFRO.log
2013-03-20 20:02 - 2013-03-19 16:12 - 00000000 ____D C:\Users\Joe\Desktop\geekstogofiles
2013-03-20 20:01 - 2013-03-20 20:01 - 00015092 ____A C:\ComboFix.txt
2013-03-20 20:01 - 2013-03-20 19:33 - 00000000 ____D C:\Qoobox
2013-03-20 19:59 - 2013-03-20 19:33 - 00000000 ____D C:\Windows\erdnt
2013-03-20 19:59 - 2009-07-13 21:34 - 00000215 ____A C:\Windows\system.ini
2013-03-20 19:33 - 2013-03-20 19:33 - 05042364 ____R (Swearware) C:\Users\Joe\Desktop\ComboFix.exe
2013-03-19 16:23 - 2013-03-19 16:23 - 00003194 ____A C:\Users\Joe\Desktop\RKreport[1]_S_03192013_02d1723.txt
2013-03-19 16:23 - 2013-03-19 16:23 - 00003078 ____A C:\Users\Joe\Desktop\RKreport[2]_D_03192013_02d1723.txt
2013-03-19 16:23 - 2013-03-19 16:22 - 00000000 ____D C:\Users\Joe\Desktop\RK_Quarantine
2013-03-19 16:21 - 2013-03-19 16:21 - 00816128 ____A C:\Users\Joe\Desktop\RogueKiller.exe
2013-03-19 16:15 - 2011-02-22 12:27 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-03-19 16:13 - 2013-03-19 16:13 - 00016747 ____A C:\AdwCleaner[S1].txt
2013-03-19 16:12 - 2013-03-19 16:12 - 00609993 ____A C:\Users\Joe\Desktop\adwcleaner.exe
2013-03-18 19:45 - 2013-03-18 19:45 - 00061052 ____A C:\Users\Joe\Desktop\Extras.Txt
2013-03-18 19:44 - 2013-03-18 19:34 - 00080292 ____A C:\Users\Joe\Desktop\OTL.Txt
2013-03-18 19:42 - 2013-03-18 19:42 - 130977792 ____A C:\Users\Joe\Desktop\VIPRERescue16126.exe
2013-03-18 19:36 - 2013-03-18 19:34 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Joe\Desktop\rkill.exe
2013-03-18 19:29 - 2010-08-14 12:18 - 00602112 ____A (OldTimer Tools) C:\Users\Joe\Desktop\OTL.com
2013-03-18 19:28 - 2013-03-18 19:27 - 00602112 ____A (OldTimer Tools) C:\Users\Joe\Desktop\OTL.scr
2013-03-18 19:26 - 2013-03-18 19:26 - 00602112 ____A (OldTimer Tools) C:\Users\Joe\Desktop\OTL.exe
2013-03-18 19:14 - 2013-03-18 19:14 - 00291640 ____A C:\Windows\Minidump\031813-34772-01.dmp
2013-03-18 19:10 - 2013-03-18 19:10 - 00270984 ____A C:\Windows\Minidump\031813-42806-01.dmp
2013-03-18 18:30 - 2013-03-18 18:30 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Joe\Downloads\mbam-setup-1.70.0.1100.exe
2013-03-18 18:30 - 2013-03-18 18:30 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-03-18 18:30 - 2013-03-18 18:30 - 00001111 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-03-18 18:30 - 2012-11-24 13:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-18 18:29 - 2013-03-18 18:29 - 04717984 ____A (Red Dog Media) C:\Users\Joe\Downloads\PC Utility Kit Installer.exe
2013-03-17 19:48 - 2013-03-17 11:22 - 00027679 ____A C:\Users\Joe\Desktop\avgrep.txt
2013-03-17 19:25 - 2013-03-17 19:25 - 00000000 ____D C:\Windows\Sun
2013-03-17 19:24 - 2013-03-17 15:10 - 00000000 ____D C:\Users\Joe\Local Settings\Avg2013
2013-03-17 19:24 - 2013-03-17 15:10 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\Avg2013
2013-03-17 19:24 - 2013-03-17 15:10 - 00000000 ____D C:\Users\Joe\AppData\Local\Avg2013
2013-03-17 19:22 - 2013-03-17 19:22 - 00291640 ____A C:\Windows\Minidump\031713-38547-01.dmp
2013-03-17 19:17 - 2013-03-17 19:17 - 00291640 ____A C:\Windows\Minidump\031713-41901-01.dmp
2013-03-17 19:06 - 2013-03-17 15:23 - 00000000 ____D C:\ProgramData\AVG2013
2013-03-17 19:06 - 2013-03-17 15:23 - 00000000 ____D C:\ProgramData\Application Data\AVG2013
2013-03-17 16:29 - 2009-07-13 23:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-03-17 16:29 - 2009-07-13 23:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-03-17 16:18 - 2013-03-17 16:18 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-03-17 16:18 - 2013-03-17 16:18 - 00000000 ____D C:\ProgramData\Application Data\AVG SafeGuard toolbar
2013-03-17 15:27 - 2013-03-17 15:27 - 00000000 ____D C:\Users\Joe\Application Data\AVG2013
2013-03-17 15:27 - 2013-03-17 15:27 - 00000000 ____D C:\Users\Joe\AppData\Roaming\AVG2013
2013-03-17 15:26 - 2013-03-17 15:26 - 00000967 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-03-17 15:26 - 2013-03-17 15:26 - 00000967 ____A C:\ProgramData\Desktop\AVG 2013.lnk
2013-03-17 15:26 - 2013-03-17 15:26 - 00000000 ____D C:\Users\Joe\Local Settings\AVG SafeGuard toolbar
2013-03-17 15:26 - 2013-03-17 15:26 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\AVG SafeGuard toolbar
2013-03-17 15:26 - 2013-03-17 15:26 - 00000000 ____D C:\Users\Joe\AppData\Local\AVG SafeGuard toolbar
2013-03-17 15:24 - 2013-03-17 15:25 - 00039768 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-03-17 15:24 - 2013-03-17 15:24 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-03-17 15:23 - 2013-03-17 15:23 - 00000000 ____D C:\$AVG
2013-03-17 15:15 - 2013-03-17 15:15 - 04447072 ____A (AVG Technologies) C:\Users\Joe\Downloads\avg_free_stb_all_2013_3258_cnet.exe
2013-03-17 15:11 - 2009-07-13 23:54 - 00000749 __RAH C:\Windows\WindowsShell.Manifest
2013-03-17 15:11 - 2009-07-13 23:54 - 00000174 ___SH C:\Users\Public\desktop.ini
2013-03-17 15:11 - 2009-07-13 23:54 - 00000174 ___SH C:\users\desktop.ini
2013-03-17 15:11 - 2009-07-13 23:54 - 00000174 ___SH C:\Program Files (x86)\desktop.ini
2013-03-17 15:11 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-03-17 15:08 - 2013-03-17 15:08 - 00172032 ____A (McAfee, Inc.) C:\Users\Joe\Downloads\McPreInstall.exe
2013-03-17 15:08 - 2013-03-17 15:08 - 00001590 ____A C:\Users\Joe\Downloads\runme.bat
2013-03-17 14:52 - 2013-03-17 14:52 - 00803688 ____A C:\Users\Joe\Local Settings\census.cache
2013-03-17 14:52 - 2013-03-17 14:52 - 00803688 ____A C:\Users\Joe\Local Settings\Application Data\census.cache
2013-03-17 14:52 - 2013-03-17 14:52 - 00803688 ____A C:\Users\Joe\AppData\Local\census.cache
2013-03-17 14:51 - 2013-03-17 14:51 - 00100996 ____A C:\Users\Joe\Local Settings\ars.cache
2013-03-17 14:51 - 2013-03-17 14:51 - 00100996 ____A C:\Users\Joe\Local Settings\Application Data\ars.cache
2013-03-17 14:51 - 2013-03-17 14:51 - 00100996 ____A C:\Users\Joe\AppData\Local\ars.cache
2013-03-17 14:42 - 2013-03-17 14:42 - 02406064 ____A (Trend Micro Inc.) C:\Users\Joe\Downloads\HousecallLauncher64.exe
2013-03-17 14:34 - 2013-03-17 14:34 - 00000000 ____D C:\Windows\pss
2013-03-17 11:21 - 2012-11-18 15:36 - 00000278 ____A C:\Users\Joe\Application Data\wklnhst.dat
2013-03-17 11:21 - 2012-11-18 15:36 - 00000278 ____A C:\Users\Joe\AppData\Roaming\wklnhst.dat
2013-03-17 11:07 - 2013-03-17 11:07 - 00291640 ____A C:\Windows\Minidump\031713-49374-01.dmp
2013-03-17 11:04 - 2010-03-30 12:41 - 00000000 ____D C:\Users\Joe\Tracing
2013-03-17 11:01 - 2013-03-17 11:01 - 00291640 ____A C:\Windows\Minidump\031713-66518-01.dmp
2013-03-17 06:49 - 2013-03-14 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-17 06:49 - 2013-03-14 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-17 06:49 - 2012-12-05 17:26 - 00000000 ____D C:\Users\Joe\Local Settings\PokerStars.NET
2013-03-17 06:49 - 2012-12-05 17:26 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\PokerStars.NET
2013-03-17 06:49 - 2012-12-05 17:26 - 00000000 ____D C:\Users\Joe\AppData\Local\PokerStars.NET
2013-03-17 06:49 - 2012-11-18 19:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-03-17 06:49 - 2012-11-18 19:18 - 00000000 ____D C:\ProgramData\Application Data\Spybot - Search & Destroy
2013-03-17 06:49 - 2010-12-23 15:51 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-03-17 06:49 - 2010-12-23 15:51 - 00000000 ____D C:\ProgramData\Application Data\Yahoo! Companion
2013-03-17 06:49 - 2010-12-23 15:42 - 00000000 ____D C:\ProgramData\HP
2013-03-17 06:49 - 2010-12-23 15:42 - 00000000 ____D C:\ProgramData\Application Data\HP
2013-03-17 06:49 - 2010-03-29 15:12 - 00000000 ____D C:\Users\Joe\Local Settings\Stardock_Corporation
2013-03-17 06:49 - 2010-03-29 15:12 - 00000000 ____D C:\Users\Joe\Local Settings\Application Data\Stardock_Corporation
2013-03-17 06:49 - 2010-03-29 15:12 - 00000000 ____D C:\Users\Joe\AppData\Local\Stardock_Corporation
2013-03-17 06:49 - 2010-03-29 15:08 - 00000000 ____D C:\users\Joe
2013-03-17 06:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-03-17 06:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-03-17 06:49 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-03-16 20:12 - 2013-03-16 20:12 - 00291640 ____A C:\Windows\Minidump\031613-71432-01.dmp
2013-03-16 19:53 - 2013-03-16 19:53 - 00003608 ____N C:\bootsqm.dat
2013-03-16 18:11 - 2013-03-16 18:11 - 00000000 ____D C:\found.000
2013-03-16 18:06 - 2013-03-16 18:05 - 00270984 ____A C:\Windows\Minidump\031613-64178-01.dmp
2013-03-16 17:59 - 2013-03-16 17:59 - 00270864 ____A C:\Windows\Minidump\031613-26270-01.dmp
2013-03-16 17:53 - 2013-03-16 17:52 - 00291640 ____A C:\Windows\Minidump\031613-35864-01.dmp
2013-03-16 17:44 - 2013-03-16 17:44 - 00291640 ____A C:\Windows\Minidump\031613-21621-01.dmp
2013-03-16 17:41 - 2013-03-16 17:41 - 00291640 ____A C:\Windows\Minidump\031613-38111-01.dmp
2013-03-16 17:34 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-03-12 18:13 - 2011-02-22 12:28 - 00002185 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-03-12 18:13 - 2011-02-22 12:28 - 00002185 ____A C:\ProgramData\Desktop\Google Chrome.lnk
2013-03-11 16:39 - 2013-03-11 16:39 - 00000000 ____D C:\Users\Joe\Application Data\Sling Media
2013-03-11 16:39 - 2013-03-11 16:39 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Sling Media
2013-03-07 15:18 - 2013-03-07 15:18 - 00000000 ____D C:\Users\Joe\Desktop\New folder (2)
2013-03-07 15:17 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-03-04 13:53 - 2010-04-01 18:46 - 72013344 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-02-28 08:57 - 2013-03-13 14:38 - 12296192 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 09061376 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 02458112 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 01493504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 00735744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-02-28 08:57 - 2013-03-13 14:38 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 11020800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 06032384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 02078208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 01231872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-02-28 08:37 - 2013-03-13 14:38 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-02-28 07:03 - 2013-03-13 14:38 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-02-28 06:38 - 2013-03-13 14:38 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-02-28 03:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-02-28 03:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-02-28 03:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-02-28 03:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-02-26 22:40 - 2013-02-26 22:40 - 00246072 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgidsdrivera.sys

ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-02-13 03:00:38
Restore point made on: 2013-02-21 00:00:13
Restore point made on: 2013-02-28 02:52:14
Restore point made on: 2013-02-28 03:00:24
Restore point made on: 2013-03-08 02:11:34
Restore point made on: 2013-03-14 02:00:38
Restore point made on: 2013-03-17 15:07:57
Restore point made on: 2013-03-17 15:10:07
Restore point made on: 2013-03-17 15:16:10
Restore point made on: 2013-03-17 15:23:11

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 3959.08 MB
Available physical RAM: 3374 MB
Total Pagefile: 3957.23 MB
Available Pagefile: 3358.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:398.07 GB) NTFS
2 Drive d: (SlotsDual) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS
8 Drive j: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
9 Drive k: () (Removable) (Total:1.85 GB) (Free:1.85 GB) FAT32
10 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 1901 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Disk ID: 4C90D62D

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 14 GB 40 MB
Partition 3 Primary 451 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 FAT Partition 39 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 J RECOVERY NTFS Partition 14 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 451 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Disk ID: 00000001

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 1901 MB 0 B

==================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: 4C90D62D

Partition 1:
=========
Hex: 80000E00000000000D00000000000000
Active: YES
Type: 00
Size: 0 byte
ATTENTION ===> 0 byte partition bootkit on partition 1

Partition 2:
=========
Hex: 00010100DEFE3F043F00000086390100
Active: NO
Type: DE
Size: 39 MB

Partition 3:
=========
Hex: 8019150507FEFFFF0040010000C0D401
Active: YES
Type: 07 (NTFS)
Size: 15 GB

Partition 4:
=========
Hex: 00FEFFFF07FEFFFF0000D60130586238
Active: NO
Type: 07 (NTFS)
Size: 451 GB

==============================
Partitions of Disk 1:
===============
Disk ID: 73696D20

Partition 1:
=========
Hex: 6E67FF0D0A4469736B206572726F72FF
Active: NO
Type: 0A
Size: -4750121984 byte

Partition 2:
=========
Hex: 0D0A507265737320616E79206B657920
Active: NO
Type: 65
Size: 260 GB

Partition 3:
=========
Hex: 746F20726573746172740D0A00000000
Active: NO
Type: 65
Size: 0 byte

Partition 4:
=========
Hex: 0000000000000000000000ACC1CE0000
Active: NO
Type: 00
Size: 26 MB


Last Boot: 2013-03-15 00:03

==================== End Of Log =============================
  • 0

#18
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Please access the Command Prompt in the recovery environment. Execute the following commands in the order given. If any command returns an error, please let me know. Its important to do these steps in order as first a backup of your current BCD will be made.
  • bcdedit /export C:\BCD_Backup
  • c:
  • cd boot
  • attrib bcd -s -h -r
  • ren c:\boot\bcd bcd.old
  • bootrec /RebuildBcd
​Next you will see a message indicating Windows is looking for installations to add. If it finds one it will ask you if you want to add it. Type Y to add the installation to the boot configuration data and follow any additional prompts.

Restart the computer if the process completed successfully and let me know if you still get the error.
  • 0

#19
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
after typing cd boot, the system cannot find the path specified. I run the recovery envronment from the preloaded hard drive. I do not have an installation cd.
  • 0

#20
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I got to the boot folder. It was on the E drive. Now I get "Windows cannot verify signatures of Winload.exe" and the system won't boot.
  • 0

#21
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I got the fix in, but had to restore the bcdedit file that we backed up. Seems to be booting okay now. All the programs we installed, however, to get rid of the infection are gone and that one service is still there.
  • 0

#22
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
It came back when I rebooted.
  • 0

#23
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Okay, I think it is gone now.

Here is what I did...

I did what you posted and the computer wouldn't boot. I researched it a little and ended up making a recovery disk on another computer to get me back to the recovery console.

While in the recovery console, used bcdedit to delete the bootmgr entry. I then ran bootrec /fixmbr and bootrec /fixboot.

It still didn't boot, so I imported the backup file that we created with your last entry.

That seemed to keep the rootkit virus from loading on boot. It was still there and there were other issues, but it booted up much faster.

I took that opportunity to run tdsskiller as you instructed. That finally was able to reboot okay and get rid of the boot loader.

I then ran mbar and that got rid of the servicehost.exe virus and also found an entry for a wireshark virus in the registry.

Everything seems to be running okay now. Thank you. Is there anything else you would have me check for?
  • 0

#24
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello kyong


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#25
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

Advertisements


#26
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
16:53:31.0589 4636 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:53:31.0870 4636 ============================================================
16:53:31.0870 4636 Current date / time: 2013/03/28 16:53:31.0870
16:53:31.0870 4636 SystemInfo:
16:53:31.0870 4636
16:53:31.0870 4636 OS Version: 6.1.7601 ServicePack: 1.0
16:53:31.0870 4636 Product type: Workstation
16:53:31.0870 4636 ComputerName: JOE-PC
16:53:31.0870 4636 UserName: Joe
16:53:31.0870 4636 Windows directory: C:\Windows
16:53:31.0870 4636 System windows directory: C:\Windows
16:53:31.0870 4636 Running under WOW64
16:53:31.0870 4636 Processor architecture: Intel x64
16:53:31.0870 4636 Number of processors: 4
16:53:31.0870 4636 Page size: 0x1000
16:53:31.0870 4636 Boot type: Normal boot
16:53:31.0870 4636 ============================================================
16:53:33.0040 4636 BG loaded
16:53:33.0414 4636 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:33.0430 4636 ============================================================
16:53:33.0430 4636 \Device\Harddisk0\DR0:
16:53:33.0430 4636 MBR partitions:
16:53:33.0430 4636 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
16:53:33.0430 4636 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830
16:53:33.0430 4636 ============================================================
16:53:33.0461 4636 C: <-> \Device\Harddisk0\DR0\Partition2
16:53:33.0461 4636 ============================================================
16:53:33.0461 4636 Initialize success
16:53:33.0461 4636 ============================================================
16:53:44.0493 5348 ============================================================
16:53:44.0493 5348 Scan started
16:53:44.0493 5348 Mode: Manual; SigCheck; TDLFS;
16:53:44.0493 5348 ============================================================
16:53:44.0992 5348 ================ Scan system memory ========================
16:53:44.0992 5348 System memory - ok
16:53:44.0992 5348 ================ Scan services =============================
16:53:45.0990 5348 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:54:02.0417 5348 1394ohci - ok
16:54:02.0464 5348 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:54:02.0495 5348 ACPI - ok
16:54:02.0527 5348 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:54:02.0651 5348 AcpiPmi - ok
16:54:02.0776 5348 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:54:02.0792 5348 AdobeARMservice - ok
16:54:02.0839 5348 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:54:02.0885 5348 adp94xx - ok
16:54:02.0917 5348 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:54:02.0932 5348 adpahci - ok
16:54:02.0963 5348 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:54:02.0979 5348 adpu320 - ok
16:54:03.0010 5348 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:54:03.0166 5348 AeLookupSvc - ok
16:54:03.0197 5348 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:54:03.0244 5348 AFD - ok
16:54:03.0275 5348 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:54:03.0291 5348 agp440 - ok
16:54:03.0291 5348 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:54:03.0385 5348 ALG - ok
16:54:03.0416 5348 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:54:03.0447 5348 aliide - ok
16:54:03.0463 5348 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:54:03.0478 5348 amdide - ok
16:54:03.0509 5348 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:54:03.0572 5348 AmdK8 - ok
16:54:03.0603 5348 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:54:03.0634 5348 AmdPPM - ok
16:54:03.0681 5348 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:54:03.0712 5348 amdsata - ok
16:54:03.0759 5348 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:54:03.0821 5348 amdsbs - ok
16:54:03.0853 5348 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:54:03.0868 5348 amdxata - ok
16:54:03.0931 5348 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:54:04.0087 5348 AppID - ok
16:54:04.0118 5348 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:54:04.0196 5348 AppIDSvc - ok
16:54:04.0243 5348 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:54:04.0274 5348 Appinfo - ok
16:54:04.0336 5348 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:54:04.0383 5348 arc - ok
16:54:04.0414 5348 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:54:04.0445 5348 arcsas - ok
16:54:04.0477 5348 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:54:04.0523 5348 AsyncMac - ok
16:54:04.0586 5348 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:54:04.0617 5348 atapi - ok
16:54:04.0664 5348 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:54:04.0742 5348 AudioEndpointBuilder - ok
16:54:04.0789 5348 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:54:04.0820 5348 AudioSrv - ok
16:54:05.0194 5348 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:54:05.0257 5348 AVGIDSAgent - ok
16:54:05.0319 5348 [ AC6CB348F67B6B1B75C0EFB8927A8B03 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:54:05.0350 5348 AVGIDSDriver - ok
16:54:05.0381 5348 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:54:05.0413 5348 AVGIDSHA - ok
16:54:05.0428 5348 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:54:05.0444 5348 Avgldx64 - ok
16:54:05.0491 5348 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:54:05.0537 5348 Avgloga - ok
16:54:05.0553 5348 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:54:05.0569 5348 Avgmfx64 - ok
16:54:05.0600 5348 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:54:05.0615 5348 Avgrkx64 - ok
16:54:05.0647 5348 [ 71309F30D4F4565EC611FE3FC33A3A0F ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:54:05.0662 5348 Avgtdia - ok
16:54:05.0693 5348 [ 4A175D2D30D31F7DF46F09B9A108E089 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
16:54:05.0725 5348 avgtp - ok
16:54:05.0771 5348 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:54:05.0787 5348 avgwd - ok
16:54:05.0834 5348 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:54:05.0912 5348 AxInstSV - ok
16:54:05.0959 5348 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:54:06.0052 5348 b06bdrv - ok
16:54:06.0068 5348 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:54:06.0115 5348 b57nd60a - ok
16:54:06.0208 5348 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
16:54:06.0239 5348 BBSvc - ok
16:54:06.0271 5348 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
16:54:06.0333 5348 BBUpdate - ok
16:54:06.0380 5348 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:54:06.0411 5348 BDESVC - ok
16:54:06.0427 5348 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:54:06.0458 5348 Beep - ok
16:54:06.0536 5348 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:54:06.0583 5348 BFE - ok
16:54:06.0645 5348 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:54:06.0723 5348 BITS - ok
16:54:06.0770 5348 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:54:06.0785 5348 blbdrive - ok
16:54:06.0817 5348 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:54:06.0848 5348 bowser - ok
16:54:06.0879 5348 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:54:06.0957 5348 BrFiltLo - ok
16:54:06.0988 5348 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:54:07.0019 5348 BrFiltUp - ok
16:54:07.0066 5348 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:54:07.0097 5348 Browser - ok
16:54:07.0129 5348 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:54:07.0175 5348 Brserid - ok
16:54:07.0191 5348 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:54:07.0222 5348 BrSerWdm - ok
16:54:07.0238 5348 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:54:07.0285 5348 BrUsbMdm - ok
16:54:07.0316 5348 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:54:07.0347 5348 BrUsbSer - ok
16:54:07.0378 5348 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:54:07.0441 5348 BTHMODEM - ok
16:54:07.0503 5348 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:54:07.0550 5348 bthserv - ok
16:54:07.0565 5348 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:54:07.0643 5348 cdfs - ok
16:54:07.0706 5348 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:54:07.0753 5348 cdrom - ok
16:54:07.0799 5348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:54:07.0846 5348 CertPropSvc - ok
16:54:07.0877 5348 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:54:07.0893 5348 circlass - ok
16:54:07.0924 5348 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:54:07.0940 5348 CLFS - ok
16:54:08.0002 5348 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:54:08.0049 5348 clr_optimization_v2.0.50727_32 - ok
16:54:08.0111 5348 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:54:08.0143 5348 clr_optimization_v2.0.50727_64 - ok
16:54:08.0221 5348 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:54:08.0283 5348 clr_optimization_v4.0.30319_32 - ok
16:54:08.0314 5348 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:54:08.0330 5348 clr_optimization_v4.0.30319_64 - ok
16:54:08.0361 5348 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:54:08.0408 5348 CmBatt - ok
16:54:08.0423 5348 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:54:08.0455 5348 cmdide - ok
16:54:08.0501 5348 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:54:08.0533 5348 CNG - ok
16:54:08.0564 5348 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:54:08.0595 5348 Compbatt - ok
16:54:08.0626 5348 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:54:08.0673 5348 CompositeBus - ok
16:54:08.0689 5348 COMSysApp - ok
16:54:08.0704 5348 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:54:08.0720 5348 crcdisk - ok
16:54:08.0751 5348 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:54:08.0782 5348 CryptSvc - ok
16:54:08.0829 5348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:54:08.0876 5348 DcomLaunch - ok
16:54:08.0923 5348 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:54:09.0001 5348 defragsvc - ok
16:54:09.0047 5348 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:54:09.0094 5348 DfsC - ok
16:54:09.0141 5348 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:54:09.0188 5348 Dhcp - ok
16:54:09.0188 5348 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:54:09.0219 5348 discache - ok
16:54:09.0266 5348 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:54:09.0297 5348 Disk - ok
16:54:09.0313 5348 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:54:09.0359 5348 Dnscache - ok
16:54:09.0453 5348 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:54:09.0484 5348 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:54:09.0484 5348 DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:54:09.0515 5348 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:54:09.0578 5348 dot3svc - ok
16:54:09.0609 5348 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:54:09.0656 5348 DPS - ok
16:54:09.0703 5348 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:54:09.0749 5348 drmkaud - ok
16:54:09.0890 5348 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:54:09.0937 5348 DXGKrnl - ok
16:54:09.0968 5348 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:54:10.0015 5348 EapHost - ok
16:54:10.0280 5348 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:54:10.0389 5348 ebdrv - ok
16:54:10.0420 5348 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:54:10.0451 5348 EFS - ok
16:54:10.0529 5348 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:54:10.0592 5348 ehRecvr - ok
16:54:10.0607 5348 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:54:10.0670 5348 ehSched - ok
16:54:10.0701 5348 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:54:10.0748 5348 elxstor - ok
16:54:10.0763 5348 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:54:10.0795 5348 ErrDev - ok
16:54:10.0826 5348 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:54:10.0888 5348 EventSystem - ok
16:54:10.0935 5348 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:54:10.0997 5348 exfat - ok
16:54:11.0013 5348 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:54:11.0044 5348 fastfat - ok
16:54:11.0091 5348 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:54:11.0153 5348 Fax - ok
16:54:11.0169 5348 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:54:11.0216 5348 fdc - ok
16:54:11.0231 5348 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:54:11.0247 5348 fdPHost - ok
16:54:11.0263 5348 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:54:11.0325 5348 FDResPub - ok
16:54:11.0341 5348 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:54:11.0341 5348 FileInfo - ok
16:54:11.0356 5348 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:54:11.0403 5348 Filetrace - ok
16:54:11.0450 5348 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:54:11.0575 5348 FLEXnet Licensing Service - ok
16:54:11.0606 5348 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:54:11.0653 5348 flpydisk - ok
16:54:11.0699 5348 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:54:11.0746 5348 FltMgr - ok
16:54:11.0809 5348 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:54:11.0855 5348 FontCache - ok
16:54:11.0902 5348 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:54:11.0949 5348 FontCache3.0.0.0 - ok
16:54:11.0965 5348 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:54:11.0965 5348 FsDepends - ok
16:54:11.0996 5348 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:54:12.0027 5348 Fs_Rec - ok
16:54:12.0074 5348 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:54:12.0089 5348 fvevol - ok
16:54:12.0105 5348 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:54:12.0121 5348 gagp30kx - ok
16:54:12.0152 5348 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:54:12.0183 5348 GoToAssist - ok
16:54:12.0214 5348 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:54:12.0261 5348 gpsvc - ok
16:54:12.0339 5348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:12.0355 5348 gupdate - ok
16:54:12.0370 5348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:12.0386 5348 gupdatem - ok
16:54:12.0401 5348 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:54:12.0433 5348 gusvc - ok
16:54:12.0448 5348 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:54:12.0495 5348 hcw85cir - ok
16:54:12.0511 5348 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:54:12.0557 5348 HDAudBus - ok
16:54:12.0589 5348 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:54:12.0620 5348 HECIx64 - ok
16:54:12.0635 5348 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:54:12.0651 5348 HidBatt - ok
16:54:12.0667 5348 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:54:12.0682 5348 HidBth - ok
16:54:12.0698 5348 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:54:12.0729 5348 HidIr - ok
16:54:12.0745 5348 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:54:12.0807 5348 hidserv - ok
16:54:12.0838 5348 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:54:12.0869 5348 HidUsb - ok
16:54:12.0916 5348 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:54:12.0979 5348 hkmsvc - ok
16:54:13.0010 5348 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:54:13.0057 5348 HomeGroupListener - ok
16:54:13.0088 5348 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:54:13.0119 5348 HomeGroupProvider - ok
16:54:13.0213 5348 [ 08457D8F8149757C70CEA59C71EC5D27 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:54:13.0228 5348 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:54:13.0228 5348 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:54:13.0259 5348 [ 75CC8C5146A3FB76221A7606628778D5 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:54:13.0275 5348 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:54:13.0275 5348 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:54:13.0291 5348 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:54:13.0322 5348 HpSAMD - ok
16:54:13.0369 5348 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:54:13.0415 5348 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:54:13.0415 5348 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:54:13.0478 5348 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:54:13.0540 5348 HTTP - ok
16:54:13.0556 5348 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:54:13.0556 5348 hwpolicy - ok
16:54:13.0587 5348 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:54:13.0618 5348 i8042prt - ok
16:54:13.0649 5348 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:54:13.0665 5348 iaStor - ok
16:54:13.0712 5348 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:54:13.0727 5348 IAStorDataMgrSvc - ok
16:54:13.0743 5348 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:54:13.0790 5348 iaStorV - ok
16:54:13.0837 5348 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:54:13.0930 5348 idsvc - ok
16:54:13.0961 5348 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:54:13.0977 5348 iirsp - ok
16:54:14.0055 5348 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:54:14.0117 5348 IKEEXT - ok
16:54:14.0164 5348 [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:54:14.0211 5348 IntcAzAudAddService - ok
16:54:14.0211 5348 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:54:14.0258 5348 IntcDAud - ok
16:54:14.0289 5348 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:54:14.0305 5348 intelide - ok
16:54:14.0336 5348 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:54:14.0367 5348 intelppm - ok
16:54:14.0398 5348 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:54:14.0445 5348 IPBusEnum - ok
16:54:14.0476 5348 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:54:14.0539 5348 IpFilterDriver - ok
16:54:14.0585 5348 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:54:14.0632 5348 iphlpsvc - ok
16:54:14.0648 5348 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:54:14.0695 5348 IPMIDRV - ok
16:54:14.0710 5348 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:54:14.0773 5348 IPNAT - ok
16:54:14.0804 5348 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:54:14.0866 5348 IRENUM - ok
16:54:14.0897 5348 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:54:14.0913 5348 isapnp - ok
16:54:14.0929 5348 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:54:14.0960 5348 iScsiPrt - ok
16:54:14.0975 5348 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:54:14.0991 5348 k57nd60a - ok
16:54:15.0007 5348 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:54:15.0022 5348 kbdclass - ok
16:54:15.0053 5348 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:54:15.0085 5348 kbdhid - ok
16:54:15.0100 5348 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:54:15.0116 5348 KeyIso - ok
16:54:15.0131 5348 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:54:15.0147 5348 KSecDD - ok
16:54:15.0178 5348 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:54:15.0209 5348 KSecPkg - ok
16:54:15.0241 5348 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:54:15.0287 5348 ksthunk - ok
16:54:15.0303 5348 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:54:15.0365 5348 KtmRm - ok
16:54:15.0381 5348 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:54:15.0428 5348 LanmanServer - ok
16:54:15.0459 5348 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:54:15.0506 5348 LanmanWorkstation - ok
16:54:15.0537 5348 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:54:15.0584 5348 lltdio - ok
16:54:15.0615 5348 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:54:15.0646 5348 lltdsvc - ok
16:54:15.0677 5348 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:54:15.0724 5348 lmhosts - ok
16:54:15.0740 5348 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:54:15.0771 5348 LSI_FC - ok
16:54:15.0802 5348 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:54:15.0818 5348 LSI_SAS - ok
16:54:15.0833 5348 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:54:15.0849 5348 LSI_SAS2 - ok
16:54:15.0849 5348 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:54:15.0880 5348 LSI_SCSI - ok
16:54:15.0880 5348 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:54:15.0927 5348 luafv - ok
16:54:15.0974 5348 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:54:16.0005 5348 MBAMProtector - ok
16:54:16.0067 5348 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:54:16.0145 5348 MBAMService - ok
16:54:16.0161 5348 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:54:16.0192 5348 Mcx2Svc - ok
16:54:16.0208 5348 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:54:16.0223 5348 megasas - ok
16:54:16.0255 5348 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:54:16.0270 5348 MegaSR - ok
16:54:16.0301 5348 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:54:16.0333 5348 MMCSS - ok
16:54:16.0348 5348 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:54:16.0379 5348 Modem - ok
16:54:16.0395 5348 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:54:16.0426 5348 monitor - ok
16:54:16.0457 5348 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:54:16.0473 5348 mouclass - ok
16:54:16.0489 5348 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:54:16.0520 5348 mouhid - ok
16:54:16.0551 5348 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:54:16.0567 5348 mountmgr - ok
16:54:16.0582 5348 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:54:16.0598 5348 mpio - ok
16:54:16.0598 5348 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:54:16.0629 5348 mpsdrv - ok
16:54:16.0660 5348 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:54:16.0691 5348 MpsSvc - ok
16:54:16.0723 5348 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:54:16.0754 5348 MRxDAV - ok
16:54:16.0769 5348 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:54:16.0816 5348 mrxsmb - ok
16:54:16.0847 5348 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:54:16.0879 5348 mrxsmb10 - ok
16:54:16.0894 5348 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:54:16.0910 5348 mrxsmb20 - ok
16:54:16.0925 5348 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:54:16.0941 5348 msahci - ok
16:54:16.0972 5348 msav - ok
16:54:17.0003 5348 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:54:17.0035 5348 msdsm - ok
16:54:17.0050 5348 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:54:17.0097 5348 MSDTC - ok
16:54:17.0128 5348 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:54:17.0175 5348 Msfs - ok
16:54:17.0175 5348 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:54:17.0222 5348 mshidkmdf - ok
16:54:17.0237 5348 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:54:17.0253 5348 msisadrv - ok
16:54:17.0284 5348 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:54:17.0331 5348 MSiSCSI - ok
16:54:17.0331 5348 msiserver - ok
16:54:17.0362 5348 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:54:17.0393 5348 MSKSSRV - ok
16:54:17.0425 5348 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:54:17.0471 5348 MSPCLOCK - ok
16:54:17.0487 5348 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:54:17.0534 5348 MSPQM - ok
16:54:17.0565 5348 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:54:17.0581 5348 MsRPC - ok
16:54:17.0612 5348 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:54:17.0612 5348 mssmbios - ok
16:54:17.0643 5348 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:54:17.0690 5348 MSTEE - ok
16:54:17.0705 5348 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:54:17.0721 5348 MTConfig - ok
16:54:17.0737 5348 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:54:17.0737 5348 Mup - ok
16:54:17.0799 5348 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:54:17.0877 5348 napagent - ok
16:54:17.0893 5348 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:54:17.0924 5348 NativeWifiP - ok
16:54:18.0002 5348 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:54:18.0033 5348 NDIS - ok
16:54:18.0064 5348 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:54:18.0095 5348 NdisCap - ok
16:54:18.0127 5348 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:54:18.0158 5348 NdisTapi - ok
16:54:18.0189 5348 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:54:18.0251 5348 Ndisuio - ok
16:54:18.0298 5348 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:54:18.0361 5348 NdisWan - ok
16:54:18.0407 5348 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:54:18.0470 5348 NDProxy - ok
16:54:18.0501 5348 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:54:18.0501 5348 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:54:18.0501 5348 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:54:18.0517 5348 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:54:18.0579 5348 NetBIOS - ok
16:54:18.0595 5348 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:54:18.0657 5348 NetBT - ok
16:54:18.0673 5348 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:54:18.0704 5348 Netlogon - ok
16:54:18.0751 5348 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:54:18.0797 5348 Netman - ok
16:54:18.0829 5348 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:54:18.0891 5348 netprofm - ok
16:54:18.0922 5348 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:54:19.0078 5348 NetTcpPortSharing - ok
16:54:19.0125 5348 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:54:19.0156 5348 nfrd960 - ok
16:54:19.0172 5348 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:54:19.0219 5348 NlaSvc - ok
16:54:19.0234 5348 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:54:19.0265 5348 Npfs - ok
16:54:19.0281 5348 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:54:19.0328 5348 nsi - ok
16:54:19.0343 5348 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:54:19.0406 5348 nsiproxy - ok
16:54:19.0468 5348 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:54:19.0499 5348 Ntfs - ok
16:54:19.0515 5348 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:54:19.0562 5348 Null - ok
16:54:19.0593 5348 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:54:19.0609 5348 NVHDA - ok
16:54:20.0810 5348 [ FE625499F48A992FCB0B676F08833FFC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:54:20.0950 5348 nvlddmkm - ok
16:54:20.0997 5348 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:54:21.0028 5348 nvraid - ok
16:54:21.0044 5348 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:54:21.0059 5348 nvstor - ok
16:54:21.0091 5348 [ D2755AFEF371FADCFC5D9B83DCD4F4D4 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:54:21.0122 5348 nvsvc - ok
16:54:21.0153 5348 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:54:21.0200 5348 nv_agp - ok
16:54:21.0200 5348 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:54:21.0231 5348 ohci1394 - ok
16:54:21.0262 5348 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:54:21.0309 5348 ose - ok
16:54:21.0325 5348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:54:21.0356 5348 p2pimsvc - ok
16:54:21.0371 5348 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:54:21.0403 5348 p2psvc - ok
16:54:21.0418 5348 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:54:21.0449 5348 Parport - ok
16:54:21.0465 5348 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:54:21.0481 5348 partmgr - ok
16:54:21.0481 5348 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:54:21.0512 5348 PcaSvc - ok
16:54:21.0527 5348 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:54:21.0543 5348 pci - ok
16:54:21.0574 5348 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:54:21.0715 5348 pciide - ok
16:54:21.0730 5348 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:54:21.0761 5348 pcmcia - ok
16:54:21.0761 5348 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:54:21.0793 5348 pcw - ok
16:54:21.0808 5348 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:54:21.0855 5348 PEAUTH - ok
16:54:21.0980 5348 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:54:22.0027 5348 PerfHost - ok
16:54:22.0058 5348 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:54:22.0105 5348 pla - ok
16:54:22.0151 5348 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:54:22.0214 5348 PlugPlay - ok
16:54:22.0354 5348 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
16:54:22.0401 5348 PMBDeviceInfoProvider - ok
16:54:22.0448 5348 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:54:22.0463 5348 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:54:22.0463 5348 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:54:22.0479 5348 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:54:22.0495 5348 PNRPAutoReg - ok
16:54:22.0495 5348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:54:22.0510 5348 PNRPsvc - ok
16:54:22.0526 5348 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:54:22.0573 5348 PolicyAgent - ok
16:54:22.0635 5348 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:54:22.0697 5348 Power - ok
16:54:22.0729 5348 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:54:22.0791 5348 PptpMiniport - ok
16:54:22.0807 5348 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:54:22.0838 5348 Processor - ok
16:54:22.0853 5348 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:54:22.0885 5348 ProfSvc - ok
16:54:22.0885 5348 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:54:22.0900 5348 ProtectedStorage - ok
16:54:22.0931 5348 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:54:22.0978 5348 Psched - ok
16:54:23.0025 5348 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:54:23.0041 5348 PxHlpa64 - ok
16:54:23.0072 5348 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:54:23.0134 5348 ql2300 - ok
16:54:23.0134 5348 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:54:23.0165 5348 ql40xx - ok
16:54:23.0228 5348 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:54:23.0259 5348 QWAVE - ok
16:54:23.0275 5348 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:54:23.0306 5348 QWAVEdrv - ok
16:54:23.0321 5348 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:54:23.0368 5348 RasAcd - ok
16:54:23.0399 5348 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:54:23.0462 5348 RasAgileVpn - ok
16:54:23.0477 5348 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:54:23.0509 5348 RasAuto - ok
16:54:23.0540 5348 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:54:23.0571 5348 Rasl2tp - ok
16:54:23.0602 5348 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:54:23.0649 5348 RasMan - ok
16:54:23.0665 5348 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:54:23.0696 5348 RasPppoe - ok
16:54:23.0711 5348 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:54:23.0758 5348 RasSstp - ok
16:54:23.0805 5348 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:54:23.0867 5348 rdbss - ok
16:54:23.0883 5348 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:54:23.0899 5348 rdpbus - ok
16:54:23.0930 5348 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:54:23.0992 5348 RDPCDD - ok
16:54:24.0008 5348 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:54:24.0039 5348 RDPENCDD - ok
16:54:24.0070 5348 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:54:24.0117 5348 RDPREFMP - ok
16:54:24.0133 5348 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:54:24.0195 5348 RDPWD - ok
16:54:24.0211 5348 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:54:24.0242 5348 rdyboost - ok
16:54:24.0257 5348 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:54:24.0304 5348 RemoteAccess - ok
16:54:24.0335 5348 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:54:24.0382 5348 RemoteRegistry - ok
16:54:24.0585 5348 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
16:54:24.0647 5348 RoxMediaDB10 - ok
16:54:24.0663 5348 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:54:24.0694 5348 RpcEptMapper - ok
16:54:24.0725 5348 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:54:24.0741 5348 RpcLocator - ok
16:54:24.0772 5348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:54:24.0803 5348 RpcSs - ok
16:54:24.0835 5348 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:54:24.0897 5348 rspndr - ok
16:54:24.0913 5348 RxFilter - ok
16:54:24.0913 5348 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:54:24.0944 5348 SamSs - ok
16:54:24.0959 5348 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:54:24.0991 5348 sbp2port - ok
16:54:25.0084 5348 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:54:25.0115 5348 SBSDWSCService - ok
16:54:25.0162 5348 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:54:25.0225 5348 SCardSvr - ok
16:54:25.0240 5348 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:54:25.0287 5348 scfilter - ok
16:54:25.0349 5348 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:54:25.0412 5348 Schedule - ok
16:54:25.0443 5348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:54:25.0474 5348 SCPolicySvc - ok
16:54:25.0490 5348 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:54:25.0505 5348 SDRSVC - ok
16:54:25.0537 5348 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:54:25.0568 5348 secdrv - ok
16:54:25.0599 5348 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:54:25.0630 5348 seclogon - ok
16:54:25.0661 5348 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:54:25.0739 5348 SENS - ok
16:54:25.0755 5348 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:54:25.0771 5348 SensrSvc - ok
16:54:25.0786 5348 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:54:25.0833 5348 Serenum - ok
16:54:25.0849 5348 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:54:25.0864 5348 Serial - ok
16:54:25.0880 5348 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:54:25.0895 5348 sermouse - ok
16:54:25.0927 5348 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:54:25.0958 5348 SessionEnv - ok
16:54:25.0989 5348 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:54:26.0005 5348 sffdisk - ok
16:54:26.0020 5348 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:54:26.0051 5348 sffp_mmc - ok
16:54:26.0067 5348 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:54:26.0083 5348 sffp_sd - ok
16:54:26.0098 5348 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:54:26.0114 5348 sfloppy - ok
16:54:26.0285 5348 [ 74EC60E20516AAA573BE74F31175270F ] SftService c:\program files (x86)\dell datasafe local backup\sftservice.EXE
16:54:26.0332 5348 SftService - ok
16:54:26.0410 5348 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:54:26.0457 5348 SharedAccess - ok
16:54:26.0488 5348 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:54:26.0551 5348 ShellHWDetection - ok
16:54:26.0566 5348 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:54:26.0582 5348 SiSRaid2 - ok
16:54:26.0597 5348 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:54:26.0613 5348 SiSRaid4 - ok
16:54:26.0644 5348 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:54:26.0675 5348 Smb - ok
16:54:26.0738 5348 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:54:26.0769 5348 SNMPTRAP - ok
16:54:26.0769 5348 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:54:26.0785 5348 spldr - ok
16:54:26.0816 5348 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:54:26.0863 5348 Spooler - ok
16:54:27.0128 5348 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:54:27.0221 5348 sppsvc - ok
16:54:27.0237 5348 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:54:27.0284 5348 sppuinotify - ok
16:54:27.0346 5348 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:54:27.0393 5348 sprtsvc_DellSupportCenter - ok
16:54:27.0424 5348 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:54:27.0471 5348 srv - ok
16:54:27.0487 5348 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:54:27.0502 5348 srv2 - ok
16:54:27.0502 5348 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:54:27.0533 5348 srvnet - ok
16:54:27.0549 5348 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:54:27.0596 5348 SSDPSRV - ok
16:54:27.0611 5348 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:54:27.0643 5348 SstpSvc - ok
16:54:27.0658 5348 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:54:27.0674 5348 stexstor - ok
16:54:27.0705 5348 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:54:27.0736 5348 StillCam - ok
16:54:27.0767 5348 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:54:27.0830 5348 stisvc - ok
16:54:27.0861 5348 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:54:27.0892 5348 stllssvr - ok
16:54:27.0939 5348 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:54:27.0970 5348 swenum - ok
16:54:27.0986 5348 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:54:28.0017 5348 swprv - ok
16:54:28.0064 5348 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:54:28.0111 5348 SysMain - ok
16:54:28.0126 5348 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:54:28.0142 5348 TabletInputService - ok
16:54:28.0173 5348 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:54:28.0204 5348 TapiSrv - ok
16:54:28.0235 5348 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:54:28.0267 5348 TBS - ok
16:54:28.0345 5348 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:54:28.0391 5348 Tcpip - ok
16:54:28.0423 5348 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:54:28.0454 5348 TCPIP6 - ok
16:54:28.0501 5348 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:54:28.0532 5348 tcpipreg - ok
16:54:28.0547 5348 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:54:28.0594 5348 TDPIPE - ok
16:54:28.0610 5348 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:54:28.0625 5348 TDTCP - ok
16:54:28.0657 5348 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:54:28.0688 5348 tdx - ok
16:54:28.0719 5348 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:54:28.0735 5348 TermDD - ok
16:54:28.0766 5348 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:54:28.0813 5348 TermService - ok
16:54:28.0828 5348 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:54:28.0859 5348 Themes - ok
16:54:28.0875 5348 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:54:28.0906 5348 THREADORDER - ok
16:54:28.0922 5348 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:54:28.0969 5348 TrkWks - ok
16:54:29.0000 5348 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:54:29.0062 5348 TrustedInstaller - ok
16:54:29.0078 5348 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:54:29.0109 5348 tssecsrv - ok
16:54:29.0171 5348 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:54:29.0312 5348 TsUsbFlt - ok
16:54:29.0359 5348 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:54:29.0405 5348 tunnel - ok
16:54:29.0437 5348 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:54:29.0452 5348 uagp35 - ok
16:54:29.0483 5348 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:54:29.0546 5348 udfs - ok
16:54:29.0561 5348 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:54:29.0561 5348 UI0Detect - ok
16:54:29.0593 5348 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:54:29.0608 5348 uliagpkx - ok
16:54:29.0733 5348 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:54:29.0780 5348 umbus - ok
16:54:29.0811 5348 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:54:29.0858 5348 UmPass - ok
16:54:29.0920 5348 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:54:30.0014 5348 upnphost - ok
16:54:30.0123 5348 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:54:30.0201 5348 usbccgp - ok
16:54:30.0373 5348 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:54:30.0419 5348 usbcir - ok
16:54:30.0497 5348 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:54:30.0560 5348 usbehci - ok
16:54:30.0700 5348 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:54:30.0747 5348 usbhub - ok
16:54:30.0778 5348 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:54:30.0809 5348 usbohci - ok
16:54:30.0872 5348 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:54:30.0903 5348 usbprint - ok
16:54:30.0934 5348 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:54:30.0997 5348 USBSTOR - ok
16:54:31.0012 5348 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:54:31.0043 5348 usbuhci - ok
16:54:31.0075 5348 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:54:31.0137 5348 UxSms - ok
16:54:31.0153 5348 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:54:31.0153 5348 VaultSvc - ok
16:54:31.0184 5348 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:54:31.0215 5348 vdrvroot - ok
16:54:31.0246 5348 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:54:31.0293 5348 vds - ok
16:54:31.0324 5348 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:54:31.0371 5348 vga - ok
16:54:31.0387 5348 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:54:31.0433 5348 VgaSave - ok
16:54:31.0480 5348 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:54:31.0511 5348 vhdmp - ok
16:54:31.0543 5348 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:54:31.0558 5348 viaide - ok
16:54:31.0574 5348 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:54:31.0589 5348 volmgr - ok
16:54:31.0636 5348 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:54:31.0652 5348 volmgrx - ok
16:54:31.0699 5348 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:54:31.0730 5348 volsnap - ok
16:54:31.0761 5348 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:54:31.0777 5348 vsmraid - ok
16:54:32.0026 5348 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:54:32.0104 5348 VSS - ok
16:54:32.0182 5348 [ 10B2E2FCA707501600D1DEAB1B71F699 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
16:54:32.0198 5348 vToolbarUpdater15.0.0 - ok
16:54:32.0213 5348 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:54:32.0245 5348 vwifibus - ok
16:54:32.0276 5348 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:54:32.0307 5348 W32Time - ok
16:54:32.0323 5348 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:54:32.0354 5348 WacomPen - ok
16:54:32.0385 5348 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:54:32.0432 5348 WANARP - ok
16:54:32.0447 5348 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:54:32.0463 5348 Wanarpv6 - ok
16:54:32.0525 5348 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:54:32.0650 5348 WatAdminSvc - ok
16:54:32.0728 5348 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:54:32.0791 5348 wbengine - ok
16:54:32.0791 5348 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:54:32.0806 5348 WbioSrvc - ok
16:54:32.0837 5348 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:54:32.0884 5348 wcncsvc - ok
16:54:32.0884 5348 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:54:32.0900 5348 WcsPlugInService - ok
16:54:32.0915 5348 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:54:32.0947 5348 Wd - ok
16:54:32.0962 5348 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:54:32.0993 5348 Wdf01000 - ok
16:54:33.0009 5348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:54:33.0087 5348 WdiServiceHost - ok
16:54:33.0087 5348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:54:33.0103 5348 WdiSystemHost - ok
16:54:33.0149 5348 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:54:33.0212 5348 WebClient - ok
16:54:33.0243 5348 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:54:33.0290 5348 Wecsvc - ok
16:54:33.0305 5348 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:54:33.0368 5348 wercplsupport - ok
16:54:33.0399 5348 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:54:33.0446 5348 WerSvc - ok
16:54:33.0461 5348 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:54:33.0493 5348 WfpLwf - ok
16:54:33.0524 5348 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:54:33.0571 5348 WimFltr - ok
16:54:33.0586 5348 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:54:33.0602 5348 WIMMount - ok
16:54:33.0617 5348 WinDefend - ok
16:54:33.0633 5348 WinHttpAutoProxySvc - ok
16:54:33.0820 5348 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:54:33.0867 5348 Winmgmt - ok
16:54:33.0929 5348 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:54:34.0007 5348 WinRM - ok
16:54:34.0039 5348 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:54:34.0085 5348 WinUsb - ok
16:54:34.0101 5348 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:54:34.0148 5348 Wlansvc - ok
16:54:34.0163 5348 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:54:34.0179 5348 WmiAcpi - ok
16:54:34.0210 5348 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:54:34.0226 5348 wmiApSrv - ok
16:54:34.0257 5348 WMPNetworkSvc - ok
16:54:34.0273 5348 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:54:34.0288 5348 WPCSvc - ok
16:54:34.0319 5348 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:54:34.0335 5348 WPDBusEnum - ok
16:54:34.0366 5348 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:54:34.0397 5348 ws2ifsl - ok
16:54:34.0413 5348 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:54:34.0460 5348 wscsvc - ok
16:54:34.0491 5348 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:54:34.0538 5348 WSDPrintDevice - ok
16:54:34.0538 5348 WSearch - ok
16:54:34.0585 5348 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:54:34.0616 5348 wuauserv - ok
16:54:34.0631 5348 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:54:34.0678 5348 WudfPf - ok
16:54:34.0709 5348 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:54:34.0725 5348 WUDFRd - ok
16:54:34.0756 5348 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:54:34.0772 5348 wudfsvc - ok
16:54:34.0803 5348 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:54:34.0834 5348 WwanSvc - ok
16:54:34.0850 5348 ================ Scan global ===============================
16:54:34.0881 5348 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:54:34.0912 5348 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:54:34.0912 5348 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:54:34.0959 5348 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:54:34.0990 5348 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:54:34.0990 5348 [Global] - ok
16:54:34.0990 5348 ================ Scan MBR ==================================
16:54:35.0021 5348 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
16:54:36.0769 5348 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:54:36.0769 5348 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:54:36.0769 5348 ================ Scan VBR ==================================
16:54:36.0784 5348 [ 50648D9AF3FF346A6C96CE2D6962622B ] \Device\Harddisk0\DR0\Partition1
16:54:36.0784 5348 \Device\Harddisk0\DR0\Partition1 - ok
16:54:36.0800 5348 [ 2CD10363DB7AE291B5BC3CFB0B095744 ] \Device\Harddisk0\DR0\Partition2
16:54:36.0800 5348 \Device\Harddisk0\DR0\Partition2 - ok
16:54:36.0800 5348 ================ Scan active images ========================
16:54:36.0800 5348 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
16:54:36.0800 5348 C:\Windows\System32\drivers\crashdmp.sys - ok
16:54:36.0815 5348 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
16:54:36.0815 5348 C:\Windows\System32\drivers\dumpfve.sys - ok
16:54:36.0815 5348 [ 631FA8935163B01FC0C02966CB3ADB92 ] C:\Windows\System32\drivers\iaStor.sys
16:54:36.0815 5348 C:\Windows\System32\drivers\iaStor.sys - ok
16:54:36.0815 5348 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
16:54:36.0815 5348 C:\Windows\System32\drivers\cdrom.sys - ok
16:54:36.0815 5348 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
16:54:36.0815 5348 C:\Windows\System32\drivers\beep.sys - ok
16:54:36.0815 5348 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
16:54:36.0815 5348 C:\Windows\System32\drivers\null.sys - ok
16:54:36.0815 5348 [ 4A175D2D30D31F7DF46F09B9A108E089 ] C:\Windows\System32\drivers\avgtpx64.sys
16:54:36.0815 5348 C:\Windows\System32\drivers\avgtpx64.sys - ok
16:54:36.0831 5348 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
16:54:36.0831 5348 C:\Windows\System32\drivers\RDPCDD.sys - ok
16:54:36.0831 5348 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
16:54:36.0831 5348 C:\Windows\System32\drivers\RDPENCDD.sys - ok
16:54:36.0831 5348 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
16:54:36.0831 5348 C:\Windows\System32\drivers\RDPREFMP.sys - ok
16:54:36.0831 5348 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
16:54:36.0831 5348 C:\Windows\System32\drivers\vga.sys - ok
16:54:36.0847 5348 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
16:54:36.0847 5348 C:\Windows\System32\drivers\videoprt.sys - ok
16:54:36.0847 5348 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
16:54:36.0847 5348 C:\Windows\System32\drivers\watchdog.sys - ok
16:54:36.0847 5348 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
16:54:36.0847 5348 C:\Windows\System32\drivers\msfs.sys - ok
16:54:36.0847 5348 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
16:54:36.0847 5348 C:\Windows\System32\drivers\npfs.sys - ok
16:54:36.0847 5348 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
16:54:36.0847 5348 C:\Windows\System32\drivers\tdi.sys - ok
16:54:36.0847 5348 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
16:54:36.0847 5348 C:\Windows\System32\drivers\tdx.sys - ok
16:54:36.0862 5348 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
16:54:36.0862 5348 C:\Windows\System32\drivers\afd.sys - ok
16:54:36.0862 5348 [ 71309F30D4F4565EC611FE3FC33A3A0F ] C:\Windows\System32\drivers\avgtdia.sys
16:54:36.0862 5348 C:\Windows\System32\drivers\avgtdia.sys - ok
16:54:36.0862 5348 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
16:54:36.0862 5348 C:\Windows\System32\drivers\netbt.sys - ok
16:54:36.0862 5348 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
16:54:36.0862 5348 C:\Windows\System32\drivers\pacer.sys - ok
16:54:36.0862 5348 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
16:54:36.0862 5348 C:\Windows\System32\drivers\wfplwf.sys - ok
16:54:36.0878 5348 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
16:54:36.0878 5348 C:\Windows\System32\drivers\blbdrive.sys - ok
16:54:36.0878 5348 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
16:54:36.0878 5348 C:\Windows\System32\drivers\dfsc.sys - ok
16:54:36.0878 5348 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
16:54:36.0878 5348 C:\Windows\System32\drivers\discache.sys - ok
16:54:36.0878 5348 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
16:54:36.0878 5348 C:\Windows\System32\drivers\mssmbios.sys - ok
16:54:36.0878 5348 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
16:54:36.0878 5348 C:\Windows\System32\drivers\netbios.sys - ok
16:54:36.0893 5348 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
16:54:36.0893 5348 C:\Windows\System32\drivers\nsiproxy.sys - ok
16:54:36.0893 5348 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
16:54:36.0893 5348 C:\Windows\System32\drivers\rdbss.sys - ok
16:54:36.0893 5348 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
16:54:36.0893 5348 C:\Windows\System32\drivers\termdd.sys - ok
16:54:36.0893 5348 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
16:54:36.0893 5348 C:\Windows\System32\drivers\wanarp.sys - ok
16:54:36.0893 5348 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] C:\Windows\System32\drivers\avgldx64.sys
16:54:36.0893 5348 C:\Windows\System32\drivers\avgldx64.sys - ok
16:54:36.0909 5348 [ AC6CB348F67B6B1B75C0EFB8927A8B03 ] C:\Windows\System32\drivers\avgidsdrivera.sys
16:54:36.0909 5348 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
16:54:36.0909 5348 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
16:54:36.0909 5348 C:\Windows\System32\drivers\tunnel.sys - ok
16:54:36.0909 5348 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
16:54:36.0909 5348 C:\Windows\System32\drivers\intelppm.sys - ok
16:54:36.0909 5348 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
16:54:36.0909 5348 C:\Windows\System32\ntdll.dll - ok
16:54:36.0909 5348 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
16:54:36.0909 5348 C:\Windows\System32\smss.exe - ok
16:54:36.0925 5348 [ 378E87983EC3570F66884D93D6FEC854 ] C:\Windows\System32\drivers\nvBridge.kmd
16:54:36.0925 5348 C:\Windows\System32\drivers\nvBridge.kmd - ok
16:54:36.0925 5348 [ FE625499F48A992FCB0B676F08833FFC ] C:\Windows\System32\drivers\nvlddmkm.sys
16:54:36.0925 5348 C:\Windows\System32\drivers\nvlddmkm.sys - ok
16:54:36.0925 5348 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
16:54:36.0925 5348 C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:54:36.0925 5348 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
16:54:36.0925 5348 C:\Windows\System32\drivers\dxgmms1.sys - ok
16:54:36.0925 5348 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
16:54:36.0925 5348 C:\Windows\System32\drivers\hdaudbus.sys - ok
16:54:36.0925 5348 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
16:54:36.0925 5348 C:\Windows\System32\drivers\HECIx64.sys - ok
16:54:36.0940 5348 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
16:54:36.0940 5348 C:\Windows\System32\drivers\usbehci.sys - ok
16:54:36.0940 5348 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
16:54:36.0940 5348 C:\Windows\System32\drivers\usbport.sys - ok
16:54:36.0940 5348 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
16:54:36.0940 5348 C:\Windows\System32\drivers\1394ohci.sys - ok
16:54:36.0940 5348 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] C:\Windows\System32\drivers\k57nd60a.sys
16:54:36.0940 5348 C:\Windows\System32\drivers\k57nd60a.sys - ok
16:54:36.0940 5348 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
16:54:36.0940 5348 C:\Windows\System32\drivers\CompositeBus.sys - ok
16:54:36.0956 5348 [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
16:54:36.0956 5348 C:\Windows\System32\drivers\serscan.sys - ok
16:54:36.0956 5348 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
16:54:36.0956 5348 C:\Windows\System32\drivers\ks.sys - ok
16:54:36.0956 5348 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
16:54:36.0956 5348 C:\Windows\System32\drivers\ksthunk.sys - ok
16:54:36.0956 5348 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
16:54:36.0956 5348 C:\Windows\System32\drivers\agilevpn.sys - ok
16:54:36.0971 5348 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
16:54:36.0971 5348 C:\Windows\System32\drivers\rasl2tp.sys - ok
16:54:36.0971 5348 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
16:54:36.0971 5348 C:\Windows\System32\drivers\ndistapi.sys - ok
16:54:36.0971 5348 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
16:54:36.0971 5348 C:\Windows\System32\drivers\ndiswan.sys - ok
16:54:36.0971 5348 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
16:54:36.0971 5348 C:\Windows\System32\drivers\raspppoe.sys - ok
16:54:36.0971 5348 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
16:54:36.0971 5348 C:\Windows\System32\drivers\raspptp.sys - ok
16:54:36.0987 5348 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
16:54:36.0987 5348 C:\Windows\System32\drivers\kbdclass.sys - ok
16:54:36.0987 5348 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
16:54:36.0987 5348 C:\Windows\System32\drivers\rassstp.sys - ok
16:54:36.0987 5348 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
16:54:36.0987 5348 C:\Windows\System32\drivers\mouclass.sys - ok
16:54:36.0987 5348 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
16:54:36.0987 5348 C:\Windows\System32\drivers\swenum.sys - ok
16:54:36.0987 5348 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
16:54:36.0987 5348 C:\Windows\System32\drivers\umbus.sys - ok
16:54:37.0003 5348 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
16:54:37.0003 5348 C:\Windows\System32\drivers\usbhub.sys - ok
16:54:37.0003 5348 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
16:54:37.0003 5348 C:\Windows\System32\drivers\ndproxy.sys - ok
16:54:37.0003 5348 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
16:54:37.0003 5348 C:\Windows\System32\drivers\drmk.sys - ok
16:54:37.0003 5348 [ AD37248BD442D41C9A896E53EB8A85EE ] C:\Windows\System32\drivers\nvhda64v.sys
16:54:37.0003 5348 C:\Windows\System32\drivers\nvhda64v.sys - ok
16:54:37.0003 5348 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
16:54:37.0003 5348 C:\Windows\System32\drivers\portcls.sys - ok
16:54:37.0003 5348 [ EE64207F2F5C20BFE5F73DB2566C4601 ] C:\Windows\System32\drivers\RTKVHD64.sys
16:54:37.0003 5348 C:\Windows\System32\drivers\RTKVHD64.sys - ok
16:54:37.0018 5348 [ 49072EDBC5C2F964917D1B585C90ED0A ] C:\Windows\System32\drivers\IntcDAud.sys
16:54:37.0018 5348 C:\Windows\System32\drivers\IntcDAud.sys - ok
16:54:37.0018 5348 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
16:54:37.0018 5348 C:\Windows\System32\drivers\hidclass.sys - ok
16:54:37.0018 5348 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
16:54:37.0018 5348 C:\Windows\System32\drivers\hidparse.sys - ok
16:54:37.0018 5348 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
16:54:37.0018 5348 C:\Windows\System32\drivers\hidusb.sys - ok
16:54:37.0018 5348 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
16:54:37.0018 5348 C:\Windows\System32\drivers\usbccgp.sys - ok
16:54:37.0034 5348 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
16:54:37.0034 5348 C:\Windows\System32\drivers\usbd.sys - ok
16:54:37.0034 5348 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
16:54:37.0034 5348 C:\Windows\System32\drivers\kbdhid.sys - ok
16:54:37.0034 5348 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
16:54:37.0034 5348 C:\Windows\System32\drivers\mouhid.sys - ok
16:54:37.0034 5348 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
16:54:37.0034 5348 C:\Windows\System32\autochk.exe - ok
16:54:37.0049 5348 [ 609A10F7A24068878C352F17972DA271 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
16:54:37.0049 5348 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
16:54:37.0049 5348 [ 3D084E8CE612C0CD86CDE2A34B65178A ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
16:54:37.0049 5348 C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
16:54:37.0049 5348 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
16:54:37.0049 5348 C:\Windows\System32\drivers\USBSTOR.SYS - ok
16:54:37.0049 5348 [ B988968C8E5A6832CDDF05A74601CF7C ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
16:54:37.0049 5348 C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
16:54:37.0049 5348 [ 323336FB1DA273A0715844BC695951A0 ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
16:54:37.0049 5348 C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
16:54:37.0065 5348 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
16:54:37.0065 5348 C:\Windows\System32\drivers\cdfs.sys - ok
16:54:37.0065 5348 [ ACD54034607EEE42DDBCB0D01E5CB0D1 ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll
16:54:37.0065 5348 C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok
16:54:37.0065 5348 [ 4B969AA85CDE4FB9FBCA5F99A66C507B ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll
16:54:37.0065 5348 C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok
16:54:37.0065 5348 [ 55DED6BDA026AEBEAB1FDA6E32D9F5B5 ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll
16:54:37.0065 5348 C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok
16:54:37.0065 5348 [ 2B6E0DA1EC603AD25325BA8AFBA30114 ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
16:54:37.0065 5348 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
16:54:37.0081 5348 [ 1246622F1CEF77970B74D85824F1473E ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
16:54:37.0081 5348 C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
16:54:37.0081 5348 [ FBAB2291C341B54A1406A889B7549E84 ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
16:54:37.0081 5348 C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
16:54:37.0081 5348 [ 84A4EE57462C8483AAE3F1DF2D82F4ED ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
16:54:37.0081 5348 C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
16:54:37.0081 5348 [ 94F3CB15584B015CD8FDB3FDBAD8DC98 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
16:54:37.0081 5348 C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
16:54:37.0096 5348 [ 9A94644E2A9890FC9A7EE961057FFBA1 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
16:54:37.0096 5348 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
16:54:37.0096 5348 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
16:54:37.0096 5348 C:\Windows\System32\setupapi.dll - ok
16:54:37.0096 5348 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
16:54:37.0096 5348 C:\Windows\System32\shlwapi.dll - ok
16:54:37.0096 5348 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
16:54:37.0096 5348 C:\Windows\System32\msvcrt.dll - ok
16:54:37.0096 5348 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
16:54:37.0096 5348 C:\Windows\System32\ws2_32.dll - ok
16:54:37.0112 5348 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
16:54:37.0112 5348 C:\Windows\System32\clbcatq.dll - ok
16:54:37.0112 5348 [ 47A26995DB61FB5B3B54026C26A7A998 ] C:\Windows\System32\urlmon.dll
16:54:37.0112 5348 C:\Windows\System32\urlmon.dll - ok
16:54:37.0112 5348 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
16:54:37.0112 5348 C:\Windows\System32\normaliz.dll - ok
16:54:37.0112 5348 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
16:54:37.0112 5348 C:\Windows\System32\oleaut32.dll - ok
16:54:37.0127 5348 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
16:54:37.0127 5348 C:\Windows\System32\usp10.dll - ok
16:54:37.0127 5348 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
16:54:37.0127 5348 C:\Windows\System32\difxapi.dll - ok
16:54:37.0127 5348 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
16:54:37.0127 5348 C:\Windows\System32\msctf.dll - ok
16:54:37.0127 5348 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
16:54:37.0127 5348 C:\Windows\System32\ole32.dll - ok
16:54:37.0127 5348 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
16:54:37.0127 5348 C:\Windows\System32\sechost.dll - ok
16:54:37.0143 5348 [ 3671DB654F8DD9D662F7713D1A666EC3 ] C:\Windows\System32\iertutil.dll
16:54:37.0143 5348 C:\Windows\System32\iertutil.dll - ok
16:54:37.0143 5348 [ 7EA5274E1688339A72C152438F5BBE80 ] C:\Windows\System32\wininet.dll
16:54:37.0143 5348 C:\Windows\System32\wininet.dll - ok
16:54:37.0143 5348 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
16:54:37.0143 5348 C:\Windows\System32\gdi32.dll - ok
16:54:37.0143 5348 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
16:54:37.0143 5348 C:\Windows\System32\nsi.dll - ok
16:54:37.0143 5348 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
16:54:37.0143 5348 C:\Windows\System32\comdlg32.dll - ok
16:54:37.0159 5348 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
16:54:37.0159 5348 C:\Windows\System32\Wldap32.dll - ok
16:54:37.0159 5348 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
16:54:37.0159 5348 C:\Windows\System32\imagehlp.dll - ok
16:54:37.0159 5348 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
16:54:37.0159 5348 C:\Windows\System32\imm32.dll - ok
16:54:37.0159 5348 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
16:54:37.0159 5348 C:\Windows\System32\kernel32.dll - ok
16:54:37.0159 5348 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
16:54:37.0159 5348 C:\Windows\System32\lpk.dll - ok
16:54:37.0174 5348 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
16:54:37.0174 5348 C:\Windows\System32\psapi.dll - ok
16:54:37.0174 5348 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
16:54:37.0174 5348 C:\Windows\System32\advapi32.dll - ok
16:54:37.0174 5348 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
16:54:37.0174 5348 C:\Windows\System32\shell32.dll - ok
16:54:37.0174 5348 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
16:54:37.0174 5348 C:\Windows\System32\user32.dll - ok
16:54:37.0174 5348 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
16:54:37.0174 5348 C:\Windows\System32\rpcrt4.dll - ok
16:54:37.0190 5348 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
16:54:37.0190 5348 C:\Windows\System32\crypt32.dll - ok
16:54:37.0190 5348 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
16:54:37.0190 5348 C:\Windows\System32\KernelBase.dll - ok
16:54:37.0190 5348 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
16:54:37.0190 5348 C:\Windows\System32\wintrust.dll - ok
16:54:37.0190 5348 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
16:54:37.0190 5348 C:\Windows\System32\cfgmgr32.dll - ok
16:54:37.0190 5348 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
16:54:37.0190 5348 C:\Windows\System32\comctl32.dll - ok
16:54:37.0205 5348 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
16:54:37.0205 5348 C:\Windows\System32\devobj.dll - ok
16:54:37.0205 5348 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
16:54:37.0205 5348 C:\Windows\System32\msasn1.dll - ok
16:54:37.0205 5348 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
16:54:37.0205 5348 C:\Windows\SysWOW64\normaliz.dll - ok
16:54:37.0205 5348 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
16:54:37.0205 5348 C:\Windows\System32\drivers\dxapi.sys - ok
16:54:37.0205 5348 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
16:54:37.0205 5348 C:\Windows\System32\win32k.sys - ok
16:54:37.0221 5348 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
16:54:37.0221 5348 C:\Windows\System32\csrss.exe - ok
16:54:37.0221 5348 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
16:54:37.0221 5348 C:\Windows\System32\csrsrv.dll - ok
16:54:37.0221 5348 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
16:54:37.0221 5348 C:\Windows\System32\basesrv.dll - ok
16:54:37.0221 5348 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
16:54:37.0221 5348 C:\Windows\System32\winsrv.dll - ok
16:54:37.0237 5348 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
16:54:37.0237 5348 C:\Windows\System32\drivers\monitor.sys - ok
16:54:37.0237 5348 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
16:54:37.0237 5348 C:\Windows\System32\tsddd.dll - ok
16:54:37.0237 5348 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
16:54:37.0237 5348 C:\Windows\System32\sxssrv.dll - ok
16:54:37.0237 5348 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
16:54:37.0237 5348 C:\Windows\System32\profapi.dll - ok
16:54:37.0237 5348 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
16:54:37.0237 5348 C:\Windows\System32\wininit.exe - ok
16:54:37.0252 5348 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
16:54:37.0252 5348 C:\Windows\System32\cdd.dll - ok
16:54:37.0252 5348 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
16:54:37.0252 5348 C:\Windows\System32\KBDUS.DLL - ok
16:54:37.0252 5348 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
16:54:37.0252 5348 C:\Windows\System32\RpcRtRemote.dll - ok
16:54:37.0252 5348 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
16:54:37.0252 5348 C:\Windows\System32\sxs.dll - ok
16:54:37.0252 5348 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
16:54:37.0252 5348 C:\Windows\System32\WlS0WndH.dll - ok
16:54:37.0268 5348 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
16:54:37.0268 5348 C:\Windows\System32\cryptbase.dll - ok
16:54:37.0268 5348 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
16:54:37.0268 5348 C:\Windows\System32\apphelp.dll - ok
16:54:37.0268 5348 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
16:54:37.0268 5348 C:\Windows\System32\services.exe - ok
16:54:37.0268 5348 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
16:54:37.0268 5348 C:\Windows\System32\lsass.exe - ok
16:54:37.0268 5348 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
16:54:37.0268 5348 C:\Windows\System32\lsm.exe - ok
16:54:37.0283 5348 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
16:54:37.0283 5348 C:\Windows\System32\scext.dll - ok
16:54:37.0283 5348 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
16:54:37.0283 5348 C:\Windows\System32\secur32.dll - ok
16:54:37.0283 5348 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
16:54:37.0283 5348 C:\Windows\System32\sspicli.dll - ok
16:54:37.0283 5348 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
16:54:37.0283 5348 C:\Windows\System32\sspisrv.dll - ok
16:54:37.0283 5348 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
16:54:37.0283 5348 C:\Windows\System32\lsasrv.dll - ok
16:54:37.0299 5348 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
16:54:37.0299 5348 C:\Windows\System32\samsrv.dll - ok
16:54:37.0299 5348 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
16:54:37.0299 5348 C:\Windows\System32\scesrv.dll - ok
16:54:37.0299 5348 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
16:54:37.0299 5348 C:\Windows\System32\srvcli.dll - ok
16:54:37.0299 5348 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
16:54:37.0299 5348 C:\Windows\System32\sysntfy.dll - ok
16:54:37.0299 5348 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
16:54:37.0299 5348 C:\Windows\System32\wmsgapi.dll - ok
16:54:37.0315 5348 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
16:54:37.0315 5348 C:\Windows\System32\aelupsvc.dll - ok
16:54:37.0315 5348 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
16:54:37.0315 5348 C:\Windows\System32\cryptdll.dll - ok
16:54:37.0315 5348 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
16:54:37.0315 5348 C:\Windows\System32\wevtapi.dll - ok
16:54:37.0315 5348 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
16:54:37.0315 5348 C:\Windows\System32\authz.dll - ok
16:54:37.0315 5348 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
16:54:37.0315 5348 C:\Windows\System32\cngaudit.dll - ok
16:54:37.0330 5348 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
16:54:37.0330 5348 C:\Windows\System32\bcrypt.dll - ok
16:54:37.0330 5348 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
16:54:37.0330 5348 C:\Windows\System32\ncrypt.dll - ok
16:54:37.0330 5348 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
16:54:37.0330 5348 C:\Windows\System32\alg.exe - ok
16:54:37.0330 5348 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
16:54:37.0330 5348 C:\Windows\System32\msprivs.dll - ok
16:54:37.0346 5348 [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
16:54:37.0346 5348 C:\Windows\System32\appidsvc.dll - ok
16:54:37.0346 5348 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
16:54:37.0346 5348 C:\Windows\System32\appinfo.dll - ok
16:54:37.0346 5348 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
16:54:37.0346 5348 C:\Windows\System32\negoexts.dll - ok
16:54:37.0361 5348 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
16:54:37.0361 5348 C:\Windows\System32\netjoin.dll - ok
16:54:37.0361 5348 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
16:54:37.0361 5348 C:\Windows\System32\cryptsp.dll - ok
16:54:37.0361 5348 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
16:54:37.0361 5348 C:\Windows\System32\kerberos.dll - ok
16:54:37.0361 5348 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
16:54:37.0361 5348 C:\Windows\System32\rascfg.dll - ok
16:54:37.0377 5348 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
16:54:37.0377 5348 C:\Windows\System32\version.dll - ok
16:54:37.0377 5348 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
16:54:37.0377 5348 C:\Windows\System32\winlogon.exe - ok
16:54:37.0377 5348 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
16:54:37.0377 5348 C:\Windows\System32\audiosrv.dll - ok
16:54:37.0377 5348 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
16:54:37.0377 5348 C:\Windows\System32\mswsock.dll - ok
16:54:37.0393 5348 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
16:54:37.0393 5348 C:\Windows\System32\winsta.dll - ok
16:54:37.0393 5348 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
16:54:37.0393 5348 C:\Windows\System32\wship6.dll - ok
16:54:37.0393 5348 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
16:54:37.0393 5348 C:\Windows\System32\msv1_0.dll - ok
16:54:37.0393 5348 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
16:54:37.0393 5348 C:\Windows\System32\netlogon.dll - ok
16:54:37.0393 5348 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
16:54:37.0393 5348 C:\Windows\System32\dnsapi.dll - ok
16:54:37.0393 5348 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
16:54:37.0393 5348 C:\Windows\System32\logoncli.dll - ok
16:54:37.0408 5348 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
16:54:37.0408 5348 C:\Windows\System32\AxInstSv.dll - ok
16:54:37.0408 5348 [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
16:54:37.0408 5348 C:\Windows\System32\bdesvc.dll - ok
16:54:37.0408 5348 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
16:54:37.0408 5348 C:\Windows\System32\schannel.dll - ok
16:54:37.0408 5348 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
16:54:37.0408 5348 C:\Windows\System32\BFE.DLL - ok
16:54:37.0408 5348 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
16:54:37.0408 5348 C:\Windows\System32\rsaenh.dll - ok
16:54:37.0424 5348 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
16:54:37.0424 5348 C:\Windows\System32\wdigest.dll - ok
16:54:37.0424 5348 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
16:54:37.0424 5348 C:\Windows\System32\TSpkg.dll - ok
16:54:37.0424 5348 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
16:54:37.0424 5348 C:\Windows\System32\bcryptprimitives.dll - ok
16:54:37.0424 5348 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
16:54:37.0424 5348 C:\Windows\System32\pku2u.dll - ok
16:54:37.0424 5348 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
16:54:37.0424 5348 C:\Windows\System32\qmgr.dll - ok
16:54:37.0424 5348 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
16:54:37.0424 5348 C:\Windows\System32\credssp.dll - ok
16:54:37.0439 5348 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
16:54:37.0439 5348 C:\Windows\System32\efslsaext.dll - ok
16:54:37.0439 5348 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
16:54:37.0439 5348 C:\Windows\System32\browser.dll - ok
16:54:37.0439 5348 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
16:54:37.0439 5348 C:\Windows\System32\bthserv.dll - ok
16:54:37.0439 5348 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
16:54:37.0439 5348 C:\Windows\System32\scecli.dll - ok
16:54:37.0439 5348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
16:54:37.0439 5348 C:\Windows\System32\certprop.dll - ok
16:54:37.0455 5348 [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
16:54:37.0455 5348 C:\Windows\System32\clfs.sys - ok
16:54:37.0455 5348 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
16:54:37.0455 5348 C:\Windows\System32\comres.dll - ok
16:54:37.0455 5348 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
16:54:37.0455 5348 C:\Windows\System32\cryptsvc.dll - ok
16:54:37.0455 5348 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
16:54:37.0455 5348 C:\Windows\System32\oleres.dll - ok
16:54:37.0455 5348 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
16:54:37.0455 5348 C:\Windows\System32\defragsvc.dll - ok
16:54:37.0471 5348 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
16:54:37.0471 5348 C:\Windows\System32\dhcpcore.dll - ok
16:54:37.0471 5348 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
16:54:37.0471 5348 C:\Windows\System32\dot3svc.dll - ok
16:54:37.0471 5348 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
16:54:37.0471 5348 C:\Windows\System32\dps.dll - ok
16:54:37.0471 5348 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
16:54:37.0471 5348 C:\Windows\System32\eapsvc.dll - ok
16:54:37.0471 5348 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
16:54:37.0471 5348 C:\Windows\System32\efssvc.dll - ok
16:54:37.0471 5348 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
16:54:37.0471 5348 C:\Windows\ehome\ehrecvr.exe - ok
16:54:37.0486 5348 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
16:54:37.0486 5348 C:\Windows\ehome\ehsched.exe - ok
16:54:37.0486 5348 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
16:54:37.0486 5348 C:\Windows\System32\wevtsvc.dll - ok
16:54:37.0486 5348 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
16:54:37.0486 5348 C:\Windows\System32\FXSRESM.dll - ok
16:54:37.0486 5348 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
16:54:37.0486 5348 C:\Windows\System32\fdPHost.dll - ok
16:54:37.0486 5348 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
16:54:37.0486 5348 C:\Windows\System32\FDResPub.dll - ok
16:54:37.0502 5348 [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
16:54:37.0502 5348 C:\Windows\System32\drivers\fileinfo.sys - ok
16:54:37.0502 5348 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
16:54:37.0502 5348 C:\Windows\System32\drivers\filetrace.sys - ok
16:54:37.0502 5348 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
16:54:37.0502 5348 C:\Windows\System32\drivers\fltMgr.sys - ok
16:54:37.0502 5348 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
16:54:37.0502 5348 C:\Windows\System32\FntCache.dll - ok
16:54:37.0502 5348 [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
16:54:37.0502 5348 C:\Windows\System32\PresentationHost.exe - ok
16:54:37.0517 5348 [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
16:54:37.0517 5348 C:\Windows\System32\drivers\fsdepends.sys - ok
16:54:37.0517 5348 [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
16:54:37.0517 5348 C:\Windows\System32\drivers\fvevol.sys - ok
16:54:37.0517 5348 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
16:54:37.0517 5348 C:\Windows\System32\gpapi.dll - ok
16:54:37.0517 5348 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
16:54:37.0517 5348 C:\Windows\System32\hidserv.dll - ok
16:54:37.0517 5348 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
16:54:37.0517 5348 C:\Windows\System32\KMSVC.DLL - ok
16:54:37.0533 5348 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
16:54:37.0533 5348 C:\Windows\System32\ListSvc.dll - ok
16:54:37.0533 5348 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
16:54:37.0533 5348 C:\Windows\System32\drivers\http.sys - ok
16:54:37.0533 5348 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
16:54:37.0533 5348 C:\Windows\System32\provsvc.dll - ok
16:54:37.0533 5348 [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
16:54:37.0533 5348 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
16:54:37.0533 5348 [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
16:54:37.0533 5348 C:\Windows\System32\drivers\hwpolicy.sys - ok
16:54:37.0549 5348 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
16:54:37.0549 5348 C:\Windows\System32\IKEEXT.DLL - ok
16:54:37.0549 5348 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
16:54:37.0549 5348 C:\Windows\System32\IPBusEnum.dll - ok
16:54:37.0549 5348 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
16:54:37.0549 5348 C:\Windows\System32\iphlpsvc.dll - ok
16:54:37.0549 5348 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
16:54:37.0549 5348 C:\Windows\System32\drivers\irenum.sys - ok
16:54:37.0549 5348 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
16:54:37.0549 5348 C:\Windows\System32\keyiso.dll - ok
16:54:37.0564 5348 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
16:54:37.0564 5348 C:\Windows\System32\srvsvc.dll - ok
16:54:37.0564 5348 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
16:54:37.0564 5348 C:\Windows\System32\wkssvc.dll - ok
16:54:37.0564 5348 [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
16:54:37.0564 5348 C:\Windows\System32\lltdres.dll - ok
16:54:37.0564 5348 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
16:54:37.0564 5348 C:\Windows\System32\drivers\luafv.sys - ok
16:54:37.0564 5348 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
16:54:37.0564 5348 C:\Windows\System32\lmhsvc.dll - ok
16:54:37.0580 5348 [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
16:54:37.0580 5348 C:\Windows\ehome\ehres.dll - ok
16:54:37.0580 5348 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
16:54:37.0580 5348 C:\Windows\System32\mmcss.dll - ok
16:54:37.0580 5348 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
16:54:37.0580 5348 C:\Windows\System32\drivers\mountmgr.sys - ok
16:54:37.0580 5348 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
16:54:37.0580 5348 C:\Windows\System32\FirewallAPI.dll - ok
16:54:37.0580 5348 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
16:54:37.0580 5348 C:\Windows\System32\WebClnt.dll - ok
16:54:37.0595 5348 [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
16:54:37.0595 5348 C:\Windows\System32\drivers\mshidkmdf.sys - ok
16:54:37.0595 5348 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
16:54:37.0595 5348 C:\Windows\System32\iscsidsc.dll - ok
16:54:37.0595 5348 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
16:54:37.0595 5348 C:\Windows\System32\msimsg.dll - ok
16:54:37.0595 5348 [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
16:54:37.0595 5348 C:\Windows\System32\drivers\mup.sys - ok
16:54:37.0611 5348 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
16:54:37.0611 5348 C:\Windows\System32\QAGENTRT.DLL - ok
16:54:37.0611 5348 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
16:54:37.0611 5348 C:\Windows\System32\drivers\ndis.sys - ok
16:54:37.0611 5348 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
16:54:37.0611 5348 C:\Windows\System32\netman.dll - ok
16:54:37.0611 5348 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
16:54:37.0611 5348 C:\Windows\System32\netprofm.dll - ok
16:54:37.0611 5348 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
16:54:37.0611 5348 C:\Windows\System32\nlasvc.dll - ok
16:54:37.0611 5348 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
16:54:37.0611 5348 C:\Windows\System32\nsisvc.dll - ok
16:54:37.0627 5348 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
16:54:37.0627 5348 C:\Windows\System32\p2psvc.dll - ok
16:54:37.0627 5348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
16:54:37.0627 5348 C:\Windows\System32\pnrpsvc.dll - ok
16:54:37.0627 5348 [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
16:54:37.0627 5348 C:\Windows\System32\drivers\partmgr.sys - ok
16:54:37.0627 5348 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
16:54:37.0627 5348 C:\Windows\System32\pcasvc.dll - ok
16:54:37.0627 5348 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
16:54:37.0627 5348 C:\Windows\System32\pla.dll - ok
16:54:37.0642 5348 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
16:54:37.0642 5348 C:\Windows\System32\umpnpmgr.dll - ok
16:54:37.0642 5348 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
16:54:37.0642 5348 C:\Windows\System32\pnrpauto.dll - ok
16:54:37.0642 5348 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
16:54:37.0642 5348 C:\Windows\System32\polstore.dll - ok
16:54:37.0642 5348 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
16:54:37.0642 5348 C:\Windows\System32\umpo.dll - ok
16:54:37.0642 5348 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
16:54:37.0642 5348 C:\Windows\System32\profsvc.dll - ok
16:54:37.0658 5348 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
16:54:37.0658 5348 C:\Windows\System32\psbase.dll - ok
16:54:37.0658 5348 [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
16:54:37.0658 5348 C:\Windows\System32\qwave.dll - ok
16:54:37.0658 5348 [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
16:54:37.0658 5348 C:\Windows\System32\drivers\qwavedrv.sys - ok
16:54:37.0658 5348 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
16:54:37.0658 5348 C:\Windows\System32\rasauto.dll - ok
16:54:37.0658 5348 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
16:54:37.0658 5348 C:\Windows\System32\rasmans.dll - ok
16:54:37.0658 5348 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
16:54:37.0658 5348 C:\Windows\System32\sstpsvc.dll - ok
16:54:37.0673 5348 [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
16:54:37.0673 5348 C:\Windows\System32\mprdim.dll - ok
16:54:37.0673 5348 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
16:54:37.0673 5348 C:\Windows\System32\regsvc.dll - ok
16:54:37.0673 5348 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
16:54:37.0673 5348 C:\Windows\System32\RpcEpMap.dll - ok
16:54:37.0673 5348 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
16:54:37.0673 5348 C:\Windows\System32\Locator.exe - ok
16:54:37.0673 5348 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
16:54:37.0673 5348 C:\Windows\System32\SCardSvr.dll - ok
16:54:37.0689 5348 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
16:54:37.0689 5348 C:\Windows\System32\drivers\scfilter.sys - ok
16:54:37.0689 5348 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
16:54:37.0689 5348 C:\Windows\System32\schedsvc.dll - ok
16:54:37.0689 5348 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
16:54:37.0689 5348 C:\Windows\System32\sdrsvc.dll - ok
16:54:37.0689 5348 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
16:54:37.0689 5348 C:\Windows\System32\seclogon.dll - ok
16:54:37.0689 5348 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
16:54:37.0689 5348 C:\Windows\System32\Sens.dll - ok
16:54:37.0705 5348 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
16:54:37.0705 5348 C:\Windows\System32\sensrsvc.dll - ok
16:54:37.0705 5348 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
16:54:37.0705 5348 C:\Windows\System32\SessEnv.dll - ok
16:54:37.0705 5348 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
16:54:37.0705 5348 C:\Windows\System32\ipnathlp.dll - ok
16:54:37.0705 5348 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
16:54:37.0705 5348 C:\Windows\System32\shsvcs.dll - ok
16:54:37.0705 5348 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
16:54:37.0705 5348 C:\Windows\System32\tcpipcfg.dll - ok
16:54:37.0705 5348 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
16:54:37.0705 5348 C:\Windows\System32\snmptrap.exe - ok
16:54:37.0720 5348 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
16:54:37.0720 5348 C:\Windows\System32\spoolsv.exe - ok
16:54:37.0720 5348 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
16:54:37.0720 5348 C:\Windows\System32\sppsvc.exe - ok
16:54:37.0720 5348 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
16:54:37.0720 5348 C:\Windows\System32\sppuinotify.dll - ok
16:54:37.0720 5348 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
16:54:37.0720 5348 C:\Windows\System32\ssdpsrv.dll - ok
16:54:37.0720 5348 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
16:54:37.0720 5348 C:\Windows\System32\wiaservc.dll - ok
16:54:37.0736 5348 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
16:54:37.0736 5348 C:\Windows\System32\swprv.dll - ok
16:54:37.0736 5348 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
16:54:37.0736 5348 C:\Windows\System32\sysmain.dll - ok
16:54:37.0736 5348 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
16:54:37.0736 5348 C:\Windows\System32\TabSvc.dll - ok
16:54:37.0736 5348 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
16:54:37.0736 5348 C:\Windows\System32\tapisrv.dll - ok
16:54:37.0736 5348 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
16:54:37.0736 5348 C:\Windows\System32\tbssvc.dll - ok
16:54:37.0751 5348 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
16:54:37.0751 5348 C:\Windows\System32\termsrv.dll - ok
16:54:37.0751 5348 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
16:54:37.0751 5348 C:\Windows\System32\themeservice.dll - ok
16:54:37.0751 5348 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
16:54:37.0751 5348 C:\Windows\System32\trkwks.dll - ok
16:54:37.0751 5348 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
16:54:37.0751 5348 C:\Windows\servicing\TrustedInstaller.exe - ok
16:54:37.0751 5348 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
16:54:37.0751 5348 C:\Windows\System32\drivers\tssecsrv.sys - ok
16:54:37.0767 5348 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
16:54:37.0767 5348 C:\Windows\System32\UI0Detect.exe - ok
16:54:37.0767 5348 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
16:54:37.0767 5348 C:\Windows\System32\upnphost.dll - ok
16:54:37.0767 5348 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
16:54:37.0767 5348 C:\Windows\System32\dwm.exe - ok
16:54:37.0767 5348 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
16:54:37.0767 5348 C:\Windows\System32\vaultsvc.dll - ok
16:54:37.0767 5348 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
16:54:37.0767 5348 C:\Windows\System32\vds.exe - ok
16:54:37.0783 5348 [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
16:54:37.0783 5348 C:\Windows\System32\drivers\volmgrx.sys - ok
16:54:37.0783 5348 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
16:54:37.0783 5348 C:\Windows\System32\VSSVC.exe - ok
16:54:37.0783 5348 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
16:54:37.0783 5348 C:\Windows\System32\drivers\vwifibus.sys - ok
16:54:37.0783 5348 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
16:54:37.0783 5348 C:\Windows\System32\w32time.dll - ok
16:54:37.0798 5348 [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
16:54:37.0798 5348 C:\Windows\System32\Wat\WatUX.exe - ok
16:54:37.0798 5348 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
16:54:37.0798 5348 C:\Windows\System32\wbengine.exe - ok
16:54:37.0798 5348 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
16:54:37.0798 5348 C:\Windows\System32\wbiosrvc.dll - ok
16:54:37.0798 5348 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
16:54:37.0798 5348 C:\Windows\System32\wcncsvc.dll - ok
16:54:37.0798 5348 [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
16:54:37.0798 5348 C:\Windows\System32\WcsPlugInService.dll - ok
16:54:37.0798 5348 [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\Windows\System32\drivers\Wdf01000.sys
16:54:37.0798 5348 C:\Windows\System32\drivers\Wdf01000.sys - ok
16:54:37.0814 5348 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
16:54:37.0814 5348 C:\Windows\System32\wdi.dll - ok
16:54:37.0814 5348 [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
16:54:37.0814 5348 C:\Windows\System32\wecsvc.dll - ok
16:54:37.0814 5348 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
16:54:37.0814 5348 C:\Windows\System32\wercplsupport.dll - ok
16:54:37.0814 5348 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
16:54:37.0814 5348 C:\Windows\System32\wersvc.dll - ok
16:54:37.0814 5348 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
16:54:37.0814 5348 C:\Program Files\Windows Defender\MsMpRes.dll - ok
16:54:37.0829 5348 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
16:54:37.0829 5348 C:\Windows\System32\winhttp.dll - ok
16:54:37.0829 5348 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
16:54:37.0829 5348 C:\Windows\System32\wbem\WMIsvc.dll - ok
16:54:37.0829 5348 [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
16:54:37.0829 5348 C:\Windows\System32\WsmSvc.dll - ok
16:54:37.0829 5348 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
16:54:37.0829 5348 C:\Windows\System32\wlansvc.dll - ok
16:54:37.0829 5348 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
16:54:37.0829 5348 C:\Windows\System32\wbem\WmiApSrv.exe - ok
16:54:37.0829 5348 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
16:54:37.0829 5348 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
16:54:37.0845 5348 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
16:54:37.0845 5348 C:\Windows\System32\wpcsvc.dll - ok
16:54:37.0845 5348 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
16:54:37.0845 5348 C:\Windows\System32\wpdbusenum.dll - ok
16:54:37.0845 5348 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
16:54:37.0845 5348 C:\Windows\System32\drivers\ws2ifsl.sys - ok
16:54:37.0845 5348 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
16:54:37.0845 5348 C:\Windows\System32\wscsvc.dll - ok
16:54:37.0845 5348 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
16:54:37.0845 5348 C:\Windows\System32\SearchIndexer.exe - ok
16:54:37.0861 5348 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
16:54:37.0861 5348 C:\Windows\System32\wuaueng.dll - ok
16:54:37.0861 5348 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
16:54:37.0861 5348 C:\Windows\System32\drivers\WUDFPf.sys - ok
16:54:37.0861 5348 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
16:54:37.0861 5348 C:\Windows\System32\WUDFSvc.dll - ok
16:54:37.0861 5348 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
16:54:37.0861 5348 C:\Windows\System32\wwansvc.dll - ok
16:54:37.0861 5348 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
16:54:37.0861 5348 C:\Windows\System32\ubpm.dll - ok
16:54:37.0876 5348 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
16:54:37.0876 5348 C:\Windows\System32\SPInf.dll - ok
16:54:37.0876 5348 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
16:54:37.0876 5348 C:\Windows\System32\svchost.exe - ok
16:54:37.0876 5348 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
16:54:37.0876 5348 C:\Windows\System32\devrtl.dll - ok
16:54:37.0876 5348 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
16:54:37.0876 5348 C:\Windows\System32\userenv.dll - ok
16:54:37.0876 5348 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
16:54:37.0876 5348 C:\Windows\System32\pcwum.dll - ok
16:54:37.0892 5348 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
16:54:37.0892 5348 C:\Windows\System32\powrprof.dll - ok
16:54:37.0892 5348 [ D2755AFEF371FADCFC5D9B83DCD4F4D4 ] C:\Windows\System32\nvvsvc.exe
16:54:37.0892 5348 C:\Windows\System32\nvvsvc.exe - ok
16:54:37.0892 5348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
16:54:37.0892 5348 C:\Windows\System32\rpcss.dll - ok
16:54:37.0892 5348 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
16:54:37.0892 5348 C:\Windows\System32\wshqos.dll - ok
16:54:37.0907 5348 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
16:54:37.0907 5348 C:\Windows\System32\WSHTCPIP.DLL - ok
16:54:37.0907 5348 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
16:54:37.0907 5348 C:\Windows\System32\LogonUI.exe - ok
16:54:37.0907 5348 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
16:54:37.0907 5348 C:\Windows\System32\authui.dll - ok
16:54:37.0907 5348 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
16:54:37.0907 5348 C:\Windows\System32\cryptui.dll - ok
16:54:37.0907 5348 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
16:54:37.0907 5348 C:\Windows\System32\adtschema.dll - ok
16:54:37.0907 5348 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
16:54:37.0907 5348 C:\Windows\System32\MMDevAPI.dll - ok
16:54:37.0923 5348 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
16:54:37.0923 5348 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
16:54:37.0923 5348 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
16:54:37.0923 5348 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
16:54:37.0923 5348 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
16:54:37.0923 5348 C:\Windows\System32\propsys.dll - ok
16:54:37.0923 5348 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
16:54:37.0923 5348 C:\Windows\System32\samlib.dll - ok
16:54:37.0923 5348 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
16:54:37.0923 5348 C:\Windows\System32\shacct.dll - ok
16:54:37.0939 5348 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
16:54:37.0939 5348 C:\Windows\System32\avrt.dll - ok
16:54:37.0939 5348 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
16:54:37.0939 5348 C:\Windows\System32\WUDFPlatform.dll - ok
16:54:37.0939 5348 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
16:54:37.0939 5348 C:\Windows\System32\MPSSVC.dll - ok
16:54:37.0939 5348 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
16:54:37.0939 5348 C:\Windows\System32\uxtheme.dll - ok
16:54:37.0939 5348 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
16:54:37.0939 5348 C:\Windows\System32\PSHED.DLL - ok
16:54:37.0954 5348 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
16:54:37.0954 5348 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
16:54:37.0954 5348 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
16:54:37.0954 5348 C:\Windows\System32\dui70.dll - ok
16:54:37.0954 5348 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
16:54:37.0954 5348 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
16:54:37.0954 5348 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
16:54:37.0954 5348 C:\Windows\System32\duser.dll - ok
16:54:37.0954 5348 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
16:54:37.0954 5348 C:\Windows\System32\hid.dll - ok
16:54:37.0970 5348 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
16:54:37.0970 5348 C:\Windows\System32\SndVolSSO.dll - ok
16:54:37.0970 5348 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
16:54:37.0970 5348 C:\Windows\System32\audiodg.exe - ok
16:54:37.0970 5348 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
16:54:37.0970 5348 C:\Windows\System32\dwmapi.dll - ok
16:54:37.0970 5348 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
16:54:37.0970 5348 C:\Windows\System32\xmllite.dll - ok
16:54:37.0970 5348 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
16:54:37.0970 5348 C:\Windows\System32\ntmarta.dll - ok
16:54:37.0970 5348 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
16:54:37.0970 5348 C:\Windows\System32\gpsvc.dll - ok
16:54:37.0985 5348 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
16:54:37.0985 5348 C:\Windows\System32\nlaapi.dll - ok
16:54:37.0985 5348 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
16:54:37.0985 5348 C:\Windows\System32\atl.dll - ok
16:54:37.0985 5348 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
16:54:37.0985 5348 C:\Windows\System32\winmm.dll - ok
16:54:37.0985 5348 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
16:54:37.0985 5348 C:\Windows\System32\dsrole.dll - ok
16:54:37.0985 5348 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
16:54:37.0985 5348 C:\Windows\System32\es.dll - ok
16:54:38.0001 5348 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
16:54:38.0001 5348 C:\Windows\System32\slc.dll - ok
16:54:38.0001 5348 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
16:54:38.0001 5348 C:\Windows\System32\WindowsCodecs.dll - ok
16:54:38.0001 5348 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
16:54:38.0001 5348 C:\Windows\System32\wdmaud.drv - ok
16:54:38.0001 5348 [ 0840ABBBDF438691EE65A20040635CBE ] C:\Program Files\Dell\DellDock\DockLogin.exe
16:54:38.0001 5348 C:\Program Files\Dell\DellDock\DockLogin.exe - ok
16:54:38.0001 5348 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
16:54:38.0001 5348 C:\Windows\System32\ksuser.dll - ok
16:54:38.0017 5348 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
16:54:38.0017 5348 C:\Windows\SysWOW64\ntdll.dll - ok
16:54:38.0017 5348 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
16:54:38.0017 5348 C:\Windows\System32\wow64.dll - ok
16:54:38.0017 5348 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
16:54:38.0017 5348 C:\Windows\System32\wow64win.dll - ok
16:54:38.0017 5348 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
16:54:38.0017 5348 C:\Windows\System32\wow64cpu.dll - ok
16:54:38.0017 5348 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
16:54:38.0017 5348 C:\Windows\SysWOW64\kernel32.dll - ok
16:54:38.0032 5348 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
16:54:38.0032 5348 C:\Windows\SysWOW64\KernelBase.dll - ok
16:54:38.0032 5348 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
16:54:38.0032 5348 C:\Windows\SysWOW64\msvcrt.dll - ok
16:54:38.0032 5348 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
16:54:38.0032 5348 C:\Windows\SysWOW64\wtsapi32.dll - ok
16:54:38.0032 5348 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
16:54:38.0032 5348 C:\Windows\SysWOW64\advapi32.dll - ok
16:54:38.0032 5348 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
16:54:38.0032 5348 C:\Windows\SysWOW64\cryptbase.dll - ok
16:54:38.0048 5348 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
16:54:38.0048 5348 C:\Windows\SysWOW64\gdi32.dll - ok
16:54:38.0048 5348 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
16:54:38.0048 5348 C:\Windows\SysWOW64\imm32.dll - ok
16:54:38.0048 5348 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
16:54:38.0048 5348 C:\Windows\SysWOW64\lpk.dll - ok
16:54:38.0048 5348 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
16:54:38.0048 5348 C:\Windows\SysWOW64\msctf.dll - ok
16:54:38.0048 5348 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
16:54:38.0048 5348 C:\Windows\SysWOW64\rpcrt4.dll - ok
16:54:38.0048 5348 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
16:54:38.0048 5348 C:\Windows\SysWOW64\sechost.dll - ok
16:54:38.0063 5348 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
16:54:38.0063 5348 C:\Windows\SysWOW64\shlwapi.dll - ok
16:54:38.0063 5348 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
16:54:38.0063 5348 C:\Windows\SysWOW64\sspicli.dll - ok
16:54:38.0063 5348 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
16:54:38.0063 5348 C:\Windows\SysWOW64\user32.dll - ok
16:54:38.0063 5348 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
16:54:38.0063 5348 C:\Windows\SysWOW64\usp10.dll - ok
16:54:38.0063 5348 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
16:54:38.0063 5348 C:\Windows\System32\uxsms.dll - ok
16:54:38.0079 5348 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
16:54:38.0079 5348 C:\Windows\System32\AudioSes.dll - ok
16:54:38.0079 5348 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
16:54:38.0079 5348 C:\Windows\System32\wtsapi32.dll - ok
16:54:38.0079 5348 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
16:54:38.0079 5348 C:\Windows\System32\drivers\lltdio.sys - ok
16:54:38.0079 5348 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
16:54:38.0079 5348 C:\Windows\System32\drivers\rspndr.sys - ok
16:54:38.0079 5348 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
16:54:38.0079 5348 C:\Windows\System32\msacm32.drv - ok
16:54:38.0095 5348 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
16:54:38.0095 5348 C:\Windows\System32\winbrand.dll - ok
16:54:38.0095 5348 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
16:54:38.0095 5348 C:\Windows\System32\IPHLPAPI.DLL - ok
16:54:38.0095 5348 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
16:54:38.0095 5348 C:\Windows\System32\midimap.dll - ok
16:54:38.0095 5348 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
16:54:38.0095 5348 C:\Windows\System32\msacm32.dll - ok
16:54:38.0095 5348 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
16:54:38.0095 5348 C:\Windows\System32\dnsrslvr.dll - ok
16:54:38.0110 5348 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:54:38.0110 5348 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:54:38.0110 5348 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
16:54:38.0110 5348 C:\Windows\System32\VaultCredProvider.dll - ok
16:54:38.0110 5348 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
16:54:38.0110 5348 C:\Windows\System32\winnsi.dll - ok
16:54:38.0110 5348 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
16:54:38.0110 5348 C:\Windows\System32\BioCredProv.dll - ok
16:54:38.0110 5348 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
16:54:38.0110 5348 C:\Windows\System32\FWPUCLNT.DLL - ok
16:54:38.0126 5348 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
16:54:38.0126 5348 C:\Windows\System32\nrpsrv.dll - ok
16:54:38.0126 5348 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
16:54:38.0126 5348 C:\Windows\System32\winbio.dll - ok
16:54:38.0126 5348 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
16:54:38.0126 5348 C:\Windows\System32\credui.dll - ok
16:54:38.0126 5348 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
16:54:38.0126 5348 C:\Windows\System32\dhcpcore6.dll - ok
16:54:38.0126 5348 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
16:54:38.0126 5348 C:\Windows\System32\dnsext.dll - ok
16:54:38.0141 5348 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
16:54:38.0141 5348 C:\Windows\System32\vaultcli.dll - ok
16:54:38.0141 5348 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
16:54:38.0141 5348 C:\Windows\System32\dhcpcsvc.dll - ok
16:54:38.0141 5348 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
16:54:38.0141 5348 C:\Windows\System32\dhcpcsvc6.dll - ok
16:54:38.0141 5348 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
16:54:38.0141 5348 C:\Windows\System32\netapi32.dll - ok
16:54:38.0141 5348 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
16:54:38.0141 5348 C:\Windows\System32\netutils.dll - ok
16:54:38.0157 5348 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
16:54:38.0157 5348 C:\Windows\System32\wkscli.dll - ok
16:54:38.0157 5348 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
16:54:38.0157 5348 C:\Windows\System32\AudioEng.dll - ok
16:54:38.0157 5348 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
16:54:38.0157 5348 C:\Windows\System32\certCredProvider.dll - ok
16:54:38.0157 5348 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
16:54:38.0157 5348 C:\Windows\System32\ktmw32.dll - ok
16:54:38.0157 5348 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
16:54:38.0157 5348 C:\Windows\System32\samcli.dll - ok
16:54:38.0173 5348 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
16:54:38.0173 5348 C:\Windows\System32\AUDIOKSE.dll - ok
16:54:38.0173 5348 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
16:54:38.0173 5348 C:\Windows\System32\rasapi32.dll - ok
16:54:38.0173 5348 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
16:54:38.0173 5348 C:\Windows\System32\rasplap.dll - ok
16:54:38.0173 5348 [ E877D921A20E311F0627A48EEFAB1849 ] C:\Windows\System32\MBWrp64.dll
16:54:38.0173 5348 C:\Windows\System32\MBWrp64.dll - ok
16:54:38.0173 5348 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
16:54:38.0173 5348 C:\Windows\System32\rasman.dll - ok
16:54:38.0188 5348 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
16:54:38.0188 5348 C:\Windows\System32\rtutils.dll - ok
16:54:38.0188 5348 [ B8C027CED964C859E4E2ACC7066F6668 ] C:\Windows\System32\MBTHX64.dll
16:54:38.0188 5348 C:\Windows\System32\MBTHX64.dll - ok
16:54:38.0188 5348 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
16:54:38.0188 5348 C:\Windows\System32\UXInit.dll - ok
16:54:38.0188 5348 [ 9FA8752358E1F6C5C7DBC48F3B025F2F ] C:\Windows\System32\MBAPO64.dll
16:54:38.0188 5348 C:\Windows\System32\MBAPO64.dll - ok
16:54:38.0188 5348 [ 4BDCE0F13B1FA94E96757D4BE0E84020 ] C:\Windows\System32\nvsvc64.dll
16:54:38.0188 5348 C:\Windows\System32\nvsvc64.dll - ok
16:54:38.0188 5348 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
16:54:38.0188 5348 C:\Windows\System32\msimg32.dll - ok
16:54:38.0204 5348 [ 2BA7A515B90FCBA1629E0261E60F5F82 ] C:\Windows\System32\RtkAPO64.dll
16:54:38.0204 5348 C:\Windows\System32\RtkAPO64.dll - ok
16:54:38.0204 5348 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
16:54:38.0204 5348 C:\Windows\System32\taskcomp.dll - ok
16:54:38.0204 5348 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
16:54:38.0204 5348 C:\Windows\System32\WMALFXGFXDSP.dll - ok
16:54:38.0204 5348 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
16:54:38.0204 5348 C:\Windows\System32\mfplat.dll - ok
16:54:38.0204 5348 [ 5222398FACF28D233BA0E5584500F80C ] C:\Windows\System32\nvapi64.dll
16:54:38.0204 5348 C:\Windows\System32\nvapi64.dll - ok
16:54:38.0219 5348 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
16:54:38.0219 5348 C:\Windows\System32\imageres.dll - ok
16:54:38.0219 5348 [ F8F6AD250A3E1A080F620C00BD1DFD18 ] C:\Windows\System32\nvsvcr.dll
16:54:38.0219 5348 C:\Windows\System32\nvsvcr.dll - ok
16:54:38.0219 5348 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
16:54:38.0219 5348 C:\Windows\System32\fveapi.dll - ok
16:54:38.0219 5348 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
16:54:38.0219 5348 C:\Windows\System32\tbs.dll - ok
16:54:38.0219 5348 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
16:54:38.0219 5348 C:\Windows\System32\drivers\bowser.sys - ok
16:54:38.0235 5348 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
16:54:38.0235 5348 C:\Windows\System32\fvecerts.dll - ok
16:54:38.0235 5348 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
16:54:38.0235 5348 C:\Windows\System32\drivers\mpsdrv.sys - ok
16:54:38.0235 5348 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
16:54:38.0235 5348 C:\Windows\System32\drivers\mrxsmb.sys - ok
16:54:38.0235 5348 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
16:54:38.0235 5348 C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:54:38.0235 5348 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
16:54:38.0235 5348 C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:54:38.0251 5348 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
16:54:38.0251 5348 C:\Windows\System32\wfapigp.dll - ok
16:54:38.0251 5348 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:54:38.0251 5348 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
16:54:38.0251 5348 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
16:54:38.0251 5348 C:\Windows\System32\mscms.dll - ok
16:54:38.0251 5348 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
16:54:38.0251 5348 C:\Windows\SysWOW64\shell32.dll - ok
16:54:38.0251 5348 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
16:54:38.0251 5348 C:\Windows\System32\wiarpc.dll - ok
16:54:38.0266 5348 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
16:54:38.0266 5348 C:\Windows\SysWOW64\ole32.dll - ok
16:54:38.0266 5348 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
16:54:38.0266 5348 C:\Windows\SysWOW64\oleaut32.dll - ok
16:54:38.0266 5348 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
16:54:38.0266 5348 C:\Windows\SysWOW64\crypt32.dll - ok
16:54:38.0266 5348 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
16:54:38.0266 5348 C:\Windows\SysWOW64\msasn1.dll - ok
16:54:38.0266 5348 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
16:54:38.0266 5348 C:\Windows\SysWOW64\wintrust.dll - ok
16:54:38.0282 5348 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
16:54:38.0282 5348 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
16:54:38.0282 5348 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:54:38.0282 5348 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
16:54:38.0282 5348 [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
16:54:38.0282 5348 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
16:54:38.0282 5348 [ 3B3D5E94A5F24417BE2C179DDD883702 ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
16:54:38.0282 5348 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
16:54:38.0297 5348 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
16:54:38.0297 5348 C:\Windows\SysWOW64\msvcp100.dll - ok
16:54:38.0297 5348 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
16:54:38.0297 5348 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
16:54:38.0297 5348 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
16:54:38.0297 5348 C:\Windows\SysWOW64\msvcr100.dll - ok
16:54:38.0297 5348 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
16:54:38.0297 5348 C:\Windows\SysWOW64\nsi.dll - ok
16:54:38.0297 5348 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
16:54:38.0297 5348 C:\Windows\SysWOW64\winnsi.dll - ok
16:54:38.0297 5348 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
16:54:38.0297 5348 C:\Windows\SysWOW64\psapi.dll - ok
16:54:38.0313 5348 [ 0FAED7EFF6037A1D9542C62272A02E7C ] C:\Windows\SysWOW64\urlmon.dll
16:54:38.0313 5348 C:\Windows\SysWOW64\urlmon.dll - ok
16:54:38.0313 5348 [ 989937C1C1333EE55CC2982340CB1DBA ] C:\Windows\SysWOW64\wininet.dll
16:54:38.0313 5348 C:\Windows\SysWOW64\wininet.dll - ok
16:54:38.0313 5348 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
16:54:38.0313 5348 C:\Windows\SysWOW64\ws2_32.dll - ok
16:54:38.0313 5348 [ BBB8E8B40CC718C5C91FB8C3280C622F ] C:\Windows\SysWOW64\iertutil.dll
16:54:38.0313 5348 C:\Windows\SysWOW64\iertutil.dll - ok
16:54:38.0313 5348 [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
16:54:38.0313 5348 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
16:54:38.0313 5348 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
16:54:38.0313 5348 C:\Windows\SysWOW64\version.dll - ok
16:54:38.0329 5348 [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
16:54:38.0329 5348 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
16:54:38.0329 5348 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:54:38.0329 5348 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
16:54:38.0329 5348 [ 40E12972BB73C2927E19553E30EAEE3C ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
16:54:38.0329 5348 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
16:54:38.0329 5348 [ BBAD10F039069325326CDA0A68D55356 ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
16:54:38.0329 5348 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
16:54:38.0329 5348 [ F48FEB7DA35821DA15E0B006DCB9A169 ] C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
16:54:38.0329 5348 C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE - ok
16:54:38.0344 5348 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
16:54:38.0344 5348 C:\Windows\SysWOW64\msi.dll - ok
16:54:38.0344 5348 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
16:54:38.0344 5348 C:\Windows\SysWOW64\SensApi.dll - ok
16:54:38.0344 5348 [ 414F57444511B818DB23FA5CF89F3205 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
16:54:38.0344 5348 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
16:54:38.0344 5348 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
16:54:38.0344 5348 C:\Windows\System32\cryptnet.dll - ok
16:54:38.0344 5348 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
16:54:38.0344 5348 C:\Windows\System32\taskschd.dll - ok
16:54:38.0360 5348 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
16:54:38.0360 5348 C:\Windows\SysWOW64\clbcatq.dll - ok
16:54:38.0360 5348 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
16:54:38.0360 5348 C:\Windows\System32\vssapi.dll - ok
16:54:38.0360 5348 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
16:54:38.0360 5348 C:\Windows\SysWOW64\cryptsp.dll - ok
16:54:38.0360 5348 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
16:54:38.0360 5348 C:\Windows\System32\vsstrace.dll - ok
16:54:38.0360 5348 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
16:54:38.0360 5348 C:\Windows\System32\WSDApi.dll - ok
16:54:38.0360 5348 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
16:54:38.0360 5348 C:\Windows\SysWOW64\rsaenh.dll - ok
16:54:38.0375 5348 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
16:54:38.0375 5348 C:\Windows\SysWOW64\svchost.exe - ok
16:54:38.0375 5348 [ 259826C64F6831BAC1A9947EBAD7F95F ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
16:54:38.0375 5348 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
16:54:38.0375 5348 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
16:54:38.0375 5348 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
16:54:38.0375 5348 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
16:54:38.0375 5348 C:\Windows\System32\webservices.dll - ok
16:54:38.0375 5348 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
16:54:38.0375 5348 C:\Windows\System32\fundisc.dll - ok
16:54:38.0391 5348 [ 75CC8C5146A3FB76221A7606628778D5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:54:38.0391 5348 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
16:54:38.0391 5348 [ E14CF5255C46E1556E344CD720F34F25 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
16:54:38.0391 5348 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
16:54:38.0391 5348 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
16:54:38.0391 5348 C:\Windows\System32\aepic.dll - ok
16:54:38.0391 5348 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
16:54:38.0391 5348 C:\Windows\System32\HPZinw12.dll - ok
16:54:38.0391 5348 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
16:54:38.0391 5348 C:\Windows\System32\sfc.dll - ok
16:54:38.0407 5348 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
16:54:38.0407 5348 C:\Windows\SysWOW64\setupapi.dll - ok
16:54:38.0407 5348 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
16:54:38.0407 5348 C:\Windows\System32\drivers\PEAuth.sys - ok
16:54:38.0407 5348 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
16:54:38.0407 5348 C:\Windows\System32\ncsi.dll - ok
16:54:38.0407 5348 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
16:54:38.0407 5348 C:\Windows\System32\sfc_os.dll - ok
16:54:38.0407 5348 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
16:54:38.0407 5348 C:\Windows\System32\vpnikeapi.dll - ok
16:54:38.0422 5348 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
16:54:38.0422 5348 C:\Windows\SysWOW64\cfgmgr32.dll - ok
16:54:38.0422 5348 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
16:54:38.0422 5348 C:\Windows\System32\webio.dll - ok
16:54:38.0422 5348 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
16:54:38.0422 5348 C:\Windows\System32\wsock32.dll - ok
16:54:38.0422 5348 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
16:54:38.0422 5348 C:\Windows\SysWOW64\devobj.dll - ok
16:54:38.0422 5348 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
16:54:38.0422 5348 C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe - ok
16:54:38.0438 5348 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
16:54:38.0438 5348 C:\Windows\System32\ssdpapi.dll - ok
16:54:38.0438 5348 [ C85670AB64068F8080998AEBA6C5019C ] C:\Windows\SysWOW64\atl100.dll
16:54:38.0438 5348 C:\Windows\SysWOW64\atl100.dll - ok
16:54:38.0438 5348 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
16:54:38.0438 5348 C:\Windows\System32\drivers\secdrv.sys - ok
16:54:38.0438 5348 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
16:54:38.0438 5348 C:\Windows\System32\HPZipm12.dll - ok
16:54:38.0438 5348 [ BEA22322EA2DFE41CF7CE22A6EDE08EA ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
16:54:38.0438 5348 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
16:54:38.0453 5348 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
16:54:38.0453 5348 C:\Windows\System32\httpapi.dll - ok
16:54:38.0453 5348 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
16:54:38.0453 5348 C:\Windows\SysWOW64\winspool.drv - ok
16:54:38.0453 5348 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
16:54:38.0453 5348 C:\Windows\System32\msxml6.dll - ok
16:54:38.0453 5348 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
16:54:38.0453 5348 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
16:54:38.0453 5348 [ 74EC60E20516AAA573BE74F31175270F ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
16:54:38.0453 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe - ok
16:54:38.0469 5348 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
16:54:38.0469 5348 C:\Windows\SysWOW64\userenv.dll - ok
16:54:38.0469 5348 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
16:54:38.0469 5348 C:\Windows\SysWOW64\profapi.dll - ok
16:54:38.0469 5348 [ 32DFEEF66057184481ECC3C6116CE895 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
16:54:38.0469 5348 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
16:54:38.0469 5348 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
16:54:38.0469 5348 C:\Windows\System32\drivers\srvnet.sys - ok
16:54:38.0469 5348 [ E14EC69620F1924A3318C3D7CA9A02B6 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll
16:54:38.0469 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll - ok
16:54:38.0485 5348 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
16:54:38.0485 5348 C:\Windows\System32\drivers\tcpipreg.sys - ok
16:54:38.0485 5348 [ 7E236CC26FF0C2513819FA453E2C5371 ] C:\Windows\System32\icaapi.dll
16:54:38.0485 5348 C:\Windows\System32\icaapi.dll - ok
16:54:38.0485 5348 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
16:54:38.0485 5348 C:\Windows\System32\wiatrace.dll - ok
16:54:38.0485 5348 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
16:54:38.0485 5348 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
16:54:38.0485 5348 [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
16:54:38.0485 5348 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
16:54:38.0500 5348 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
16:54:38.0500 5348 C:\Windows\SysWOW64\sfc.dll - ok
16:54:38.0500 5348 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
16:54:38.0500 5348 C:\Windows\SysWOW64\wbemcomn.dll - ok
16:54:38.0500 5348 [ 7F2A2DDA32A0CDF28868864A87A05B23 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
16:54:38.0500 5348 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
16:54:38.0500 5348 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
16:54:38.0500 5348 C:\Windows\SysWOW64\sfc_os.dll - ok
16:54:38.0516 5348 [ 10B2E2FCA707501600D1DEAB1B71F699 ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
16:54:38.0516 5348 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe - ok
16:54:38.0516 5348 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
16:54:38.0516 5348 C:\Windows\SysWOW64\msxml3.dll - ok
16:54:38.0516 5348 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
16:54:38.0516 5348 C:\Windows\System32\wsdchngr.dll - ok
16:54:38.0516 5348 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
16:54:38.0516 5348 C:\Windows\SysWOW64\secur32.dll - ok
16:54:38.0516 5348 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
16:54:38.0516 5348 C:\Windows\System32\fdPnp.dll - ok
16:54:38.0531 5348 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
16:54:38.0531 5348 C:\Windows\SysWOW64\winsta.dll - ok
16:54:38.0531 5348 [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
16:54:38.0531 5348 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
16:54:38.0531 5348 [ 8309A7C3EAE065AB5038911CF840F81E ] C:\Windows\System32\hpwwiax5.dll
16:54:38.0531 5348 C:\Windows\System32\hpwwiax5.dll - ok
16:54:38.0531 5348 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
16:54:38.0531 5348 C:\Windows\System32\drivers\srv2.sys - ok
16:54:38.0531 5348 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
16:54:38.0531 5348 C:\Windows\System32\wbemcomn.dll - ok
16:54:38.0547 5348 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:54:38.0547 5348 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
16:54:38.0547 5348 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
16:54:38.0547 5348 C:\Windows\System32\wbem\WinMgmtR.dll - ok
16:54:38.0547 5348 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
16:54:38.0547 5348 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
16:54:38.0547 5348 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
16:54:38.0547 5348 C:\Windows\System32\wbem\fastprox.dll - ok
16:54:38.0547 5348 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
16:54:38.0547 5348 C:\Windows\System32\wbem\wbemcore.dll - ok
16:54:38.0563 5348 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
16:54:38.0563 5348 C:\Windows\SysWOW64\mscoree.dll - ok
16:54:38.0563 5348 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
16:54:38.0563 5348 C:\Windows\System32\ntdsapi.dll - ok
16:54:38.0563 5348 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
16:54:38.0563 5348 C:\Windows\System32\wbem\esscli.dll - ok
16:54:38.0563 5348 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
16:54:38.0563 5348 C:\Windows\System32\wbem\wbemprox.dll - ok
16:54:38.0563 5348 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
16:54:38.0563 5348 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
16:54:38.0578 5348 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
16:54:38.0578 5348 C:\Windows\System32\wbem\wbemsvc.dll - ok
16:54:38.0578 5348 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
16:54:38.0578 5348 C:\Windows\System32\wbem\wmiutils.dll - ok
16:54:38.0578 5348 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
16:54:38.0578 5348 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
16:54:38.0578 5348 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
16:54:38.0578 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
16:54:38.0578 5348 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
16:54:38.0578 5348 C:\Windows\System32\wbem\repdrvfs.dll - ok
16:54:38.0594 5348 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
16:54:38.0594 5348 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
16:54:38.0594 5348 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
16:54:38.0594 5348 C:\Windows\SysWOW64\ntdsapi.dll - ok
16:54:38.0594 5348 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:54:38.0594 5348 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:54:38.0594 5348 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
16:54:38.0594 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
16:54:38.0609 5348 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
16:54:38.0609 5348 C:\Windows\SysWOW64\wevtapi.dll - ok
16:54:38.0609 5348 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
16:54:38.0609 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
16:54:38.0609 5348 [ 1931311AF80A54A4FE8F0862820FE015 ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
16:54:38.0609 5348 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
16:54:38.0609 5348 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
16:54:38.0609 5348 C:\Windows\SysWOW64\wscapi.dll - ok
16:54:38.0609 5348 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
16:54:38.0609 5348 C:\Windows\SysWOW64\ntmarta.dll - ok
16:54:38.0625 5348 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
16:54:38.0625 5348 C:\Windows\SysWOW64\Wldap32.dll - ok
16:54:38.0625 5348 [ 3A0709EF8466606C5E18DDDAA90A1462 ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
16:54:38.0625 5348 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
16:54:38.0625 5348 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
16:54:38.0625 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
16:54:38.0625 5348 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
16:54:38.0625 5348 C:\Windows\SysWOW64\apphelp.dll - ok
16:54:38.0641 5348 [ 796D0E740E0AF2E5C55BBC3B1561AA47 ] C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
16:54:38.0641 5348 C:\Program Files (x86)\AVG\AVG2013\avgemca.exe - ok
16:54:38.0641 5348 [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
16:54:38.0641 5348 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
16:54:38.0641 5348 [ 91CA748B04BF0E2CAB06BE29116E05C5 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
16:54:38.0641 5348 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
16:54:38.0641 5348 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
16:54:38.0641 5348 C:\Windows\System32\msvcr100.dll - ok
16:54:38.0641 5348 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
16:54:38.0641 5348 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
16:54:38.0656 5348 [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
16:54:38.0656 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
16:54:38.0656 5348 [ 4E1B4CFBE7228F42400389402347DE4C ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
16:54:38.0656 5348 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
16:54:38.0656 5348 [ 1F8A4E00A9A304C7637EA6B413DD5C32 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll
16:54:38.0656 5348 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll - ok
16:54:38.0656 5348 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
16:54:38.0656 5348 C:\Windows\System32\ncobjapi.dll - ok
16:54:38.0656 5348 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
16:54:38.0656 5348 C:\Windows\System32\drivers\srv.sys - ok
16:54:38.0672 5348 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
16:54:38.0672 5348 C:\Windows\System32\dbghelp.dll - ok
16:54:38.0672 5348 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
16:54:38.0672 5348 C:\Windows\System32\sqmapi.dll - ok
16:54:38.0672 5348 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
16:54:38.0672 5348 C:\Windows\System32\wdscore.dll - ok
16:54:38.0672 5348 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
16:54:38.0672 5348 C:\Windows\System32\wbem\wbemess.dll - ok
16:54:38.0672 5348 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
16:54:38.0672 5348 C:\Windows\System32\netmsg.dll - ok
16:54:38.0687 5348 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
16:54:38.0687 5348 C:\Windows\System32\netcfgx.dll - ok
16:54:38.0687 5348 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
16:54:38.0687 5348 C:\Windows\System32\sscore.dll - ok
16:54:38.0687 5348 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
16:54:38.0687 5348 C:\Windows\System32\clusapi.dll - ok
16:54:38.0687 5348 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
16:54:38.0687 5348 C:\Windows\System32\resutils.dll - ok
16:54:38.0687 5348 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
16:54:38.0687 5348 C:\Windows\System32\hnetcfg.dll - ok
16:54:38.0703 5348 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
16:54:38.0703 5348 C:\Windows\System32\nci.dll - ok
16:54:38.0703 5348 [ 54F71A6A07B7953DBB9C4A74D64DABA4 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll
16:54:38.0703 5348 C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll - ok
16:54:38.0703 5348 [ 40F55C563961C01C466E011B6AA61E27 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
16:54:38.0703 5348 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
16:54:38.0703 5348 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
16:54:38.0703 5348 C:\Windows\System32\aeevts.dll - ok
16:54:38.0719 5348 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:54:38.0719 5348 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
16:54:38.0719 5348 [ BE2F9CA7C1B2E76E0E528AF4651F59AB ] C:\Windows\System32\nvcpl.dll
16:54:38.0719 5348 C:\Windows\System32\nvcpl.dll - ok
16:54:38.0719 5348 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
16:54:38.0719 5348 C:\Windows\System32\wbem\NCProv.dll - ok
16:54:38.0719 5348 [ 7FF74FECE8C0E7B0207D3629AE2A3D16 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
16:54:38.0719 5348 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
16:54:38.0719 5348 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
16:54:38.0719 5348 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
16:54:38.0734 5348 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
16:54:38.0734 5348 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
16:54:38.0734 5348 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
16:54:38.0734 5348 C:\Windows\SysWOW64\msimg32.dll - ok
16:54:38.0734 5348 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
16:54:38.0734 5348 C:\Windows\SysWOW64\wer.dll - ok
16:54:38.0734 5348 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
16:54:38.0734 5348 C:\Windows\SysWOW64\Faultrep.dll - ok
16:54:38.0734 5348 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
16:54:38.0734 5348 C:\Windows\System32\p2pcollab.dll - ok
16:54:38.0750 5348 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
16:54:38.0750 5348 C:\Windows\System32\winspool.drv - ok
16:54:38.0750 5348 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
16:54:38.0750 5348 C:\Windows\SysWOW64\propsys.dll - ok
16:54:38.0750 5348 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
16:54:38.0750 5348 C:\Windows\System32\fveui.dll - ok
16:54:38.0750 5348 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
16:54:38.0750 5348 C:\Windows\System32\rasadhlp.dll - ok
16:54:38.0750 5348 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
16:54:38.0750 5348 C:\Windows\System32\umb.dll - ok
16:54:38.0765 5348 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
16:54:38.0765 5348 C:\Windows\System32\localspl.dll - ok
16:54:38.0765 5348 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
16:54:38.0765 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
16:54:38.0765 5348 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
16:54:38.0765 5348 C:\Windows\System32\spoolss.dll - ok
16:54:38.0765 5348 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
16:54:38.0765 5348 C:\Windows\System32\wuapi.dll - ok
16:54:38.0765 5348 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
16:54:38.0765 5348 C:\Windows\System32\PrintIsolationProxy.dll - ok
16:54:38.0781 5348 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
16:54:38.0781 5348 C:\Windows\System32\FXSMON.dll - ok
16:54:38.0781 5348 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
16:54:38.0781 5348 C:\Windows\System32\cabinet.dll - ok
16:54:38.0781 5348 [ B3D8A0D4BDE95FAA6CA2ABAA3A7C2C20 ] C:\Windows\System32\hpf3l082.dll
16:54:38.0781 5348 C:\Windows\System32\hpf3l082.dll - ok
16:54:38.0781 5348 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
16:54:38.0781 5348 C:\Windows\System32\wups.dll - ok
16:54:38.0781 5348 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
16:54:38.0781 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
16:54:38.0797 5348 [ C5E82BCFD577AF98F3A7937A69A338B9 ] C:\Windows\System32\HPZ3LWN7.DLL
16:54:38.0797 5348 C:\Windows\System32\HPZ3LWN7.DLL - ok
16:54:38.0797 5348 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
16:54:38.0797 5348 C:\Windows\System32\tcpmon.dll - ok
16:54:38.0797 5348 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
16:54:38.0797 5348 C:\Windows\System32\oleacc.dll - ok
16:54:38.0797 5348 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
16:54:38.0797 5348 C:\Windows\System32\snmpapi.dll - ok
16:54:38.0797 5348 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
16:54:38.0797 5348 C:\Windows\System32\wsnmp32.dll - ok
16:54:38.0812 5348 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
16:54:38.0812 5348 C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe - ok
16:54:38.0812 5348 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
16:54:38.0812 5348 C:\Windows\System32\usbmon.dll - ok
16:54:38.0812 5348 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
16:54:38.0812 5348 C:\Windows\SysWOW64\sxs.dll - ok
16:54:38.0812 5348 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
16:54:38.0812 5348 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
16:54:38.0828 5348 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
16:54:38.0828 5348 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
16:54:38.0828 5348 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
16:54:38.0828 5348 C:\Windows\System32\WSDMon.dll - ok
16:54:38.0828 5348 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
16:54:38.0828 5348 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
16:54:38.0828 5348 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
16:54:38.0828 5348 C:\Windows\System32\wbem\cimwin32.dll - ok
16:54:38.0828 5348 [ C3670CD073CAF4866F600CDA2E8CD0E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
16:54:38.0828 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll - ok
16:54:38.0843 5348 [ E51C8294CE58089278222C32B6C97791 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp082.dll
16:54:38.0843 5348 C:\Windows\System32\spool\prtprocs\x64\hpfpp082.dll - ok
16:54:38.0843 5348 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
16:54:38.0843 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
16:54:38.0843 5348 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
16:54:38.0843 5348 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
16:54:38.0843 5348 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
16:54:38.0843 5348 C:\Windows\System32\win32spl.dll - ok
16:54:38.0843 5348 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
16:54:38.0843 5348 C:\Windows\System32\inetpp.dll - ok
16:54:38.0859 5348 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
16:54:38.0859 5348 C:\Windows\System32\cscapi.dll - ok
16:54:38.0859 5348 [ E8969A2864A30B2168F25A896088DE10 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
16:54:38.0859 5348 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
16:54:38.0859 5348 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
16:54:38.0859 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
16:54:38.0859 5348 [ D0FFF1F89431A60A2CC077452B53A50D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
16:54:38.0859 5348 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
16:54:38.0875 5348 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
16:54:38.0875 5348 C:\Windows\System32\framedynos.dll - ok
16:54:38.0875 5348 [ 0A473BEFD39B78EDD82C2BDA84529ADA ] C:\Windows\System32\wbem\Win32_EncryptableVolume.dll
16:54:38.0875 5348 C:\Windows\System32\wbem\Win32_EncryptableVolume.dll - ok
16:54:38.0875 5348 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
16:54:38.0875 5348 C:\Windows\System32\wmi.dll - ok
16:54:38.0875 5348 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
16:54:38.0875 5348 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
16:54:38.0875 5348 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
16:54:38.0875 5348 C:\Windows\System32\npmproxy.dll - ok
16:54:38.0890 5348 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:54:38.0890 5348 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok
16:54:38.0890 5348 [ 08457D8F8149757C70CEA59C71EC5D27 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:54:38.0890 5348 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
16:54:38.0890 5348 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
16:54:38.0890 5348 C:\Windows\System32\rundll32.exe - ok
16:54:38.0890 5348 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
16:54:38.0890 5348 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
16:54:38.0906 5348 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
16:54:38.0906 5348 C:\Windows\SysWOW64\wscisvif.dll - ok
16:54:38.0906 5348 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
16:54:38.0906 5348 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
16:54:38.0906 5348 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
16:54:38.0906 5348 C:\Windows\SysWOW64\shfolder.dll - ok
16:54:38.0906 5348 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
16:54:38.0906 5348 C:\Windows\System32\diagperf.dll - ok
16:54:38.0906 5348 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
16:54:38.0906 5348 C:\Windows\System32\perftrack.dll - ok
16:54:38.0921 5348 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
16:54:38.0921 5348 C:\Windows\System32\PortableDeviceApi.dll - ok
16:54:38.0921 5348 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
16:54:38.0921 5348 C:\Windows\System32\Apphlpdm.dll - ok
16:54:38.0921 5348 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
16:54:38.0921 5348 C:\Windows\System32\wer.dll - ok
16:54:38.0921 5348 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
16:54:38.0921 5348 C:\Windows\System32\dllhost.exe - ok
16:54:38.0921 5348 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
16:54:38.0921 5348 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
16:54:38.0937 5348 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
16:54:38.0937 5348 C:\Windows\System32\drivers\WUDFRd.sys - ok
16:54:38.0937 5348 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
16:54:38.0937 5348 C:\Windows\System32\NapiNSP.dll - ok
16:54:38.0937 5348 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
16:54:38.0937 5348 C:\Windows\System32\pnpts.dll - ok
16:54:38.0937 5348 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
16:54:38.0937 5348 C:\Windows\System32\pnrpnsp.dll - ok
16:54:38.0937 5348 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
16:54:38.0937 5348 C:\Windows\System32\wdiasqmmodule.dll - ok
16:54:38.0953 5348 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
16:54:38.0953 5348 C:\Windows\System32\winrnr.dll - ok
16:54:38.0953 5348 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
16:54:38.0953 5348 C:\Windows\System32\IDStore.dll - ok
16:54:38.0953 5348 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
16:54:38.0953 5348 C:\Windows\System32\kbd101a.dll - ok
16:54:38.0953 5348 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
16:54:38.0953 5348 C:\Windows\System32\kbd103.dll - ok
16:54:38.0953 5348 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
16:54:38.0953 5348 C:\Windows\System32\KBDKOR.DLL - ok
16:54:38.0968 5348 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
16:54:38.0968 5348 C:\Windows\System32\taskhost.exe - ok
16:54:38.0968 5348 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
16:54:38.0968 5348 C:\Windows\System32\AtBroker.exe - ok
16:54:38.0968 5348 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
16:54:38.0968 5348 C:\Windows\System32\taskeng.exe - ok
16:54:38.0968 5348 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
16:54:38.0968 5348 C:\Windows\System32\HotStartUserAgent.dll - ok
16:54:38.0968 5348 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
16:54:38.0968 5348 C:\Windows\System32\mpr.dll - ok
16:54:38.0984 5348 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
16:54:38.0984 5348 C:\Windows\System32\SensApi.dll - ok
16:54:38.0984 5348 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
16:54:38.0984 5348 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
16:54:38.0984 5348 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
16:54:38.0984 5348 C:\Windows\System32\mgmtapi.dll - ok
16:54:38.0984 5348 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
16:54:38.0984 5348 C:\Windows\System32\tcpmib.dll - ok
16:54:38.0984 5348 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
16:54:38.0984 5348 C:\Windows\System32\userinit.exe - ok
16:54:38.0999 5348 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
16:54:38.0999 5348 C:\Windows\System32\WUDFHost.exe - ok
16:54:38.0999 5348 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
16:54:38.0999 5348 C:\Windows\System32\dwmredir.dll - ok
16:54:38.0999 5348 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
16:54:38.0999 5348 C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
16:54:38.0999 5348 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
16:54:38.0999 5348 C:\Windows\System32\dwmcore.dll - ok
16:54:38.0999 5348 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
16:54:38.0999 5348 C:\Windows\System32\WUDFx.dll - ok
16:54:39.0015 5348 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
16:54:39.0015 5348 C:\Windows\System32\d3d10_1.dll - ok
16:54:39.0015 5348 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
16:54:39.0015 5348 C:\Windows\System32\MsCtfMonitor.dll - ok
16:54:39.0015 5348 [ 3E16F63C12B405B572EFB3045BA67F40 ] C:\Windows\System32\spool\drivers\x64\3\hpfui082.dll
16:54:39.0015 5348 C:\Windows\System32\spool\drivers\x64\3\hpfui082.dll - ok
16:54:39.0015 5348 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
16:54:39.0015 5348 C:\Windows\System32\d3d10_1core.dll - ok
16:54:39.0015 5348 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
16:54:39.0015 5348 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
16:54:39.0031 5348 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
16:54:39.0031 5348 C:\Windows\System32\msutb.dll - ok
16:54:39.0031 5348 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
16:54:39.0031 5348 C:\Windows\System32\dxgi.dll - ok
16:54:39.0031 5348 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
16:54:39.0031 5348 C:\Windows\System32\TSChannel.dll - ok
16:54:39.0031 5348 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
16:54:39.0031 5348 C:\Windows\System32\WMVCORE.DLL - ok
16:54:39.0031 5348 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
16:54:39.0031 5348 C:\Windows\System32\PlaySndSrv.dll - ok
16:54:39.0046 5348 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
16:54:39.0046 5348 C:\Windows\System32\d3d11.dll - ok
16:54:39.0046 5348 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
16:54:39.0046 5348 C:\Windows\System32\dimsjob.dll - ok
16:54:39.0046 5348 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:39.0046 5348 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
16:54:39.0046 5348 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
16:54:39.0046 5348 C:\Windows\System32\radardt.dll - ok
16:54:39.0046 5348 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
16:54:39.0046 5348 C:\Windows\System32\pautoenr.dll - ok
16:54:39.0062 5348 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
16:54:39.0062 5348 C:\Windows\System32\WMASF.DLL - ok
16:54:39.0062 5348 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
16:54:39.0062 5348 C:\Windows\System32\certcli.dll - ok
16:54:39.0062 5348 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
16:54:39.0062 5348 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
16:54:39.0062 5348 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
16:54:39.0062 5348 C:\Windows\System32\PortableDeviceTypes.dll - ok
16:54:39.0062 5348 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
16:54:39.0062 5348 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
16:54:39.0077 5348 [ 36A778E921E37FAFBB86A310CC23970C ] C:\Windows\System32\spool\drivers\x64\3\hpfst082.dll
16:54:39.0077 5348 C:\Windows\System32\spool\drivers\x64\3\hpfst082.dll - ok
16:54:39.0077 5348 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
16:54:39.0077 5348 C:\Windows\SysWOW64\netapi32.dll - ok
16:54:39.0077 5348 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
16:54:39.0077 5348 C:\Windows\SysWOW64\netutils.dll - ok
16:54:39.0077 5348 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
16:54:39.0077 5348 C:\Windows\System32\CertEnroll.dll - ok
16:54:39.0093 5348 [ 2D2F4CE68D04770B7D16FD5EB5B14152 ] C:\Windows\System32\nvwgf2umx.dll
16:54:39.0093 5348 C:\Windows\System32\nvwgf2umx.dll - ok
16:54:39.0093 5348 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
16:54:39.0093 5348 C:\Windows\SysWOW64\imagehlp.dll - ok
16:54:39.0093 5348 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
16:54:39.0093 5348 C:\Windows\SysWOW64\srvcli.dll - ok
16:54:39.0093 5348 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
16:54:39.0093 5348 C:\Windows\SysWOW64\wkscli.dll - ok
16:54:39.0093 5348 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
16:54:39.0093 5348 C:\Windows\SysWOW64\cscapi.dll - ok
16:54:39.0093 5348 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
16:54:39.0093 5348 C:\Windows\System32\drprov.dll - ok
16:54:39.0109 5348 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
16:54:39.0109 5348 C:\Windows\SysWOW64\dbghelp.dll - ok
16:54:39.0109 5348 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
16:54:39.0109 5348 C:\Windows\explorer.exe - ok
16:54:39.0109 5348 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
16:54:39.0109 5348 C:\Windows\System32\ntlanman.dll - ok
16:54:39.0109 5348 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
16:54:39.0109 5348 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
16:54:39.0109 5348 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
16:54:39.0109 5348 C:\Windows\System32\davclnt.dll - ok
16:54:39.0109 5348 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
16:54:39.0109 5348 C:\Windows\System32\davhlpr.dll - ok
16:54:39.0109 5348 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
16:54:39.0109 5348 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
16:54:39.0124 5348 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
16:54:39.0124 5348 C:\Windows\SysWOW64\mstask.dll - ok
16:54:39.0124 5348 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
16:54:39.0124 5348 C:\Windows\System32\ExplorerFrame.dll - ok
16:54:39.0124 5348 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
16:54:39.0124 5348 C:\Windows\System32\uDWM.dll - ok
16:54:39.0124 5348 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
16:54:39.0124 5348 C:\Windows\System32\tdh.dll - ok
16:54:39.0124 5348 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
16:54:39.0124 5348 C:\Windows\System32\EhStorShell.dll - ok
16:54:39.0124 5348 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
16:54:39.0124 5348 C:\Windows\System32\ntshrui.dll - ok
16:54:39.0124 5348 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
16:54:39.0124 5348 C:\Windows\System32\IconCodecService.dll - ok
16:54:39.0140 5348 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
16:54:39.0140 5348 C:\Windows\System32\pnidui.dll - ok
16:54:39.0140 5348 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
16:54:39.0140 5348 C:\Windows\System32\runonce.exe - ok
16:54:39.0140 5348 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
16:54:39.0140 5348 C:\Windows\SysWOW64\runonce.exe - ok
16:54:39.0140 5348 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
16:54:39.0140 5348 C:\Windows\SysWOW64\uxtheme.dll - ok
16:54:39.0140 5348 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
16:54:39.0140 5348 C:\Windows\System32\wmp.dll - ok
16:54:39.0140 5348 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
16:54:39.0140 5348 C:\Windows\System32\drivers\nwifi.sys - ok
16:54:39.0155 5348 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
16:54:39.0155 5348 C:\Windows\SysWOW64\cmd.exe - ok
16:54:39.0155 5348 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
16:54:39.0155 5348 C:\Windows\System32\conhost.exe - ok
16:54:39.0155 5348 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
16:54:39.0155 5348 C:\Windows\SysWOW64\winbrand.dll - ok
16:54:39.0155 5348 [ B3DC2359FA6E58C753ABE9D6F13B3608 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
16:54:39.0155 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe - ok
16:54:39.0155 5348 [ F89967431AA089C1A84710404912CAC5 ] C:\Windows\SysWOW64\ieframe.dll
16:54:39.0155 5348 C:\Windows\SysWOW64\ieframe.dll - ok
16:54:39.0155 5348 [ EBDD3032297EF6832A1D6D3AA6DC3537 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
16:54:39.0155 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe - ok
16:54:39.0155 5348 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
16:54:39.0155 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
16:54:39.0171 5348 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
16:54:39.0171 5348 C:\Windows\SysWOW64\oleacc.dll - ok
16:54:39.0171 5348 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
16:54:39.0171 5348 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
16:54:39.0171 5348 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
16:54:39.0171 5348 C:\Windows\SysWOW64\riched20.dll - ok
16:54:39.0171 5348 [ 9839C4217EBD9A6B84B60FF2FBD9B1A5 ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe
16:54:39.0171 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe - ok
16:54:39.0171 5348 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
16:54:39.0171 5348 C:\Windows\SysWOW64\ncrypt.dll - ok
16:54:39.0171 5348 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
16:54:39.0171 5348 C:\Windows\SysWOW64\comdlg32.dll - ok
16:54:39.0187 5348 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
16:54:39.0187 5348 C:\Windows\SysWOW64\bcrypt.dll - ok
16:54:39.0187 5348 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
16:54:39.0187 5348 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
16:54:39.0187 5348 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
16:54:39.0187 5348 C:\Windows\SysWOW64\gpapi.dll - ok
16:54:39.0187 5348 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
16:54:39.0187 5348 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
16:54:39.0187 5348 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
16:54:39.0187 5348 C:\Windows\SysWOW64\shdocvw.dll - ok
16:54:39.0187 5348 [ CD4F7B90CB09831BCDEDE0A206CCDB35 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
16:54:39.0187 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe - ok
16:54:39.0202 5348 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
16:54:39.0202 5348 C:\Windows\SysWOW64\cryptnet.dll - ok
16:54:39.0202 5348 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
16:54:39.0202 5348 C:\Windows\SysWOW64\winhttp.dll - ok
16:54:39.0202 5348 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
16:54:39.0202 5348 C:\Windows\SysWOW64\winmm.dll - ok
16:54:39.0202 5348 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
16:54:39.0202 5348 C:\Windows\SysWOW64\webio.dll - ok
16:54:39.0202 5348 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
16:54:39.0202 5348 C:\Windows\AppPatch\AcLayers.dll - ok
16:54:39.0218 5348 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
16:54:39.0218 5348 C:\Windows\SysWOW64\mpr.dll - ok
16:54:39.0218 5348 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
16:54:39.0218 5348 C:\Windows\SysWOW64\dwmapi.dll - ok
16:54:39.0218 5348 [ 14C7285F76D9C4AD86EC56C8730DEE2F ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
16:54:39.0218 5348 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
16:54:39.0218 5348 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
16:54:39.0218 5348 C:\Windows\SysWOW64\oledlg.dll - ok
16:54:39.0218 5348 [ BF85366B209DFC11BAB31380C7C47E31 ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe
16:54:39.0218 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe - ok
16:54:39.0218 5348 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
16:54:39.0218 5348 C:\Windows\SysWOW64\credssp.dll - ok
16:54:39.0218 5348 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
16:54:39.0218 5348 C:\Windows\SysWOW64\mswsock.dll - ok
16:54:39.0233 5348 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
16:54:39.0233 5348 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
16:54:39.0233 5348 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
16:54:39.0233 5348 C:\Windows\SysWOW64\wship6.dll - ok
16:54:39.0233 5348 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
16:54:39.0233 5348 C:\Windows\System32\msvcp100.dll - ok
16:54:39.0233 5348 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
16:54:39.0233 5348 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
16:54:39.0233 5348 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
16:54:39.0233 5348 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
16:54:39.0233 5348 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
16:54:39.0233 5348 C:\Windows\System32\ndiscapCfg.dll - ok
16:54:39.0249 5348 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
16:54:39.0249 5348 C:\Windows\SysWOW64\dnsapi.dll - ok
16:54:39.0249 5348 [ 09890A2F032B138A74B5DF2C1233FB1D ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
16:54:39.0249 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe - ok
16:54:39.0249 5348 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
16:54:39.0249 5348 C:\Windows\System32\mprapi.dll - ok
16:54:39.0249 5348 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
16:54:39.0249 5348 C:\Windows\SysWOW64\devrtl.dll - ok
16:54:39.0249 5348 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
16:54:39.0249 5348 C:\Windows\SysWOW64\rasadhlp.dll - ok
16:54:39.0249 5348 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
16:54:39.0249 5348 C:\Windows\System32\mprmsg.dll - ok
16:54:39.0265 5348 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
16:54:39.0265 5348 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
16:54:39.0265 5348 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
16:54:39.0265 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
16:54:39.0265 5348 [ 1E3CB1435EC745058628AE40FEA9F471 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
16:54:39.0265 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll - ok
16:54:39.0265 5348 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
16:54:39.0265 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
16:54:39.0265 5348 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Joe\AppData\Local\Temp\02D468CA-87EB-4019-A37C-C1C95CE60515.exe
16:54:39.0265 5348 C:\Users\Joe\AppData\Local\Temp\02D468CA-87EB-4019-A37C-C1C95CE60515.exe - ok
16:54:39.0280 5348 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
16:54:39.0280 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
16:54:39.0280 5348 [ 42EBC2ECBB81A0FFE720601500760C7E ] C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe
16:54:39.0280 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe - ok
16:54:39.0280 5348 [ 47AC56BC5FA5D41F73940A02686627CB ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STSCheduler.dll
16:54:39.0280 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STSCheduler.dll - ok
16:54:39.0280 5348 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
16:54:39.0280 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
16:54:39.0280 5348 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
16:54:39.0280 5348 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
16:54:39.0280 5348 [ EE74A0FF7C5752E49911986F22BBAEEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
16:54:39.0280 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll - ok
16:54:39.0296 5348 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
16:54:39.0296 5348 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
16:54:39.0296 5348 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
16:54:39.0296 5348 C:\Windows\SysWOW64\EhStorShell.dll - ok
16:54:39.0296 5348 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
16:54:39.0296 5348 C:\Windows\SysWOW64\ntshrui.dll - ok
16:54:39.0296 5348 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
16:54:39.0296 5348 C:\Windows\SysWOW64\slc.dll - ok
16:54:39.0296 5348 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
16:54:39.0296 5348 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
16:54:39.0296 5348 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
16:54:39.0296 5348 C:\Windows\SysWOW64\imageres.dll - ok
16:54:39.0311 5348 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
16:54:39.0311 5348 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
16:54:39.0311 5348 [ DD6F9A0B7E9C2172A9388050684524C9 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
16:54:39.0311 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll - ok
16:54:39.0311 5348 [ F705A150AC0E691FA866FD0947229CB5 ] C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll
16:54:39.0311 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll - ok
16:54:39.0311 5348 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
16:54:39.0311 5348 C:\Windows\SysWOW64\d3d9.dll - ok
16:54:39.0311 5348 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
16:54:39.0311 5348 C:\Windows\SysWOW64\d3d8thk.dll - ok
16:54:39.0311 5348 [ 2E93015C2A46DEC414777A76032B579D ] C:\Windows\SysWOW64\nvd3dum.dll
16:54:39.0311 5348 C:\Windows\SysWOW64\nvd3dum.dll - ok
16:54:39.0327 5348 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
16:54:39.0327 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
16:54:39.0327 5348 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
16:54:39.0327 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
16:54:39.0327 5348 [ BE39E22059A3082D5289739299C33C01 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
16:54:39.0327 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll - ok
16:54:39.0327 5348 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
16:54:39.0327 5348 C:\Windows\SysWOW64\powrprof.dll - ok
16:54:39.0327 5348 [ 5E5BAFFB6E2ECEC1BE96ACFAA099F42F ] C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll
16:54:39.0327 5348 C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll - ok
16:54:39.0327 5348 [ F86654DF03C8AD1C2CE6F95FA5240060 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
16:54:39.0343 5348 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll - ok
16:54:39.0343 5348 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
16:54:39.0343 5348 C:\Windows\System32\drivers\fastfat.sys - ok
16:54:39.0343 5348 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
16:54:39.0343 5348 C:\Windows\System32\wmploc.DLL - ok
16:54:39.0343 5348 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\29299816.sys
16:54:39.0343 5348 C:\Windows\System32\drivers\29299816.sys - ok
16:54:39.0343 5348 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
16:54:39.0343 5348 C:\Windows\System32\themeui.dll - ok
16:54:39.0343 5348 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
16:54:39.0343 5348 C:\Windows\System32\ie4uinit.exe - ok
16:54:39.0358 5348 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
16:54:39.0358 5348 C:\Windows\System32\iedkcs32.dll - ok
16:54:39.0358 5348 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
16:54:39.0358 5348 C:\Windows\System32\timedate.cpl - ok
16:54:39.0358 5348 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
16:54:39.0358 5348 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
16:54:39.0358 5348 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
16:54:39.0358 5348 C:\Windows\System32\actxprxy.dll - ok
16:54:39.0358 5348 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
16:54:39.0358 5348 C:\Windows\SysWOW64\duser.dll - ok
16:54:39.0374 5348 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
16:54:39.0374 5348 C:\Windows\SysWOW64\dui70.dll - ok
16:54:39.0374 5348 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
16:54:39.0374 5348 C:\Windows\System32\shdocvw.dll - ok
16:54:39.0374 5348 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
16:54:39.0374 5348 C:\Windows\System32\linkinfo.dll - ok
16:54:39.0374 5348 [ B8CAF23886F336DD148B4C2003C8D200 ] C:\Windows\System32\mmres.dll
16:54:39.0374 5348 C:\Windows\System32\mmres.dll - ok
16:54:39.0374 5348 [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
16:54:39.0374 5348 C:\Windows\System32\DisplaySwitch.exe - ok
16:54:39.0389 5348 [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
16:54:39.0389 5348 C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
16:54:39.0389 5348 [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
16:54:39.0389 5348 C:\Windows\System32\mblctr.exe - ok
16:54:39.0389 5348 [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
16:54:39.0389 5348 C:\Windows\System32\mstsc.exe - ok
16:54:39.0389 5348 [ 7633F554EEAFDE7F144B41C2FCAF5F63 ] C:\Windows\System32\SnippingTool.exe
16:54:39.0389 5348 C:\Windows\System32\SnippingTool.exe - ok
16:54:39.0389 5348 [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
16:54:39.0389 5348 C:\Windows\System32\SoundRecorder.exe - ok
16:54:39.0405 5348 [ 0A8BEC706DBC33BEA9A919BEDA137A2D ] C:\Windows\System32\SNTSearch.dll
16:54:39.0405 5348 C:\Windows\System32\SNTSearch.dll - ok
16:54:39.0405 5348 [ F121FF27B30D62EB148E928C4769328B ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
16:54:39.0405 5348 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
16:54:39.0405 5348 [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
16:54:39.0405 5348 C:\Windows\System32\dfrgui.exe - ok
16:54:39.0405 5348 [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
16:54:39.0405 5348 C:\Windows\System32\wdc.dll - ok
16:54:39.0405 5348 [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
16:54:39.0405 5348 C:\Windows\System32\msinfo32.exe - ok
16:54:39.0421 5348 [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
16:54:39.0421 5348 C:\Windows\System32\rstrui.exe - ok
16:54:39.0421 5348 [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
16:54:39.0421 5348 C:\Windows\System32\migwiz\wet.dll - ok
16:54:39.0421 5348 [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
16:54:39.0421 5348 C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
16:54:39.0421 5348 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
16:54:39.0421 5348 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
16:54:39.0436 5348 [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
16:54:39.0436 5348 C:\Program Files\Windows Journal\Journal.exe - ok
16:54:39.0436 5348 [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
16:54:39.0436 5348 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
16:54:39.0436 5348 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
16:54:39.0436 5348 C:\Windows\System32\gameux.dll - ok
16:54:39.0436 5348 [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
16:54:39.0436 5348 C:\Windows\System32\recdisc.exe - ok
16:54:39.0436 5348 [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
16:54:39.0436 5348 C:\Windows\System32\msra.exe - ok
16:54:39.0436 5348 [ CD47548A52B02D254BF6D7F7A5F2BFD3 ] C:\Windows\HelpPane.exe
16:54:39.0436 5348 C:\Windows\HelpPane.exe - ok
16:54:39.0452 5348 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
16:54:39.0452 5348 C:\Windows\System32\msiltcfg.dll - ok
16:54:39.0452 5348 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
16:54:39.0452 5348 C:\Windows\System32\msi.dll - ok
16:54:39.0452 5348 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
16:54:39.0452 5348 C:\Windows\System32\msftedit.dll - ok
16:54:39.0452 5348 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
16:54:39.0452 5348 C:\Windows\System32\msls31.dll - ok
16:54:39.0452 5348 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
16:54:39.0452 5348 C:\Windows\System32\DeviceCenter.dll - ok
16:54:39.0452 5348 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
16:54:39.0452 5348 C:\Windows\System32\UIAnimation.dll - ok
16:54:39.0467 5348 [ 45D84D3601A0972AA734410534219EA5 ] C:\Windows\System32\ieframe.dll
16:54:39.0467 5348 C:\Windows\System32\ieframe.dll - ok
16:54:39.0467 5348 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
16:54:39.0467 5348 C:\Windows\System32\thumbcache.dll - ok
16:54:39.0467 5348 [ 54126CDDEF533083D0FFDB94810AD1AA ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
16:54:39.0467 5348 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe - ok
16:54:39.0467 5348 [ D5F72E03EDF8BDEA4847D693237330C7 ] C:\Users\Joe\AppData\Local\Temp\58AA.tmp
16:54:39.0467 5348 C:\Users\Joe\AppData\Local\Temp\58AA.tmp - ok
16:54:39.0467 5348 [ BA92C496F08D78F7DB263A20C36AA546 ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
16:54:39.0467 5348 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
16:54:39.0467 5348 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
16:54:39.0467 5348 C:\Windows\System32\networkexplorer.dll - ok
16:54:39.0483 5348 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
16:54:39.0483 5348 C:\Windows\SysWOW64\atl.dll - ok
16:54:39.0483 5348 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
16:54:39.0483 5348 C:\Windows\SysWOW64\mfc100u.dll - ok
16:54:39.0483 5348 [ BC338374DBFE6531F35B1BDA24232B43 ] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
16:54:39.0483 5348 C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe - ok
16:54:39.0483 5348 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
16:54:39.0483 5348 C:\Windows\System32\mlang.dll - ok
16:54:39.0483 5348 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:54:39.0483 5348 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
16:54:39.0499 5348 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
16:54:39.0499 5348 C:\Windows\SysWOW64\mfc100enu.dll - ok
16:54:39.0499 5348 [ 6EDBF91C10EE47AC4AC1C58E71F0245A ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
16:54:39.0499 5348 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
16:54:39.0499 5348 [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
16:54:39.0499 5348 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
16:54:39.0499 5348 [ E4973774FB327BD344DBE3E21C2E4A32 ] C:\Program Files (x86)\AVG SafeGuard toolbar\15.0.0.2\AVG SafeGuard toolbar_toolbar.dll
16:54:39.0499 5348 C:\Program Files (x86)\AVG SafeGuard toolbar\15.0.0.2\AVG SafeGuard toolbar_toolbar.dll - ok
16:54:39.0499 5348 [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
16:54:39.0499 5348 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
16:54:39.0514 5348 [ 12DBA51A6D1126E88F78D79AE0F7600F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
16:54:39.0514 5348 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
16:54:39.0514 5348 [ ECE9B82C7696AD211F9BD64E41DF598B ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll
16:54:39.0514 5348 C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok
16:54:39.0514 5348 [ 730E90935150048A4E5F392FCDD49DA3 ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
16:54:39.0514 5348 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
16:54:39.0514 5348 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
16:54:39.0514 5348 C:\Windows\SysWOW64\rasapi32.dll - ok
16:54:39.0514 5348 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
16:54:39.0514 5348 C:\Windows\SysWOW64\rasman.dll - ok
16:54:39.0514 5348 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
16:54:39.0514 5348 C:\Windows\SysWOW64\rtutils.dll - ok
16:54:39.0530 5348 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
16:54:39.0530 5348 C:\Windows\SysWOW64\nlaapi.dll - ok
16:54:39.0530 5348 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
16:54:39.0530 5348 C:\Windows\SysWOW64\NapiNSP.dll - ok
16:54:39.0530 5348 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
16:54:39.0530 5348 C:\Windows\SysWOW64\pnrpnsp.dll - ok
16:54:39.0530 5348 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
16:54:39.0530 5348 C:\Windows\SysWOW64\winrnr.dll - ok
16:54:39.0530 5348 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
16:54:39.0530 5348 C:\Windows\SysWOW64\netprofm.dll - ok
16:54:39.0545 5348 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
16:54:39.0545 5348 C:\Windows\SysWOW64\npmproxy.dll - ok
16:54:39.0545 5348 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
16:54:39.0545 5348 C:\Windows\SysWOW64\linkinfo.dll - ok
16:54:39.0545 5348 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
16:54:39.0545 5348 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
16:54:39.0545 5348 [ D6E8AB2A617DB0199A0E8D82EC5C75A1 ] C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\SiteSafety.dll
16:54:39.0545 5348 C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\SiteSafety.dll - ok
16:54:39.0545 5348 [ 78531E664EAB71F39F19615AD25A3A3A ] C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\15.0.0\avgdttbx.dll
16:54:39.0545 5348 C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\15.0.0\avgdttbx.dll - ok
16:54:39.0561 5348 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
16:54:39.0561 5348 C:\Windows\System32\stobject.dll - ok
16:54:39.0561 5348 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
16:54:39.0561 5348 C:\Windows\System32\batmeter.dll - ok
16:54:39.0561 5348 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
16:54:39.0561 5348 C:\Windows\System32\prnfldr.dll - ok
16:54:39.0561 5348 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
16:54:39.0561 5348 C:\Windows\System32\DXP.dll - ok
16:54:39.0577 5348 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
16:54:39.0577 5348 C:\Windows\System32\Syncreg.dll - ok
16:54:39.0577 5348 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
16:54:39.0577 5348 C:\Windows\ehome\ehSSO.dll - ok
16:54:39.0577 5348 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
16:54:39.0577 5348 C:\Windows\System32\netshell.dll - ok
16:54:39.0577 5348 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
16:54:39.0577 5348 C:\Windows\System32\AltTab.dll - ok
16:54:39.0592 5348 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
16:54:39.0592 5348 C:\Windows\System32\WPDShServiceObj.dll - ok
16:54:39.0592 5348 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
16:54:39.0592 5348 C:\Windows\System32\QUTIL.DLL - ok
16:54:39.0592 5348 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
16:54:39.0592 5348 C:\Windows\System32\tquery.dll - ok
16:54:39.0592 5348 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
16:54:39.0592 5348 C:\Windows\System32\srchadmin.dll - ok
16:54:39.0608 5348 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
16:54:39.0608 5348 C:\Windows\System32\mssrch.dll - ok
16:54:39.0608 5348 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
16:54:39.0608 5348 C:\Windows\System32\esent.dll - ok
16:54:39.0608 5348 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
16:54:39.0608 5348 C:\Windows\System32\msidle.dll - ok
16:54:39.0608 5348 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
16:54:39.0608 5348 C:\Windows\System32\rasdlg.dll - ok
16:54:39.0608 5348 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
16:54:39.0608 5348 C:\Windows\System32\dot3api.dll - ok
16:54:39.0608 5348 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
16:54:39.0608 5348 C:\Windows\System32\mssprxy.dll - ok
16:54:39.0623 5348 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
16:54:39.0623 5348 C:\Windows\System32\eappcfg.dll - ok
16:54:39.0623 5348 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
16:54:39.0623 5348 C:\Windows\System32\wlanhlp.dll - ok
16:54:39.0623 5348 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
16:54:39.0623 5348 C:\Windows\System32\wlanapi.dll - ok
16:54:39.0623 5348 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
16:54:39.0623 5348 C:\Windows\System32\wlanutil.dll - ok
16:54:39.0623 5348 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
16:54:39.0623 5348 C:\Windows\System32\onex.dll - ok
16:54:39.0623 5348 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
16:54:39.0623 5348 C:\Windows\System32\eappprxy.dll - ok
16:54:39.0623 5348 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
16:54:39.0623 5348 C:\Windows\System32\en-US\tquery.dll.mui - ok
16:54:39.0639 5348 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
16:54:39.0639 5348 C:\Windows\System32\ActionCenter.dll - ok
16:54:39.0639 5348 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
16:54:39.0639 5348 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
16:54:39.0639 5348 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
16:54:39.0639 5348 C:\Windows\System32\WWanAPI.dll - ok
16:54:39.0639 5348 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
16:54:39.0639 5348 C:\Windows\System32\wwapi.dll - ok
16:54:39.0639 5348 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
16:54:39.0639 5348 C:\Windows\System32\QAGENT.DLL - ok
16:54:39.0639 5348 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
16:54:39.0639 5348 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
16:54:39.0655 5348 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
16:54:39.0655 5348 C:\Windows\System32\wmdrmdev.dll - ok
16:54:39.0655 5348 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
16:54:39.0655 5348 C:\Windows\System32\bthprops.cpl - ok
16:54:39.0655 5348 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
16:54:39.0655 5348 C:\Windows\System32\drmv2clt.dll - ok
16:54:39.0655 5348 ============================================================
16:54:39.0655 5348 Scan finished
16:54:39.0655 5348 ============================================================
16:54:39.0655 5340 Detected object count: 7
16:54:39.0655 5340 Actual detected object count: 7
16:56:28.0544 5340 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:28.0544 5340 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:28.0544 5340 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:28.0544 5340 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:28.0544 5340 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:28.0544 5340 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:28.0544 5340 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:28.0544 5340 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:28.0544 5340 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:28.0544 5340 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:28.0544 5340 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:28.0544 5340 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:28.0560 5340 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:56:28.0560 5340 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:57:20.0165 4624 Deinitialize success
  • 0

#27
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello



I would like you to rerun TDSSKiller and this time when it gets to this part

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I want you to select Delete this time instead of skip.


Gringo
  • 0

#28
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.28.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Joe :: JOE-PC [administrator]

3/28/2013 5:09:29 PM
mbar-log-2013-03-28 (17-09-29).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28982
Time elapsed: 8 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#29
kyong

kyong

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
17:15:36.0984 2000 ============================================================
17:15:36.0984 2000 Scan finished
17:15:36.0984 2000 ============================================================
17:15:36.0984 7056 Detected object count: 7
17:15:36.0984 7056 Actual detected object count: 7
17:15:52.0631 7056 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:52.0631 7056 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:52.0631 7056 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:52.0631 7056 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:52.0631 7056 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:52.0631 7056 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:52.0646 7056 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:52.0646 7056 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:52.0646 7056 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:52.0646 7056 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:52.0646 7056 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:52.0646 7056 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:52.0678 7056 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:15:52.0678 7056 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:15:52.0693 7056 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:15:52.0693 7056 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:15:52.0693 7056 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:15:52.0693 7056 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:15:52.0693 7056 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:15:52.0771 7056 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:15:52.0849 7056 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:15:52.0849 7056 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:15:52.0865 7056 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:15:52.0880 7056 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:15:52.0880 7056 \Device\Harddisk0\DR0\TDLFS - deleted
17:15:52.0880 7056 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
  • 0

#30
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello kyong

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP