Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Crash/Blue screen, trouble starting, and Comcast says I have a Bot [So


  • This topic is locked This topic is locked

#1
Treetearer

Treetearer

    Member

  • Member
  • PipPip
  • 14 posts
Most things on my computer seem to run just fine. I have an HP Pavilion Entertainment PC with windows 7. But every now and then, shortly after turning on my laptop, it will blue screen. That happens less frequently than getting my laptop from sleep mode only to have it say that it had trouble starting up. Then it reboots and tries to fix itself, but can't. Everytime I go on my computer, comcast emails and says that one of our computers has a bot. I've tried looking, but I'm just having trouble. Here is the text from my scan. I did a full scan instead of a quick scan, so I hope that is alright. Thanks ahead of time.

OTL logfile created on: 4/18/2013 6:55:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sam\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 24.13% Memory free
7.93 Gb Paging File | 4.62 Gb Available in Paging File | 58.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.62 Gb Total Space | 292.04 Gb Free Space | 64.81% Space Free | Partition Type: NTFS
Drive D: | 14.95 Gb Total Space | 2.46 Gb Free Space | 16.47% Space Free | Partition Type: NTFS
Drive E: | 3.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DALAPTOP | User Name: Sam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/18 18:55:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sam\Downloads\OTL.exe
PRC - [2013/04/14 18:58:27 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2013/02/23 19:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/02/23 16:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/02/22 11:04:24 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013/02/22 11:04:24 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013/01/15 19:47:28 | 000,703,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2013/01/15 19:47:12 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
PRC - [2013/01/15 19:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/12/25 18:35:10 | 004,474,832 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012/06/14 17:20:13 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/01/09 21:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/03/30 00:46:14 | 000,303,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/07/24 20:24:02 | 000,427,304 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009/07/23 22:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 13:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 13:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/03/29 16:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/14 18:58:27 | 016,032,648 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013/02/22 11:04:24 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013/02/22 11:04:24 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013/01/15 19:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/15 19:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/15 19:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2013/01/15 19:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/14 17:20:15 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2009/07/24 20:24:16 | 000,275,848 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009/07/24 20:24:16 | 000,124,288 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009/07/24 20:24:14 | 000,349,480 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009/07/23 13:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 15:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/07/02 16:16:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/03/27 21:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2013/04/14 19:09:22 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/23 16:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/02/22 11:04:24 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/01/15 19:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/08/30 07:54:54 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/08/20 04:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/14 17:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/09 21:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/03/31 11:26:00 | 003,612,600 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/03/30 00:46:14 | 000,303,952 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2007/07/24 13:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/22 11:04:24 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/11/03 15:15:34 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/11/03 15:15:34 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/13 16:40:52 | 000,150,880 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/08/10 04:52:38 | 000,199,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/10 04:52:34 | 000,105,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012/08/10 04:52:16 | 000,040,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/08/09 13:56:42 | 000,230,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012/08/09 13:56:34 | 000,060,768 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/08/09 13:56:20 | 000,175,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/26 18:50:47 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/04/16 21:24:34 | 000,027,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/04/12 03:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/03/30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/06 06:55:34 | 000,004,608 | ---- | M] (SupportSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssrangdr.sys -- (ssrangdr)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/23 12:02:38 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/07/20 22:39:00 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/07/14 18:16:00 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:31:00 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/08 15:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 15:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/07/02 16:51:00 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/29 13:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/29 12:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/29 10:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/04/06 20:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2012/07/05 14:53:22 | 000,021,904 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 14:53:18 | 000,033,224 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 19:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/01 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CC778948-1EA5-4599-AE7A-9807D211DCF4}
IE:64bit: - HKLM\..\SearchScopes\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{CC778948-1EA5-4599-AE7A-9807D211DCF4}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {CC778948-1EA5-4599-AE7A-9807D211DCF4}
IE - HKLM\..\SearchScopes\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{CC778948-1EA5-4599-AE7A-9807D211DCF4}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {CF38DBB1-8CD1-4C17-8FA3-48139073F6F5}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-09-16 20:57:13&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{CC778948-1EA5-4599-AE7A-9807D211DCF4}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{CF38DBB1-8CD1-4C17-8FA3-48139073F6F5}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.1
FF - prefs.js..extensions.enabledAddons: {2bfc8624-5b8a-4060-b86a-e78ccbc38509}:5.2
FF - prefs.js..extensions.enabledAddons: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1
FF - prefs.js..extensions.enabledAddons: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}:6.0.34
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - prefs.js..extensions.enabledAddons: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.9
FF - prefs.js..extensions.enabledAddons: [email protected]:5.1.3
FF - prefs.js..extensions.enabledAddons: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: [email protected]:4.3.7
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.14
FF - prefs.js..extensions.enabledItems: [email protected]:4.51
FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.459
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {2bfc8624-5b8a-4060-b86a-e78ccbc38509}:2.4
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.6
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0
FF - prefs.js..keyword.URL: "http://search.yahoo....type=198484&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Sam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/08/09 03:45:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013/02/22 11:04:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/22 23:34:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/24 14:09:21 | 000,000,000 | ---D | M]

[2009/11/22 01:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\Extensions
[2013/04/18 18:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions
[2009/12/01 19:49:17 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2012/08/16 18:45:51 | 000,000,000 | ---D | M] ("BetterSearch") -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{2bfc8624-5b8a-4060-b86a-e78ccbc38509}
[2010/02/02 20:16:43 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2013/01/24 19:42:46 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/02/13 00:20:15 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2010/04/14 22:48:05 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010/07/19 16:14:49 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2013/04/18 18:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\staged
[2011/02/27 12:00:15 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\[email protected]
[2010/07/19 16:14:49 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Users\Sam\AppData\Roaming\mozilla\Firefox\Profiles\0sj9uauy.default\extensions\[email protected]
[2013/01/24 19:42:45 | 000,141,038 | ---- | M] () (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\firefox\profiles\0sj9uauy.default\extensions\[email protected]
[2013/04/14 18:55:04 | 000,329,174 | ---- | M] () (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\firefox\profiles\0sj9uauy.default\extensions\[email protected]
[2013/04/14 18:55:05 | 000,361,682 | ---- | M] () (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\firefox\profiles\0sj9uauy.default\extensions\[email protected]
[2013/03/05 21:01:55 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\firefox\profiles\0sj9uauy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2013/04/18 18:29:20 | 000,340,614 | ---- | M] () (No name found) -- C:\Users\Sam\AppData\Roaming\mozilla\firefox\profiles\0sj9uauy.default\extensions\staged\[email protected]
[2012/09/04 07:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/16 00:09:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2012/09/04 07:54:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/11/24 14:09:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012/06/14 17:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/02/22 11:04:33 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013/01/19 15:43:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/19 15:43:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {4944924A-64E4-49C1-AC97-ABA3927262FE} http://channel.dontb...her/StWbUsa.CAB (StWbUsa Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15B52AB6-C7F7-43B8-8159-BAAB5305A11B}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/09/28 08:30:38 | 000,055,176 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2012/09/28 04:48:28 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{11fec41b-d43f-11e0-87a7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{11fec41b-d43f-11e0-87a7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2012/09/28 08:30:38 | 000,055,176 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{2caf23ff-9156-11de-a08a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2caf23ff-9156-11de-a08a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2012/09/28 08:30:38 | 000,055,176 | R--- | M] (Electronic Arts)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\F\Shell\setup\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\G\Shell\setup\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/18 18:49:43 | 070,490,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2013/04/14 19:54:07 | 000,000,000 | ---D | C] -- C:\Users\Sam\Desktop\The board
[2013/04/14 18:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2013/04/14 18:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/18 19:02:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/18 18:41:57 | 000,000,129 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2013/04/18 18:24:51 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/18 18:24:51 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/18 18:23:00 | 000,743,480 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/18 18:23:00 | 000,636,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/18 18:23:00 | 000,110,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/18 18:16:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/18 18:16:02 | 3195,420,672 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/14 19:09:20 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/04/14 19:09:20 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/04/14 18:38:42 | 000,411,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/01 19:48:44 | 070,490,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/19 21:51:41 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/09/16 20:37:35 | 000,007,596 | ---- | C] () -- C:\Users\Sam\AppData\Local\Resmon.ResmonCfg
[2012/08/28 23:34:37 | 000,000,132 | ---- | C] () -- C:\Windows\wininit.ini
[2012/03/17 20:52:50 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/25 12:34:38 | 000,000,129 | ---- | C] () -- C:\Users\Sam\jagex_runescape_preferences2.dat
[2011/09/25 12:33:22 | 000,000,035 | ---- | C] () -- C:\Users\Sam\jagex_runescape_preferences.dat
[2011/07/21 00:34:36 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2011/02/22 22:47:44 | 000,000,189 | ---- | C] () -- C:\Users\Sam\webct_upload_applet.properties
[2010/10/24 16:23:07 | 000,020,540 | ---- | C] () -- C:\Users\Sam\AppData\Roaming\UserTile.png
[2010/06/25 22:27:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/30 18:37:29 | 002,527,226 | ---- | C] () -- C:\Users\Sam\AppData\Local\tmpIMG_5709.0
[2010/05/30 18:37:29 | 000,446,107 | ---- | C] () -- C:\Users\Sam\AppData\Local\tmpIMG_5709.JPG
[2010/04/23 22:03:23 | 000,034,304 | ---- | C] () -- C:\Users\Sam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/06 23:28:43 | 000,006,594 | ---- | C] () -- C:\Users\Sam\AppData\Roaming\wklnhst.dat
[2009/11/19 00:28:42 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Treetearer

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Here is the first step of what you asked for. Working on the next one now. Thank you for replying!

Results of screen317's Security Check version 0.99.62
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2013
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java™ 6 Update 35
Java version out of Date!
Adobe Flash Player 11.7.700.169
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 13.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
IObit IObit Malware Fighter IMFsrv.exe
IObit IObit Malware Fighter IMF.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````
  • 0

#4
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
And step 2.

# AdwCleaner v2.200 - Logfile created 04/18/2013 at 22:48:06
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sam - DALAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Sam\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\Sam\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Sam\AppData\Local\PackageAware
Folder Deleted : C:\Users\Sam\AppData\Local\Temp\[email protected]
Folder Deleted : C:\Users\Sam\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Sam\AppData\LocalLow\Search Settings

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

File : C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\0sj9uauy.default\prefs.js

C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\0sj9uauy.default\user.js ... Deleted !

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.34");
Deleted : user_pref("extensions.ntk.ntkAnalytics-5", "<td id=\"row_5\" height=130 valign=top width=33%><div on[...]
Deleted : user_pref("extensions.ntk.recentClosedPers", "hxxps://addons.mozilla.org/en-US/firefox/addon/180649/[...]
Deleted : user_pref("extensions.rdr.whitelist", "abp:// ed2k:// file:// web.archive.org babelfish.altavista.co[...]

*************************

AdwCleaner[S1].txt - [7328 octets] - [18/04/2013 22:48:06]

########## EOF - C:\AdwCleaner[S1].txt - [7388 octets] ##########
  • 0

#5
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
And step 3.

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sam [Admin rights]
Mode : Remove -- Date : 04/18/2013 23:04:07
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc]

¤¤¤ Registry Entries : 4 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (:0) -> NOT REMOVED, USE PROXYFIX
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 95fc90980c7498db78ae24f1fde51a20
[BSP] be8309d975bcba159a36c1de12e15a83 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461435 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 945428480 | Size: 15304 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 86c1911fbbba48efb743f7223bfa1727
[BSP] be8309d975bcba159a36c1de12e15a83 : Windows Vista/7/8 MBR Code
Partition table:
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461435 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 945428480 | Size: 15304 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 86c1911fbbba48efb743f7223bfa1727
[BSP] be8309d975bcba159a36c1de12e15a83 : Windows Vista/7/8 MBR Code
Partition table:
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461435 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 945428480 | Size: 15304 Mo

Finished : << RKreport[2]_D_04182013_02d2304.txt >>
RKreport[1]_S_04182013_02d2301.txt ; RKreport[2]_D_04182013_02d2304.txt
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Treetearer

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I didn't have any issues while running it, but when it was done I copied the text and then went to open firefox. When I did that it gave me the illegal action pop up and so without thinking I restarted my computer, thus losing the original scan. I ran the program again and here is what it gave me.

ComboFix 13-04-19.01 - Sam 04/19/2013 20:08:08.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4063.2593 [GMT -5:00]
Running from: c:\users\Sam\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-03-20 to 2013-04-20 )))))))))))))))))))))))))))))))
.
.
2013-04-20 01:20 . 2013-04-20 01:20 -------- d-----w- c:\users\hedev\AppData\Local\temp
2013-04-20 01:20 . 2013-04-20 01:20 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-04-20 01:20 . 2013-04-20 01:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-19 03:48 . 2013-04-19 03:48 121 ----a-w- c:\windows\DeleteOnReboot.bat
2013-04-19 03:19 . 2013-04-19 03:20 -------- d-----w- c:\programdata\Package Cache
2013-04-18 23:48 . 2013-03-19 10:50 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpengine.dll
2013-04-14 23:45 . 2013-04-14 23:45 -------- d-----w- c:\program files (x86)\IObit Apps Toolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-15 00:09 . 2012-04-28 00:38 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-15 00:09 . 2011-06-22 23:46 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 00:58 . 2009-11-21 00:51 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-12 06:10 . 2009-11-26 20:35 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-22 16:04 . 2012-09-17 01:57 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll" [2013-02-24 1352512]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2013-02-24 00:17 1352512 ----a-w- c:\program files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll" [2013-02-24 1352512]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2010-03-17 800944]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-16 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-03-30 437584]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-08-29 3039352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2012-12-25 4474832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-08-09 175968]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-08-20 5751928]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-08-20 184304]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [2010-04-17 27536]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 Gun;Gun;c:\game\SoftnyxGame\GunBoundIS\Gun64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-07-23 5435904]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-03 19456]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssrangdr;ssrangdr;c:\windows\system32\DRIVERS\ssrangdr.sys [2009-11-06 4608]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-03 57856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-31 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-08-09 60768]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-08-09 230240]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-08-10 40288]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-08-13 150880]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-08-10 105312]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-10 199520]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-22 39768]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-16 465216]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 203264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-03-30 303952]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-22 968880]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-06 21384]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-03-30 24664]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2011-08-26 7680512]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
S3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 00:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-09 171520]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.yahoo.com?type=198484&fr=spigot-yhp-ie
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: {4944924A-64E4-49C1-AC97-ABA3927262FE} - hxxp://channel.dontblynk.com/Launcher/StWbUsa.CAB
FF - ProfilePath - c:\users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\0sj9uauy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF - ExtSQL: 2049-12-31 14:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; c:\users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3775965540-928844727-244699567-1001\Software\SecuROM\License information*]
"datasecu"=hex:3b,62,4c,d3,42,a6,e9,75,74,8b,60,a0,ed,58,70,35,74,7b,39,26,4d,
e3,d6,4a,2e,12,13,6c,a2,48,17,29,ba,6a,1a,53,b1,07,de,62,31,83,20,28,93,b7,\
"rkeysecu"=hex:31,43,99,a6,40,5c,bc,30,0e,f4,2d,74,bc,bc,a7,d1
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1D0D1DBE-D81F-D306-5437E45696154CEE}\{BB3F4491-C2FA-99A3-3FB31108844B020A}\{37E50F9E-362C-792E-57F19660836F5A8C}*]
"XOGCPEUPGZA3BTOUPKIJ6FJXTE1"=hex:01,00,01,00,00,00,00,00,9a,27,1e,8a,da,80,81,
12,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{454884EE-A952-6288-D98E4C6628C57FD8}\{4E2828CC-5D4E-CAA4-0B0E2FF0C61DD876}\{D33FFB02-83E4-6D49-8432C9C83D6B1A26}*]
"XOGCPEUPGZA3BTOUPKIJ6FJXTE1"=hex:01,00,01,00,00,00,00,00,9a,27,1e,8a,da,80,81,
12,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-19 20:29:02
ComboFix-quarantined-files.txt 2013-04-20 01:29
ComboFix2.txt 2013-04-20 00:56
.
Pre-Run: 310,347,190,272 bytes free
Post-Run: 311,452,737,536 bytes free
.
- - End Of File - - 10A8AB56EFAAC3EEF5551C191AA88973


I know the first time it deleted more things in that first section. But as of now I am not sure if my computer is running any different. I'd have to try letting my computer sleep and also try and start it up a few times to see if it crashes or does anything weird again. It may just be my internet connection, but clicking on things and scrolling while browsing the web is sometimes slow or lags. But if my computer crashes again before your next post, I will let you know. Thanks again!
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Treetearer


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#9
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Here is the first report. My computer crashed (blue screened) just after I opened the internet. But I still have the file for the report.

15:21:24.0018 3292 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:21:24.0346 3292 ============================================================
15:21:24.0346 3292 Current date / time: 2013/04/20 15:21:24.0346
15:21:24.0346 3292 SystemInfo:
15:21:24.0346 3292
15:21:24.0346 3292 OS Version: 6.1.7601 ServicePack: 1.0
15:21:24.0346 3292 Product type: Workstation
15:21:24.0346 3292 ComputerName: DALAPTOP
15:21:24.0361 3292 UserName: Sam
15:21:24.0361 3292 Windows directory: C:\Windows
15:21:24.0361 3292 System windows directory: C:\Windows
15:21:24.0361 3292 Running under WOW64
15:21:24.0361 3292 Processor architecture: Intel x64
15:21:24.0361 3292 Number of processors: 4
15:21:24.0361 3292 Page size: 0x1000
15:21:24.0361 3292 Boot type: Normal boot
15:21:24.0361 3292 ============================================================
15:21:39.0678 3292 BG loaded
15:21:40.0707 3292 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:21:40.0723 3292 ============================================================
15:21:40.0723 3292 \Device\Harddisk0\DR0:
15:21:40.0739 3292 MBR partitions:
15:21:40.0739 3292 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:21:40.0739 3292 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3853D800
15:21:40.0739 3292 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x385A1800, BlocksNum 0x1DE4000
15:21:40.0739 3292 ============================================================
15:21:40.0895 3292 C: <-> \Device\Harddisk0\DR0\Partition2
15:21:45.0419 3292 D: <-> \Device\Harddisk0\DR0\Partition3
15:21:45.0419 3292 ============================================================
15:21:45.0419 3292 Initialize success
15:21:45.0419 3292 ============================================================
15:22:24.0228 5920 ============================================================
15:22:24.0228 5920 Scan started
15:22:24.0228 5920 Mode: Manual; SigCheck; TDLFS;
15:22:24.0228 5920 ============================================================
15:22:35.0507 5920 ================ Scan system memory ========================
15:22:35.0507 5920 System memory - ok
15:22:35.0507 5920 ================ Scan services =============================
15:22:35.0850 5920 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:22:36.0006 5920 1394ohci - ok
15:22:36.0037 5920 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
15:22:36.0084 5920 Accelerometer - ok
15:22:36.0131 5920 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:22:36.0162 5920 ACPI - ok
15:22:36.0209 5920 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:22:36.0458 5920 AcpiPmi - ok
15:22:37.0285 5920 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:22:37.0316 5920 AdobeFlashPlayerUpdateSvc - ok
15:22:37.0377 5920 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:22:37.0427 5920 adp94xx - ok
15:22:37.0527 5920 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:22:37.0567 5920 adpahci - ok
15:22:37.0607 5920 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:22:37.0637 5920 adpu320 - ok
15:22:37.0797 5920 [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
15:22:37.0827 5920 AdvancedSystemCareService6 - ok
15:22:37.0857 5920 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:22:38.0577 5920 AeLookupSvc - ok
15:22:38.0887 5920 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
15:22:39.0007 5920 AESTFilters - ok
15:22:39.0267 5920 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:22:39.0357 5920 AFD - ok
15:22:39.0467 5920 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
15:22:39.0597 5920 AgereModemAudio - ok
15:22:39.0667 5920 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
15:22:39.0767 5920 AgereSoftModem - ok
15:22:39.0807 5920 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:22:39.0837 5920 agp440 - ok
15:22:39.0917 5920 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:22:39.0997 5920 ALG - ok
15:22:40.0007 5920 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:22:40.0037 5920 aliide - ok
15:22:40.0097 5920 [ D0D8877969011D1B0ED9C3C55A9A9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:22:40.0227 5920 AMD External Events Utility - ok
15:22:40.0280 5920 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:22:40.0300 5920 amdide - ok
15:22:40.0340 5920 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:22:40.0410 5920 AmdK8 - ok
15:22:40.0440 5920 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:22:40.0490 5920 AmdPPM - ok
15:22:40.0570 5920 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:22:40.0600 5920 amdsata - ok
15:22:40.0630 5920 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:22:40.0650 5920 amdsbs - ok
15:22:40.0670 5920 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:22:40.0690 5920 amdxata - ok
15:22:40.0730 5920 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:22:41.0571 5920 AppID - ok
15:22:41.0651 5920 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:22:41.0731 5920 AppIDSvc - ok
15:22:41.0761 5920 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:22:41.0821 5920 Appinfo - ok
15:22:42.0011 5920 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:22:42.0031 5920 Apple Mobile Device - ok
15:22:42.0061 5920 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:22:42.0081 5920 arc - ok
15:22:42.0101 5920 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:22:42.0121 5920 arcsas - ok
15:22:42.0161 5920 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:22:42.0261 5920 AsyncMac - ok
15:22:42.0292 5920 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:22:42.0312 5920 atapi - ok
15:22:42.0362 5920 [ 04A5815DF7E8B037DF674D3CCACC0C31 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:22:42.0372 5920 AtiHdmiService - ok
15:22:43.0012 5920 [ C5758BF1DFD762A5B17041FF061B7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:22:43.0192 5920 atikmdag - ok
15:22:44.0023 5920 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:22:44.0113 5920 AudioEndpointBuilder - ok
15:22:44.0183 5920 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:22:44.0243 5920 AudioSrv - ok
15:22:44.0613 5920 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
15:22:44.0733 5920 AVGIDSAgent - ok
15:22:44.0783 5920 [ 5FD4D6C35738899905E16E5284981427 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
15:22:44.0813 5920 AVGIDSDriver - ok
15:22:44.0863 5920 [ D19F5C2C2BA0962DD4437EC020858FA3 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
15:22:44.0893 5920 AVGIDSHA - ok
15:22:44.0943 5920 [ B5C6EC8D0FC00BD291994926C5888FD3 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
15:22:44.0973 5920 Avgldx64 - ok
15:22:45.0183 5920 [ 3E0E2D8CD63C58A37CF81704E83459DD ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
15:22:45.0383 5920 Avgloga - ok
15:22:45.0413 5920 [ 91FEFBFF54E30A339F21F784983C9F6A ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
15:22:45.0443 5920 Avgmfx64 - ok
15:22:45.0463 5920 [ 639CBC2F67FB25F9AB31957D9BF5CF8F ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
15:22:45.0493 5920 Avgrkx64 - ok
15:22:45.0563 5920 [ ECBE71E3AF3E146453EF9623A245E6E0 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
15:22:45.0593 5920 Avgtdia - ok
15:22:45.0613 5920 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
15:22:45.0643 5920 avgtp - ok
15:22:45.0673 5920 [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
15:22:45.0693 5920 avgwd - ok
15:22:45.0753 5920 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:22:45.0833 5920 AxInstSV - ok
15:22:45.0893 5920 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:22:45.0983 5920 b06bdrv - ok
15:22:46.0013 5920 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:22:46.0053 5920 b57nd60a - ok
15:22:46.0083 5920 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:22:46.0173 5920 BDESVC - ok
15:22:46.0193 5920 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:22:46.0273 5920 Beep - ok
15:22:46.0334 5920 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:22:46.0404 5920 BFE - ok
15:22:46.0514 5920 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:22:46.0644 5920 BITS - ok
15:22:46.0664 5920 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:22:46.0704 5920 blbdrive - ok
15:22:46.0764 5920 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:22:46.0794 5920 Bonjour Service - ok
15:22:46.0844 5920 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:22:46.0904 5920 bowser - ok
15:22:46.0934 5920 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:22:47.0634 5920 BrFiltLo - ok
15:22:47.0634 5920 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:22:47.0684 5920 BrFiltUp - ok
15:22:47.0724 5920 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:22:47.0824 5920 BridgeMP - ok
15:22:47.0854 5920 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:22:47.0924 5920 Browser - ok
15:22:47.0974 5920 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:22:48.0084 5920 Brserid - ok
15:22:48.0094 5920 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:22:48.0164 5920 BrSerWdm - ok
15:22:48.0194 5920 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:22:48.0244 5920 BrUsbMdm - ok
15:22:48.0254 5920 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:22:48.0294 5920 BrUsbSer - ok
15:22:48.0324 5920 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:22:48.0374 5920 BTHMODEM - ok
15:22:48.0404 5920 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:22:48.0484 5920 bthserv - ok
15:22:48.0494 5920 catchme - ok
15:22:48.0524 5920 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:22:48.0594 5920 cdfs - ok
15:22:48.0654 5920 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:22:48.0694 5920 cdrom - ok
15:22:48.0714 5920 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:22:48.0784 5920 CertPropSvc - ok
15:22:48.0834 5920 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:22:48.0874 5920 circlass - ok
15:22:48.0934 5920 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:22:48.0984 5920 CLFS - ok
15:22:49.0565 5920 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:22:49.0605 5920 clr_optimization_v2.0.50727_32 - ok
15:22:50.0135 5920 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:22:50.0165 5920 clr_optimization_v2.0.50727_64 - ok
15:22:50.0295 5920 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:22:50.0355 5920 clr_optimization_v4.0.30319_32 - ok
15:22:50.0485 5920 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:22:50.0505 5920 clr_optimization_v4.0.30319_64 - ok
15:22:50.0525 5920 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:22:50.0575 5920 CmBatt - ok
15:22:50.0605 5920 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:22:50.0635 5920 cmdide - ok
15:22:50.0666 5920 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:22:50.0727 5920 CNG - ok
15:22:50.0787 5920 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:22:50.0817 5920 Com4QLBEx - ok
15:22:50.0827 5920 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:22:50.0867 5920 Compbatt - ok
15:22:50.0897 5920 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:22:50.0937 5920 CompositeBus - ok
15:22:50.0977 5920 COMSysApp - ok
15:22:50.0997 5920 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:22:51.0039 5920 crcdisk - ok
15:22:51.0085 5920 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:22:51.0163 5920 CryptSvc - ok
15:22:51.0226 5920 [ 26C9DB5FB11AA1C90CA4B7A986CCA4F3 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:22:51.0257 5920 dc3d - ok
15:22:51.0304 5920 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:22:51.0383 5920 DcomLaunch - ok
15:22:51.0430 5920 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:22:51.0586 5920 defragsvc - ok
15:22:51.0632 5920 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:22:51.0710 5920 DfsC - ok
15:22:51.0804 5920 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:22:51.0882 5920 Dhcp - ok
15:22:51.0913 5920 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:22:51.0976 5920 discache - ok
15:22:52.0007 5920 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:22:52.0038 5920 Disk - ok
15:22:52.0100 5920 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:22:52.0163 5920 Dnscache - ok
15:22:52.0210 5920 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:22:52.0272 5920 dot3svc - ok
15:22:52.0319 5920 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:22:52.0413 5920 DPS - ok
15:22:52.0445 5920 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:22:52.0507 5920 drmkaud - ok
15:22:52.0507 5920 dump_wmimmc - ok
15:22:52.0663 5920 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:22:52.0694 5920 DXGKrnl - ok
15:22:52.0757 5920 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:22:52.0835 5920 EapHost - ok
15:22:53.0678 5920 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:22:53.0928 5920 ebdrv - ok
15:22:53.0990 5920 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:22:54.0068 5920 EFS - ok
15:22:54.0208 5920 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:22:54.0396 5920 ehRecvr - ok
15:22:54.0443 5920 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:22:54.0568 5920 ehSched - ok
15:22:54.0677 5920 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:22:54.0771 5920 elxstor - ok
15:22:54.0802 5920 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
15:22:54.0880 5920 enecir - ok
15:22:54.0927 5920 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:22:54.0989 5920 ErrDev - ok
15:22:55.0052 5920 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:22:55.0145 5920 EventSystem - ok
15:22:55.0177 5920 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:22:55.0270 5920 exfat - ok
15:22:55.0301 5920 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:22:55.0379 5920 fastfat - ok
15:22:55.0474 5920 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:22:55.0568 5920 Fax - ok
15:22:55.0583 5920 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:22:55.0630 5920 fdc - ok
15:22:55.0692 5920 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:22:55.0786 5920 fdPHost - ok
15:22:55.0817 5920 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:22:55.0895 5920 FDResPub - ok
15:22:55.0926 5920 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:22:55.0958 5920 FileInfo - ok
15:22:56.0176 5920 [ 060CC45CECAE2FEAFF9C8C52D8FAFAA8 ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
15:22:56.0192 5920 FileMonitor - ok
15:22:56.0207 5920 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:22:56.0285 5920 Filetrace - ok
15:22:56.0301 5920 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:22:56.0348 5920 flpydisk - ok
15:22:56.0427 5920 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:22:56.0458 5920 FltMgr - ok
15:22:56.0614 5920 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:22:56.0676 5920 FontCache - ok
15:22:56.0723 5920 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:22:56.0754 5920 FontCache3.0.0.0 - ok
15:22:56.0785 5920 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:22:56.0801 5920 FsDepends - ok
15:22:56.0832 5920 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:22:56.0848 5920 Fs_Rec - ok
15:22:56.0895 5920 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:22:56.0910 5920 fvevol - ok
15:22:56.0941 5920 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:22:56.0988 5920 gagp30kx - ok
15:22:57.0160 5920 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:22:57.0175 5920 GEARAspiWDM - ok
15:22:57.0425 5920 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:22:57.0503 5920 gpsvc - ok
15:22:57.0503 5920 Gun - ok
15:22:57.0550 5920 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:22:57.0581 5920 hamachi - ok
15:22:57.0597 5920 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:22:57.0628 5920 hcw85cir - ok
15:22:57.0690 5920 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:22:57.0737 5920 HdAudAddService - ok
15:22:57.0768 5920 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:22:57.0799 5920 HDAudBus - ok
15:22:57.0815 5920 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:22:57.0877 5920 HidBatt - ok
15:22:57.0909 5920 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:22:57.0955 5920 HidBth - ok
15:22:57.0971 5920 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:22:58.0002 5920 HidIr - ok
15:22:58.0033 5920 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:22:58.0080 5920 hidserv - ok
15:22:58.0127 5920 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:22:58.0158 5920 HidUsb - ok
15:22:58.0189 5920 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:22:58.0267 5920 hkmsvc - ok
15:22:58.0314 5920 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:22:58.0439 5920 HomeGroupListener - ok
15:22:58.0486 5920 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:22:58.0517 5920 HomeGroupProvider - ok
15:22:58.0611 5920 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
15:22:58.0626 5920 hpdskflt - ok
15:22:58.0642 5920 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:22:58.0689 5920 HpqKbFiltr - ok
15:22:58.0720 5920 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:22:58.0735 5920 hpqwmiex - ok
15:22:58.0767 5920 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:22:58.0798 5920 HpSAMD - ok
15:22:58.0813 5920 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\Windows\system32\Hpservice.exe
15:22:58.0845 5920 hpsrv - ok
15:22:58.0907 5920 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:22:58.0985 5920 HTTP - ok
15:22:59.0515 5920 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:22:59.0874 5920 hwpolicy - ok
15:23:00.0264 5920 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:23:00.0295 5920 i8042prt - ok
15:23:00.0436 5920 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:23:00.0467 5920 IAANTMON - ok
15:23:00.0529 5920 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:23:00.0561 5920 iaStor - ok
15:23:00.0670 5920 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:23:00.0717 5920 iaStorV - ok
15:23:00.0795 5920 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:23:00.0857 5920 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:23:00.0857 5920 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:23:01.0091 5920 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:23:01.0575 5920 idsvc - ok
15:23:01.0918 5920 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:23:02.0136 5920 igfx - ok
15:23:02.0152 5920 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:23:02.0199 5920 iirsp - ok
15:23:02.0245 5920 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:23:02.0323 5920 IKEEXT - ok
15:23:02.0401 5920 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
15:23:02.0433 5920 IMFservice - ok
15:23:02.0464 5920 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:23:02.0495 5920 intelide - ok
15:23:02.0542 5920 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:23:02.0589 5920 intelppm - ok
15:23:02.0667 5920 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:23:02.0682 5920 IntuitUpdateServiceV4 - ok
15:23:02.0713 5920 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:23:02.0760 5920 IPBusEnum - ok
15:23:02.0823 5920 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:23:02.0869 5920 IpFilterDriver - ok
15:23:02.0947 5920 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:23:02.0994 5920 iphlpsvc - ok
15:23:03.0415 5920 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:23:03.0462 5920 IPMIDRV - ok
15:23:03.0478 5920 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:23:03.0540 5920 IPNAT - ok
15:23:03.0649 5920 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:23:03.0681 5920 iPod Service - ok
15:23:03.0712 5920 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:23:03.0759 5920 IRENUM - ok
15:23:03.0790 5920 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:23:03.0805 5920 isapnp - ok
15:23:03.0883 5920 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:23:03.0899 5920 iScsiPrt - ok
15:23:03.0946 5920 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
15:23:04.0024 5920 JMCR - ok
15:23:04.0039 5920 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:23:04.0055 5920 kbdclass - ok
15:23:04.0086 5920 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:23:04.0117 5920 kbdhid - ok
15:23:04.0133 5920 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:23:04.0164 5920 KeyIso - ok
15:23:04.0195 5920 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:23:04.0211 5920 KSecDD - ok
15:23:04.0242 5920 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:23:04.0273 5920 KSecPkg - ok
15:23:04.0289 5920 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:23:04.0336 5920 ksthunk - ok
15:23:04.0367 5920 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:23:04.0445 5920 KtmRm - ok
15:23:04.0492 5920 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:23:04.0554 5920 LanmanServer - ok
15:23:04.0601 5920 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:23:04.0663 5920 LanmanWorkstation - ok
15:23:04.0695 5920 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:23:04.0757 5920 lltdio - ok
15:23:04.0788 5920 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:23:04.0866 5920 lltdsvc - ok
15:23:04.0897 5920 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:23:04.0944 5920 lmhosts - ok
15:23:04.0975 5920 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:23:05.0007 5920 LSI_FC - ok
15:23:05.0022 5920 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:23:05.0053 5920 LSI_SAS - ok
15:23:05.0069 5920 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:23:05.0085 5920 LSI_SAS2 - ok
15:23:05.0131 5920 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:23:05.0163 5920 LSI_SCSI - ok
15:23:05.0256 5920 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:23:05.0443 5920 luafv - ok
15:23:05.0475 5920 [ 4A46FA98DE81FF55A7CFC0C26262CB33 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:23:05.0490 5920 MBAMProtector - ok
15:23:05.0521 5920 [ 662B8F21A06350218F26BA320CD457B1 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:23:05.0553 5920 MBAMService - ok
15:23:05.0646 5920 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
15:23:05.0677 5920 McComponentHostService - ok
15:23:05.0740 5920 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:23:05.0787 5920 Mcx2Svc - ok
15:23:05.0818 5920 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:23:05.0833 5920 megasas - ok
15:23:05.0927 5920 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:23:05.0958 5920 MegaSR - ok
15:23:06.0005 5920 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:23:06.0099 5920 MMCSS - ok
15:23:06.0145 5920 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:23:06.0223 5920 Modem - ok
15:23:06.0255 5920 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:23:06.0629 5920 monitor - ok
15:23:06.0676 5920 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:23:06.0691 5920 mouclass - ok
15:23:06.0738 5920 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:23:06.0769 5920 mouhid - ok
15:23:07.0237 5920 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:23:07.0269 5920 mountmgr - ok
15:23:07.0893 5920 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:23:07.0924 5920 MozillaMaintenance - ok
15:23:08.0127 5920 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:23:08.0283 5920 mpio - ok
15:23:08.0501 5920 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:23:08.0548 5920 mpsdrv - ok
15:23:10.0373 5920 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:23:12.0245 5920 MpsSvc - ok
15:23:12.0401 5920 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:23:12.0448 5920 MRxDAV - ok
15:23:12.0495 5920 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:23:12.0557 5920 mrxsmb - ok
15:23:12.0588 5920 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:23:12.0651 5920 mrxsmb10 - ok
15:23:12.0682 5920 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:23:12.0697 5920 mrxsmb20 - ok
15:23:12.0760 5920 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:23:12.0791 5920 msahci - ok
15:23:12.0807 5920 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:23:12.0838 5920 msdsm - ok
15:23:12.0869 5920 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:23:12.0916 5920 MSDTC - ok
15:23:12.0963 5920 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:23:13.0009 5920 Msfs - ok
15:23:13.0041 5920 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:23:13.0197 5920 mshidkmdf - ok
15:23:13.0243 5920 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:23:13.0259 5920 msisadrv - ok
15:23:13.0290 5920 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:23:13.0353 5920 MSiSCSI - ok
15:23:13.0368 5920 msiserver - ok
15:23:13.0384 5920 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:23:13.0446 5920 MSKSSRV - ok
15:23:13.0446 5920 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:23:13.0509 5920 MSPCLOCK - ok
15:23:13.0524 5920 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:23:13.0602 5920 MSPQM - ok
15:23:13.0633 5920 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:23:13.0665 5920 MsRPC - ok
15:23:13.0727 5920 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:23:13.0743 5920 mssmbios - ok
15:23:13.0758 5920 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:23:13.0867 5920 MSTEE - ok
15:23:13.0930 5920 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:23:13.0961 5920 MTConfig - ok
15:23:13.0977 5920 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:23:13.0992 5920 Mup - ok
15:23:14.0023 5920 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:23:14.0086 5920 napagent - ok
15:23:14.0117 5920 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:23:14.0164 5920 NativeWifiP - ok
15:23:14.0195 5920 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:23:14.0257 5920 NDIS - ok
15:23:14.0289 5920 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:23:14.0335 5920 NdisCap - ok
15:23:14.0351 5920 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:23:14.0398 5920 NdisTapi - ok
15:23:14.0429 5920 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:23:14.0491 5920 Ndisuio - ok
15:23:14.0523 5920 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:23:14.0585 5920 NdisWan - ok
15:23:14.0647 5920 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:23:14.0694 5920 NDProxy - ok
15:23:14.0710 5920 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:23:14.0772 5920 NetBIOS - ok
15:23:14.0803 5920 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:23:14.0866 5920 NetBT - ok
15:23:14.0881 5920 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:23:14.0897 5920 Netlogon - ok
15:23:14.0928 5920 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:23:15.0006 5920 Netman - ok
15:23:15.0037 5920 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:23:15.0100 5920 netprofm - ok
15:23:15.0147 5920 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:23:15.0178 5920 NetTcpPortSharing - ok
15:23:15.0349 5920 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
15:23:15.0474 5920 NETw5s64 - ok
15:23:15.0583 5920 [ D68DE412A3243F8D57DDB814AA509813 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:23:15.0786 5920 netw5v64 - ok
15:23:15.0802 5920 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:23:15.0833 5920 nfrd960 - ok
15:23:15.0880 5920 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:23:15.0927 5920 NlaSvc - ok
15:23:15.0942 5920 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:23:16.0005 5920 Npfs - ok
15:23:16.0005 5920 npggsvc - ok
15:23:16.0020 5920 NPPTNT2 - ok
15:23:16.0036 5920 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:23:16.0098 5920 nsi - ok
15:23:16.0130 5920 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:23:16.0192 5920 nsiproxy - ok
15:23:16.0254 5920 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:23:16.0332 5920 Ntfs - ok
15:23:16.0379 5920 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
15:23:16.0395 5920 NuidFltr - ok
15:23:16.0410 5920 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:23:16.0457 5920 Null - ok
15:23:16.0520 5920 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:23:16.0551 5920 nvraid - ok
15:23:16.0551 5920 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:23:16.0582 5920 nvstor - ok
15:23:16.0629 5920 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:23:16.0644 5920 nv_agp - ok
15:23:16.0722 5920 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:23:16.0754 5920 odserv - ok
15:23:16.0800 5920 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:23:16.0816 5920 ohci1394 - ok
15:23:16.0878 5920 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:23:16.0894 5920 ose - ok
15:23:16.0925 5920 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:23:16.0988 5920 p2pimsvc - ok
15:23:17.0128 5920 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:23:17.0159 5920 p2psvc - ok
15:23:17.0206 5920 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:23:17.0222 5920 Parport - ok
15:23:17.0237 5920 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:23:17.0268 5920 partmgr - ok
15:23:17.0284 5920 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:23:17.0331 5920 PcaSvc - ok
15:23:17.0378 5920 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:23:17.0393 5920 pci - ok
15:23:17.0424 5920 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:23:17.0456 5920 pciide - ok
15:23:17.0471 5920 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:23:17.0487 5920 pcmcia - ok
15:23:17.0534 5920 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:23:17.0565 5920 pcw - ok
15:23:17.0612 5920 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:23:17.0690 5920 PEAUTH - ok
15:23:17.0799 5920 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:23:17.0830 5920 PerfHost - ok
15:23:17.0908 5920 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:23:17.0986 5920 pla - ok
15:23:18.0111 5920 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:23:18.0158 5920 PlugPlay - ok
15:23:18.0173 5920 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:23:18.0204 5920 PNRPAutoReg - ok
15:23:18.0220 5920 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:23:18.0251 5920 PNRPsvc - ok
15:23:18.0282 5920 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:23:18.0360 5920 PolicyAgent - ok
15:23:18.0407 5920 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:23:18.0470 5920 Power - ok
15:23:18.0516 5920 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:23:18.0579 5920 PptpMiniport - ok
15:23:18.0594 5920 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:23:18.0657 5920 Processor - ok
15:23:18.0688 5920 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:23:18.0735 5920 ProfSvc - ok
15:23:18.0766 5920 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:23:18.0782 5920 ProtectedStorage - ok
15:23:18.0813 5920 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:23:18.0860 5920 Psched - ok
15:23:18.0875 5920 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:23:18.0891 5920 PSI_SVC_2 - ok
15:23:18.0953 5920 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:23:19.0062 5920 ql2300 - ok
15:23:19.0078 5920 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:23:19.0109 5920 ql40xx - ok
15:23:19.0370 5920 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:23:19.0590 5920 QWAVE - ok
15:23:19.0830 5920 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:23:20.0120 5920 QWAVEdrv - ok
15:23:20.0130 5920 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:23:20.0210 5920 RasAcd - ok
15:23:20.0230 5920 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:23:20.0280 5920 RasAgileVpn - ok
15:23:20.0300 5920 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:23:20.0370 5920 RasAuto - ok
15:23:20.0410 5920 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:23:20.0470 5920 Rasl2tp - ok
15:23:20.0510 5920 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:23:20.0570 5920 RasMan - ok
15:23:20.0610 5920 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:23:20.0680 5920 RasPppoe - ok
15:23:20.0700 5920 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:23:20.0761 5920 RasSstp - ok
15:23:20.0811 5920 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:23:20.0881 5920 rdbss - ok
15:23:20.0931 5920 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:23:21.0001 5920 rdpbus - ok
15:23:21.0151 5920 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:23:21.0271 5920 RDPCDD - ok
15:23:21.0341 5920 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:23:21.0481 5920 RDPENCDD - ok
15:23:21.0531 5920 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:23:21.0591 5920 RDPREFMP - ok
15:23:21.0631 5920 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:23:21.0681 5920 RdpVideoMiniport - ok
15:23:21.0711 5920 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:23:21.0751 5920 RDPWD - ok
15:23:21.0812 5920 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:23:21.0862 5920 rdyboost - ok
15:23:21.0932 5920 [ 5F9AC3243C206EC95F32E4348AE67C13 ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
15:23:21.0962 5920 RegFilter - ok
15:23:22.0042 5920 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:23:22.0112 5920 RemoteAccess - ok
15:23:22.0152 5920 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:23:22.0232 5920 RemoteRegistry - ok
15:23:22.0272 5920 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:23:22.0332 5920 RpcEptMapper - ok
15:23:22.0412 5920 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:23:22.0462 5920 RpcLocator - ok
15:23:22.0522 5920 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
15:23:22.0582 5920 RpcSs - ok
15:23:22.0632 5920 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:23:22.0692 5920 rspndr - ok
15:23:22.0742 5920 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:23:22.0793 5920 RTL8167 - ok
15:23:22.0803 5920 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:23:22.0833 5920 SamSs - ok
15:23:22.0883 5920 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:23:22.0913 5920 sbp2port - ok
15:23:22.0983 5920 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:23:23.0373 5920 SCardSvr - ok
15:23:23.0423 5920 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
15:23:23.0453 5920 SCDEmu - ok
15:23:23.0493 5920 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:23:23.0563 5920 scfilter - ok
15:23:23.0623 5920 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:23:23.0723 5920 Schedule - ok
15:23:23.0773 5920 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:23:23.0824 5920 SCPolicySvc - ok
15:23:23.0864 5920 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:23:23.0904 5920 sdbus - ok
15:23:23.0954 5920 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:23:24.0034 5920 SDRSVC - ok
15:23:24.0064 5920 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:23:24.0124 5920 secdrv - ok
15:23:24.0164 5920 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:23:24.0234 5920 seclogon - ok
15:23:24.0304 5920 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:23:24.0374 5920 SENS - ok
15:23:24.0444 5920 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:23:24.0504 5920 SensrSvc - ok
15:23:24.0524 5920 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:23:24.0564 5920 Serenum - ok
15:23:24.0584 5920 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:23:24.0614 5920 Serial - ok
15:23:24.0664 5920 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:23:24.0714 5920 sermouse - ok
15:23:24.0754 5920 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:23:24.0825 5920 SessionEnv - ok
15:23:24.0855 5920 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:23:24.0895 5920 sffdisk - ok
15:23:24.0915 5920 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:23:24.0955 5920 sffp_mmc - ok
15:23:24.0965 5920 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:23:25.0025 5920 sffp_sd - ok
15:23:25.0035 5920 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:23:25.0075 5920 sfloppy - ok
15:23:25.0105 5920 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:23:25.0175 5920 SharedAccess - ok
15:23:25.0195 5920 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:23:25.0265 5920 ShellHWDetection - ok
15:23:25.0275 5920 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:23:25.0315 5920 SiSRaid2 - ok
15:23:25.0335 5920 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:23:25.0375 5920 SiSRaid4 - ok
15:23:25.0395 5920 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:23:25.0465 5920 Smb - ok
15:23:25.0495 5920 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:23:25.0535 5920 SNMPTRAP - ok
15:23:25.0565 5920 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:23:25.0605 5920 spldr - ok
15:23:25.0675 5920 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:23:25.0725 5920 Spooler - ok
15:23:25.0835 5920 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:23:25.0945 5920 sppsvc - ok
15:23:25.0975 5920 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:23:26.0045 5920 sppuinotify - ok
15:23:26.0075 5920 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:23:26.0125 5920 srv - ok
15:23:26.0145 5920 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:23:26.0165 5920 srv2 - ok
15:23:26.0195 5920 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:23:26.0235 5920 SrvHsfHDA - ok
15:23:26.0335 5920 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:23:26.0425 5920 SrvHsfV92 - ok
15:23:26.0455 5920 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:23:26.0515 5920 SrvHsfWinac - ok
15:23:26.0535 5920 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:23:26.0585 5920 srvnet - ok
15:23:26.0625 5920 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:23:26.0695 5920 SSDPSRV - ok
15:23:26.0715 5920 [ 9777AEF5A3DC86B0825AC12DE37F8E2E ] ssrangdr C:\Windows\system32\DRIVERS\ssrangdr.sys
15:23:26.0765 5920 ssrangdr - ok
15:23:26.0795 5920 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:23:26.0845 5920 SstpSvc - ok
15:23:29.0367 5920 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
15:23:29.0447 5920 STacSV - ok
15:23:29.0477 5920 Steam Client Service - ok
15:23:29.0497 5920 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:23:29.0527 5920 stexstor - ok
15:23:29.0567 5920 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:23:29.0617 5920 STHDA - ok
15:23:29.0667 5920 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:23:29.0727 5920 stisvc - ok
15:23:29.0797 5920 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:23:29.0817 5920 swenum - ok
15:23:29.0888 5920 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:23:30.0008 5920 swprv - ok
15:23:30.0058 5920 [ 929C9FA0B18AD2EBC8340591C4BF00FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:23:30.0078 5920 SynTP - ok
15:23:30.0178 5920 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:23:30.0268 5920 SysMain - ok
15:23:30.0298 5920 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:23:30.0338 5920 TabletInputService - ok
15:23:30.0418 5920 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:23:30.0498 5920 TapiSrv - ok
15:23:30.0548 5920 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:23:30.0598 5920 TBS - ok
15:23:30.0658 5920 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:23:30.0758 5920 Tcpip - ok
15:23:30.0808 5920 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:23:30.0858 5920 TCPIP6 - ok
15:23:30.0919 5920 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:23:30.0959 5920 tcpipreg - ok
15:23:31.0009 5920 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:23:31.0069 5920 TDPIPE - ok
15:23:31.0099 5920 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:23:31.0129 5920 TDTCP - ok
15:23:31.0169 5920 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:23:31.0209 5920 tdx - ok
15:23:31.0249 5920 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:23:31.0269 5920 TermDD - ok
15:23:31.0319 5920 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:23:31.0389 5920 TermService - ok
15:23:31.0419 5920 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:23:31.0469 5920 Themes - ok
15:23:31.0489 5920 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:23:31.0529 5920 THREADORDER - ok
15:23:31.0559 5920 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:23:31.0629 5920 TrkWks - ok
15:23:31.0679 5920 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:23:31.0729 5920 TrustedInstaller - ok
15:23:31.0769 5920 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:23:31.0839 5920 tssecsrv - ok
15:23:31.0879 5920 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:23:31.0930 5920 TsUsbFlt - ok
15:23:31.0960 5920 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:23:32.0010 5920 tunnel - ok
15:23:32.0060 5920 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:23:32.0080 5920 uagp35 - ok
15:23:32.0130 5920 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:23:32.0190 5920 udfs - ok
15:23:32.0230 5920 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:23:32.0270 5920 UI0Detect - ok
15:23:32.0290 5920 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:23:32.0320 5920 uliagpkx - ok
15:23:32.0340 5920 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:23:32.0370 5920 umbus - ok
15:23:32.0400 5920 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:23:32.0440 5920 UmPass - ok
15:23:32.0460 5920 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:23:32.0530 5920 upnphost - ok
15:23:32.0580 5920 [ 241080F1B28E68F0D00F8F1066A3780D ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
15:23:32.0610 5920 UrlFilter - ok
15:23:32.0640 5920 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:23:32.0700 5920 USBAAPL64 - ok
15:23:32.0710 5920 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:23:32.0770 5920 usbccgp - ok
15:23:32.0790 5920 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:23:32.0830 5920 usbcir - ok
15:23:32.0860 5920 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:23:32.0890 5920 usbehci - ok
15:23:32.0910 5920 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:23:32.0961 5920 usbhub - ok
15:23:32.0981 5920 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:23:33.0011 5920 usbohci - ok
15:23:33.0041 5920 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:23:33.0101 5920 usbprint - ok
15:23:33.0181 5920 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:23:33.0241 5920 usbscan - ok
15:23:33.0271 5920 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:23:33.0371 5920 USBSTOR - ok
15:23:33.0551 5920 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:23:33.0621 5920 usbuhci - ok
15:23:33.0651 5920 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:23:33.0681 5920 usbvideo - ok
15:23:33.0711 5920 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:23:33.0781 5920 UxSms - ok
15:23:33.0811 5920 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:23:33.0851 5920 VaultSvc - ok
15:23:33.0871 5920 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:23:33.0901 5920 vdrvroot - ok
15:23:33.0962 5920 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:23:34.0042 5920 vds - ok
15:23:34.0092 5920 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:23:34.0122 5920 vga - ok
15:23:34.0142 5920 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:23:34.0212 5920 VgaSave - ok
15:23:34.0262 5920 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:23:34.0292 5920 vhdmp - ok
15:23:34.0322 5920 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:23:34.0352 5920 viaide - ok
15:23:34.0392 5920 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:23:34.0422 5920 volmgr - ok
15:23:34.0492 5920 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:23:34.0562 5920 volmgrx - ok
15:23:34.0592 5920 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:23:34.0632 5920 volsnap - ok
15:23:34.0672 5920 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:23:34.0722 5920 vsmraid - ok
15:23:34.0812 5920 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:23:34.0943 5920 VSS - ok
15:23:35.0483 5920 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
15:23:35.0523 5920 vToolbarUpdater14.2.0 - ok
15:23:35.0562 5920 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:23:35.0595 5920 vwifibus - ok
15:23:35.0615 5920 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:23:35.0665 5920 vwififlt - ok
15:23:35.0735 5920 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:23:35.0835 5920 W32Time - ok
15:23:35.0865 5920 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:23:35.0895 5920 WacomPen - ok
15:23:35.0956 5920 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:23:36.0016 5920 WANARP - ok
15:23:36.0026 5920 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:23:36.0076 5920 Wanarpv6 - ok
15:23:36.0206 5920 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:23:36.0296 5920 WatAdminSvc - ok
15:23:36.0436 5920 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:23:36.0526 5920 wbengine - ok
15:23:36.0546 5920 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:23:36.0586 5920 WbioSrvc - ok
15:23:36.0736 5920 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:23:36.0776 5920 wcncsvc - ok
15:23:36.0816 5920 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:23:36.0866 5920 WcsPlugInService - ok
15:23:36.0896 5920 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:23:36.0916 5920 Wd - ok
15:23:37.0217 5920 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:23:37.0497 5920 Wdf01000 - ok
15:23:37.0517 5920 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:23:37.0737 5920 WdiServiceHost - ok
15:23:37.0757 5920 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:23:37.0787 5920 WdiSystemHost - ok
15:23:37.0847 5920 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:23:37.0897 5920 WebClient - ok
15:23:37.0917 5920 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:23:37.0998 5920 Wecsvc - ok
15:23:38.0018 5920 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:23:38.0098 5920 wercplsupport - ok
15:23:38.0108 5920 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:23:38.0168 5920 WerSvc - ok
15:23:38.0188 5920 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:23:38.0248 5920 WfpLwf - ok
15:23:38.0268 5920 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:23:38.0298 5920 WIMMount - ok
15:23:38.0318 5920 WinDefend - ok
15:23:38.0328 5920 WinHttpAutoProxySvc - ok
15:23:38.0508 5920 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:23:38.0568 5920 Winmgmt - ok
15:23:38.0668 5920 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
15:23:38.0698 5920 WinRing0_1_2_0 - ok
15:23:38.0808 5920 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:23:38.0938 5920 WinRM - ok
15:23:39.0009 5920 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:23:39.0039 5920 WinUsb - ok
15:23:39.0089 5920 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:23:39.0139 5920 Wlansvc - ok
15:23:39.0239 5920 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:23:39.0299 5920 wlidsvc - ok
15:23:39.0319 5920 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:23:39.0359 5920 WmiAcpi - ok
15:23:39.0399 5920 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:23:39.0449 5920 wmiApSrv - ok
15:23:39.0469 5920 WMPNetworkSvc - ok
15:23:39.0489 5920 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:23:39.0519 5920 WPCSvc - ok
15:23:39.0579 5920 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:23:39.0599 5920 WPDBusEnum - ok
15:23:39.0629 5920 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:23:39.0679 5920 ws2ifsl - ok
15:23:39.0709 5920 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:23:39.0759 5920 wscsvc - ok
15:23:39.0769 5920 WSearch - ok
15:23:39.0839 5920 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:23:39.0909 5920 wuauserv - ok
15:23:39.0949 5920 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:23:40.0000 5920 WudfPf - ok
15:23:40.0020 5920 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:23:40.0060 5920 WUDFRd - ok
15:23:40.0080 5920 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:23:40.0120 5920 wudfsvc - ok
15:23:40.0160 5920 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:23:40.0220 5920 WwanSvc - ok
15:23:40.0260 5920 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:23:40.0310 5920 xusb21 - ok
15:23:40.0370 5920 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:23:40.0410 5920 yukonw7 - ok
15:23:40.0420 5920 ================ Scan global ===============================
15:23:40.0480 5920 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:23:40.0510 5920 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:23:40.0530 5920 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:23:40.0560 5920 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:23:40.0580 5920 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:23:40.0580 5920 [Global] - ok
15:23:40.0580 5920 ================ Scan MBR ==================================
15:23:40.0590 5920 [ 6A58CBBDBA02C9ECF518023B0D347BFD ] \Device\Harddisk0\DR0
15:23:40.0590 5920 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:23:40.0650 5920 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:23:40.0650 5920 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:23:40.0770 5920 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:23:40.0770 5920 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:23:40.0770 5920 ================ Scan VBR ==================================
15:23:40.0770 5920 [ DAC219191439B31E1F05C512995EB87D ] \Device\Harddisk0\DR0\Partition1
15:23:40.0770 5920 \Device\Harddisk0\DR0\Partition1 - ok
15:23:40.0790 5920 [ F7F99C12757A1155A1E34480DDB52DD9 ] \Device\Harddisk0\DR0\Partition2
15:23:40.0790 5920 \Device\Harddisk0\DR0\Partition2 - ok
15:23:40.0820 5920 [ AA5ACB768EA377445F5147EA608D11AA ] \Device\Harddisk0\DR0\Partition3
15:23:40.0820 5920 \Device\Harddisk0\DR0\Partition3 - ok
15:23:40.0820 5920 ================ Scan active images ========================
15:23:40.0820 5920 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
15:23:40.0820 5920 C:\Windows\System32\drivers\crashdmp.sys - ok
15:23:40.0830 5920 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] C:\Windows\System32\drivers\iaStor.sys
15:23:40.0830 5920 C:\Windows\System32\drivers\iaStor.sys - ok
15:23:40.0830 5920 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
15:23:40.0830 5920 C:\Windows\System32\drivers\dumpfve.sys - ok
15:23:40.0840 5920 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
15:23:40.0840 5920 C:\Windows\System32\drivers\cdrom.sys - ok
15:23:40.0850 5920 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
15:23:40.0850 5920 C:\Windows\System32\drivers\null.sys - ok
15:23:40.0850 5920 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
15:23:40.0850 5920 C:\Windows\System32\drivers\beep.sys - ok
15:23:40.0860 5920 [ 4C05242DC361A217223E9B8EC2B3A76B ] C:\Windows\System32\drivers\avgtpx64.sys
15:23:40.0860 5920 C:\Windows\System32\drivers\avgtpx64.sys - ok
15:23:40.0860 5920 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
15:23:40.0860 5920 C:\Windows\System32\drivers\vga.sys - ok
15:23:40.0870 5920 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
15:23:40.0870 5920 C:\Windows\System32\drivers\videoprt.sys - ok
15:23:40.0870 5920 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
15:23:40.0870 5920 C:\Windows\System32\drivers\watchdog.sys - ok
15:23:40.0880 5920 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
15:23:40.0880 5920 C:\Windows\System32\drivers\RDPCDD.sys - ok
15:23:40.0890 5920 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
15:23:40.0890 5920 C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:23:40.0890 5920 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
15:23:40.0890 5920 C:\Windows\System32\drivers\msfs.sys - ok
15:23:40.0900 5920 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
15:23:40.0900 5920 C:\Windows\System32\drivers\npfs.sys - ok
15:23:40.0900 5920 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
15:23:40.0900 5920 C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:23:40.0910 5920 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
15:23:40.0910 5920 C:\Windows\System32\drivers\tdi.sys - ok
15:23:40.0920 5920 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
15:23:40.0920 5920 C:\Windows\System32\drivers\tdx.sys - ok
15:23:40.0920 5920 [ ECBE71E3AF3E146453EF9623A245E6E0 ] C:\Windows\System32\drivers\avgtdia.sys
15:23:40.0920 5920 C:\Windows\System32\drivers\avgtdia.sys - ok
15:23:40.0930 5920 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
15:23:40.0930 5920 C:\Windows\System32\drivers\afd.sys - ok
15:23:40.0930 5920 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
15:23:40.0930 5920 C:\Windows\System32\drivers\netbt.sys - ok
15:23:40.0940 5920 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
15:23:40.0940 5920 C:\Windows\System32\drivers\pacer.sys - ok
15:23:40.0950 5920 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
15:23:40.0950 5920 C:\Windows\System32\drivers\wfplwf.sys - ok
15:23:40.0950 5920 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
15:23:40.0950 5920 C:\Windows\System32\drivers\ws2ifsl.sys - ok
15:23:40.0960 5920 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
15:23:40.0960 5920 C:\Windows\System32\drivers\netbios.sys - ok
15:23:40.0970 5920 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
15:23:40.0970 5920 C:\Windows\System32\drivers\serial.sys - ok
15:23:40.0980 5920 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
15:23:40.0980 5920 C:\Windows\System32\drivers\termdd.sys - ok
15:23:40.0980 5920 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
15:23:40.0980 5920 C:\Windows\System32\drivers\vwififlt.sys - ok
15:23:40.0990 5920 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
15:23:40.0990 5920 C:\Windows\System32\drivers\wanarp.sys - ok
15:23:40.0990 5920 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
15:23:40.0990 5920 C:\Windows\System32\drivers\nsiproxy.sys - ok
15:23:41.0000 5920 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
15:23:41.0000 5920 C:\Windows\System32\drivers\rdbss.sys - ok
15:23:41.0000 5920 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] C:\Windows\System32\drivers\scdemu.sys
15:23:41.0000 5920 C:\Windows\System32\drivers\scdemu.sys - ok
15:23:41.0010 5920 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
15:23:41.0010 5920 C:\Windows\System32\drivers\blbdrive.sys - ok
15:23:41.0021 5920 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
15:23:41.0021 5920 C:\Windows\System32\drivers\dfsc.sys - ok
15:23:41.0021 5920 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
15:23:41.0021 5920 C:\Windows\System32\drivers\discache.sys - ok
15:23:41.0031 5920 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
15:23:41.0031 5920 C:\Windows\System32\drivers\mssmbios.sys - ok
15:23:41.0031 5920 [ B5C6EC8D0FC00BD291994926C5888FD3 ] C:\Windows\System32\drivers\avgldx64.sys
15:23:41.0031 5920 C:\Windows\System32\drivers\avgldx64.sys - ok
15:23:41.0041 5920 [ 91FEFBFF54E30A339F21F784983C9F6A ] C:\Windows\System32\drivers\avgmfx64.sys
15:23:41.0041 5920 C:\Windows\System32\drivers\avgmfx64.sys - ok
15:23:41.0051 5920 [ 5FD4D6C35738899905E16E5284981427 ] C:\Windows\System32\drivers\avgidsdrivera.sys
15:23:41.0051 5920 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
15:23:41.0051 5920 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
15:23:41.0051 5920 C:\Windows\System32\drivers\tunnel.sys - ok
15:23:41.0061 5920 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
15:23:41.0061 5920 C:\Windows\System32\drivers\CmBatt.sys - ok
15:23:41.0071 5920 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
15:23:41.0071 5920 C:\Windows\System32\drivers\intelppm.sys - ok
15:23:41.0071 5920 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
15:23:41.0071 5920 C:\Windows\System32\ntdll.dll - ok
15:23:41.0081 5920 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
15:23:41.0081 5920 C:\Windows\System32\smss.exe - ok
15:23:41.0081 5920 [ C5758BF1DFD762A5B17041FF061B7750 ] C:\Windows\System32\drivers\atikmdag.sys
15:23:41.0081 5920 C:\Windows\System32\drivers\atikmdag.sys - ok
15:23:41.0091 5920 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
15:23:41.0091 5920 C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:23:41.0101 5920 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
15:23:41.0101 5920 C:\Windows\System32\drivers\dxgmms1.sys - ok
15:23:41.0101 5920 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
15:23:41.0101 5920 C:\Windows\System32\drivers\hdaudbus.sys - ok
15:23:41.0111 5920 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
15:23:41.0111 5920 C:\Windows\System32\drivers\usbport.sys - ok
15:23:41.0121 5920 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
15:23:41.0121 5920 C:\Windows\System32\drivers\usbehci.sys - ok
15:23:41.0131 5920 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
15:23:41.0131 5920 C:\Windows\System32\drivers\usbuhci.sys - ok
15:23:41.0131 5920 [ 24F64343F14A119308456E1CA7507B26 ] C:\Windows\System32\drivers\NETw5s64.sys
15:23:41.0131 5920 C:\Windows\System32\drivers\NETw5s64.sys - ok
15:23:41.0141 5920 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
15:23:41.0141 5920 C:\Windows\System32\drivers\vwifibus.sys - ok
15:23:41.0151 5920 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
15:23:41.0151 5920 C:\Windows\System32\drivers\1394ohci.sys - ok
15:23:41.0151 5920 [ 91296F0B2653281B2F11E0FCE56AA427 ] C:\Windows\System32\drivers\Rt64win7.sys
15:23:41.0151 5920 C:\Windows\System32\drivers\Rt64win7.sys - ok
15:23:41.0161 5920 [ F8844B00C10E386C704C610E95A9847D ] C:\Windows\System32\drivers\jmcr.sys
15:23:41.0161 5920 C:\Windows\System32\drivers\jmcr.sys - ok
15:23:41.0171 5920 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
15:23:41.0171 5920 C:\Windows\System32\drivers\scsiport.sys - ok
15:23:41.0171 5920 [ 9AF482D058BE59CC28BCE52E7C4B747C ] C:\Windows\System32\drivers\HpqKbFiltr.sys
15:23:41.0171 5920 C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
15:23:41.0181 5920 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
15:23:41.0181 5920 C:\Windows\System32\drivers\i8042prt.sys - ok
15:23:41.0181 5920 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
15:23:41.0181 5920 C:\Windows\System32\drivers\kbdclass.sys - ok
15:23:41.0191 5920 [ 524C79054636D2E5751169005006460B ] C:\Windows\System32\drivers\enecir.sys
15:23:41.0191 5920 C:\Windows\System32\drivers\enecir.sys - ok
15:23:41.0201 5920 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
15:23:41.0201 5920 C:\Windows\System32\drivers\mouclass.sys - ok
15:23:41.0201 5920 [ 929C9FA0B18AD2EBC8340591C4BF00FF ] C:\Windows\System32\drivers\SynTP.sys
15:23:41.0201 5920 C:\Windows\System32\drivers\SynTP.sys - ok
15:23:41.0211 5920 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
15:23:41.0211 5920 C:\Windows\System32\drivers\usbd.sys - ok
15:23:41.0221 5920 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:23:41.0221 5920 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:23:41.0221 5920 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
15:23:41.0221 5920 C:\Windows\System32\drivers\wmiacpi.sys - ok
15:23:41.0231 5920 [ 1CFFE9C06E66A57DAE1452E449A58240 ] C:\Windows\System32\drivers\Accelerometer.sys
15:23:41.0231 5920 C:\Windows\System32\drivers\Accelerometer.sys - ok
15:23:41.0241 5920 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
15:23:41.0241 5920 C:\Windows\System32\drivers\agilevpn.sys - ok
15:23:41.0241 5920 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
15:23:41.0241 5920 C:\Windows\System32\drivers\CompositeBus.sys - ok
15:23:41.0251 5920 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
15:23:41.0251 5920 C:\Windows\System32\drivers\rasl2tp.sys - ok
15:23:41.0251 5920 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
15:23:41.0251 5920 C:\Windows\System32\drivers\ndistapi.sys - ok
15:23:41.0261 5920 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
15:23:41.0261 5920 C:\Windows\System32\drivers\ndiswan.sys - ok
15:23:41.0271 5920 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
15:23:41.0271 5920 C:\Windows\System32\drivers\raspppoe.sys - ok
15:23:41.0271 5920 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
15:23:41.0271 5920 C:\Windows\System32\drivers\raspptp.sys - ok
15:23:41.0281 5920 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
15:23:41.0281 5920 C:\Windows\System32\drivers\rassstp.sys - ok
15:23:41.0281 5920 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
15:23:41.0281 5920 C:\Windows\System32\drivers\ks.sys - ok
15:23:41.0291 5920 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
15:23:41.0291 5920 C:\Windows\System32\drivers\swenum.sys - ok
15:23:41.0291 5920 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
15:23:41.0291 5920 C:\Windows\System32\drivers\circlass.sys - ok
15:23:41.0301 5920 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
15:23:41.0301 5920 C:\Windows\System32\drivers\umbus.sys - ok
15:23:41.0301 5920 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
15:23:41.0301 5920 C:\Windows\System32\drivers\usbhub.sys - ok
15:23:41.0311 5920 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
15:23:41.0311 5920 C:\Windows\System32\drivers\ndproxy.sys - ok
15:23:41.0311 5920 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
15:23:41.0311 5920 C:\Windows\System32\drivers\drmk.sys - ok
15:23:41.0321 5920 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
15:23:41.0321 5920 C:\Windows\System32\drivers\portcls.sys - ok
15:23:41.0331 5920 [ 04A5815DF7E8B037DF674D3CCACC0C31 ] C:\Windows\System32\drivers\AtiHdmi.sys
15:23:41.0331 5920 C:\Windows\System32\drivers\AtiHdmi.sys - ok
15:23:41.0331 5920 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
15:23:41.0331 5920 C:\Windows\System32\drivers\ksthunk.sys - ok
15:23:41.0341 5920 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] C:\Windows\System32\drivers\stwrt64.sys
15:23:41.0341 5920 C:\Windows\System32\drivers\stwrt64.sys - ok
15:23:41.0341 5920 [ AF4748EF93416159459769A24A0053AF ] C:\Windows\System32\drivers\agrsm64.sys
15:23:41.0341 5920 C:\Windows\System32\drivers\agrsm64.sys - ok
15:23:41.0351 5920 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
15:23:41.0351 5920 C:\Windows\System32\drivers\modem.sys - ok
15:23:41.0351 5920 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
15:23:41.0351 5920 C:\Windows\System32\drivers\hidclass.sys - ok
15:23:41.0361 5920 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
15:23:41.0361 5920 C:\Windows\System32\drivers\hidir.sys - ok
15:23:41.0361 5920 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
15:23:41.0361 5920 C:\Windows\System32\drivers\hidparse.sys - ok
15:23:41.0371 5920 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
15:23:41.0371 5920 C:\Windows\System32\drivers\kbdhid.sys - ok
15:23:41.0381 5920 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
15:23:41.0381 5920 C:\Windows\System32\drivers\mouhid.sys - ok
15:23:41.0381 5920 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
15:23:41.0381 5920 C:\Windows\System32\autochk.exe - ok
15:23:41.0391 5920 [ C2F9906F79AD3DA038054784F1FBBA46 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
15:23:41.0391 5920 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
15:23:41.0401 5920 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
15:23:41.0401 5920 C:\Windows\System32\drivers\usbccgp.sys - ok
15:23:41.0401 5920 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
15:23:41.0401 5920 C:\Windows\System32\drivers\hidusb.sys - ok
15:23:41.0411 5920 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
15:23:41.0411 5920 C:\Windows\System32\imagehlp.dll - ok
15:23:41.0411 5920 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
15:23:41.0411 5920 C:\Windows\System32\comdlg32.dll - ok
15:23:41.0421 5920 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
15:23:41.0421 5920 C:\Windows\System32\msctf.dll - ok
15:23:41.0431 5920 [ 69E688955614E5CE32F659F24E757747 ] C:\Windows\System32\iertutil.dll
15:23:41.0431 5920 C:\Windows\System32\iertutil.dll - ok
15:23:41.0431 5920 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
15:23:41.0431 5920 C:\Windows\System32\kernel32.dll - ok
15:23:41.0441 5920 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
15:23:41.0441 5920 C:\Windows\System32\imm32.dll - ok
15:23:41.0451 5920 [ 9E7687984107C81B859200C9BD570AFF ] C:\Windows\System32\wininet.dll
15:23:41.0451 5920 C:\Windows\System32\wininet.dll - ok
15:23:41.0451 5920 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
15:23:41.0451 5920 C:\Windows\System32\user32.dll - ok
15:23:41.0461 5920 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
15:23:41.0461 5920 C:\Windows\System32\rpcrt4.dll - ok
15:23:41.0471 5920 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
15:23:41.0471 5920 C:\Windows\System32\difxapi.dll - ok
15:23:41.0471 5920 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
15:23:41.0471 5920 C:\Windows\System32\lpk.dll - ok
15:23:41.0481 5920 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
15:23:41.0481 5920 C:\Windows\System32\setupapi.dll - ok
15:23:41.0481 5920 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
15:23:41.0481 5920 C:\Windows\System32\gdi32.dll - ok
15:23:41.0491 5920 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
15:23:41.0491 5920 C:\Windows\System32\psapi.dll - ok
15:23:41.0501 5920 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
15:23:41.0501 5920 C:\Windows\System32\Wldap32.dll - ok
15:23:41.0501 5920 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
15:23:41.0501 5920 C:\Windows\System32\normaliz.dll - ok
15:23:41.0511 5920 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
15:23:41.0511 5920 C:\Windows\System32\nsi.dll - ok
15:23:41.0521 5920 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
15:23:41.0521 5920 C:\Windows\System32\oleaut32.dll - ok
15:23:41.0521 5920 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
15:23:41.0521 5920 C:\Windows\System32\ws2_32.dll - ok
15:23:41.0531 5920 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
15:23:41.0531 5920 C:\Windows\System32\clbcatq.dll - ok
15:23:41.0531 5920 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
15:23:41.0531 5920 C:\Windows\System32\advapi32.dll - ok
15:23:41.0541 5920 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
15:23:41.0541 5920 C:\Windows\System32\msvcrt.dll - ok
15:23:41.0541 5920 [ 29EECB3183E58B41A3791D2C8F2D862A ] C:\Windows\System32\urlmon.dll
15:23:41.0541 5920 C:\Windows\System32\urlmon.dll - ok
15:23:41.0551 5920 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
15:23:41.0551 5920 C:\Windows\System32\shlwapi.dll - ok
15:23:41.0551 5920 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
15:23:41.0551 5920 C:\Windows\System32\sechost.dll - ok
15:23:41.0561 5920 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
15:23:41.0561 5920 C:\Windows\System32\shell32.dll - ok
15:23:41.0571 5920 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
15:23:41.0571 5920 C:\Windows\System32\usp10.dll - ok
15:23:41.0571 5920 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
15:23:41.0571 5920 C:\Windows\System32\ole32.dll - ok
15:23:41.0581 5920 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
15:23:41.0581 5920 C:\Windows\System32\cfgmgr32.dll - ok
15:23:41.0581 5920 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
15:23:41.0581 5920 C:\Windows\System32\devobj.dll - ok
15:23:41.0591 5920 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
15:23:41.0591 5920 C:\Windows\System32\comctl32.dll - ok
15:23:41.0591 5920 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
15:23:41.0591 5920 C:\Windows\System32\KernelBase.dll - ok
15:23:41.0601 5920 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
15:23:41.0601 5920 C:\Windows\System32\wintrust.dll - ok
15:23:41.0601 5920 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
15:23:41.0601 5920 C:\Windows\System32\crypt32.dll - ok
15:23:41.0611 5920 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
15:23:41.0611 5920 C:\Windows\System32\msasn1.dll - ok
15:23:41.0611 5920 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
15:23:41.0611 5920 C:\Windows\SysWOW64\normaliz.dll - ok
15:23:41.0621 5920 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
15:23:41.0621 5920 C:\Windows\System32\drivers\dxapi.sys - ok
15:23:41.0621 5920 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys
15:23:41.0621 5920 C:\Windows\System32\win32k.sys - ok
15:23:41.0631 5920 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
15:23:41.0631 5920 C:\Windows\System32\csrsrv.dll - ok
15:23:41.0641 5920 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
15:23:41.0641 5920 C:\Windows\System32\csrss.exe - ok
15:23:41.0641 5920 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
15:23:41.0641 5920 C:\Windows\System32\basesrv.dll - ok
15:23:41.0651 5920 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
15:23:41.0651 5920 C:\Windows\System32\winsrv.dll - ok
15:23:41.0651 5920 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys
15:23:41.0651 5920 C:\Windows\System32\drivers\udfs.sys - ok
15:23:41.0661 5920 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
15:23:41.0661 5920 C:\Windows\System32\drivers\usbvideo.sys - ok
15:23:41.0661 5920 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
15:23:41.0661 5920 C:\Windows\System32\drivers\monitor.sys - ok
15:23:41.0671 5920 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
15:23:41.0671 5920 C:\Windows\System32\sxssrv.dll - ok
15:23:41.0671 5920 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
15:23:41.0671 5920 C:\Windows\System32\tsddd.dll - ok
15:23:41.0681 5920 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
15:23:41.0681 5920 C:\Windows\System32\wininit.exe - ok
15:23:41.0681 5920 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
15:23:41.0681 5920 C:\Windows\System32\profapi.dll - ok
15:23:41.0691 5920 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
15:23:41.0691 5920 C:\Windows\System32\cdd.dll - ok
15:23:41.0691 5920 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
15:23:41.0691 5920 C:\Windows\System32\KBDUS.DLL - ok
15:23:41.0701 5920 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
15:23:41.0701 5920 C:\Windows\System32\RpcRtRemote.dll - ok
15:23:41.0711 5920 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
15:23:41.0711 5920 C:\Windows\System32\sxs.dll - ok
15:23:41.0711 5920 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
15:23:41.0711 5920 C:\Windows\System32\WlS0WndH.dll - ok
15:23:41.0721 5920 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
15:23:41.0721 5920 C:\Windows\System32\cryptbase.dll - ok
15:23:41.0721 5920 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
15:23:41.0721 5920 C:\Windows\System32\winlogon.exe - ok
15:23:41.0731 5920 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
15:23:41.0731 5920 C:\Windows\System32\winsta.dll - ok
15:23:41.0731 5920 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
15:23:41.0731 5920 C:\Windows\System32\apphelp.dll - ok
15:23:41.0741 5920 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
15:23:41.0741 5920 C:\Windows\System32\lsass.exe - ok
15:23:41.0741 5920 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
15:23:41.0741 5920 C:\Windows\System32\services.exe - ok
15:23:41.0751 5920 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
15:23:41.0751 5920 C:\Windows\System32\lsasrv.dll - ok
15:23:41.0751 5920 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
15:23:41.0751 5920 C:\Windows\System32\lsm.exe - ok
15:23:41.0761 5920 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
15:23:41.0761 5920 C:\Windows\System32\sspisrv.dll - ok
15:23:41.0761 5920 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
15:23:41.0761 5920 C:\Windows\System32\sspicli.dll - ok
15:23:41.0771 5920 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
15:23:41.0771 5920 C:\Windows\System32\scesrv.dll - ok
15:23:41.0771 5920 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
15:23:41.0771 5920 C:\Windows\System32\scext.dll - ok
15:23:41.0781 5920 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
15:23:41.0781 5920 C:\Windows\System32\secur32.dll - ok
15:23:41.0791 5920 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
15:23:41.0791 5920 C:\Windows\System32\sysntfy.dll - ok
15:23:41.0791 5920 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
15:23:41.0791 5920 C:\Windows\System32\wmsgapi.dll - ok
15:23:41.0801 5920 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
15:23:41.0801 5920 C:\Windows\System32\samsrv.dll - ok
15:23:41.0801 5920 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
15:23:41.0801 5920 C:\Windows\System32\cryptdll.dll - ok
15:23:41.0811 5920 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
15:23:41.0811 5920 C:\Windows\System32\srvcli.dll - ok
15:23:41.0811 5920 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
15:23:41.0811 5920 C:\Windows\System32\wevtapi.dll - ok
15:23:41.0821 5920 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
15:23:41.0821 5920 C:\Windows\System32\authz.dll - ok
15:23:41.0821 5920 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
15:23:41.0831 5920 C:\Windows\System32\cngaudit.dll - ok
15:23:41.0831 5920 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
15:23:41.0831 5920 C:\Windows\System32\ncrypt.dll - ok
15:23:41.0841 5920 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
15:23:41.0841 5920 C:\Windows\System32\bcrypt.dll - ok
15:23:41.0841 5920 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
15:23:41.0841 5920 C:\Windows\System32\msprivs.dll - ok
15:23:41.0851 5920 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
15:23:41.0851 5920 C:\Windows\System32\netjoin.dll - ok
15:23:41.0851 5920 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
15:23:41.0851 5920 C:\Windows\System32\kerberos.dll - ok
15:23:41.0861 5920 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
15:23:41.0861 5920 C:\Windows\System32\negoexts.dll - ok
15:23:41.0871 5920 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
15:23:41.0871 5920 C:\Windows\System32\atmfd.dll - ok
15:23:41.0871 5920 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
15:23:41.0871 5920 C:\Windows\System32\cryptsp.dll - ok
15:23:41.0881 5920 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
15:23:41.0881 5920 C:\Windows\System32\mswsock.dll - ok
15:23:41.0881 5920 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
15:23:41.0881 5920 C:\Windows\System32\msv1_0.dll - ok
15:23:41.0891 5920 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
15:23:41.0891 5920 C:\Windows\System32\wship6.dll - ok
15:23:41.0891 5920 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
15:23:41.0891 5920 C:\Windows\System32\netlogon.dll - ok
15:23:41.0901 5920 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
15:23:41.0901 5920 C:\Windows\System32\dnsapi.dll - ok
15:23:41.0901 5920 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
15:23:41.0901 5920 C:\Windows\System32\logoncli.dll - ok
15:23:41.0911 5920 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
15:23:41.0911 5920 C:\Windows\System32\schannel.dll - ok
15:23:41.0911 5920 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
15:23:41.0911 5920 C:\Windows\System32\wdigest.dll - ok
15:23:41.0921 5920 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
15:23:41.0921 5920 C:\Windows\System32\rsaenh.dll - ok
15:23:41.0921 5920 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
15:23:41.0921 5920 C:\Windows\System32\TSpkg.dll - ok
15:23:41.0931 5920 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
15:23:41.0931 5920 C:\Windows\System32\pku2u.dll - ok
15:23:41.0941 5920 [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
15:23:41.0941 5920 C:\Windows\System32\LIVESSP.DLL - ok
15:23:41.0941 5920 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
15:23:41.0941 5920 C:\Windows\System32\bcryptprimitives.dll - ok
15:23:41.0951 5920 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
15:23:41.0951 5920 C:\Windows\System32\credssp.dll - ok
15:23:41.0951 5920 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
15:23:41.0951 5920 C:\Windows\System32\efslsaext.dll - ok
15:23:41.0961 5920 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
15:23:41.0961 5920 C:\Windows\System32\scecli.dll - ok
15:23:41.0961 5920 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
15:23:41.0961 5920 C:\Windows\System32\ubpm.dll - ok
15:23:41.0971 5920 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
15:23:41.0971 5920 C:\Windows\System32\svchost.exe - ok
15:23:41.0971 5920 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
15:23:41.0971 5920 C:\Windows\System32\umpnpmgr.dll - ok
15:23:41.0981 5920 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
15:23:41.0981 5920 C:\Windows\System32\devrtl.dll - ok
15:23:41.0981 5920 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
15:23:41.0981 5920 C:\Windows\System32\SPInf.dll - ok
15:23:41.0991 5920 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
15:23:41.0991 5920 C:\Windows\System32\gpapi.dll - ok
15:23:42.0001 5920 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
15:23:42.0001 5920 C:\Windows\System32\userenv.dll - ok
15:23:42.0001 5920 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
15:23:42.0001 5920 C:\Windows\System32\umpo.dll - ok
15:23:42.0011 5920 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
15:23:42.0011 5920 C:\Windows\System32\pcwum.dll - ok
15:23:42.0011 5920 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
15:23:42.0011 5920 C:\Windows\System32\powrprof.dll - ok
15:23:42.0021 5920 [ CBFAA333EBA2E402A0439A3A0E5413F3 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
15:23:42.0021 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe - ok
15:23:42.0021 5920 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
15:23:42.0021 5920 C:\Windows\SysWOW64\ntdll.dll - ok
15:23:42.0031 5920 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
15:23:42.0031 5920 C:\Windows\System32\wow64.dll - ok
15:23:42.0032 5920 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
15:23:42.0032 5920 C:\Windows\System32\wow64win.dll - ok
15:23:42.0032 5920 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
15:23:42.0032 5920 C:\Windows\System32\wow64cpu.dll - ok
15:23:42.0042 5920 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
15:23:42.0042 5920 C:\Windows\SysWOW64\kernel32.dll - ok
15:23:42.0042 5920 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
15:23:42.0042 5920 C:\Windows\SysWOW64\KernelBase.dll - ok
15:23:42.0052 5920 [ DDB9BCFF8CBF73638A15579FEC223229 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl
15:23:42.0052 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl - ok
15:23:42.0052 5920 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
15:23:42.0052 5920 C:\Windows\SysWOW64\oleaut32.dll - ok
15:23:42.0062 5920 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
15:23:42.0062 5920 C:\Windows\SysWOW64\ole32.dll - ok
15:23:42.0072 5920 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
15:23:42.0072 5920 C:\Windows\SysWOW64\msvcrt.dll - ok
15:23:42.0072 5920 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
15:23:42.0072 5920 C:\Windows\SysWOW64\gdi32.dll - ok
15:23:42.0082 5920 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
15:23:42.0082 5920 C:\Windows\SysWOW64\user32.dll - ok
15:23:42.0082 5920 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
15:23:42.0082 5920 C:\Windows\SysWOW64\advapi32.dll - ok
15:23:42.0092 5920 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
15:23:42.0092 5920 C:\Windows\SysWOW64\rpcrt4.dll - ok
15:23:42.0092 5920 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
15:23:42.0092 5920 C:\Windows\SysWOW64\sechost.dll - ok
15:23:42.0102 5920 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
15:23:42.0102 5920 C:\Windows\SysWOW64\cryptbase.dll - ok
15:23:42.0102 5920 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
15:23:42.0102 5920 C:\Windows\SysWOW64\lpk.dll - ok
15:23:42.0112 5920 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
15:23:42.0112 5920 C:\Windows\SysWOW64\sspicli.dll - ok
15:23:42.0122 5920 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
15:23:42.0122 5920 C:\Windows\SysWOW64\usp10.dll - ok
15:23:42.0122 5920 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
15:23:42.0122 5920 C:\Windows\SysWOW64\imagehlp.dll - ok
15:23:42.0132 5920 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
15:23:42.0132 5920 C:\Windows\SysWOW64\mpr.dll - ok
15:23:42.0132 5920 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
15:23:42.0132 5920 C:\Windows\SysWOW64\version.dll - ok
15:23:42.0142 5920 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
15:23:42.0142 5920 C:\Windows\SysWOW64\ws2_32.dll - ok
15:23:42.0142 5920 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
15:23:42.0142 5920 C:\Windows\SysWOW64\wsock32.dll - ok
15:23:42.0152 5920 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
15:23:42.0152 5920 C:\Windows\SysWOW64\nsi.dll - ok
15:23:42.0152 5920 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
15:23:42.0152 5920 C:\Windows\SysWOW64\oleacc.dll - ok
15:23:42.0162 5920 [ 8290E04F8A4D9594BFB53D520B677B8A ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl
15:23:42.0162 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl - ok
15:23:42.0172 5920 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
15:23:42.0172 5920 C:\Windows\SysWOW64\msimg32.dll - ok
15:23:42.0172 5920 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
15:23:42.0172 5920 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
15:23:42.0182 5920 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
15:23:42.0182 5920 C:\Windows\SysWOW64\shell32.dll - ok
15:23:42.0182 5920 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
15:23:42.0182 5920 C:\Windows\SysWOW64\shlwapi.dll - ok
15:23:42.0192 5920 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
15:23:42.0192 5920 C:\Windows\SysWOW64\comdlg32.dll - ok
15:23:42.0192 5920 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
15:23:42.0192 5920 C:\Windows\SysWOW64\winspool.drv - ok
15:23:42.0202 5920 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
15:23:42.0202 5920 C:\Windows\SysWOW64\oledlg.dll - ok
15:23:42.0212 5920 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
15:23:42.0212 5920 C:\Windows\SysWOW64\userenv.dll - ok
15:23:42.0212 5920 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
15:23:42.0212 5920 C:\Windows\SysWOW64\winmm.dll - ok
15:23:42.0222 5920 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
15:23:42.0222 5920 C:\Windows\SysWOW64\imm32.dll - ok
15:23:42.0222 5920 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
15:23:42.0232 5920 C:\Windows\SysWOW64\profapi.dll - ok
15:23:42.0232 5920 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
15:23:42.0232 5920 C:\Windows\SysWOW64\msctf.dll - ok
15:23:42.0242 5920 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
15:23:42.0242 5920 C:\Windows\SysWOW64\atl.dll - ok
15:23:42.0242 5920 [ C3D43E21FA49657BC1645E9D745656C6 ] C:\Windows\SysWOW64\wininet.dll
15:23:42.0242 5920 C:\Windows\SysWOW64\wininet.dll - ok
15:23:42.0252 5920 [ CDC6FE0EBD8AC0CB85EDE86A26076C29 ] C:\Windows\SysWOW64\urlmon.dll
15:23:42.0252 5920 C:\Windows\SysWOW64\urlmon.dll - ok
15:23:42.0252 5920 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
15:23:42.0252 5920 C:\Windows\SysWOW64\crypt32.dll - ok
15:23:42.0262 5920 [ 1BDAC8D088147DF70A5191C14D9AC265 ] C:\Windows\SysWOW64\iertutil.dll
15:23:42.0262 5920 C:\Windows\SysWOW64\iertutil.dll - ok
15:23:42.0272 5920 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
15:23:42.0272 5920 C:\Windows\SysWOW64\msasn1.dll - ok
15:23:42.0272 5920 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
15:23:42.0272 5920 C:\Windows\System32\drivers\luafv.sys - ok
15:23:42.0282 5920 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
15:23:42.0282 5920 C:\Windows\System32\drivers\WUDFPf.sys - ok
15:23:42.0282 5920 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
15:23:42.0282 5920 C:\Windows\System32\rpcss.dll - ok
15:23:42.0292 5920 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
15:23:42.0292 5920 C:\Windows\System32\RpcEpMap.dll - ok
15:23:42.0292 5920 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
15:23:42.0292 5920 C:\Windows\System32\wshqos.dll - ok
15:23:42.0302 5920 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
15:23:42.0302 5920 C:\Windows\System32\WSHTCPIP.DLL - ok
15:23:42.0312 5920 [ D0D8877969011D1B0ED9C3C55A9A9108 ] C:\Windows\System32\atiesrxx.exe
15:23:42.0312 5920 C:\Windows\System32\atiesrxx.exe - ok
15:23:42.0312 5920 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
15:23:42.0312 5920 C:\Windows\System32\FirewallAPI.dll - ok
15:23:42.0322 5920 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
15:23:42.0322 5920 C:\Windows\System32\wtsapi32.dll - ok
15:23:42.0332 5920 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
15:23:42.0332 5920 C:\Windows\System32\LogonUI.exe - ok
15:23:42.0332 5920 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
15:23:42.0332 5920 C:\Windows\System32\version.dll - ok
15:23:42.0342 5920 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
15:23:42.0342 5920 C:\Windows\System32\authui.dll - ok
15:23:42.0352 5920 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
15:23:42.0352 5920 C:\Windows\System32\wevtsvc.dll - ok
15:23:42.0352 5920 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
15:23:42.0352 5920 C:\Windows\System32\audiosrv.dll - ok
15:23:42.0362 5920 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
15:23:42.0362 5920 C:\Windows\System32\avrt.dll - ok
15:23:42.0372 5920 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
15:23:42.0372 5920 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe - ok
15:23:42.0372 5920 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
15:23:42.0372 5920 C:\Windows\System32\mmcss.dll - ok
15:23:42.0382 5920 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
15:23:42.0382 5920 C:\Windows\System32\dsound.dll - ok
15:23:42.0382 5920 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
15:23:42.0382 5920 C:\Windows\System32\MMDevAPI.dll - ok
15:23:42.0392 5920 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
15:23:42.0392 5920 C:\Windows\System32\propsys.dll - ok
15:23:42.0402 5920 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
15:23:42.0402 5920 C:\Windows\System32\winmm.dll - ok
15:23:42.0402 5920 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:23:42.0402 5920 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:23:42.0412 5920 [ 58C84FDC71B992A0E70592E478780D5E ] C:\Windows\System32\stapi64.dll
15:23:42.0412 5920 C:\Windows\System32\stapi64.dll - ok
15:23:42.0422 5920 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
15:23:42.0422 5920 C:\Windows\System32\audiodg.exe - ok
15:23:42.0422 5920 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
15:23:42.0422 5920 C:\Windows\System32\ntmarta.dll - ok
15:23:42.0432 5920 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
15:23:42.0432 5920 C:\Windows\System32\AudioSes.dll - ok
15:23:42.0432 5920 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
15:23:42.0432 5920 C:\Windows\System32\AudioEng.dll - ok
15:23:42.0442 5920 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
15:23:42.0442 5920 C:\Windows\System32\AUDIOKSE.dll - ok
15:23:42.0442 5920 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
15:23:42.0442 5920 C:\Windows\System32\ksuser.dll - ok
15:23:42.0442 5920 [ F9949A5756E07A338CDFD34BA3DFB4E4 ] C:\Windows\System32\stapo64.dll
15:23:42.0442 5920 C:\Windows\System32\stapo64.dll - ok
15:23:42.0452 5920 [ FFA1A0DD5C18130DABE0F68D6F1EBFBA ] C:\Windows\System32\AESTAC64.dll
15:23:42.0452 5920 C:\Windows\System32\AESTAC64.dll - ok
15:23:42.0462 5920 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
15:23:42.0462 5920 C:\Windows\System32\cryptui.dll - ok
15:23:42.0462 5920 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
15:23:42.0462 5920 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
15:23:42.0472 5920 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
15:23:42.0472 5920 C:\Windows\System32\samlib.dll - ok
15:23:42.0482 5920 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
15:23:42.0482 5920 C:\Windows\System32\shacct.dll - ok
15:23:42.0482 5920 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
15:23:42.0482 5920 C:\Windows\System32\uxtheme.dll - ok
15:23:42.0492 5920 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
15:23:42.0492 5920 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
15:23:42.0492 5920 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
15:23:42.0492 5920 C:\Windows\System32\dui70.dll - ok
15:23:42.0502 5920 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
15:23:42.0502 5920 C:\Windows\System32\duser.dll - ok
15:23:42.0512 5920 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
15:23:42.0512 5920 C:\Windows\System32\SndVolSSO.dll - ok
15:23:42.0512 5920 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
15:23:42.0512 5920 C:\Windows\System32\dwmapi.dll - ok
15:23:42.0522 5920 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
15:23:42.0522 5920 C:\Windows\System32\hid.dll - ok
15:23:42.0522 5920 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
15:23:42.0522 5920 C:\Windows\System32\xmllite.dll - ok
15:23:42.0532 5920 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
15:23:42.0532 5920 C:\Windows\System32\wdmaud.drv - ok
15:23:42.0532 5920 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
15:23:42.0532 5920 C:\Windows\System32\WindowsCodecs.dll - ok
15:23:42.0542 5920 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
15:23:42.0542 5920 C:\Windows\System32\msacm32.drv - ok
15:23:42.0552 5920 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
15:23:42.0552 5920 C:\Windows\System32\msacm32.dll - ok
15:23:42.0552 5920 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
15:23:42.0552 5920 C:\Windows\System32\midimap.dll - ok
15:23:42.0562 5920 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
15:23:42.0562 5920 C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:23:42.0562 5920 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
15:23:42.0562 5920 C:\Windows\System32\mfplat.dll - ok
15:23:42.0572 5920 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
15:23:42.0572 5920 C:\Windows\System32\winbrand.dll - ok
15:23:42.0582 5920 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
15:23:42.0582 5920 C:\Windows\System32\AESTAR64.dll - ok
15:23:42.0582 5920 [ 3D9FC44CA93001B423F89876369F1348 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
15:23:42.0582 5920 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
15:23:42.0592 5920 [ B6F0676FC23D543452FE81D8B71D24E7 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
15:23:42.0592 5920 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
15:23:42.0602 5920 [ F7BA79CEFBD9DF4AF781E00356FBF48E ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
15:23:42.0602 5920 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
15:23:42.0612 5920 [ 79E25E0628A2FF7A74356EAEF5011C26 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
15:23:42.0612 5920 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
15:23:42.0612 5920 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
15:23:42.0612 5920 C:\Windows\System32\gpsvc.dll - ok
15:23:42.0622 5920 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
15:23:42.0622 5920 C:\Windows\System32\dsrole.dll - ok
15:23:42.0632 5920 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
15:23:42.0632 5920 C:\Windows\System32\nlaapi.dll - ok
15:23:42.0632 5920 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
15:23:42.0632 5920 C:\Windows\System32\slc.dll - ok
15:23:42.0642 5920 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
15:23:42.0642 5920 C:\Windows\System32\profsvc.dll - ok
15:23:42.0642 5920 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
15:23:42.0642 5920 C:\Windows\System32\atl.dll - ok
15:23:42.0652 5920 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
15:23:42.0652 5920 C:\Windows\System32\themeservice.dll - ok
15:23:42.0662 5920 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
15:23:42.0662 5920 C:\Windows\System32\VaultCredProvider.dll - ok
15:23:42.0662 5920 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:23:42.0662 5920 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:23:42.0672 5920 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
15:23:42.0672 5920 C:\Windows\System32\BioCredProv.dll - ok
15:23:42.0682 5920 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
15:23:42.0682 5920 C:\Windows\System32\winbio.dll - ok
15:23:42.0682 5920 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
15:23:42.0682 5920 C:\Windows\System32\credui.dll - ok
15:23:42.0692 5920 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
15:23:42.0692 5920 C:\Windows\System32\vaultcli.dll - ok
15:23:42.0692 5920 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
15:23:42.0692 5920 C:\Windows\System32\es.dll - ok
15:23:42.0702 5920 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
15:23:42.0702 5920 C:\Windows\System32\comres.dll - ok
15:23:42.0702 5920 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
15:23:42.0702 5920 C:\Windows\System32\adtschema.dll - ok
15:23:42.0712 5920 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
15:23:42.0712 5920 C:\Windows\System32\wlansvc.dll - ok
15:23:42.0712 5920 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
15:23:42.0712 5920 C:\Windows\System32\Sens.dll - ok
15:23:42.0722 5920 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
15:23:42.0722 5920 C:\Windows\System32\drivers\fltMgr.sys - ok
15:23:42.0722 5920 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
15:23:42.0722 5920 C:\Windows\System32\netapi32.dll - ok
15:23:42.0732 5920 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
15:23:42.0732 5920 C:\Windows\System32\netutils.dll - ok
15:23:42.0732 5920 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
15:23:42.0732 5920 C:\Windows\System32\wkscli.dll - ok
15:23:42.0742 5920 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] C:\Windows\System32\hpservice.exe
15:23:42.0742 5920 C:\Windows\System32\hpservice.exe - ok
15:23:42.0742 5920 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
15:23:42.0742 5920 C:\Windows\System32\mfc42u.dll - ok
15:23:42.0752 5920 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
15:23:42.0752 5920 C:\Windows\System32\samcli.dll - ok
15:23:42.0762 5920 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
15:23:42.0762 5920 C:\Windows\System32\certCredProvider.dll - ok
15:23:42.0762 5920 [ FB25067C233B686B50F29ABD688B2A6D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
15:23:42.0762 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
15:23:42.0772 5920 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
15:23:42.0772 5920 C:\Windows\System32\rasplap.dll - ok
15:23:42.0772 5920 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
15:23:42.0772 5920 C:\Windows\System32\rasapi32.dll - ok
15:23:42.0782 5920 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
15:23:42.0782 5920 C:\Windows\System32\PSHED.DLL - ok
15:23:42.0782 5920 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
15:23:42.0782 5920 C:\Windows\System32\rasman.dll - ok
15:23:42.0792 5920 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
15:23:42.0792 5920 C:\Windows\System32\rtutils.dll - ok
15:23:42.0792 5920 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
15:23:42.0792 5920 C:\Windows\System32\UXInit.dll - ok
15:23:42.0802 5920 [ E2289369AA64C5A2EA496568DB85CF8E ] C:\Windows\System32\atieclxx.exe
15:23:42.0802 5920 C:\Windows\System32\atieclxx.exe - ok
15:23:42.0802 5920 [ 3DB79E65E83EEA0601B6F2FF83E76CB0 ] C:\Windows\System32\atiadlxx.dll
15:23:42.0802 5920 C:\Windows\System32\atiadlxx.dll - ok
15:23:42.0812 5920 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
15:23:42.0812 5920 C:\Windows\System32\oleacc.dll - ok
15:23:42.0822 5920 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
15:23:42.0822 5920 C:\Windows\System32\UIAutomationCore.dll - ok
15:23:42.0822 5920 [ 8C6A5A0D335327EA91FF22481E7068C0 ] C:\Windows\System32\atimuixx.dll
15:23:42.0822 5920 C:\Windows\System32\atimuixx.dll - ok
15:23:42.0832 5920 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
15:23:42.0832 5920 C:\Windows\System32\imageres.dll - ok
15:23:42.0832 5920 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
15:23:42.0832 5920 C:\Windows\System32\odbc32.dll - ok
15:23:42.0842 5920 [ E4534381D36D42EBF3A5E9B17DEBC707 ] C:\Windows\System32\accelerometerdll.DLL
15:23:42.0842 5920 C:\Windows\System32\accelerometerdll.DLL - ok
15:23:42.0842 5920 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
15:23:42.0842 5920 C:\Windows\System32\odbcint.dll - ok
15:23:42.0852 5920 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
15:23:42.0852 5920 C:\Windows\System32\uxsms.dll - ok
15:23:42.0852 5920 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
15:23:42.0852 5920 C:\Windows\System32\WUDFPlatform.dll - ok
15:23:42.0862 5920 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
15:23:42.0862 5920 C:\Windows\System32\WUDFSvc.dll - ok
15:23:42.0862 5920 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
15:23:42.0862 5920 C:\Windows\System32\drivers\lltdio.sys - ok
15:23:42.0872 5920 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
15:23:42.0872 5920 C:\Windows\System32\drivers\nwifi.sys - ok
15:23:42.0872 5920 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
15:23:42.0872 5920 C:\Windows\System32\drivers\ndisuio.sys - ok
15:23:42.0882 5920 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
15:23:42.0882 5920 C:\Windows\System32\MPSSVC.dll - ok
15:23:42.0882 5920 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:23:42.0882 5920 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:23:42.0892 5920 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
15:23:42.0892 5920 C:\Windows\System32\drivers\rspndr.sys - ok
15:23:42.0902 5920 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
15:23:42.0902 5920 C:\Windows\System32\lmhsvc.dll - ok
15:23:42.0902 5920 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
15:23:42.0902 5920 C:\Windows\System32\nsisvc.dll - ok
15:23:42.0912 5920 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
15:23:42.0912 5920 C:\Windows\System32\dnsrslvr.dll - ok
15:23:42.0912 5920 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
15:23:42.0912 5920 C:\Windows\System32\eapsvc.dll - ok
15:23:42.0922 5920 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
15:23:42.0922 5920 C:\Windows\System32\keyiso.dll - ok
15:23:42.0922 5920 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
15:23:42.0922 5920 C:\Windows\System32\winnsi.dll - ok
15:23:42.0932 5920 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
15:23:42.0932 5920 C:\Windows\System32\IPHLPAPI.DLL - ok
15:23:42.0932 5920 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
15:23:42.0932 5920 C:\Windows\System32\dhcpcore.dll - ok
15:23:42.0942 5920 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
15:23:42.0942 5920 C:\Windows\System32\nrpsrv.dll - ok
15:23:42.0942 5920 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
15:23:42.0942 5920 C:\Windows\System32\dhcpcore6.dll - ok
15:23:42.0942 5920 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
15:23:42.0942 5920 C:\Windows\System32\eapphost.dll - ok
15:23:42.0952 5920 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
15:23:42.0952 5920 C:\Windows\System32\FWPUCLNT.DLL - ok
15:23:42.0962 5920 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
15:23:42.0962 5920 C:\Windows\System32\umb.dll - ok
15:23:42.0972 5920 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
15:23:42.0972 5920 C:\Windows\System32\wlanmsm.dll - ok
15:23:42.0972 5920 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
15:23:42.0972 5920 C:\Windows\System32\dhcpcsvc.dll - ok
15:23:42.0982 5920 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
15:23:42.0982 5920 C:\Windows\System32\dnsext.dll - ok
15:23:42.0982 5920 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
15:23:42.0982 5920 C:\Windows\System32\dhcpcsvc6.dll - ok
15:23:42.0992 5920 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
15:23:42.0992 5920 C:\Windows\System32\wlansec.dll - ok
15:23:42.0992 5920 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
15:23:42.0992 5920 C:\Windows\System32\onex.dll - ok
15:23:43.0002 5920 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
15:23:43.0002 5920 C:\Windows\System32\eappcfg.dll - ok
15:23:43.0002 5920 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
15:23:43.0002 5920 C:\Windows\System32\eappprxy.dll - ok
15:23:43.0012 5920 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
15:23:43.0012 5920 C:\Windows\System32\wlgpclnt.dll - ok
15:23:43.0012 5920 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
15:23:43.0012 5920 C:\Windows\System32\l2gpstore.dll - ok
15:23:43.0022 5920 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
15:23:43.0022 5920 C:\Windows\System32\WinSCard.dll - ok
15:23:43.0022 5920 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
15:23:43.0022 5920 C:\Windows\System32\wlanutil.dll - ok
15:23:43.0032 5920 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
15:23:43.0032 5920 C:\Windows\System32\msxml6.dll - ok
15:23:43.0032 5920 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
15:23:43.0032 5920 C:\Windows\System32\shsvcs.dll - ok
15:23:43.0042 5920 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
15:23:43.0042 5920 C:\Windows\System32\schedsvc.dll - ok
15:23:43.0042 5920 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
15:23:43.0042 5920 C:\Windows\System32\ktmw32.dll - ok
15:23:43.0052 5920 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
15:23:43.0052 5920 C:\Windows\System32\taskcomp.dll - ok
15:23:43.0052 5920 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
15:23:43.0062 5920 C:\Windows\System32\fveapi.dll - ok
15:23:43.0062 5920 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
15:23:43.0062 5920 C:\Windows\System32\fvecerts.dll - ok
15:23:43.0072 5920 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
15:23:43.0072 5920 C:\Windows\System32\tbs.dll - ok
15:23:43.0072 5920 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
15:23:43.0072 5920 C:\Windows\System32\drivers\http.sys - ok
15:23:43.0082 5920 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
15:23:43.0082 5920 C:\Windows\System32\wiarpc.dll - ok
15:23:43.0092 5920 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
15:23:43.0092 5920 C:\Windows\System32\spoolsv.exe - ok
15:23:43.0092 5920 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
15:23:43.0092 5920 C:\Windows\System32\BFE.DLL - ok
15:23:43.0102 5920 [ 8AE99EBE30E8338907361018D9030835 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
15:23:43.0102 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe - ok
15:23:43.0102 5920 [ DD82EB68D97944B192C7803EB585B03C ] C:\Program Files (x86)\IObit\IObit Malware Fighter\rtl120.bpl
15:23:43.0102 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\rtl120.bpl - ok
15:23:43.0112 5920 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:23:43.0112 5920 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:23:43.0122 5920 [ 773EBD87010A6F644869A59D98792C9C ] C:\Program Files (x86)\IObit\IObit Malware Fighter\vcl120.bpl
15:23:43.0122 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\vcl120.bpl - ok
15:23:43.0122 5920 [ 8A73E259446AEADF64EA884F2BCE4E69 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\datastate.dll
15:23:43.0122 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\datastate.dll - ok
15:23:43.0132 5920 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
15:23:43.0132 5920 C:\Windows\System32\netcfgx.dll - ok
15:23:43.0142 5920 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
15:23:43.0142 5920 C:\Windows\System32\drivers\bowser.sys - ok
15:23:43.0142 5920 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
15:23:43.0142 5920 C:\Windows\System32\drivers\mpsdrv.sys - ok
15:23:43.0152 5920 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
15:23:43.0152 5920 C:\Windows\System32\drivers\mrxsmb.sys - ok
15:23:43.0152 5920 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:23:43.0152 5920 C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:23:43.0162 5920 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
15:23:43.0162 5920 C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:23:43.0162 5920 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
15:23:43.0162 5920 C:\Windows\System32\wkssvc.dll - ok
15:23:43.0172 5920 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
15:23:43.0172 5920 C:\Windows\System32\wfapigp.dll - ok
15:23:43.0182 5920 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
15:23:43.0182 5920 C:\Windows\System32\mscms.dll - ok
15:23:43.0182 5920 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
15:23:43.0182 5920 C:\Windows\System32\pcasvc.dll - ok
15:23:43.0192 5920 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
15:23:43.0192 5920 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe - ok
15:23:43.0192 5920 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
15:23:43.0192 5920 C:\Windows\System32\snmptrap.exe - ok
15:23:43.0202 5920 [ B65F8DBA54F251906BBE8611B5A0E7AB ] C:\Program Files\LSI SoftModem\agr64svc.exe
15:23:43.0202 5920 C:\Program Files\LSI SoftModem\agr64svc.exe - ok
15:23:43.0202 5920 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:23:43.0202 5920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:23:43.0212 5920 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
15:23:43.0212 5920 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
15:23:43.0222 5920 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
15:23:43.0222 5920 C:\Windows\System32\iphlpsvc.dll - ok
15:23:43.0222 5920 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
15:23:43.0222 5920 C:\Windows\System32\provsvc.dll - ok
15:23:43.0232 5920 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
15:23:43.0232 5920 C:\Windows\System32\sstpsvc.dll - ok
15:23:43.0232 5920 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
15:23:43.0232 5920 C:\Windows\System32\dllhost.exe - ok
15:23:43.0242 5920 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
15:23:43.0242 5920 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
15:23:43.0242 5920 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
15:23:43.0242 5920 C:\Windows\System32\IDStore.dll - ok
15:23:43.0242 5920 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
15:23:43.0242 5920 C:\Windows\System32\taskhost.exe - ok
15:23:43.0252 5920 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
15:23:43.0252 5920 C:\Windows\System32\MsCtfMonitor.dll - ok
15:23:43.0262 5920 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
15:23:43.0262 5920 C:\Windows\System32\msutb.dll - ok
15:23:43.0262 5920 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
15:23:43.0262 5920 C:\Windows\System32\taskeng.exe - ok
15:23:43.0272 5920 [ 0A888754C63C3A5D8CD8F7492C62B40D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
15:23:43.0272 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
15:23:43.0272 5920 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:23:43.0272 5920 C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:23:43.0282 5920 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
15:23:43.0282 5920 C:\Windows\System32\rasadhlp.dll - ok
15:23:43.0282 5920 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
15:23:43.0282 5920 C:\Windows\System32\localspl.dll - ok
15:23:43.0292 5920 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
15:23:43.0292 5920 C:\Windows\System32\HotStartUserAgent.dll - ok
15:23:43.0292 5920 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
15:23:43.0292 5920 C:\Windows\System32\spoolss.dll - ok
15:23:43.0302 5920 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
15:23:43.0302 5920 C:\Windows\System32\winspool.drv - ok
15:23:43.0302 5920 [ 024C32D4D996ECD0FD9AF363FE744A08 ] C:\Windows\System32\CNMLMA6.DLL
15:23:43.0302 5920 C:\Windows\System32\CNMLMA6.DLL - ok
15:23:43.0312 5920 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
15:23:43.0312 5920 C:\Windows\System32\PrintIsolationProxy.dll - ok
15:23:43.0322 5920 [ 7F725B746447B05B9154F57EFBF4F67E ] C:\Windows\System32\CNMN6PPM.DLL
15:23:43.0322 5920 C:\Windows\System32\CNMN6PPM.DLL - ok
15:23:43.0322 5920 [ 0AFFF58CC116399FADCDB76B3E5EEA35 ] C:\Windows\System32\CNCF2Ll.DLL
15:23:43.0322 5920 C:\Windows\System32\CNCF2Ll.DLL - ok
15:23:43.0332 5920 [ 46B8E04B3C35CB93F89EF27746D7A908 ] C:\Windows\System32\EP0SLM01.DLL
15:23:43.0332 5920 C:\Windows\System32\EP0SLM01.DLL - ok
15:23:43.0332 5920 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
15:23:43.0332 5920 C:\Windows\System32\FXSMON.dll - ok
15:23:43.0342 5920 [ 4977CBC52959FDBD6B2E40BAA1B631C5 ] C:\Windows\System32\hpzllw71.dll
15:23:43.0342 5920 C:\Windows\System32\hpzllw71.dll - ok
15:23:43.0342 5920 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
15:23:43.0342 5920 C:\Windows\System32\TSChannel.dll - ok
15:23:43.0352 5920 [ 2E1729779D60F4003508F393E8343ED8 ] C:\Windows\System32\hpf3lw73.dll
15:23:43.0352 5920 C:\Windows\System32\hpf3lw73.dll - ok
15:23:43.0362 5920 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
15:23:43.0362 5920 C:\Windows\System32\hpz3lw71.dll - ok
15:23:43.0362 5920 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
15:23:43.0362 5920 C:\Windows\System32\tcpmon.dll - ok
15:23:43.0372 5920 [ 5A78D672EAE975D40DE35CE6B650282B ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
15:23:43.0372 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe - ok
15:23:43.0372 5920 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
15:23:43.0372 5920 C:\Windows\System32\snmpapi.dll - ok
15:23:43.0382 5920 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
15:23:43.0382 5920 C:\Windows\System32\wsnmp32.dll - ok
15:23:43.0392 5920 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
15:23:43.0392 5920 C:\Windows\System32\usbmon.dll - ok
15:23:43.0392 5920 [ 9FACF68EE6BDED00108002C61517D08A ] C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
15:23:43.0392 5920 C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe - ok
15:23:43.0402 5920 [ 114CF6C8F5897162DFC00A7C920DDF16 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
15:23:43.0402 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl - ok
15:23:43.0402 5920 [ F58732600FC92413A8B2451FEC5B2FC9 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
15:23:43.0402 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl - ok
15:23:43.0412 5920 [ 8838B1D35DA190061890A8FED8596EAE ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
15:23:43.0412 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl - ok
15:23:43.0412 5920 [ DD82EB68D97944B192C7803EB585B03C ] C:\Program Files (x86)\IObit\Game Booster 3\rtl120.bpl
15:23:43.0412 5920 C:\Program Files (x86)\IObit\Game Booster 3\rtl120.bpl - ok
15:23:43.0412 5920 [ 773EBD87010A6F644869A59D98792C9C ] C:\Program Files (x86)\IObit\Game Booster 3\vcl120.bpl
15:23:43.0422 5920 C:\Program Files (x86)\IObit\Game Booster 3\vcl120.bpl - ok
15:23:43.0422 5920 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
15:23:43.0422 5920 C:\Windows\SysWOW64\uxtheme.dll - ok
15:23:43.0432 5920 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
15:23:43.0432 5920 C:\Windows\SysWOW64\dwmapi.dll - ok
15:23:43.0432 5920 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
15:23:43.0432 5920 C:\Windows\System32\AtBroker.exe - ok
15:23:43.0442 5920 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
15:23:43.0442 5920 C:\Windows\System32\mpr.dll - ok
15:23:43.0442 5920 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
15:23:43.0442 5920 C:\Windows\System32\userinit.exe - ok
15:23:43.0452 5920 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
15:23:43.0452 5920 C:\Windows\System32\dwm.exe - ok
15:23:43.0462 5920 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
15:23:43.0462 5920 C:\Windows\System32\dwmredir.dll - ok
15:23:43.0462 5920 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
15:23:43.0462 5920 C:\Windows\System32\WSDMon.dll - ok
15:23:43.0472 5920 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:23:43.0472 5920 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:23:43.0482 5920 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
15:23:43.0482 5920 C:\Windows\System32\WSDApi.dll - ok
15:23:43.0482 5920 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:23:43.0482 5920 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:23:43.0492 5920 [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:23:43.0492 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:23:43.0492 5920 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
15:23:43.0492 5920 C:\Windows\System32\webservices.dll - ok
15:23:43.0502 5920 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
15:23:43.0502 5920 C:\Windows\System32\fdPnp.dll - ok
15:23:43.0502 5920 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
15:23:43.0502 5920 C:\Windows\System32\fundisc.dll - ok
15:23:43.0512 5920 [ 19825922767762E68BD4A901A2F92D84 ] C:\Windows\System32\spool\prtprocs\x64\CNMPDA6.DLL
15:23:43.0512 5920 C:\Windows\System32\spool\prtprocs\x64\CNMPDA6.DLL - ok
15:23:43.0512 5920 [ AD911EBC4FADCCAA243E379FF23AB959 ] C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll
15:23:43.0512 5920 C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll - ok
15:23:43.0522 5920 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
15:23:43.0522 5920 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
15:23:43.0522 5920 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
15:23:43.0522 5920 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
15:23:43.0532 5920 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
15:23:43.0532 5920 C:\Windows\System32\dwmcore.dll - ok
15:23:43.0532 5920 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:23:43.0532 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:23:43.0542 5920 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:23:43.0542 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:23:43.0542 5920 [ 15530639789C990827E594344EACC465 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:23:43.0542 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:23:43.0552 5920 [ 26655CA3645C49DA4A79AC18FE84EE11 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
15:23:43.0552 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
15:23:43.0552 5920 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
15:23:43.0552 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:23:43.0562 5920 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
15:23:43.0562 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:23:43.0562 5920 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
15:23:43.0562 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:23:43.0572 5920 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
15:23:43.0572 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:23:43.0582 5920 [ 24AA9776D6AB032071B61C88089AEA59 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
15:23:43.0582 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:23:43.0582 5920 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:23:43.0582 5920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:23:43.0592 5920 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
15:23:43.0592 5920 C:\Windows\SysWOW64\setupapi.dll - ok
15:23:43.0602 5920 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:23:43.0602 5920 C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:23:43.0602 5920 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
15:23:43.0602 5920 C:\Windows\SysWOW64\devobj.dll - ok
15:23:43.0612 5920 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
15:23:43.0612 5920 C:\Windows\SysWOW64\dnssd.dll - ok
15:23:43.0622 5920 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
15:23:43.0622 5920 C:\Windows\SysWOW64\wtsapi32.dll - ok
15:23:43.0622 5920 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
15:23:43.0622 5920 C:\Windows\SysWOW64\ntmarta.dll - ok
15:23:43.0632 5920 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
15:23:43.0632 5920 C:\Windows\SysWOW64\Wldap32.dll - ok
15:23:43.0632 5920 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
15:23:43.0632 5920 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
15:23:43.0642 5920 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
15:23:43.0642 5920 C:\Windows\SysWOW64\mswsock.dll - ok
15:23:43.0642 5920 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:23:43.0642 5920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:23:43.0652 5920 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:23:43.0652 5920 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:23:43.0662 5920 [ 8195B745A9C3235E4715F0A1B59206CF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
15:23:43.0662 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:23:43.0662 5920 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:23:43.0662 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:23:43.0672 5920 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:23:43.0672 5920 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:23:43.0672 5920 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
15:23:43.0672 5920 C:\Windows\SysWOW64\winnsi.dll - ok
15:23:43.0682 5920 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
15:23:43.0682 5920 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
15:23:43.0692 5920 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
15:23:43.0692 5920 C:\Windows\System32\win32spl.dll - ok
15:23:43.0692 5920 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
15:23:43.0692 5920 C:\Windows\System32\inetpp.dll - ok
15:23:43.0702 5920 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
15:23:43.0702 5920 C:\Windows\System32\d3d10_1.dll - ok
15:23:43.0702 5920 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
15:23:43.0702 5920 C:\Windows\System32\PlaySndSrv.dll - ok
15:23:43.0712 5920 [ 240D42CBD1691C6B7D54AF4E3365BAAC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
15:23:43.0712 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:23:43.0712 5920 [ 282F84E0096499C42102D7234A4D14EF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
15:23:43.0712 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:23:43.0722 5920 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
15:23:43.0722 5920 C:\Windows\SysWOW64\wintrust.dll - ok
15:23:43.0722 5920 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
15:23:43.0722 5920 C:\Windows\explorer.exe - ok
15:23:43.0732 5920 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
15:23:43.0732 5920 C:\Windows\System32\cscapi.dll - ok
15:23:43.0732 5920 [ A57750E129AAE76E933417C8CD63B256 ] C:\Windows\System32\spool\drivers\x64\3\CNCFIMl.DLL
15:23:43.0732 5920 C:\Windows\System32\spool\drivers\x64\3\CNCFIMl.DLL - ok
15:23:43.0742 5920 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
15:23:43.0742 5920 C:\Windows\System32\d3d10_1core.dll - ok
15:23:43.0742 5920 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
15:23:43.0742 5920 C:\Windows\System32\dxgi.dll - ok
15:23:43.0752 5920 [ 40C000910366003F005D60F8148BC55E ] C:\Windows\System32\atidxx64.dll
15:23:43.0752 5920 C:\Windows\System32\atidxx64.dll - ok
15:23:43.0752 5920 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
15:23:43.0752 5920 C:\Windows\System32\ExplorerFrame.dll - ok
15:23:43.0762 5920 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
15:23:43.0762 5920 C:\Windows\System32\EhStorShell.dll - ok
15:23:43.0772 5920 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
15:23:43.0772 5920 C:\Windows\System32\ntshrui.dll - ok
15:23:43.0772 5920 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
15:23:43.0772 5920 C:\Windows\System32\IconCodecService.dll - ok
15:23:43.0772 5920 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
15:23:43.0782 5920 C:\Windows\System32\ntprint.dll - ok
15:23:43.0782 5920 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
15:23:43.0782 5920 C:\Windows\System32\uDWM.dll - ok
15:23:43.0782 5920 [ 070228BB4F6D6794C2CEC8DD9EEE48F5 ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
15:23:43.0782 5920 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
15:23:43.0792 5920 [ F22344A88B6C55AEF9C23FB7A6589384 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\taskmgr.dll
15:23:43.0792 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\taskmgr.dll - ok
15:23:43.0802 5920 [ 31C364E11F4F37160AF8716861BB5039 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll
15:23:43.0802 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll - ok
15:23:43.0802 5920 [ 530B316C6B11F05979E84709F124B942 ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
15:23:43.0802 5920 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
15:23:43.0802 5920 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
15:23:43.0802 5920 C:\Windows\SysWOW64\msvcp100.dll - ok
15:23:43.0812 5920 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
15:23:43.0812 5920 C:\Windows\SysWOW64\msvcr100.dll - ok
15:23:43.0812 5920 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
15:23:43.0812 5920 C:\Windows\SysWOW64\psapi.dll - ok
15:23:43.0822 5920 [ 6E7F9D539526085F770CB61C63A8DBB4 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
15:23:43.0822 5920 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
15:23:43.0832 5920 [ B878CFB59724B52931043DF69075DB5C ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
15:23:43.0832 5920 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
15:23:43.0832 5920 [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
15:23:43.0832 5920 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
15:23:43.0842 5920 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
15:23:43.0842 5920 C:\Windows\SysWOW64\dnsapi.dll - ok
15:23:43.0842 5920 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
15:23:43.0842 5920 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
15:23:43.0852 5920 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
15:23:43.0852 5920 C:\Windows\SysWOW64\rasadhlp.dll - ok
15:23:43.0852 5920 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
15:23:43.0852 5920 C:\Windows\SysWOW64\wship6.dll - ok
15:23:43.0862 5920 [ 1E2946D7A5998E74FB02FB551F996E6D ] C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
15:23:43.0862 5920 C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe - ok
15:23:43.0862 5920 [ 0DE5BA4CEFB5BC123C45B974A182557D ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
15:23:43.0862 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll - ok
15:23:43.0872 5920 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
15:23:43.0872 5920 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
15:23:43.0882 5920 [ 05EC997E7933210DB48BA577FAE13FD9 ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
15:23:43.0882 5920 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
15:23:43.0882 5920 [ 42F11F37CC06D9AB6528AF2E215B8799 ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
15:23:43.0882 5920 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
15:23:43.0892 5920 [ EC5645562E634A27269A5365B8B19681 ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
15:23:43.0892 5920 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
15:23:43.0892 5920 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
15:23:43.0892 5920 C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:23:43.0902 5920 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
15:23:43.0902 5920 C:\Windows\System32\cryptsvc.dll - ok
15:23:43.0902 5920 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
15:23:43.0902 5920 C:\Windows\System32\dps.dll - ok
15:23:43.0912 5920 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
15:23:43.0912 5920 C:\Windows\System32\efscore.dll - ok
15:23:43.0912 5920 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
15:23:43.0912 5920 C:\Windows\System32\efssvc.dll - ok
15:23:43.0922 5920 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
15:23:43.0922 5920 C:\Windows\System32\cryptnet.dll - ok
15:23:43.0922 5920 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
15:23:43.0922 5920 C:\Windows\System32\vssapi.dll - ok
15:23:43.0932 5920 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
15:23:43.0932 5920 C:\Windows\System32\taskschd.dll - ok
15:23:43.0942 5920 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
15:23:43.0942 5920 C:\Windows\System32\efsutil.dll - ok
15:23:43.0942 5920 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
15:23:43.0942 5920 C:\Windows\System32\FDResPub.dll - ok
15:23:43.0952 5920 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
15:23:43.0952 5920 C:\Windows\System32\IKEEXT.DLL - ok
15:23:43.0952 5920 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
15:23:43.0952 5920 C:\Windows\System32\msiexec.exe - ok
15:23:43.0962 5920 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
15:23:43.0962 5920 C:\Windows\System32\msi.dll - ok
15:23:43.0962 5920 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
15:23:43.0962 5920 C:\Windows\System32\vsstrace.dll - ok
15:23:43.0972 5920 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
15:23:43.0972 5920 C:\Windows\System32\winhttp.dll - ok
15:23:43.0972 5920 [ 3306930FD3AC4ABB17A6DFC9222467F1 ] C:\Windows\AppPatch\AppPatch64\AcLayers.dll
15:23:43.0972 5920 C:\Windows\AppPatch\AppPatch64\AcLayers.dll - ok
15:23:43.0982 5920 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
15:23:43.0982 5920 C:\Windows\System32\webio.dll - ok
15:23:43.0982 5920 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
15:23:43.0982 5920 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
15:23:43.0992 5920 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
15:23:43.0992 5920 C:\Windows\System32\httpapi.dll - ok
15:23:43.0992 5920 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
15:23:43.0992 5920 C:\Windows\System32\sfc.dll - ok
15:23:43.0992 5920 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
15:23:43.0992 5920 C:\Windows\System32\sfc_os.dll - ok
15:23:44.0002 5920 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
15:23:44.0002 5920 C:\Windows\System32\netman.dll - ok
15:23:44.0002 5920 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
15:23:44.0002 5920 C:\Windows\System32\nlasvc.dll - ok
15:23:44.0012 5920 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
15:23:44.0012 5920 C:\Windows\System32\ncsi.dll - ok
15:23:44.0012 5920 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
15:23:44.0022 5920 C:\Windows\System32\aepic.dll - ok
15:23:44.0022 5920 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
15:23:44.0022 5920 C:\Windows\System32\ssdpapi.dll - ok
15:23:44.0032 5920 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
15:23:44.0032 5920 C:\Windows\System32\drivers\PEAuth.sys - ok
15:23:44.0032 5920 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
15:23:44.0032 5920 C:\Windows\System32\aeevts.dll - ok
15:23:44.0042 5920 [ A6A7AD767BF5141665F5C675F671B3E1 ] C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:23:44.0042 5920 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe - ok
15:23:44.0042 5920 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
15:23:44.0042 5920 C:\Windows\System32\vpnikeapi.dll - ok
15:23:44.0052 5920 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
15:23:44.0052 5920 C:\Windows\SysWOW64\clbcatq.dll - ok
15:23:44.0052 5920 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
15:23:44.0052 5920 C:\Windows\SysWOW64\propsys.dll - ok
15:23:44.0062 5920 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
15:23:44.0062 5920 C:\Windows\System32\drivers\secdrv.sys - ok
15:23:44.0062 5920 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
15:23:44.0062 5920 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
15:23:44.0072 5920 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
15:23:44.0072 5920 C:\Windows\System32\seclogon.dll - ok
15:23:44.0072 5920 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
15:23:44.0072 5920 C:\Windows\System32\drivers\srvnet.sys - ok
15:23:44.0082 5920 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
15:23:44.0082 5920 C:\Windows\System32\drivers\tcpipreg.sys - ok
15:23:44.0082 5920 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
15:23:44.0082 5920 C:\Windows\System32\sysmain.dll - ok
15:23:44.0093 5920 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
15:23:44.0093 5920 C:\Windows\System32\tapisrv.dll - ok
15:23:44.0093 5920 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
15:23:44.0093 5920 C:\Windows\System32\wiaservc.dll - ok
15:23:44.0103 5920 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
15:23:44.0103 5920 C:\Windows\System32\wiatrace.dll - ok
15:23:44.0113 5920 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
15:23:44.0113 5920 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe - ok
15:23:44.0113 5920 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
15:23:44.0113 5920 C:\Windows\System32\trkwks.dll - ok
15:23:44.0123 5920 [ 1C5D6A9A55A8DDC99921295704DFBAD7 ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
15:23:44.0123 5920 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
15:23:44.0123 5920 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
15:23:44.0123 5920 C:\Windows\System32\wbem\WMIsvc.dll - ok
15:23:44.0133 5920 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
15:23:44.0533 5920 C:\Program Files\Windows Defender\MpSvc.dll - ok
15:23:44.0543 5920 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
15:23:44.0543 5920 C:\Program Files\Windows Defender\MpClient.dll - ok
15:23:44.0543 5920 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
15:23:44.0543 5920 C:\Windows\System32\esent.dll - ok
15:23:44.0543 5920 [ 98F138897EF4246381D197CB81846D62 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:23:44.0543 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
15:23:44.0553 5920 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
15:23:44.0553 5920 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
15:23:44.0563 5920 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
15:23:44.0563 5920 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
15:23:44.0563 5920 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
15:23:44.0563 5920 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
15:23:44.0573 5920 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
15:23:44.0573 5920 C:\Windows\System32\wbemcomn.dll - ok
15:23:44.0573 5920 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
15:23:44.0573 5920 C:\Program Files\Windows Defender\MpRTP.dll - ok
15:23:44.0583 5920 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
15:23:44.0583 5920 C:\Windows\System32\tdh.dll - ok
15:23:44.0593 5920 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
15:23:44.0593 5920 C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:23:44.0593 5920 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:23:44.0593 5920 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:23:44.0603 5920 [ 57B736E990BA15568FAFAE9262C0AE6B ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
15:23:44.0603 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
15:23:44.0603 5920 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
15:23:44.0603 5920 C:\Windows\System32\SensApi.dll - ok
15:23:44.0603 5920 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
15:23:44.0603 5920 C:\Windows\System32\ntdsapi.dll - ok
15:23:44.0613 5920 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
15:23:44.0613 5920 C:\Windows\System32\wbem\fastprox.dll - ok
15:23:44.0623 5920 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
15:23:44.0623 5920 C:\Windows\System32\wbem\wbemprox.dll - ok
15:23:44.0623 5920 [ 7548066DF68A8A1A56B043359F915F37 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
15:23:44.0623 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
15:23:44.0633 5920 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
15:23:44.0633 5920 C:\Windows\System32\wbem\wbemcore.dll - ok
15:23:44.0633 5920 [ 2D62FF2B999A0A38E6438691C246481F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
15:23:44.0633 5920 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
15:23:44.0643 5920 [ A1CF0ED4315C7EBFF0B8E86C36B86FE6 ] C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
15:23:44.0643 5920 C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll - ok
15:23:44.0643 5920 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
15:23:44.0643 5920 C:\Windows\System32\wbem\esscli.dll - ok
15:23:44.0653 5920 [ 984BDAC9F4FC9993CE8D3A7D7DA3E9A5 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
15:23:44.0653 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
15:23:44.0653 5920 [ 3960CEB4A6B13784252D827ECF65CED3 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ARA\Shell_ARA.dll
15:23:44.0653 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ARA\Shell_ARA.dll - ok
15:23:44.0663 5920 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
15:23:44.0663 5920 C:\Windows\System32\drivers\srv2.sys - ok
15:23:44.0663 5920 [ 1530DFBDFD68AAD1FD5FDA52EA44925E ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHS\Shell_CHS.dll
15:23:44.0663 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHS\Shell_CHS.dll - ok
15:23:44.0673 5920 [ 747E9FD93A32202BE6DC5D1321BE977C ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpengine.dll
15:23:44.0673 5920 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpengine.dll - ok
15:23:44.0673 5920 [ A58F4E888905822C479B4CDC642AE278 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpasbase.vdm
15:23:44.0673 5920 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpasbase.vdm - ok
15:23:44.0683 5920 [ 8E247FE85C089EC32E98700968C12C99 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpasdlta.vdm
15:23:44.0683 5920 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0F0A292-F760-43F5-99F9-306277A385F2}\mpasdlta.vdm - ok
15:23:44.0683 5920 [ 7FC0F6C8A0CEFBE4E60D8577C6FF8584 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHT\Shell_CHT.dll
15:23:44.0683 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHT\Shell_CHT.dll - ok
15:23:44.0693 5920 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
15:23:44.0693 5920 C:\Program Files\Windows Defender\MsMpLics.dll - ok
15:23:44.0693 5920 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
15:23:44.0693 5920 C:\Windows\System32\wscapi.dll - ok
15:23:44.0703 5920 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
15:23:44.0703 5920 C:\Windows\System32\wscisvif.dll - ok
15:23:44.0703 5920 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
15:23:44.0703 5920 C:\Windows\System32\wscproxystub.dll - ok
15:23:44.0713 5920 [ EEA7E552C2C992CFD4B50857010F39EA ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CSY\Shell_CSY.dll
15:23:44.0713 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CSY\Shell_CSY.dll - ok
15:23:44.0713 5920 [ 5E2623439A9936D320FE8DC1AB84526A ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DAN\Shell_DAN.dll
15:23:44.0713 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DAN\Shell_DAN.dll - ok
15:23:44.0723 5920 [ 8F1656DEB2E861D608909792F5A68C3B ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DEU\Shell_DEU.dll
15:23:44.0723 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DEU\Shell_DEU.dll - ok
15:23:44.0723 5920 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
15:23:44.0723 5920 C:\Windows\System32\wbem\wbemsvc.dll - ok
15:23:44.0733 5920 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
15:23:44.0733 5920 C:\Windows\System32\drivers\srv.sys - ok
15:23:44.0733 5920 [ 78193AA97D679531522C3E2FA4A5EDFE ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ELL\Shell_ELL.dll
15:23:44.0733 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ELL\Shell_ELL.dll - ok
15:23:44.0743 5920 [ 793A19EAB66BB232F019DFF9D1977A41 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\Shell_ENU.dll
15:23:44.0743 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\Shell_ENU.dll - ok
15:23:44.0753 5920 [ BA726152513EC650EED219B7995DE852 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\Shell_ESP.dll
15:23:44.0753 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\Shell_ESP.dll - ok
15:23:44.0753 5920 [ 77C8E1779E784189EA29D9A5ECCDD9E9 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FIN\Shell_FIN.dll
15:23:44.0753 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FIN\Shell_FIN.dll - ok
15:23:44.0763 5920 [ AFD87B70E2C48EC080CA28ADCC3175B5 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FRA\Shell_FRA.dll
15:23:44.0763 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FRA\Shell_FRA.dll - ok
15:23:44.0773 5920 [ 5ECEA5F29DCEE8D320454C86A1CB3366 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HEB\Shell_HEB.dll
15:23:44.0773 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HEB\Shell_HEB.dll - ok
15:23:44.0773 5920 [ 18873D2B1ABBB8826ED18F840CB8E0D3 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HUN\Shell_HUN.dll
15:23:44.0773 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HUN\Shell_HUN.dll - ok
15:23:44.0783 5920 [ 79ECBC83B844F7A474C66BE77AAF7180 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ITA\Shell_ITA.dll
15:23:44.0783 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ITA\Shell_ITA.dll - ok
15:23:44.0793 5920 [ 069006BF253F32CD980E67E8671DFE3C ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\JPN\Shell_JPN.dll
15:23:44.0793 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\JPN\Shell_JPN.dll - ok
15:23:44.0793 5920 [ 5925F32114BF5ACF50C66500433B35CC ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\KOR\Shell_KOR.dll
15:23:44.0793 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\KOR\Shell_KOR.dll - ok
15:23:44.0803 5920 [ 03C7D7A1553E3009CEBE3013A578B0ED ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NLD\Shell_NLD.dll
15:23:44.0803 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NLD\Shell_NLD.dll - ok
15:23:44.0803 5920 [ 4FFD3E3363EBAC7FC8BBA58EAD594AFF ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NOR\Shell_NOR.dll
15:23:44.0803 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NOR\Shell_NOR.dll - ok
15:23:44.0813 5920 [ 2499E32320905E68F9710527593A0EDB ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PLK\Shell_PLK.dll
15:23:44.0813 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PLK\Shell_PLK.dll - ok
15:23:44.0813 5920 [ 591EA8B6991D99720B36EBC1CC16CEA8 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTB\Shell_PTB.dll
15:23:44.0813 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTB\Shell_PTB.dll - ok
15:23:44.0823 5920 [ A4487F6CEFED12F2C1257F6DBCDAEB1E ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTG\Shell_PTG.dll
15:23:44.0823 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTG\Shell_PTG.dll - ok
15:23:44.0833 5920 [ 35989A505DEEC24DEF8D327D22FF14D4 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RUS\Shell_RUS.dll
15:23:44.0833 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RUS\Shell_RUS.dll - ok
15:23:44.0833 5920 [ 9D825B4E6B28F93F326538515EFC880B ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\SVE\Shell_SVE.dll
15:23:44.0833 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\SVE\Shell_SVE.dll - ok
15:23:44.0843 5920 [ D9BFF3E59CBE32FE72D6D68F6AF348BD ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\THA\Shell_THA.dll
15:23:44.0843 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\THA\Shell_THA.dll - ok
15:23:44.0843 5920 [ E84CB5D899098DDEA6D013057C9E4B5F ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\TRK\Shell_TRK.dll
15:23:44.0843 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\TRK\Shell_TRK.dll - ok
15:23:44.0853 5920 [ 15C42334805B711FBF0C788A1D751528 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
15:23:44.0853 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll - ok
15:23:44.0853 5920 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
15:23:44.0853 5920 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
15:23:44.0863 5920 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
15:23:44.0863 5920 C:\Windows\SysWOW64\cryptsp.dll - ok
15:23:44.0863 5920 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
15:23:44.0863 5920 C:\Windows\SysWOW64\wbemcomn.dll - ok
15:23:44.0873 5920 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
15:23:44.0873 5920 C:\Windows\SysWOW64\rsaenh.dll - ok
15:23:44.0873 5920 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
15:23:44.0873 5920 C:\Windows\SysWOW64\apphelp.dll - ok
15:23:44.0883 5920 [ 4A4513AF15E7C5A77A10262BDFC82174 ] C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe
15:23:44.0883 5920 C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe - ok
15:23:44.0883 5920 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
15:23:44.0883 5920 C:\Windows\System32\conhost.exe - ok
15:23:44.0893 5920 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
15:23:44.0893 5920 C:\Windows\System32\sqmapi.dll - ok
15:23:44.0893 5920 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
15:23:44.0893 5920 C:\Windows\System32\msxml3.dll - ok
15:23:44.0903 5920 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
15:23:44.0903 5920 C:\Windows\System32\actxprxy.dll - ok
15:23:44.0903 5920 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
15:23:44.0903 5920 C:\Windows\System32\wdscore.dll - ok
15:23:44.0903 5920 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
15:23:44.0903 5920 C:\Windows\System32\rasmans.dll - ok
15:23:44.0913 5920 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
15:23:44.0913 5920 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
15:23:44.0923 5920 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
15:23:44.0923 5920 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
15:23:44.0923 5920 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
15:23:44.0923 5920 C:\Windows\System32\srvsvc.dll - ok
15:23:44.0923 5920 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
15:23:44.0923 5920 C:\Windows\SysWOW64\ntdsapi.dll - ok
15:23:44.0933 5920 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
15:23:44.0933 5920 C:\Windows\System32\browser.dll - ok
15:23:44.0933 5920 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
15:23:44.0933 5920 C:\Windows\System32\rastapi.dll - ok
15:23:44.0943 5920 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
15:23:44.0943 5920 C:\Windows\System32\tapi32.dll - ok
15:23:44.0943 5920 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
15:23:44.0943 5920 C:\Windows\System32\netmsg.dll - ok
15:23:44.0953 5920 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
15:23:44.0953 5920 C:\Windows\System32\wbem\wmiutils.dll - ok
15:23:44.0963 5920 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
15:23:44.0963 5920 C:\Windows\System32\sscore.dll - ok
15:23:44.0963 5920 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
15:23:44.0963 5920 C:\Windows\System32\wbem\repdrvfs.dll - ok
15:23:44.0973 5920 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
15:23:44.0973 5920 C:\Windows\System32\unimdm.tsp - ok
15:23:44.0983 5920 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
15:23:44.0983 5920 C:\Windows\System32\hnetcfg.dll - ok
15:23:44.0983 5920 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
15:23:44.0983 5920 C:\Windows\System32\clusapi.dll - ok
15:23:44.0993 5920 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
15:23:44.0993 5920 C:\Windows\System32\uniplat.dll - ok
15:23:44.0993 5920 [ 2472BDF30C62F3E81AE27A968C25608C ] C:\Windows\System32\unimdmat.dll
15:23:44.0993 5920 C:\Windows\System32\unimdmat.dll - ok
15:23:45.0003 5920 [ C1446A66BB89FC3AA2485C67562247DA ] C:\Windows\System32\modemui.dll
15:23:45.0003 5920 C:\Windows\System32\modemui.dll - ok
15:23:45.0003 5920 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
15:23:45.0003 5920 C:\Windows\System32\resutils.dll - ok
15:23:45.0013 5920 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
15:23:45.0013 5920 C:\Windows\System32\netprofm.dll - ok
15:23:45.0013 5920 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
15:23:45.0013 5920 C:\Windows\System32\kmddsp.tsp - ok
15:23:45.0023 5920 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
15:23:45.0023 5920 C:\Windows\System32\ndptsp.tsp - ok
15:23:45.0023 5920 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
15:23:45.0023 5920 C:\Windows\System32\hidphone.tsp - ok
15:23:45.0033 5920 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
15:23:45.0033 5920 C:\Windows\System32\rasppp.dll - ok
15:23:45.0043 5920 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
15:23:45.0043 5920 C:\Windows\System32\vpnike.dll - ok
15:23:45.0043 5920 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:23:45.0043 5920 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:23:45.0053 5920 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
15:23:45.0053 5920 C:\Windows\System32\ncobjapi.dll - ok
15:23:45.0053 5920 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
15:23:45.0053 5920 C:\Windows\System32\raschap.dll - ok
15:23:45.0063 5920 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
15:23:45.0063 5920 C:\Windows\System32\wbem\wbemess.dll - ok
15:23:45.0073 5920 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
15:23:45.0073 5920 C:\Windows\System32\ipnathlp.dll - ok
15:23:45.0073 5920 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
15:23:45.0073 5920 C:\Windows\System32\mprapi.dll - ok
15:23:45.0083 5920 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
15:23:45.0083 5920 C:\Windows\System32\netshell.dll - ok
15:23:45.0083 5920 [ A5DBC74C5B91CF6E43B73D62936F8186 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
15:23:45.0083 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
15:23:45.0093 5920 [ 3CEF96890064B3CDB190963157F24BAC ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
15:23:45.0093 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
15:23:45.0104 5920 [ 5BFB02BDA2700D078400E149BC4CF87A ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
15:23:45.0104 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
15:23:45.0104 5920 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
15:23:45.0104 5920 C:\Windows\System32\SearchIndexer.exe - ok
15:23:45.0114 5920 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
15:23:45.0114 5920 C:\Windows\System32\wdi.dll - ok
15:23:45.0114 5920 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
15:23:45.0114 5920 C:\Windows\System32\npmproxy.dll - ok
15:23:45.0124 5920 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
15:23:45.0124 5920 C:\Windows\System32\tquery.dll - ok
15:23:45.0134 5920 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
15:23:45.0134 5920 C:\Windows\System32\mssrch.dll - ok
15:23:45.0134 5920 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
15:23:45.0134 5920 C:\Windows\System32\appinfo.dll - ok
15:23:45.0144 5920 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
15:23:45.0144 5920 C:\Windows\System32\msidle.dll - ok
15:23:45.0144 5920 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
15:23:45.0144 5920 C:\Windows\System32\wpdbusenum.dll - ok
15:23:45.0154 5920 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
15:23:45.0154 5920 C:\Windows\System32\Apphlpdm.dll - ok
15:23:45.0164 5920 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
15:23:45.0164 5920 C:\Windows\System32\diagperf.dll - ok
15:23:45.0164 5920 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
15:23:45.0164 5920 C:\Windows\System32\hidserv.dll - ok
15:23:45.0174 5920 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
15:23:45.0174 5920 C:\Windows\System32\mssprxy.dll - ok
15:23:45.0174 5920 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
15:23:45.0174 5920 C:\Windows\System32\perftrack.dll - ok
15:23:45.0184 5920 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
15:23:45.0184 5920 C:\Windows\System32\wer.dll - ok
15:23:45.0184 5920 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
15:23:45.0184 5920 C:\Windows\System32\PortableDeviceApi.dll - ok
15:23:45.0194 5920 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
15:23:45.0194 5920 C:\Windows\System32\pnpts.dll - ok
15:23:45.0204 5920 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:23:45.0204 5920 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:23:45.0204 5920 [ 499147F015E87AC2C2EBAA368F6BFE96 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
15:23:45.0204 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
15:23:45.0204 5920 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
15:23:45.0214 5920 C:\Windows\System32\radardt.dll - ok
15:23:45.0214 5920 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
15:23:45.0214 5920 C:\Windows\System32\wdiasqmmodule.dll - ok
15:23:45.0224 5920 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
15:23:45.0224 5920 C:\Windows\System32\en-US\tquery.dll.mui - ok
15:23:45.0224 5920 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
15:23:45.0224 5920 C:\Windows\System32\runonce.exe - ok
15:23:45.0234 5920 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
15:23:45.0234 5920 C:\Windows\SysWOW64\runonce.exe - ok
15:23:45.0234 5920 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
15:23:45.0234 5920 C:\Windows\System32\dimsjob.dll - ok
15:23:45.0244 5920 [ 3C29B98149A28FEDA42796D3EA904F62 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
15:23:45.0244 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
15:23:45.0244 5920 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
15:23:45.0244 5920 C:\Windows\System32\ndiscapCfg.dll - ok
15:23:45.0254 5920 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
15:23:45.0254 5920 C:\Windows\System32\rascfg.dll - ok
15:23:45.0254 5920 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
15:23:45.0254 5920 C:\Windows\System32\mprmsg.dll - ok
15:23:45.0254 5920 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
15:23:45.0254 5920 C:\Windows\System32\tcpipcfg.dll - ok
15:23:45.0264 5920 [ 38ADD53ECFC5F040EF1C647ECD22A2A4 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
15:23:45.0264 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
15:23:45.0264 5920 [ F0BFA0FE6317B40CD4A3FE5EB6F8C55F ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
15:23:45.0264 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
15:23:45.0274 5920 [ 43B02D7C43B77775F1DA63B1D1014F38 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
15:23:45.0274 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
15:23:45.0274 5920 [ 5AF1E9600E3FF841E522703A4993ED0C ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
15:23:45.0274 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
15:23:45.0284 5920 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
15:23:45.0284 5920 C:\Windows\System32\CertPolEng.dll - ok
15:23:45.0284 5920 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
15:23:45.0284 5920 C:\Windows\System32\nci.dll - ok
15:23:45.0294 5920 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
15:23:45.0294 5920 C:\Windows\System32\wlaninst.dll - ok
15:23:45.0294 5920 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
15:23:45.0294 5920 C:\Windows\System32\wwaninst.dll - ok
15:23:45.0304 5920 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
15:23:45.0304 5920 C:\Windows\System32\rundll32.exe - ok
15:23:45.0304 5920 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
15:23:45.0304 5920 C:\Windows\System32\NapiNSP.dll - ok
15:23:45.0314 5920 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
15:23:45.0314 5920 C:\Windows\System32\pnrpnsp.dll - ok
15:23:45.0324 5920 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
15:23:45.0324 5920 C:\Windows\SysWOW64\cmd.exe - ok
15:23:45.0324 5920 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
15:23:45.0324 5920 C:\Windows\SysWOW64\winbrand.dll - ok
15:23:45.0324 5920 [ CE12A0DC20B543779A5DAD795297A6EB ] C:\Windows\SysWOW64\ieframe.dll
15:23:45.0324 5920 C:\Windows\SysWOW64\ieframe.dll - ok
15:23:45.0334 5920 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
15:23:45.0334 5920 C:\Windows\System32\aelupsvc.dll - ok
15:23:45.0344 5920 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
15:23:45.0344 5920 C:\Windows\SysWOW64\shdocvw.dll - ok
15:23:45.0344 5920 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Sam\AppData\Local\Temp\A61EDF3D-B610-4EA9-82D7-7290D5BBD26A.exe
15:23:45.0344 5920 C:\Users\Sam\AppData\Local\Temp\A61EDF3D-B610-4EA9-82D7-7290D5BBD26A.exe - ok
15:23:45.0354 5920 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
15:23:45.0354 5920 C:\Windows\System32\spfileq.dll - ok
15:23:45.0354 5920 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
15:23:45.0354 5920 C:\Windows\SysWOW64\ncrypt.dll - ok
15:23:45.0364 5920 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
15:23:45.0364 5920 C:\Windows\SysWOW64\bcrypt.dll - ok
15:23:45.0364 5920 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
15:23:45.0364 5920 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
15:23:45.0374 5920 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
15:23:45.0374 5920 C:\Windows\System32\winrnr.dll - ok
15:23:45.0374 5920 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
15:23:45.0374 5920 C:\Windows\SysWOW64\gpapi.dll - ok
15:23:45.0384 5920 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
15:23:45.0384 5920 C:\Windows\SysWOW64\cryptnet.dll - ok
15:23:45.0384 5920 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
15:23:45.0384 5920 C:\Windows\SysWOW64\SensApi.dll - ok
15:23:45.0394 5920 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
15:23:45.0394 5920 C:\Windows\SysWOW64\winhttp.dll - ok
15:23:45.0394 5920 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
15:23:45.0394 5920 C:\Windows\SysWOW64\webio.dll - ok
15:23:45.0404 5920 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
15:23:45.0404 5920 C:\Windows\SysWOW64\credssp.dll - ok
15:23:45.0414 5920 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
15:23:45.0414 5920 C:\Windows\System32\dssenh.dll - ok
15:23:45.0414 5920 [ C65B115A03DB0260895DE96681E88221 ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
15:23:45.0414 5920 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe - ok
15:23:45.0424 5920 [ 682A19CEA431A29D0B5A931332ADBC2A ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
15:23:45.0424 5920 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe - ok
15:23:45.0424 5920 [ B508A4EE516D905730458BB50B79979B ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
15:23:45.0424 5920 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
15:23:45.0434 5920 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
15:23:45.0434 5920 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
15:23:45.0434 5920 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
15:23:45.0434 5920 C:\Windows\SysWOW64\EhStorShell.dll - ok
15:23:45.0444 5920 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
15:23:45.0444 5920 C:\Windows\SysWOW64\ntshrui.dll - ok
15:23:45.0444 5920 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
15:23:45.0444 5920 C:\Windows\SysWOW64\srvcli.dll - ok
15:23:45.0454 5920 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
15:23:45.0454 5920 C:\Windows\SysWOW64\cscapi.dll - ok
15:23:45.0454 5920 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
15:23:45.0454 5920 C:\Windows\SysWOW64\msvcp71.dll - ok
15:23:45.0464 5920 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
15:23:45.0464 5920 C:\Windows\SysWOW64\slc.dll - ok
15:23:45.0464 5920 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
15:23:45.0464 5920 C:\Windows\SysWOW64\imageres.dll - ok
15:23:45.0474 5920 [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\Windows\SysWOW64\MFC71u.dll
15:23:45.0474 5920 C:\Windows\SysWOW64\MFC71u.dll - ok
15:23:45.0474 5920 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
15:23:45.0474 5920 C:\Windows\SysWOW64\msvcr71.dll - ok
15:23:45.0484 5920 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
15:23:45.0484 5920 C:\Windows\SysWOW64\ddraw.dll - ok
15:23:45.0484 5920 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
15:23:45.0484 5920 C:\Windows\SysWOW64\dciman32.dll - ok
15:23:45.0494 5920 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
15:23:45.0494 5920 C:\Windows\SysWOW64\drprov.dll - ok
15:23:45.0494 5920 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
15:23:45.0494 5920 C:\Windows\SysWOW64\shfolder.dll - ok
15:23:45.0504 5920 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
15:23:45.0504 5920 C:\Windows\SysWOW64\winsta.dll - ok
15:23:45.0504 5920 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
15:23:45.0504 5920 C:\Windows\SysWOW64\d3d9.dll - ok
15:23:45.0504 5920 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
15:23:45.0504 5920 C:\Windows\SysWOW64\ntlanman.dll - ok
15:23:45.0514 5920 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
15:23:45.0514 5920 C:\Windows\SysWOW64\davclnt.dll - ok
15:23:45.0514 5920 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
15:23:45.0514 5920 C:\Windows\SysWOW64\davhlpr.dll - ok
15:23:45.0524 5920 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
15:23:45.0524 5920 C:\Windows\SysWOW64\netutils.dll - ok
15:23:45.0524 5920 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
15:23:45.0524 5920 C:\Windows\SysWOW64\wkscli.dll - ok
15:23:45.0534 5920 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
15:23:45.0534 5920 C:\Windows\SysWOW64\d3d8thk.dll - ok
15:23:45.0534 5920 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\SysWOW64\MFC71.dll
15:23:45.0534 5920 C:\Windows\SysWOW64\MFC71.dll - ok
15:23:45.0544 5920 [ 3F126756F43B4EE74A4831145D99B9BA ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll
15:23:45.0544 5920 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll - ok
15:23:45.0554 5920 [ 7CAB8079DA80480477435FC57F5C8F38 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll
15:23:45.0554 5920 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll - ok
15:23:45.0554 5920 [ 552109D914C92269FECBB3AE7EC1B20D ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
15:23:45.0554 5920 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
15:23:45.0564 5920 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
15:23:45.0564 5920 C:\Windows\SysWOW64\msxml3.dll - ok
15:23:45.0574 5920 [ 01A487FB2EA988EDB7D73434D9546C77 ] C:\Windows\SysWOW64\atiumdag.dll
15:23:45.0574 5920 C:\Windows\SysWOW64\atiumdag.dll - ok
15:23:45.0574 5920 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
15:23:45.0574 5920 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
15:23:45.0584 5920 [ 47E11C01232CD4B390B415471834F405 ] C:\Windows\SysWOW64\atiumdva.dll
15:23:45.0584 5920 C:\Windows\SysWOW64\atiumdva.dll - ok
15:23:45.0584 5920 [ E4CF00BD38B2F3E5A2473690B94B1785 ] C:\Program Files (x86)\Hewlett-Packard\Media\iTV\Kernel\Common\CLRCEngine3.dll
15:23:45.0584 5920 C:\Program Files (x86)\Hewlett-Packard\Media\iTV\Kernel\Common\CLRCEngine3.dll - ok
15:23:45.0594 5920 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:23:45.0594 5920 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:23:45.0594 5920 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
15:23:45.0594 5920 C:\Windows\System32\wbem\cimwin32.dll - ok
15:23:45.0604 5920 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
15:23:45.0604 5920 C:\Windows\System32\framedynos.dll - ok
15:23:45.0604 5920 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
15:23:45.0604 5920 C:\Windows\System32\browcli.dll - ok
15:23:45.0614 5920 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
15:23:45.0614 5920 C:\Windows\System32\schedcli.dll - ok
15:23:45.0614 5920 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
15:23:45.0614 5920 C:\Windows\System32\wmi.dll - ok
15:23:45.0624 5920 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
15:23:45.0624 5920 C:\Windows\SysWOW64\mlang.dll - ok
15:23:45.0634 5920 [ 06C14CE6EE41C0498027D8ED7BC895AE ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapX.dll
15:23:45.0634 5920 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapX.dll - ok
15:23:45.0634 5920 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
15:23:45.0634 5920 C:\Windows\SysWOW64\dsound.dll - ok
15:23:45.0644 5920 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
15:23:45.0644 5920 C:\Windows\SysWOW64\powrprof.dll - ok
15:23:45.0644 5920 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
15:23:45.0644 5920 C:\Windows\SysWOW64\mfc42.dll - ok
15:23:45.0654 5920 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
15:23:45.0654 5920 C:\Windows\SysWOW64\odbc32.dll - ok
15:23:45.0654 5920 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
15:23:45.0654 5920 C:\Windows\SysWOW64\msvcp60.dll - ok
15:23:45.0664 5920 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
15:23:45.0664 5920 C:\Windows\SysWOW64\odbcint.dll - ok
15:23:45.0664 5920 [ A03BE0BEDD773F73A79E0AFBEAA26DE2 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLAuMixer.dll
15:23:45.0664 5920 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLAuMixer.dll - ok
15:23:45.0674 5920 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
15:23:45.0674 5920 C:\Windows\SysWOW64\xmllite.dll - ok
15:23:45.0674 5920 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
15:23:45.0674 5920 C:\Windows\SysWOW64\linkinfo.dll - ok
15:23:45.0684 5920 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
15:23:45.0684 5920 C:\Windows\System32\SearchProtocolHost.exe - ok
15:23:45.0684 5920 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
15:23:45.0684 5920 C:\Windows\System32\msshooks.dll - ok
15:23:45.0694 5920 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
15:23:45.0694 5920 C:\Windows\System32\SearchFilterHost.exe - ok
15:23:45.0694 5920 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
15:23:45.0694 5920 C:\Windows\System32\mscoree.dll - ok
15:23:45.0704 5920 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
15:23:45.0704 5920 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
15:23:45.0714 5920 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
15:23:45.0714 5920 C:\Windows\System32\mssph.dll - ok
15:23:45.0714 5920 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
15:23:45.0714 5920 C:\Windows\System32\mapi32.dll - ok
15:23:45.0724 5920 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\SysWOW64\HelpPaneProxy.dll
15:23:45.0724 5920 C:\Windows\SysWOW64\HelpPaneProxy.dll - ok
15:23:45.0724 5920 [ CD47548A52B02D254BF6D7F7A5F2BFD3 ] C:\Windows\HelpPane.exe
15:23:45.0724 5920 C:\Windows\HelpPane.exe - ok
15:23:45.0734 5920 [ 86F1F949DD51FB5A044F1BD34CBE4AA8 ] C:\Windows\System32\apds.dll
15:23:45.0734 5920 C:\Windows\System32\apds.dll - ok
15:23:45.0734 5920 [ 1DCCC105D453A6D3BAD126C15F566860 ] C:\Windows\System32\ieframe.dll
15:23:45.0734 5920 C:\Windows\System32\ieframe.dll - ok
15:23:45.0744 5920 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
15:23:45.0744 5920 C:\Windows\SysWOW64\sxs.dll - ok
15:23:45.0744 5920 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
15:23:45.0744 5920 C:\Windows\System32\mlang.dll - ok
15:23:45.0754 5920 [ 7C91A589EC32A0D183D9BDA19D45274F ] C:\Windows\System32\mshtml.dll
15:23:45.0754 5920 C:\Windows\System32\mshtml.dll - ok
15:23:45.0754 5920 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
15:23:45.0754 5920 C:\Windows\svchost.exe - ok
15:23:45.0764 5920 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
15:23:45.0764 5920 C:\Windows\System32\msls31.dll - ok
15:23:45.0764 5920 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
15:23:45.0764 5920 C:\Windows\System32\msimtf.dll - ok
15:23:45.0774 5920 [ F60B6FA0D353DD31A59E86D3D3FD8066 ] C:\Windows\System32\imgutil.dll
15:23:45.0774 5920 C:\Windows\System32\imgutil.dll - ok
15:23:45.0774 5920 [ 0728937194E98613051F4A72C7F1D4BF ] C:\Windows\System32\pngfilt.dll
15:23:45.0774 5920 C:\Windows\System32\pngfilt.dll - ok
15:23:45.0784 5920 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
15:23:45.0784 5920 C:\Windows\System32\msimg32.dll - ok
15:23:45.0784 5920 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
15:23:45.0784 5920 C:\Windows\SysWOW64\cryptui.dll - ok
15:23:45.0794 5920 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
15:23:45.0794 5920 C:\Windows\SysWOW64\riched20.dll - ok
15:23:45.0794 5920 [ B5506B451BFE7148ECA7056BDA2970BD ] C:\Windows\SysWOW64\riched32.dll
15:23:45.0794 5920 C:\Windows\SysWOW64\riched32.dll - ok
15:23:45.0804 5920 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
15:23:45.0804 5920 C:\Windows\SysWOW64\msftedit.dll - ok
15:23:45.0804 5920 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
15:23:45.0804 5920 C:\Windows\SysWOW64\certcli.dll - ok
15:23:45.0814 5920 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
15:23:45.0814 5920 C:\Windows\SysWOW64\dsrole.dll - ok
15:23:45.0814 5920 [ 3420D325EE810E0D0495EA47A64603ED ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe
15:23:45.0814 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe - ok
15:23:45.0824 5920 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
15:23:45.0824 5920 C:\Windows\SysWOW64\rasapi32.dll - ok
15:23:45.0824 5920 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
15:23:45.0824 5920 C:\Windows\SysWOW64\rasman.dll - ok
15:23:45.0834 5920 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
15:23:45.0834 5920 C:\Windows\SysWOW64\rtutils.dll - ok
15:23:45.0834 5920 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
15:23:45.0834 5920 C:\Windows\SysWOW64\NapiNSP.dll - ok
15:23:45.0844 5920 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
15:23:45.0844 5920 C:\Windows\SysWOW64\nlaapi.dll - ok
15:23:45.0844 5920 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
15:23:45.0844 5920 C:\Windows\SysWOW64\pnrpnsp.dll - ok
15:23:45.0854 5920 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
15:23:45.0854 5920 C:\Windows\SysWOW64\winrnr.dll - ok
15:23:45.0854 5920 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
15:23:45.0854 5920 C:\Windows\SysWOW64\netprofm.dll - ok
15:23:45.0864 5920 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
15:23:45.0864 5920 C:\Windows\SysWOW64\npmproxy.dll - ok
15:23:45.0864 5920 [ E3828BFBF2605ABF13BAB26F6C89CF2B ] C:\Windows\SysWOW64\mshtml.dll
15:23:45.0864 5920 C:\Windows\SysWOW64\mshtml.dll - ok
15:23:45.0874 5920 [ 26025A46FB3FDB40FF06BBF1834093B5 ] C:\Windows\SysWOW64\msls31.dll
15:23:45.0874 5920 C:\Windows\SysWOW64\msls31.dll - ok
15:23:45.0874 5920 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
15:23:45.0874 5920 C:\Windows\SysWOW64\msimtf.dll - ok
15:23:45.0884 5920 [ DE77619A32EB97C9ED6BE61A2AB18B07 ] C:\Windows\SysWOW64\jscript.dll
15:23:45.0884 5920 C:\Windows\SysWOW64\jscript.dll - ok
15:23:45.0884 5920 [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx
15:23:45.0884 5920 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
15:23:45.0894 5920 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
15:23:45.0894 5920 C:\Windows\SysWOW64\mscms.dll - ok
15:23:45.0904 5920 [ 6FFFFEFC80D2F1BA1958E1ED17278317 ] C:\Windows\SysWOW64\vbscript.dll
15:23:45.0904 5920 C:\Windows\SysWOW64\vbscript.dll - ok
15:23:45.0904 5920 [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
15:23:45.0904 5920 C:\Windows\SysWOW64\scrrun.dll - ok
15:23:45.0914 5920 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
15:23:45.0914 5920 C:\Windows\SysWOW64\sfc.dll - ok
15:23:45.0914 5920 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
15:23:45.0914 5920 C:\Windows\SysWOW64\sfc_os.dll - ok
15:23:45.0924 5920 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
15:23:45.0924 5920 C:\Windows\SysWOW64\devrtl.dll - ok
15:23:45.0934 5920 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
15:23:45.0934 5920 C:\Windows\System32\iedkcs32.dll - ok
15:23:45.0934 5920 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
15:23:45.0934 5920 C:\Windows\System32\ie4uinit.exe - ok
15:23:45.0944 5920 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
15:23:45.0944 5920 C:\Windows\System32\timedate.cpl - ok
15:23:45.0944 5920 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
15:23:45.0944 5920 C:\Windows\System32\shdocvw.dll - ok
15:23:45.0954 5920 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
15:23:45.0954 5920 C:\Windows\System32\msiltcfg.dll - ok
15:23:45.0954 5920 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
15:23:45.0954 5920 C:\Windows\System32\linkinfo.dll - ok
15:23:45.0964 5920 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
15:23:45.0964 5920 C:\Windows\System32\gameux.dll - ok
15:23:45.0974 5920 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
15:23:45.0974 5920 C:\Windows\System32\msftedit.dll - ok
15:23:45.0974 5920 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
15:23:45.0974 5920 C:\Windows\System32\DeviceCenter.dll - ok
15:23:45.0984 5920 [ 435AFCEBC01BE92CF988F86A64DE5B4E ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:23:45.0984 5920 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
15:23:45.0994 5920 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
15:23:45.0994 5920 C:\Windows\System32\thumbcache.dll - ok
15:23:45.0994 5920 [ A0DD3037E2DC702A7BED6C3CC2DB8FA6 ] C:\Program Files\Java\jre6\bin\jusched.exe
15:23:45.0994 5920 C:\Program Files\Java\jre6\bin\jusched.exe - ok
15:23:46.0004 5920 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
15:23:46.0004 5920 C:\Windows\System32\networkexplorer.dll - ok
15:23:46.0004 5920 [ 2EEED500C1EC095CB3D0DE7A3C7E4278 ] C:\Program Files\IDT\WDM\sttray64.exe
15:23:46.0004 5920 C:\Program Files\IDT\WDM\sttray64.exe - ok
15:23:46.0014 5920 [ 066708B24047B549797EA99ABF640769 ] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
15:23:46.0014 5920 C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe - ok
15:23:46.0014 5920 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
15:23:46.0014 5920 C:\Windows\System32\consent.exe - ok
15:23:46.0024 5920 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
15:23:46.0024 5920 C:\Windows\System32\wbem\NCProv.dll - ok
15:23:46.0024 5920 [ EDB26DC6AA9801CFAD0FCDA6A8BE2122 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTooltips.exe
15:23:46.0034 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTooltips.exe - ok
15:23:46.0034 5920 [ 224C6D142487DCC3D1D806CE4DEA6AD7 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\Reminder.exe
15:23:46.0034 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\Reminder.exe - ok
15:23:46.0044 5920 [ D50B225D4B6462994A898D1F53346DDD ] C:\Windows\System32\SynCOM.dll
15:23:46.0044 5920 C:\Windows\System32\SynCOM.dll - ok
15:23:46.0044 5920 [ 579FAC74640BE728403021975AD73C89 ] C:\Windows\System32\SynTPAPI.dll
15:23:46.0044 5920 C:\Windows\System32\SynTPAPI.dll - ok
15:23:46.0054 5920 [ 47CC6954415DC4B877591B7C7A8C648F ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\Register.exe
15:23:46.0054 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\Register.exe - ok
15:23:46.0064 5920 [ 537A71EF146D42D2580FFFC19539C737 ] C:\Program Files\IDT\WDM\stlang64.dll
15:23:46.0064 5920 C:\Program Files\IDT\WDM\stlang64.dll - ok
15:23:46.0064 5920 [ FC4C561550E5407FFA29D4F6C69B272F ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\iaaMon_ENU.dll
15:23:46.0064 5920 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\iaaMon_ENU.dll - ok
15:23:46.0074 5920 [ 1AF1360E070BD8EA402F793EF6FBAAEB ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
15:23:46.0074 5920 C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe - ok
15:23:46.0074 5920 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
15:23:46.0074 5920 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
15:23:46.0084 5920 [ 521BE0575EE9CBD360ECC57BDE9A0309 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
15:23:46.0084 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe - ok
15:23:46.0094 5920 [ 89F7C30A91E5581BDF14C62AB46A2B2D ] C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
15:23:46.0094 5920 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe - ok
15:23:46.0094 5920 [ 31FF084BFAA35307DBAB4FA60CF7DBB7 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
15:23:46.0094 5920 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
15:23:46.0094 5920 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
15:23:46.0094 5920 C:\Windows\System32\stobject.dll - ok
15:23:46.0114 5920 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
15:23:46.0114 5920 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
15:23:46.0114 5920 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
15:23:46.0114 5920 C:\Windows\System32\batmeter.dll - ok
15:23:46.0124 5920 [ 537B1C9D3A2EBBF96BBAD4BB41D1D60B ] C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
15:23:46.0124 5920 C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll - ok
15:23:46.0124 5920 [ 38A2D5C5ECEE90A795D52A4D8B898751 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.17825_none_83810474ed62c6c4\GdiPlus.dll
15:23:46.0124 5920 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.17825_none_83810474ed62c6c4\GdiPlus.dll - ok
15:23:46.0134 5920 [ 84F74D73185DB975CD9B8A022D0FB807 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\OFCommon.dll
15:23:46.0134 5920 C:\Program Files (x86)\IObit\Advanced SystemCare 6\OFCommon.dll - ok
15:23:46.0144 5920 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
15:23:46.0144 5920 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
15:23:46.0144 5920 [ E1C56BEA2AB926F1CFEAC472BC3B829E ] C:\ProgramData\Macrovision\FLEXnet Connect\6\agent.exe
15:23:46.0144 5920 C:\ProgramData\Macrovision\FLEXnet Connect\6\agent.exe - ok
15:23:46.0154 5920 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
15:23:46.0154 5920 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
15:23:46.0154 5920 [ D95E22403AEEDAD43BE59B775E40F28B ] C:\Program Files (x86)\Stardock\Fences\DesktopDock64.dll
15:23:46.0164 5920 C:\Program Files (x86)\Stardock\Fences\DesktopDock64.dll - ok
15:23:46.0164 5920 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
15:23:46.0164 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
15:23:46.0174 5920 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
15:23:46.0174 5920 C:\Windows\System32\dbghelp.dll - ok
15:23:46.0174 5920 [ CABF1DF6108BDE0EA1FDFAA67FA02760 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:23:46.0174 5920 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
15:23:46.0184 5920 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
15:23:46.0184 5920 C:\Windows\System32\wbem\wmipcima.dll - ok
15:23:46.0184 5920 [ CD1E74BC24CB1D1544406741F46F4D61 ] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
15:23:46.0184 5920 C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe - ok
15:23:46.0194 5920 [ 0771A5C3B78967F9F83C1C429334AD2A ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
15:23:46.0194 5920 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe - ok
15:23:46.0194 5920 [ 9E6DC845DED46CCBE085DD24503750C0 ] C:\Program Files (x86)\Stardock\Fences\Fences.exe
15:23:46.0194 5920 C:\Program Files (x86)\Stardock\Fences\Fences.exe - ok
15:23:46.0204 5920 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
15:23:46.0204 5920 C:\Windows\System32\prnfldr.dll - ok
15:23:46.0214 5920 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
15:23:46.0214 5920 C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe - ok
15:23:46.0214 5920 [ DA4ED31DD43ABB0AF99888E236FFDB91 ] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
15:23:46.0214 5920 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
15:23:46.0224 5920 [ 8F82F7C698FFEF3818CFDD280C488C1B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
15:23:46.0224 5920 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
15:23:46.0224 5920 [ 98A078F838A70F84E1BD490D7C7675F4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:23:46.0224 5920 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
15:23:46.0234 5920 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
15:23:46.0234 5920 C:\Windows\System32\DXP.dll - ok
15:23:46.0234 5920 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
15:23:46.0234 5920 C:\Windows\System32\AltTab.dll - ok
15:23:46.0244 5920 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
15:23:46.0244 5920 C:\Windows\System32\pnidui.dll - ok
15:23:46.0244 5920 [ 55BBFA590B9F42CB38CA42EAE6BE7ABD ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
15:23:46.0244 5920 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
15:23:46.0254 5920 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
15:23:46.0254 5920 C:\Windows\System32\QUTIL.DLL - ok
15:23:46.0264 5920 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:23:46.0264 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
15:23:46.0264 5920 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
15:23:46.0264 5920 C:\Windows\System32\ActionCenter.dll - ok
15:23:46.0274 5920 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:23:46.0274 5920 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
15:23:46.0274 5920 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
15:23:46.0274 5920 C:\Windows\System32\Syncreg.dll - ok
15:23:46.0284 5920 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
15:23:46.0284 5920 C:\Windows\ehome\ehSSO.dll - ok
15:23:46.0294 5920 [ 59726901C436C19CA51A6B008239CD9D ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
15:23:46.0294 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe - ok
15:23:46.0294 5920 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
15:23:46.0294 5920 C:\Windows\System32\bthprops.cpl - ok
15:23:46.0304 5920 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
15:23:46.0304 5920 C:\Windows\System32\WPDShServiceObj.dll - ok
15:23:46.0304 5920 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
15:23:46.0304 5920 C:\Windows\System32\PortableDeviceTypes.dll - ok
15:23:46.0314 5920 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
15:23:46.0314 5920 C:\Windows\System32\srchadmin.dll - ok
15:23:46.0314 5920 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
15:23:46.0314 5920 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
15:23:46.0324 5920 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
15:23:46.0324 5920 C:\Windows\System32\riched20.dll - ok
15:23:46.0334 5920 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
15:23:46.0334 5920 C:\Windows\SysWOW64\schannel.dll - ok
15:23:46.0334 5920 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
15:23:46.0334 5920 C:\Windows\System32\FXSST.dll - ok
15:23:46.0344 5920 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
15:23:46.0344 5920 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
15:23:46.0344 5920 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
15:23:46.0344 5920 C:\Windows\System32\FXSAPI.dll - ok
15:23:46.0354 5920 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
15:23:46.0354 5920 C:\Windows\SysWOW64\secur32.dll - ok
15:23:46.0354 5920 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
15:23:46.0354 5920 C:\Windows\System32\FXSRESM.dll - ok
15:23:46.0364 5920 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
15:23:46.0364 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
15:23:46.0364 5920 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
15:23:46.0364 5920 C:\Windows\System32\rasdlg.dll - ok
15:23:46.0374 5920 [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll
15:23:46.0374 5920 C:\Windows\System32\webcheck.dll - ok
15:23:46.0374 5920 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
15:23:46.0374 5920 C:\Windows\System32\FXSSVC.exe - ok
15:23:46.0384 5920 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
15:23:46.0384 5920 C:\Windows\System32\dot3api.dll - ok
15:23:46.0384 5920 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
15:23:46.0384 5920 C:\Windows\System32\SyncCenter.dll - ok
15:23:46.0394 5920 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
15:23:46.0394 5920 C:\Windows\System32\wlanhlp.dll - ok
15:23:46.0394 5920 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
15:23:46.0394 5920 C:\Windows\System32\wlanapi.dll - ok
15:23:46.0404 5920 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
15:23:46.0404 5920 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
15:23:46.0404 5920 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
15:23:46.0404 5920 C:\Windows\System32\WWanAPI.dll - ok
15:23:46.0414 5920 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
15:23:46.0414 5920 C:\Windows\System32\wwapi.dll - ok
15:23:46.0414 5920 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
15:23:46.0414 5920 C:\Windows\System32\QAGENT.DLL - ok
15:23:46.0424 5920 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
15:23:46.0424 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
15:23:46.0424 5920 [ B78E390C802B8F0D2BAF4F8B181318A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll
15:23:46.0424 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll - ok
15:23:46.0434 5920 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
15:23:46.0434 5920 C:\Windows\SysWOW64\hid.dll - ok
15:23:46.0434 5920 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\09354040.sys
15:23:46.0434 5920 C:\Windows\System32\drivers\09354040.sys - ok
15:23:46.0444 5920 [ 48A8CCC60521AD437CAF2DDEBEF6E9E4 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
15:23:46.0444 5920 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
15:23:46.0444 5920 [ 157D03CB68A888128E0F7205F0222B31 ] C:\Windows\SysWOW64\atiadlxy.dll
15:23:46.0444 5920 C:\Windows\SysWOW64\atiadlxy.dll - ok
15:23:46.0454 5920 [ 86464A516690891A83CE66760A10E4C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Fences\b8ae5eefc4614261ea2c72590a52ad45\Fences.ni.exe
15:23:46.0454 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\Fences\b8ae5eefc4614261ea2c72590a52ad45\Fences.ni.exe - ok
15:23:46.0464 5920 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
15:23:46.0464 5920 C:\Windows\System32\imapi2.dll - ok
15:23:46.0464 5920 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
15:23:46.0464 5920 C:\Windows\SysWOW64\mfc100u.dll - ok
15:23:46.0474 5920 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
15:23:46.0474 5920 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
15:23:46.0474 5920 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
15:23:46.0474 5920 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
15:23:46.0484 5920 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
15:23:46.0484 5920 C:\Windows\SysWOW64\wpdshext.dll - ok
15:23:46.0484 5920 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
15:23:46.0484 5920 C:\Windows\SysWOW64\msi.dll - ok
15:23:46.0494 5920 [ B54856B913CCBF23F456F87148F42920 ] C:\Windows\SysWOW64\iepeers.dll
15:23:46.0494 5920 C:\Windows\SysWOW64\iepeers.dll - ok
15:23:46.0494 5920 [ 3A7352E5F42C069347FF4BF8F9CB54B5 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\463f02216493627c7c88916f2c5709ba\VistaBridgeLibrary.ni.dll
15:23:46.0494 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\463f02216493627c7c88916f2c5709ba\VistaBridgeLibrary.ni.dll - ok
15:23:46.0504 5920 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
15:23:46.0504 5920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
15:23:46.0504 5920 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
15:23:46.0504 5920 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
15:23:46.0514 5920 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
15:23:46.0514 5920 C:\Windows\System32\hgcpl.dll - ok
15:23:46.0524 5920 [ 4A57709B15C0AD663C4E4C34064308AA ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Scan.dll
15:23:46.0524 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\Scan.dll - ok
15:23:46.0524 5920 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
15:23:46.0524 5920 C:\Windows\System32\fdPHost.dll - ok
15:23:46.0534 5920 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
15:23:46.0534 5920 C:\Windows\System32\fdWSD.dll - ok
15:23:46.0534 5920 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
15:23:46.0534 5920 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
15:23:46.0544 5920 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
15:23:46.0544 5920 C:\Windows\System32\fdSSDP.dll - ok
15:23:46.0544 5920 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
15:23:46.0544 5920 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
15:23:46.0554 5920 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
15:23:46.0554 5920 C:\Windows\SysWOW64\mfc100enu.dll - ok
15:23:46.0554 5920 [ 0D093ADE8FB9A0B9430A3E6DF955B61F ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
15:23:46.0554 5920 C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll - ok
15:23:46.0564 5920 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
15:23:46.0564 5920 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
15:23:46.0574 5920 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:23:46.0574 5920 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:23:46.0574 5920 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
15:23:46.0574 5920 C:\Windows\System32\fdProxy.dll - ok
15:23:46.0584 5920 [ BA2655001D1F017EDFD9132D5C07E941 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe
15:23:46.0584 5920 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe - ok
15:23:46.0584 5920 [ 3AB4D2569CDC9948A5EEE9F0EBBCCCA0 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
15:23:46.0584 5920 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
15:23:46.0594 5920 [ 5C93CA07BDF097FE16B124D39BD60279 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api
15:23:46.0594 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api - ok
15:23:46.0594 5920 [ 8269C503475678F513B8837B9450DF00 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
15:23:46.0594 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll - ok
15:23:46.0604 5920 [ 34A39CB29725738E86AA0CAA4459D278 ] C:\Program Files\Internet Explorer\ieproxy.dll
15:23:46.0604 5920 C:\Program Files\Internet Explorer\ieproxy.dll - ok
15:23:46.0604 5920 [ F83F424661737A60C163F0200CA7C94A ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IntegrateFilter.dll
15:23:46.0604 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\IntegrateFilter.dll - ok
15:23:46.0614 5920 [ 151E7D31435A3A2978118A427457ACC3 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api
15:23:46.0614 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api - ok
15:23:46.0614 5920 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
15:23:46.0614 5920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
15:23:46.0624 5920 [ D49E943F9741074C0C23916720CD143F ] C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
15:23:46.0624 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll - ok
15:23:46.0624 5920 [ 5E1F46B85FDEDBF984FD6A079071D911 ] C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
15:23:46.0624 5920 C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe - ok
15:23:46.0634 5920 [ 016A43C02FBA0E0EF400C944533BE00E ] C:\Program Files (x86)\IObit\IObit Malware Fighter\FileMonitor.dll
15:23:46.0634 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\FileMonitor.dll - ok
15:23:46.0634 5920 [ C34A9CB3B30902123E48910F6D6C3207 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\URLFilter.dll
15:23:46.0634 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\URLFilter.dll - ok
15:23:46.0644 5920 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
15:23:46.0644 5920 C:\Windows\System32\shfolder.dll - ok
15:23:46.0644 5920 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
15:23:46.0644 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
15:23:46.0654 5920 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
15:23:46.0654 5920 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
15:23:46.0654 5920 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
15:23:46.0654 5920 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
15:23:46.0664 5920 [ 0181B4C10F409299E0D8EE130EF87353 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll
15:23:46.0664 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll - ok
15:23:46.0664 5920 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
15:23:46.0664 5920 C:\Windows\SysWOW64\duser.dll - ok
15:23:46.0674 5920 [ 9C9D20DEBE53283E619E47BDABB6ED0A ] C:\Program Files (x86)\IObit\IObit Malware Fighter\RegFilter.dll
15:23:46.0674 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\RegFilter.dll - ok
15:23:46.0674 5920 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
15:23:46.0674 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
15:23:46.0684 5920 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
15:23:46.0684 5920 C:\Windows\SysWOW64\dui70.dll - ok
15:23:46.0684 5920 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
15:23:46.0684 5920 C:\Windows\SysWOW64\activeds.dll - ok
15:23:46.0694 5920 [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
15:23:46.0694 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
15:23:46.0694 5920 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
15:23:46.0694 5920 C:\Windows\SysWOW64\adsldpc.dll - ok
15:23:46.0704 5920 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
15:23:46.0704 5920 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
15:23:46.0704 5920 [ 9C98E17DD422D5193A762434E91BDB34 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api
15:23:46.0704 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api - ok
15:23:46.0714 5920 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
15:23:46.0714 5920 C:\Windows\System32\wpdshext.dll - ok
15:23:46.0714 5920 [ BE8BC6D134CD2259E38E949861BB6D84 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api
15:23:46.0714 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api - ok
15:23:46.0724 5920 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
15:23:46.0724 5920 C:\Windows\System32\wsock32.dll - ok
15:23:46.0724 5920 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
15:23:46.0724 5920 C:\Windows\SysWOW64\pdh.dll - ok
15:23:46.0724 5920 [ FDF273A845F1FFCCEADF363AAF47582F ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:23:46.0724 5920 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
15:23:46.0734 5920 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
15:23:46.0734 5920 C:\Windows\System32\ListSvc.dll - ok
15:23:46.0734 5920 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
15:23:46.0734 5920 C:\Windows\SysWOW64\netapi32.dll - ok
15:23:46.0744 5920 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
15:23:46.0744 5920 C:\Windows\System32\P2P.dll - ok
15:23:46.0744 5920 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
15:23:46.0744 5920 C:\Windows\SysWOW64\samcli.dll - ok
15:23:46.0754 5920 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
15:23:46.0754 5920 C:\Windows\System32\IdListen.dll - ok
15:23:46.0764 5920 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
15:23:46.0764 5920 C:\Windows\System32\p2pcollab.dll - ok
15:23:46.0764 5920 [ 461027F71F30A9BBA65A7E0F9564AC43 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api
15:23:46.0764 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api - ok
15:23:46.0774 5920 [ 7D39AB50F9156AD26284054B6BF7D94B ] C:\Windows\System32\icacls.exe
15:23:46.0774 5920 C:\Windows\System32\icacls.exe - ok
15:23:46.0774 5920 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
15:23:46.0774 5920 C:\Windows\System32\wmdrmdev.dll - ok
15:23:46.0784 5920 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
15:23:46.0784 5920 C:\Windows\System32\drmv2clt.dll - ok
15:23:46.0784 5920 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
15:23:46.0784 5920 C:\Windows\System32\hgprint.dll - ok
15:23:46.0794 5920 [ 6AD25FB63107B358886B48F5219C7EC6 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api
15:23:46.0794 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api - ok
15:23:46.0794 5920 [ FB299CBEA7EC1D012A57DA7BE816204C ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
15:23:46.0794 5920 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
15:23:46.0804 5920 [ DD628677E837FB41BD9D18F7246A836D ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api
15:23:46.0804 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api - ok
15:23:46.0814 5920 [ 774B3490EE5EDE69FF03772846B0AF68 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api
15:23:46.0814 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api - ok
15:23:46.0814 5920 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
15:23:46.0814 5920 C:\Windows\System32\upnp.dll - ok
15:23:46.0824 5920 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
15:23:46.0824 5920 C:\Windows\System32\wmp.dll - ok
15:23:46.0824 5920 [ F1FB4563C9E52A4CDEF0095CEA99AF20 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api
15:23:46.0824 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api - ok
15:23:46.0834 5920 [ 18804F77B6051D0CF01A5A921DD25BFB ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api
15:23:46.0834 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api - ok
15:23:46.0834 5920 [ A64A80C1E92401D9E576900BECB820B2 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api
15:23:46.0834 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api - ok
15:23:46.0844 5920 [ 6E50CFA46527B39015B750AAD161C5CC ] C:\Program Files\iPod\bin\iPodService.exe
15:23:46.0844 5920 C:\Program Files\iPod\bin\iPodService.exe - ok
15:23:46.0844 5920 [ 3EDAA99C7EB6C23CAF80067C01629665 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api
15:23:46.0844 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api - ok
15:23:46.0854 5920 [ 2D8E7C404FB3B158ECFD8F291F214A26 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api
15:23:46.0854 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api - ok
15:23:46.0854 5920 [ 538928155FA77F67A80378F63AB88829 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api
15:23:46.0854 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api - ok
15:23:46.0864 5920 [ 050E000D89D4FB750B124380020674E9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll
15:23:46.0864 5920 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll - ok
15:23:46.0864 5920 [ 033B9212A3E9410125A697E00855658E ] C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll
15:23:46.0864 5920 C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll - ok
15:23:46.0874 5920 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
15:23:46.0874 5920 C:\Windows\System32\wmploc.DLL - ok
15:23:46.0874 5920 [ 8044B0D9959B03894973BBD805CA4F36 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
15:23:46.0874 5920 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
15:23:46.0884 5920 [ 6667DC0C031F1B7EDD70BB7B0B49E3BA ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api
15:23:46.0884 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api - ok
15:23:46.0884 5920 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
15:23:46.0884 5920 C:\Windows\System32\pnrpsvc.dll - ok
15:23:46.0894 5920 [ 9AF2D062007C2C39BFC04679E13DC0C4 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
15:23:46.0894 5920 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
15:23:46.0894 5920 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
15:23:46.0904 5920 C:\Windows\System32\wbem\wmiprov.dll - ok
15:23:46.0904 5920 [ 34FC365E5FE83D1354FB8C21A32EF38D ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api
15:23:46.0904 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api - ok
15:23:46.0904 5920 [ FE311B5BD75F77674580A1976BA7C3F9 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api
15:23:46.0904 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api - ok
15:23:46.0914 5920 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
15:23:46.0914 5920 C:\Windows\System32\QAGENTRT.DLL - ok
15:23:46.0914 5920 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
15:23:46.0914 5920 C:\Windows\System32\fveui.dll - ok
15:23:46.0924 5920 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
15:23:46.0924 5920 C:\Windows\System32\p2psvc.dll - ok
15:23:46.0924 5920 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
15:23:46.0924 5920 C:\Windows\System32\ssdpsrv.dll - ok
15:23:46.0934 5920 [ 6D988D01E53D4BD0A18366066A28726D ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api
15:23:46.0934 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api - ok
15:23:46.0944 5920 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
15:23:46.0944 5920 C:\Windows\System32\P2PGraph.dll - ok
15:23:46.0944 5920 [ E48769903F58F735ACBA4BB34C866071 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api
15:23:46.0944 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api - ok
15:23:46.0954 5920 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
15:23:46.0954 5920 C:\Windows\System32\upnphost.dll - ok
15:23:46.0954 5920 [ E3A3A616207C95BAFE876486D8FCE2A7 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api
15:23:46.0954 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api - ok
15:23:46.0964 5920 [ CC1CAB61794B9EFB2681E3918D413B38 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api
15:23:46.0974 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api - ok
15:23:46.0974 5920 [ F8AC1AC2F50AFFC7EE3C63019E544CB2 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api
15:23:46.0974 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api - ok
15:23:46.0984 5920 [ C83ECE4B3F23074F716550AB8B827BE1 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api
15:23:46.0984 5920 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api - ok
15:23:46.0984 5920 [ A5C14075B571AF1C9592595BE724D9D2 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
15:23:46.0984 5920 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll - ok
15:23:46.0994 5920 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
15:23:46.0994 5920 C:\Windows\System32\drttransport.dll - ok
15:23:47.0004 5920 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
15:23:47.0004 5920 C:\Windows\System32\drt.dll - ok
15:23:47.0004 5920 [ 7C986D3EAD437EAB009303C69D5EB883 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\agcore.dll
15:23:47.0004 5920 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\agcore.dll - ok
15:23:47.0014 5920 [ A435F53E8509C3F392CEE3F571FDEC77 ] C:\Windows\System32\atipdl64.dll
15:23:47.0014 5920 C:\Windows\System32\atipdl64.dll - ok
15:23:47.0014 5920 [ 8AE42F1B8F104F78825DAEFD664D947D ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll
15:23:47.0014 5920 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll - ok
15:23:47.0024 5920 [ 46E8E1E0B3A3F3737AA94B90028B65E7 ] C:\Windows\SysWOW64\atipdlxx.dll
15:23:47.0024 5920 C:\Windows\SysWOW64\atipdlxx.dll - ok
15:23:47.0024 5920 [ F9A79C5B27037821112C50A9C8FB367A ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:23:47.0024 5920 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe - ok
15:23:47.0034 5920 [ 8A4883F5E7AC37444F23279239553878 ] C:\Windows\SysWOW64\regedit.exe
15:23:47.0034 5920 C:\Windows\SysWOW64\regedit.exe - ok
15:23:47.0034 5920 [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\SysWOW64\t2embed.dll
15:23:47.0034 5920 C:\Windows\SysWOW64\t2embed.dll - ok
15:23:47.0044 5920 [ DF551690EEB462238A09BE3AB6D43ECE ] C:\Program Files (x86)\IObit\IObit Malware Fighter\TaskSchedule.exe
15:23:47.0044 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\TaskSchedule.exe - ok
15:23:47.0054 5920 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
15:23:47.0054 5920 C:\Windows\SysWOW64\MMDevAPI.dll - ok
15:23:47.0054 5920 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
15:23:47.0054 5920 C:\Windows\SysWOW64\wdmaud.drv - ok
15:23:47.0064 5920 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
15:23:47.0064 5920 C:\Windows\SysWOW64\ksuser.dll - ok
15:23:47.0064 5920 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
15:23:47.0064 5920 C:\Windows\SysWOW64\avrt.dll - ok
15:23:47.0074 5920 [ D96AF6FAF24D5653D558FB5861BD8F29 ] C:\Windows\SysWOW64\dxtrans.dll
15:23:47.0074 5920 C:\Windows\SysWOW64\dxtrans.dll - ok
15:23:47.0074 5920 [ BBE34DAA066FFC44AB2F785F3E29CAC3 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\taskmgr.dll
15:23:47.0074 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\taskmgr.dll - ok
15:23:47.0084 5920 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
15:23:47.0084 5920 C:\Windows\SysWOW64\ddrawex.dll - ok
15:23:47.0084 5920 [ 55A97EC5956A72D3B7060560F785FF32 ] C:\Windows\SysWOW64\dxtmsft.dll
15:23:47.0084 5920 C:\Windows\SysWOW64\dxtmsft.dll - ok
15:23:47.0094 5920 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
15:23:47.0094 5920 C:\Windows\SysWOW64\taskschd.dll - ok
15:23:47.0104 5920 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
15:23:47.0104 5920 C:\Windows\SysWOW64\AudioSes.dll - ok
15:23:47.0104 5920 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
15:23:47.0104 5920 C:\Windows\SysWOW64\msacm32.drv - ok
15:23:47.0114 5920 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
15:23:47.0114 5920 C:\Windows\SysWOW64\msacm32.dll - ok
15:23:47.0114 5920 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
15:23:47.0114 5920 C:\Windows\SysWOW64\midimap.dll - ok
15:23:47.0124 5920 [ C0227B33BAB59AE7BDF36FF7D4EFDD9A ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IWsIMF.exe
15:23:47.0124 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\IWsIMF.exe - ok
15:23:47.0134 5920 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
15:23:47.0134 5920 C:\Windows\SysWOW64\wscisvif.dll - ok
15:23:47.0134 5920 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
15:23:47.0134 5920 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
15:23:47.0145 5920 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
15:23:47.0145 5920 C:\Windows\SysWOW64\wscapi.dll - ok
15:23:47.0145 5920 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
15:23:47.0145 5920 C:\Windows\SysWOW64\wscproxystub.dll - ok
15:23:47.0155 5920 [ 0DE3C7622EC33126579B1742260F08C2 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
15:23:47.0155 5920 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe - ok
15:23:47.0155 5920 [ E50265E33D08A52C33A7A7E8D3676C9E ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
15:23:47.0155 5920 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe - ok
15:23:47.0165 5920 [ 5F9AC3243C206EC95F32E4348AE67C13 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
15:23:47.0165 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys - ok
15:23:47.0165 5920 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
15:23:47.0165 5920 C:\Windows\SysWOW64\fltLib.dll - ok
15:23:47.0175 5920 [ 93117349047DDB7B3FF24EB006207606 ] C:\Windows\SysWOW64\imgutil.dll
15:23:47.0175 5920 C:\Windows\SysWOW64\imgutil.dll - ok
15:23:47.0185 5920 [ F163B58094B55ED88774741D0F501188 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
15:23:47.0185 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
15:23:47.0185 5920 [ CDD518EBEED5B1DD1FBEBACC4C07DA45 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll
15:23:47.0185 5920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll - ok
15:23:47.0195 5920 [ EED5AE4EF38893DD1743A95760C98704 ] C:\Windows\SysWOW64\pngfilt.dll
15:23:47.0195 5920 C:\Windows\SysWOW64\pngfilt.dll - ok
15:23:47.0195 5920 [ 060CC45CECAE2FEAFF9C8C52D8FAFAA8 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
15:23:47.0195 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys - ok
15:23:47.0205 5920 [ 241080F1B28E68F0D00F8F1066A3780D ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
15:23:47.0205 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys - ok
15:23:47.0205 5920 [ 95DE4979E10867EA28B1A7BF43C96F4B ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFUpdater.exe
15:23:47.0205 5920 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFUpdater.exe - ok
15:23:47.0215 5920 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:23:47.0215 5920 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:23:47.0225 5920 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
15:23:47.0225 5920 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
15:23:47.0225 5920 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
15:23:47.0225 5920 C:\Windows\SysWOW64\mscoree.dll - ok
15:23:47.0225 5920 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:23:47.0235 5920 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
15:23:47.0235 5920 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
15:23:47.0235 5920 C:\Windows\System32\msvcr100_clr0400.dll - ok
15:23:47.0235 5920 ============================================================
15:23:47.0235 5920 Scan finished
15:23:47.0235 5920 ============================================================
15:23:47.0255 5924 Detected object count: 3
15:23:47.0255 5924 Actual detected object count: 3
15:24:44.0337 5924 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:24:44.0337 5924 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:24:58.0369 5924 \Device\Harddisk0\DR0\# - copied to quarantine
15:24:59.0509 5924 \Device\Harddisk0\DR0 - copied to quarantine
15:25:04.0500 5924 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:25:06.0060 5924 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:25:06.0360 5924 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
15:25:08.0160 5924 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
15:25:08.0390 5924 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:25:08.0510 5924 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:25:08.0610 5924 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:25:08.0610 5924 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:25:08.0970 5924 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:25:08.0980 5924 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:25:09.0010 5924 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:25:09.0170 5924 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:25:09.0180 5924 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:25:09.0510 5924 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:25:14.0020 5924 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
15:25:18.0991 5924 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
That is very good!! let me have the other report when it is ready


gringo
  • 0

Advertisements


#11
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Here are the reports. The first one is the first one that found 7 threats and the second one found none after clean up. Also, everything appears to be functioning normally.

Malwarebytes Anti-Rootkit BETA 1.05.0.1001


v2013.04.21.07

Windows 7 Service Pack 1 x64 NTFS
8.0.7601.17514
Sam :: DALAPTOP

4/21/2013 7:08:02 PM
mbar-log-2013-04-21 (19-08-02).txt




31086
16 , 25

1
c:\Windows\svchost.exe (Trojan.Agent) -> 3524 ->

0


0


0


0


0


6
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Bootstrap_0_0_34_infected.mbam (Rootkit.Pihar.c.MBR) ->
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\MBR_0_infected.mbam (Rootkit.Pihar.c.MBR) ->
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976772880_user.mbam (Forged physical sector) ->
c:\Users\Sam\Downloads\PSamNoNeed-dm.exe (Adware.TryMedia) ->
c:\Users\Sam\Desktop\AOM\Gamedrive\GameDrive-Kg.exe (Riskware.Tool.CK) ->
c:\Windows\svchost.exe (Trojan.Agent) ->



Second scan:

Malwarebytes Anti-Rootkit BETA 1.05.0.1001


v2013.04.21.07

Windows 7 Service Pack 1 x64 NTFS
8.0.7601.17514
Sam :: DALAPTOP

4/21/2013 7:34:47 PM
mbar-log-2013-04-21 (19-34-47).txt




33050
16 , 49

0


0


0


0


0


0


0
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Treetearer

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

DDS::
uStart Page = hxxp://search.yahoo.com?type=198484&fr=spigot-yhp-ie

RegNull:: 
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1D0D1DBE-D81F-D306-5437E45696154CEE}\{BB3F4491-C2FA-99A3-3FB31108844B020A}\{37E50F9E-362C-792E-57F19660836F5A8C}*]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{454884EE-A952-6288-D98E4C6628C57FD8}\{4E2828CC-5D4E-CAA4-0B0E2FF0C61DD876}\{D33FFB02-83E4-6D49-8432C9C83D6B1A26}*]


Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#13
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I had no problems running the scan. Before running the scan today though, my computer was working fine for about five minutes and then before I started the scan, my internet stopped responding and I couldn't open any programs or restart my computer. I had to force it off by holding the power button. Then it happened again. Then I did the scan and it froze up while I was typing my original post. Then when I tried Ctrl+ALT+Delete, it said this : Failure to display security and shut down options. The logon process was unable to display security and logon options when Ctrl+ALT+Delete was pressed. If the operating system does not respond, press ESC or restart the computer by using the power switch.

So I used the power switch again. Then everything worked fine and now I posted this. Also, here is the report.

ComboFix 13-04-22.01 - Sam 04/22/2013 18:38:50.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4063.2474 [GMT -5:00]
Running from: c:\users\Sam\Desktop\ComboFix.exe
Command switches used :: c:\users\Sam\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\DRM\383F.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-03-22 to 2013-04-22 )))))))))))))))))))))))))))))))
.
.
2013-04-22 23:50 . 2013-04-22 23:50 -------- d-----w- c:\users\hedev\AppData\Local\temp
2013-04-22 23:50 . 2013-04-22 23:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-04-22 23:50 . 2013-04-22 23:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-22 00:55 . 2013-04-22 00:55 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9D8F5FE-4FCA-4F78-A12E-E2DC4FBCCC03}\offreg.dll
2013-04-22 00:41 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-04-22 00:39 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-21 23:57 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9D8F5FE-4FCA-4F78-A12E-E2DC4FBCCC03}\mpengine.dll
2013-04-20 20:24 . 2013-04-20 20:24 -------- d-----w- C:\TDSSKiller_Quarantine
2013-04-19 03:48 . 2013-04-19 03:48 121 ----a-w- c:\windows\DeleteOnReboot.bat
2013-04-19 03:19 . 2013-04-19 03:20 -------- d-----w- c:\programdata\Package Cache
2013-04-15 00:31 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-15 00:31 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-04-15 00:31 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-15 00:31 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-15 00:31 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-15 00:31 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-15 00:30 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-15 00:30 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-14 23:45 . 2013-04-14 23:45 -------- d-----w- c:\program files (x86)\IObit Apps Toolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-15 00:09 . 2012-04-28 00:38 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-15 00:09 . 2011-06-22 23:46 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 00:58 . 2009-11-21 00:51 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-12 06:10 . 2009-11-26 20:35 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-22 16:04 . 2012-09-17 01:57 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-02-12 05:45 . 2013-04-22 00:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-04-22 00:39 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-04-22 00:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-04-22 00:39 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-04-22 00:39 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-22 00:39 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll" [2013-02-24 1352512]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2013-02-24 00:17 1352512 ----a-w- c:\program files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll" [2013-02-24 1352512]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2010-03-17 800944]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-16 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-03-30 437584]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-08-29 3039352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2012-12-25 4474832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-08-09 175968]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-08-20 5751928]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-08-20 184304]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [2010-04-17 27536]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 Gun;Gun;c:\game\SoftnyxGame\GunBoundIS\Gun64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-07-23 5435904]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-03 19456]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssrangdr;ssrangdr;c:\windows\system32\DRIVERS\ssrangdr.sys [2009-11-06 4608]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-03 57856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-31 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-08-09 60768]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-08-09 230240]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-08-10 40288]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-08-13 150880]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-08-10 105312]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-10 199520]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-22 39768]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-16 465216]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 203264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-03-30 303952]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-22 968880]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-06 21384]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-03-30 24664]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2011-08-26 7680512]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
S3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 00:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-09 171520]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: {4944924A-64E4-49C1-AC97-ABA3927262FE} - hxxp://channel.dontblynk.com/Launcher/StWbUsa.CAB
FF - ProfilePath - c:\users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\0sj9uauy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF - ExtSQL: 2049-12-31 14:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; c:\users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\0sj9uauy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-27972580.sys
SafeBoot-60112145.sys
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3775965540-928844727-244699567-1001\Software\SecuROM\License information*]
"datasecu"=hex:3b,62,4c,d3,42,a6,e9,75,74,8b,60,a0,ed,58,70,35,74,7b,39,26,4d,
e3,d6,4a,2e,12,13,6c,a2,48,17,29,ba,6a,1a,53,b1,07,de,62,31,83,20,28,93,b7,\
"rkeysecu"=hex:31,43,99,a6,40,5c,bc,30,0e,f4,2d,74,bc,bc,a7,d1
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-22 18:55:23
ComboFix-quarantined-files.txt 2013-04-22 23:55
ComboFix2.txt 2013-04-20 01:29
ComboFix3.txt 2013-04-20 00:56
.
Pre-Run: 309,529,415,680 bytes free
Post-Run: 309,295,779,840 bytes free
.
- - End Of File - - 2798F33CD848D3157FEBD355255076FE
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Treetearer

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#15
Treetearer

Treetearer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Here is the report.


Update for Microsoft Office 2007 (KB2508958)
2010 DR PEPPER EA GAMES EVERY BOTTLE/CUP WINS PROMOTION
3ivx MPEG-4 5.0.3 (remove only)
ACD/Labs Software in C:\ACDFREE12\
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1 MUI
Adobe Shockwave Player 11.6
Advanced SystemCare 6
Age of Empires II: HD Edition
Age of Empires III: Complete Collection
Age of Empires Online
Age of Mythology
Age of Mythology - The Titans Expansion
Apple Application Support
Apple Software Update
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.1
Canon MX350 series User Registration
Canon Speed Dial Utility
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Choice Guard
Compatibility Pack for the 2007 Office system
Corel Paint Shop Pro Photo X2
DisplayFusion 3.1.8.0
Dwarfs F2P
Eufloria
Fences
ffdshow [rev 3154] [2009-12-09]
Game Booster 3
HP Advisor
HP Customer Experience Enhancements
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Live TV
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart Software Notebook Demo
HP MediaSmart Webcam
HP Quick Launch Buttons
HP Setup
HP Smart Web Printing
HP Update
HP User Guides 0153
HP Wireless Assistant
IDT Audio
IL Download Manager
IObit Apps Toolbar v7.0
IObit Malware Fighter
Java Auto Updater
Java™ 6 Update 35
JMicron Flash Media Controller Driver
Junk Mail filter update
LightScribe Applications
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
ObjectDock
Origin
Peggle Nights 1.0
Plants vs. Zombies
PoiZone
PowerISO
PowerRecover
QLBCASL
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
SP45990 - Wallpaper Picture Position Enabler for Windows 7
Spybot - Search & Destroy
Star Wars: The Old Republic
Steam
SureThing CD Labeler Deluxe Trial
swMSM
The Sims™ 3
The Sims™ 3 Ambitions
The Sims™ 3 Generations
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 Late Night
The Sims™ 3 Pets
The Sims™ 3 Seasons
The Sims™ 3 Supernatural
The Sims™ 3 World Adventures
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wmniper
TurboTax 2011 wrapper
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
World of Battles
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP