Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer running painfully slow [Solved]

Started by gmcube , Feb 28 2014 11:54 PM

  • This topic is locked This topic is locked

#1
gmcube
Posted 28 February 2014 - 11:54 PM

gmcube

    Member

  • Member
  • PipPipPip
  • 176 posts
I'm trying to clean up my mom's laptop, I don't know the full extent of the problems but I know it has infections. Its running at a crawl, has multiple instances of "explorer" in the list of processes in the task manager usually.


Do we still do hijack logs or have we moved onto something else?

I tried removing some I know are bad but they just respawn.

Logfile of HijackThis v1.99.1
Scan saved at 9:40:29 PM, on 2/28/2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.1.0.28\InstStub.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbar.dll
O2 - BHO: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
O2 - BHO: AW Gaming Software - {9F531FB1-7C1F-4e1a-8C0C-E8D6177130E2} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
O3 - Toolbar: RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [CaddieSyncConduit] C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RadioRage Search Scope Monitor] "C:\PROGRA~2\RADIOR~2\bar\1.bin\4jsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [RadioRage_4j Browser Plugin Loader] C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbrmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON Stylus Photo R220 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAIA.EXE /FU "C:\Windows\TEMP\E_SBAF8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [sgkdoajh] "C:\Users\Tonya\AppData\Local\xroavlsv.exe"
O4 - HKCU\..\Run: [tdelpoof] "C:\Users\Tonya\AppData\Local\ffencjrn.exe"
O4 - HKCU\..\Run: [xnakbmts] "C:\Users\Tonya\AppData\Local\fbtdmgtk.exe"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Unknown owner - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RadioRageService (RadioRage_4jService) - COMPANYVERS_NAME - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.3.0 - AVG Secure Search - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
  • 0

Advertisements

#2
pystryker
Posted 01 March 2014 - 06:27 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello and welcome to Geeks to Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please subscribe to this topic. By subscribing, the board will notify you when a new reply is added to your topic. You can find instructions on how to do that by clicking here.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.

  • Please read through my instructions carefully and completely before executing them.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • Please read through my instructions carefully and make sure you complete them from start to finish. I will make sure that I lay the instructions out in a step by step order to make them easy to follow
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please copy and paste the contents of any requested logs in your replies. Do not attach the log files in your replies unless requested to do so.
  • Please remember, the fixes are for your machine and your machine ONLY!



Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future

Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)

Now, let's get started, shall we? :thumbsup:



Hello :)

We no longer use HijackThis as it doesn't give us enough information. Please follow the instructions below to run Farbar's Recovery Scan Tool and we'll get to work. :) :thumbsup:


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#3
gmcube
Posted 02 March 2014 - 02:22 AM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Tonya (administrator) on TONYA-PC on 02-03-2014 02:38:38
Running from C:\Users\Tonya\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(Akamai Technologies, Inc.) C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Akamai Technologies, Inc.) C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
() C:\Program Files (x86)\Ask.com\UpdateTask.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-25] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe [548936 2013-11-09] ()
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2552856 2014-02-03] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CaddieSyncConduit] - C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2379160 2012-10-22] (SkyHawke)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [RadioRage Search Scope Monitor] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrchMn.exe [44784 2013-11-09] (MindSpark)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe [30096 2013-11-09] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Google Update] - C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-11-27] (Google Inc.)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [EPSON Stylus Photo R220 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAIA.EXE [211456 2006-12-25] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [xnakbmts] - C:\Users\Tonya\AppData\Local\fbtdmgtk.exe [145920 2014-02-27] ()
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [wbexhekv] - C:\Users\Tonya\AppData\Local\xgmuxkgb.exe [147456 2014-03-01] ()
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: {8f918ca0-64b3-11e2-ad90-60eb692c3b3a} - G:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {09971cee-01b8-42bc-9d91-456b1faad6be} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...fr&d=2012-10-08 13:43:27&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKCU - {09971cee-01b8-42bc-9d91-456b1faad6be} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...fr&d=2012-10-08 13:43:27&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D8E7AAB5-D02B-452B-A57A-FF8228A7A0F9} URL = http://websearch.ask...22-699B2F53A7C2
SearchScopes: HKCU - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://xfinity.comcast.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll (MindSpark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: No Name - C:\Users\Tonya\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2012-09-01]
FF Extension: Adblock Plus - C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-05]
FF Extension: Greasemonkey - C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-23]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-09]

Chrome:
=======
CHR HomePage: hxxp://comcast.net/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\NP2pStub.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Tonya\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-03-26]
CHR Extension: (Poppit) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-03-26]
CHR Extension: (AVG Security Toolbar) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-09-09]
CHR Extension: (Google Wallet) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-09]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RadioRage_4jService; C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe [44752 2013-11-09] (COMPANYVERS_NAME)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-09] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-02 02:23 - 2014-03-02 02:39 - 00028412 _____ () C:\Users\Tonya\Desktop\FRST.txt
2014-03-02 02:16 - 2014-03-02 02:23 - 00000000 ____D () C:\FRST
2014-03-02 02:13 - 2014-03-02 02:13 - 02156544 _____ (Farbar) C:\Users\Tonya\Downloads\FRST64 (1).exe
2014-03-02 02:12 - 2014-03-02 02:12 - 02156544 _____ (Farbar) C:\Users\Tonya\Desktop\FRST64.exe
2014-03-02 02:12 - 2014-03-02 02:12 - 00115560 _____ () C:\Users\Tonya\AppData\Local\hrqtdpng.exe
2014-03-01 19:51 - 2014-03-01 20:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2746006228.job
2014-03-01 19:51 - 2014-03-01 19:54 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Fidiim
2014-03-01 19:51 - 2014-03-01 19:51 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2746006228
2014-03-01 19:45 - 2014-03-01 19:45 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\icppaxrj.exe
2014-03-01 14:33 - 2014-03-01 14:33 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\incjxaph.exe
2014-03-01 08:20 - 2014-03-01 08:20 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2120323033
2014-03-01 08:19 - 2014-03-01 20:00 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 2120323033.job
2014-03-01 08:19 - 2014-03-01 08:22 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Iwficoom
2014-03-01 07:24 - 2014-03-01 07:24 - 00147456 _____ () C:\Users\Tonya\AppData\Local\xgmuxkgb.exe
2014-03-01 05:09 - 2014-03-01 05:09 - 00000000 ____D () C:\ProgramData\AVG
2014-03-01 05:05 - 2014-03-01 05:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-01 04:56 - 2014-03-01 05:03 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28(1).exe
2014-03-01 04:56 - 2014-03-01 05:01 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-03-01 02:57 - 2014-03-02 02:27 - 00049205 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 02:51 - 2014-03-02 02:04 - 00000224 _____ () C:\Windows\setupact.log
2014-03-01 02:51 - 2014-03-01 02:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 02:50 - 2014-03-01 11:17 - 00008220 _____ () C:\Windows\PFRO.log
2014-02-28 21:51 - 2014-02-28 21:51 - 00015508 _____ () C:\Users\Tonya\Desktop\cc_20140228_215122.reg
2014-02-28 21:40 - 2014-02-28 21:40 - 00016483 _____ () C:\Users\Tonya\Desktop\hijackthis.log
2014-02-28 21:32 - 2014-03-01 00:52 - 00021376 _____ () C:\Users\Tonya\Desktop\avgrep.txt
2014-02-28 21:21 - 2014-02-28 21:54 - 00000000 ____D () C:\Windows\pss
2014-02-28 13:46 - 2014-03-01 20:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2727043745.job
2014-02-28 13:46 - 2014-02-28 13:46 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2727043745
2014-02-28 13:46 - 2014-02-28 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Qasoku
2014-02-28 13:43 - 2014-02-28 13:43 - 00150841 _____ () C:\Users\Tonya\AppData\Local\kjudtmpn.exe
2014-02-28 12:13 - 2014-03-01 20:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1986258550.job
2014-02-28 12:13 - 2014-02-28 12:13 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 1986258550
2014-02-28 12:13 - 2014-02-28 12:13 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Ydcoli
2014-02-27 21:33 - 2014-03-01 20:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 752721097.job
2014-02-27 21:33 - 2014-02-28 14:02 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Zoicges
2014-02-27 21:33 - 2014-02-27 21:33 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 752721097
2014-02-27 19:18 - 2014-02-27 19:18 - 00145920 _____ () C:\Users\Tonya\AppData\Local\fbtdmgtk.exe
2014-02-26 20:29 - 2014-03-01 20:00 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 1942578594.job
2014-02-26 20:29 - 2014-02-28 13:00 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Nahoocme
2014-02-26 20:29 - 2014-02-26 20:29 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 1942578594
2014-02-26 13:44 - 2014-03-01 20:00 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 2116572899.job
2014-02-26 13:44 - 2014-02-26 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Bydituty
2014-02-26 13:44 - 2014-02-26 13:44 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2116572899
2014-02-26 12:14 - 2014-03-01 20:00 - 00000804 _____ () C:\Windows\Tasks\Security Center Update - 3679279732.job
2014-02-26 12:14 - 2014-02-26 13:44 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Toraukha
2014-02-26 12:14 - 2014-02-26 12:14 - 00003812 _____ () C:\Windows\System32\Tasks\Security Center Update - 3679279732
2014-02-26 03:09 - 2014-02-26 03:09 - 00077275 _____ () C:\Users\Tonya\Documents\EDU 403 CM.pptx
2014-02-26 01:58 - 2014-02-26 01:58 - 00012326 _____ () C:\Users\Tonya\AppData\Local\tkjcpagd
2014-02-26 01:57 - 2014-02-26 01:57 - 00068161 _____ () C:\Users\Tonya\AppData\Local\fvkrjbsw
2014-02-26 01:56 - 2014-02-26 01:56 - 00000000 _____ () C:\Users\Tonya\AppData\Roaming\SharedSettings.ccs
2014-02-26 01:53 - 2014-02-26 01:53 - 00089000 _____ () C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip
2014-02-23 23:25 - 2014-02-23 23:25 - 00001120 _____ () C:\Users\Tonya\Desktop\Continue Zip Opener Installation.lnk
2014-02-23 23:24 - 2014-02-23 23:25 - 00655544 _____ () C:\Users\Tonya\Downloads\ZipOpenerSetup.exe
2014-02-15 21:22 - 2014-02-15 21:22 - 00020875 _____ () C:\Users\Tonya\Downloads\chapter overview.zip
2014-02-15 01:22 - 2014-02-15 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 06:50 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 06:50 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 06:46 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 06:46 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 06:46 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 06:46 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 06:46 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 06:46 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 06:46 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 06:46 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 06:46 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 06:46 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 06:46 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 06:46 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 06:46 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 06:46 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 06:46 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 06:46 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 06:46 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 06:46 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 06:46 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 06:46 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 06:46 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 06:46 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 06:46 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 06:46 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 06:46 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 06:46 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 06:46 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 06:46 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 06:46 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 06:46 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 06:46 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 06:46 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 06:46 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 06:46 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 06:46 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 06:46 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 06:46 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 06:46 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 06:46 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 20:45 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 20:45 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 20:45 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 20:45 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 20:45 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 20:45 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 20:45 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 20:45 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 20:45 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 20:45 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 20:45 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 20:44 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 20:44 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 20:44 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 20:44 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:49 - 2014-02-11 22:49 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-09 22:17 - 2014-03-02 02:35 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 22:17 - 2014-03-02 02:05 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-09 22:17 - 2014-02-13 20:24 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-09 22:17 - 2014-02-13 20:24 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 22:17 - 2014-02-09 22:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-09 22:16 - 2014-02-09 22:16 - 00847312 _____ (Google Inc.) C:\Users\Tonya\Downloads\GoogleEarthSetup.exe
2014-02-01 05:20 - 2014-02-01 05:20 - 00107738 _____ () C:\Users\Tonya\Downloads\Extras.Txt
2014-02-01 05:18 - 2014-02-01 05:18 - 00089614 _____ () C:\Users\Tonya\Downloads\OTL.Txt
2014-02-01 04:59 - 2014-02-01 04:59 - 00602112 _____ (OldTimer Tools) C:\Users\Tonya\Downloads\OTL.exe
2014-02-01 04:47 - 2014-02-01 04:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-01 04:46 - 2014-02-01 04:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 04:41 - 2014-02-01 04:42 - 00474382 _____ () C:\Users\Tonya\Documents\cc_20140201_044133.reg
2014-02-01 04:36 - 2014-02-01 04:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-01 04:36 - 2014-02-01 04:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 04:35 - 2014-02-01 04:36 - 04721920 _____ (Piriform Ltd) C:\Users\Tonya\Downloads\ccsetup410.exe
2014-02-01 04:11 - 2014-03-01 03:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-01 04:11 - 2014-02-05 00:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 04:11 - 2014-02-01 04:11 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-01 04:11 - 2014-02-01 04:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-01 04:11 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-02-01 04:08 - 2014-02-01 04:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Tonya\Downloads\spybot-2.2.exe
2014-01-31 15:52 - 2014-01-31 15:52 - 00018003 _____ () C:\Users\Tonya\Documents\hijackthis.log
2014-01-31 15:49 - 2014-02-28 21:29 - 00000000 ____D () C:\Program Files\HijackThis
2014-01-31 15:48 - 2014-01-31 15:48 - 00251392 _____ () C:\Users\Tonya\Downloads\hijackthis_sfx.exe
2014-01-31 14:21 - 2014-01-31 14:21 - 00001224 _____ () C:\Users\Public\Desktop\Video Converter.lnk
2014-01-31 14:21 - 2014-01-31 14:21 - 00000000 ____D () C:\Program Files (x86)\SweetPacks
2014-01-31 14:20 - 2014-01-31 14:20 - 00657840 _____ (Conduit) C:\Users\Tonya\Downloads\Video_Converter_TSV2382ZX.exe

==================== One Month Modified Files and Folders =======

2014-03-02 02:39 - 2014-03-02 02:23 - 00028412 _____ () C:\Users\Tonya\Desktop\FRST.txt
2014-03-02 02:35 - 2014-02-09 22:17 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 02:27 - 2014-03-01 02:57 - 00049205 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 02:27 - 2012-07-22 21:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 02:23 - 2014-03-02 02:16 - 00000000 ____D () C:\FRST
2014-03-02 02:18 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 02:18 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 02:13 - 2014-03-02 02:13 - 02156544 _____ (Farbar) C:\Users\Tonya\Downloads\FRST64 (1).exe
2014-03-02 02:12 - 2014-03-02 02:12 - 02156544 _____ (Farbar) C:\Users\Tonya\Desktop\FRST64.exe
2014-03-02 02:12 - 2014-03-02 02:12 - 00115560 _____ () C:\Users\Tonya\AppData\Local\hrqtdpng.exe
2014-03-02 02:05 - 2014-02-09 22:17 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 02:05 - 2013-06-07 14:17 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-03-02 02:05 - 2013-06-02 16:24 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-03-02 02:04 - 2014-03-01 02:51 - 00000224 _____ () C:\Windows\setupact.log
2014-03-02 02:04 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 02:04 - 2009-07-13 23:45 - 01004896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-01 20:39 - 2010-11-28 04:40 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-01 20:00 - 2014-03-01 19:51 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2746006228.job
2014-03-01 20:00 - 2014-03-01 08:19 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 2120323033.job
2014-03-01 20:00 - 2014-02-28 13:46 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2727043745.job
2014-03-01 20:00 - 2014-02-28 12:13 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1986258550.job
2014-03-01 20:00 - 2014-02-27 21:33 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 752721097.job
2014-03-01 20:00 - 2014-02-26 20:29 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 1942578594.job
2014-03-01 20:00 - 2014-02-26 13:44 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 2116572899.job
2014-03-01 20:00 - 2014-02-26 12:14 - 00000804 _____ () C:\Windows\Tasks\Security Center Update - 3679279732.job
2014-03-01 19:54 - 2014-03-01 19:51 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Fidiim
2014-03-01 19:51 - 2014-03-01 19:51 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2746006228
2014-03-01 19:50 - 2010-11-27 03:41 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA.job
2014-03-01 19:45 - 2014-03-01 19:45 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\icppaxrj.exe
2014-03-01 14:33 - 2014-03-01 14:33 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\incjxaph.exe
2014-03-01 11:17 - 2014-03-01 02:50 - 00008220 _____ () C:\Windows\PFRO.log
2014-03-01 08:22 - 2014-03-01 08:19 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Iwficoom
2014-03-01 08:20 - 2014-03-01 08:20 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2120323033
2014-03-01 07:24 - 2014-03-01 07:24 - 00147456 _____ () C:\Users\Tonya\AppData\Local\xgmuxkgb.exe
2014-03-01 05:09 - 2014-03-01 05:09 - 00000000 ____D () C:\ProgramData\AVG
2014-03-01 05:05 - 2014-03-01 05:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-01 05:03 - 2014-03-01 04:56 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28(1).exe
2014-03-01 05:01 - 2014-03-01 04:56 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-03-01 03:39 - 2014-02-01 04:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-01 02:53 - 2013-06-19 13:15 - 00062464 ___SH () C:\Users\Tonya\Desktop\Thumbs.db
2014-03-01 02:51 - 2014-03-01 02:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 00:52 - 2014-02-28 21:32 - 00021376 _____ () C:\Users\Tonya\Desktop\avgrep.txt
2014-02-28 21:54 - 2014-02-28 21:21 - 00000000 ____D () C:\Windows\pss
2014-02-28 21:51 - 2014-02-28 21:51 - 00015508 _____ () C:\Users\Tonya\Desktop\cc_20140228_215122.reg
2014-02-28 21:46 - 2011-09-05 23:44 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-02-28 21:40 - 2014-02-28 21:40 - 00016483 _____ () C:\Users\Tonya\Desktop\hijackthis.log
2014-02-28 21:39 - 2010-07-08 03:42 - 00000000 ____D () C:\ProgramData\Norton
2014-02-28 21:32 - 2012-10-08 12:36 - 00000000 ____D () C:\Users\Tonya\AppData\Local\Avg2013
2014-02-28 21:29 - 2014-01-31 15:49 - 00000000 ____D () C:\Program Files\HijackThis
2014-02-28 20:18 - 2014-01-01 17:52 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTonya
2014-02-28 20:18 - 2014-01-01 17:52 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTonya.job
2014-02-28 14:02 - 2014-02-27 21:33 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Zoicges
2014-02-28 13:46 - 2014-02-28 13:46 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2727043745
2014-02-28 13:46 - 2014-02-28 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Qasoku
2014-02-28 13:43 - 2014-02-28 13:43 - 00150841 _____ () C:\Users\Tonya\AppData\Local\kjudtmpn.exe
2014-02-28 13:00 - 2014-02-26 20:29 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Nahoocme
2014-02-28 12:13 - 2014-02-28 12:13 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 1986258550
2014-02-28 12:13 - 2014-02-28 12:13 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Ydcoli
2014-02-27 23:44 - 2010-11-27 03:41 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core.job
2014-02-27 21:33 - 2014-02-27 21:33 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 752721097
2014-02-27 19:18 - 2014-02-27 19:18 - 00145920 _____ () C:\Users\Tonya\AppData\Local\fbtdmgtk.exe
2014-02-27 17:22 - 2010-12-09 00:59 - 00788408 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 17:22 - 2009-07-14 00:13 - 00788408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 20:29 - 2014-02-26 20:29 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 1942578594
2014-02-26 13:46 - 2014-02-26 13:44 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Bydituty
2014-02-26 13:44 - 2014-02-26 13:44 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2116572899
2014-02-26 13:44 - 2014-02-26 12:14 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Toraukha
2014-02-26 12:14 - 2014-02-26 12:14 - 00003812 _____ () C:\Windows\System32\Tasks\Security Center Update - 3679279732
2014-02-26 03:09 - 2014-02-26 03:09 - 00077275 _____ () C:\Users\Tonya\Documents\EDU 403 CM.pptx
2014-02-26 01:58 - 2014-02-26 01:58 - 00012326 _____ () C:\Users\Tonya\AppData\Local\tkjcpagd
2014-02-26 01:57 - 2014-02-26 01:57 - 00068161 _____ () C:\Users\Tonya\AppData\Local\fvkrjbsw
2014-02-26 01:56 - 2014-02-26 01:56 - 00000000 _____ () C:\Users\Tonya\AppData\Roaming\SharedSettings.ccs
2014-02-26 01:53 - 2014-02-26 01:53 - 00089000 _____ () C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip
2014-02-24 13:23 - 2010-11-27 05:20 - 00333080 _____ () C:\Users\Tonya\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-24 13:23 - 2010-11-27 03:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-24 02:28 - 2012-08-28 21:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-23 23:25 - 2014-02-23 23:25 - 00001120 _____ () C:\Users\Tonya\Desktop\Continue Zip Opener Installation.lnk
2014-02-23 23:25 - 2014-02-23 23:24 - 00655544 _____ () C:\Users\Tonya\Downloads\ZipOpenerSetup.exe
2014-02-23 16:41 - 2011-01-09 20:09 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-21 11:12 - 2010-11-27 03:41 - 00002364 _____ () C:\Users\Tonya\Desktop\Google Chrome.lnk
2014-02-20 21:26 - 2012-07-22 21:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 21:26 - 2012-07-22 21:48 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 21:26 - 2011-06-28 13:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 13:56 - 2010-07-10 22:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-18 20:01 - 2014-01-06 18:23 - 00003610 _____ () C:\Windows\System32\Tasks\Norton Security Scan for Tonya
2014-02-16 03:04 - 2013-08-14 12:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 03:00 - 2010-11-28 04:46 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 02:02 - 2012-05-04 01:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 21:22 - 2014-02-15 21:22 - 00020875 _____ () C:\Users\Tonya\Downloads\chapter overview.zip
2014-02-15 16:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 01:22 - 2014-02-15 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 20:24 - 2014-02-09 22:17 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 20:24 - 2014-02-09 22:17 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 22:49 - 2014-02-11 22:49 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-11 22:49 - 2013-02-13 00:27 - 00001929 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-11 22:45 - 2010-11-27 03:41 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA
2014-02-11 22:45 - 2010-11-27 03:41 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core
2014-02-09 22:18 - 2014-02-09 22:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-09 22:18 - 2010-11-27 03:41 - 00000000 ____D () C:\Users\Tonya\AppData\Local\Google
2014-02-09 22:16 - 2014-02-09 22:16 - 00847312 _____ (Google Inc.) C:\Users\Tonya\Downloads\GoogleEarthSetup.exe
2014-02-06 07:16 - 2014-02-13 06:46 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-13 06:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-13 06:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-13 06:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-13 06:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-13 06:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-13 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-13 06:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-13 06:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-13 06:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-13 06:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-13 06:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-13 06:46 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-13 06:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-13 06:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-13 06:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-13 06:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-13 06:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-13 06:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-13 06:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-13 06:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-13 06:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-13 06:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-13 06:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-13 06:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-13 06:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-13 06:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-13 06:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-13 06:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-13 06:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-13 06:46 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-13 06:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-13 06:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-13 06:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-13 06:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-13 06:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-13 06:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-13 06:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-13 06:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 00:58 - 2014-02-01 04:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-03 15:33 - 2012-10-08 12:43 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-02-01 05:20 - 2014-02-01 05:20 - 00107738 _____ () C:\Users\Tonya\Downloads\Extras.Txt
2014-02-01 05:18 - 2014-02-01 05:18 - 00089614 _____ () C:\Users\Tonya\Downloads\OTL.Txt
2014-02-01 04:59 - 2014-02-01 04:59 - 00602112 _____ (OldTimer Tools) C:\Users\Tonya\Downloads\OTL.exe
2014-02-01 04:47 - 2014-02-01 04:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-01 04:46 - 2014-02-01 04:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 04:42 - 2014-02-01 04:41 - 00474382 _____ () C:\Users\Tonya\Documents\cc_20140201_044133.reg
2014-02-01 04:38 - 2009-09-06 20:57 - 00000000 ____D () C:\Windows\Panther
2014-02-01 04:36 - 2014-02-01 04:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-01 04:36 - 2014-02-01 04:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 04:36 - 2014-02-01 04:35 - 04721920 _____ (Piriform Ltd) C:\Users\Tonya\Downloads\ccsetup410.exe
2014-02-01 04:11 - 2014-02-01 04:11 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-01 04:11 - 2014-02-01 04:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-01 04:08 - 2014-02-01 04:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Tonya\Downloads\spybot-2.2.exe
2014-01-31 15:52 - 2014-01-31 15:52 - 00018003 _____ () C:\Users\Tonya\Documents\hijackthis.log
2014-01-31 15:48 - 2014-01-31 15:48 - 00251392 _____ () C:\Users\Tonya\Downloads\hijackthis_sfx.exe
2014-01-31 15:48 - 2010-11-27 05:21 - 00000000 ____D () C:\Users\Tonya\AppData\Local\VirtualStore
2014-01-31 14:21 - 2014-01-31 14:21 - 00001224 _____ () C:\Users\Public\Desktop\Video Converter.lnk
2014-01-31 14:21 - 2014-01-31 14:21 - 00000000 ____D () C:\Program Files (x86)\SweetPacks
2014-01-31 14:20 - 2014-01-31 14:20 - 00657840 _____ (Conduit) C:\Users\Tonya\Downloads\Video_Converter_TSV2382ZX.exe

Some content of TEMP:
====================
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_544e4621.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_95d2cf08.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_971dd8da.exe
C:\Users\Tonya\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS_25639.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 14:09

==================== End Of Log ============================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2014 01
Ran by Tonya at 2014-03-02 02:43:06
Running from C:\Users\Tonya\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version: - )
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.35882 - Ask.com) <==== ATTENTION
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3462 - AVG Technologies)
AVG 2013 (Version: 13.0.3462 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3705 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.295 - AVG) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 17.3.0.49 - AVG Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CaddieSync Express 1.4.3 (HKLM-x32\...\CaddieSync Express) (Version: 1.4.3 - SkyHawke Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1616 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.4217 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HijackThis 1.99.1 (HKLM-x32\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{BB94D541-A747-4A5D-B0ED-72FA5C158EA5}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{7C36414C-DC87-4943-A525-BC1717BA17C9}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}) (Version: 5.1.10.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
Praxis 1.0 (HKLM-x32\...\Praxis) (Version: 1.0 - McGraw-Hill)
Praxis Elementary Ed 0014-5014 (HKLM-x32\...\{3D92143C-971D-45A3-B9C8-B2F9FBF7AE2E}) (Version: 2.1.0 - REA, Inc. )
PrintMaster Platinum 18 (HKLM-x32\...\{EBD9A954-6C1A-4E9F-A098-C98653035381}) (Version: 18.00.0000 - Broderbund Software)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RadioRage Internet Explorer Toolbar (HKLM-x32\...\RadioRage_4jbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.278 - Hewlett-Packard) Hidden
RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Skype™ 6.0 (HKLM-x32\...\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}) (Version: 6.0.126 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft)
Video Converter (HKLM-x32\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION
Video Converter Bundle (HKLM-x32\...\Video Converter Bundle) (Version: 1.0.0.0 - Video Converter Bundle)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Vivitar Experience Image Manager (HKLM-x32\...\Vivitar Experience Image Manager) (Version: - Sakar)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

16-02-2014 08:00:14 Windows Update
24-02-2014 07:25:19 Removed Skype Click to Call
26-02-2014 08:00:11 Windows Update
01-03-2014 10:09:50 Installed AVG PC TuneUp 2014
01-03-2014 10:16:46 Removed AVG PC TuneUp 2014 (en-US)

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0715A1D8-7DE3-428E-AAD3-810DEF1448F1} - System32\Tasks\Security Center Update - 2746006228 => C:\Users\Tonya\AppData\Roaming\Fidiim\ukvoobw.exe <==== ATTENTION
Task: {08E5A261-98E1-4229-923A-AB99B6411D39} - System32\Tasks\Security Center Update - 1942578594 => C:\Users\Tonya\AppData\Roaming\Nahoocme\iwupcuu.exe <==== ATTENTION
Task: {1204A2EF-BBB3-4E8F-AB12-600D734E348E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {13E41291-2290-41C6-AFA2-81D29A627397} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
Task: {1940E64E-3F22-4795-81FB-1A33E0A7C957} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {1DF5B38E-77E0-4593-9261-EBCAF57CAD65} - System32\Tasks\Security Center Update - 2727043745 => C:\Users\Tonya\AppData\Roaming\Qasoku\syqyiza.exe <==== ATTENTION
Task: {1EC4450C-B678-4845-B5F1-46AAC1CD11E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {34F441B8-3F7A-40A7-8CD7-BC5B426489C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {37C98D75-9C9D-4D82-991C-26672332A067} - System32\Tasks\Norton Security Scan for Tonya => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: {4DEE0D76-6E12-4733-A145-575C68BE1775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09] (Google Inc.)
Task: {5EA2B762-D5DA-4495-A4C7-2A090B636CAE} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {6E14CDFF-AC6D-449D-B9CF-BFEC5DBD6FEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {6E571B2C-BFBF-48C5-928D-1D63BFF2FCFD} - System32\Tasks\Security Center Update - 1986258550 => C:\Users\Tonya\AppData\Roaming\Ydcoli\noqufo.exe <==== ATTENTION
Task: {8A5B8930-B87C-4694-A9BA-5E59479AF26E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {8ABEF781-5A61-4141-987D-C2580D9E9012} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {935014E2-ADA3-4FE9-8FD2-3F88E471F324} - System32\Tasks\Security Center Update - 3679279732 => C:\Users\Tonya\AppData\Roaming\Toraukha\eclua.exe <==== ATTENTION
Task: {93ADF068-877A-46EF-8ACA-DA85D2C1C236} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A79FF054-0F8F-425B-B657-107BB86E68B6} - System32\Tasks\Security Center Update - 2116572899 => C:\Users\Tonya\AppData\Roaming\Bydituty\sypelyi.exe <==== ATTENTION
Task: {B6ECE09F-1C16-4486-8C27-D6A3F3A73769} - System32\Tasks\Hewlett-Packard\HP Support Assistant\GetAssistance Maintenance Events => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe [2014-01-28] (Hewlett-Packard)
Task: {BAE65520-7F63-4FAC-A9C3-B246A5BE9BF9} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {BB78E370-B832-40E2-8449-6144608CF4C2} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{A972EA46-59C7-41EE-8DE2-DABBE96373B2}.exe
Task: {BE421926-22D6-4090-8337-5279B2D65E3D} - System32\Tasks\Security Center Update - 752721097 => C:\Users\Tonya\AppData\Roaming\Zoicges\ospay.exe <==== ATTENTION
Task: {BE7FBE83-B74E-4CD6-BC42-AB2D9D96B0D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {BF1301FC-CACC-469B-8D98-69D233B68CF4} - System32\Tasks\HPCeeScheduleForTonya => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {E11C96E4-5754-4C95-A9A7-DB4D998C16A7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA => C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-27] (Google Inc.)
Task: {E17BE537-A579-46D6-91B8-9E6E793A1746} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{811C1E3D-D79D-43AA-9B83-F85E3F6758A5}.exe
Task: {E620C7CC-F91C-4945-B1D9-3ED0C70F5395} - System32\Tasks\Security Center Update - 2120323033 => C:\Users\Tonya\AppData\Roaming\Iwficoom\tosakyu.exe <==== ATTENTION
Task: {E712C161-A4C5-495E-81B5-C3E50EF5CCC4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-01-28] (Microsoft)
Task: {EE8E9F6C-C058-4831-B3FF-0DA994108C9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09] (Google Inc.)
Task: {F9C407B2-E0DE-4F21-8506-B324AE681339} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core => C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{A972EA46-59C7-41EE-8DE2-DABBE96373B2}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{811C1E3D-D79D-43AA-9B83-F85E3F6758A5}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core.job => C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA.job => C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTonya.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Security Center Update - 1942578594.job => C:\Users\Tonya\AppData\Roaming\Nahoocme\iwupcuu.exe
Task: C:\Windows\Tasks\Security Center Update - 1986258550.job => C:\Users\Tonya\AppData\Roaming\Ydcoli\noqufo.exe
Task: C:\Windows\Tasks\Security Center Update - 2116572899.job => C:\Users\Tonya\AppData\Roaming\Bydituty\sypelyi.exe
Task: C:\Windows\Tasks\Security Center Update - 2120323033.job => C:\Users\Tonya\AppData\Roaming\Iwficoom\tosakyu.exe
Task: C:\Windows\Tasks\Security Center Update - 2727043745.job => C:\Users\Tonya\AppData\Roaming\Qasoku\syqyiza.exe
Task: C:\Windows\Tasks\Security Center Update - 2746006228.job => C:\Users\Tonya\AppData\Roaming\Fidiim\ukvoobw.exe
Task: C:\Windows\Tasks\Security Center Update - 3679279732.job => C:\Users\Tonya\AppData\Roaming\Toraukha\eclua.exe
Task: C:\Windows\Tasks\Security Center Update - 752721097.job => C:\Users\Tonya\AppData\Roaming\Zoicges\ospay.exe

==================== Loaded Modules (whitelisted) =============

2010-06-29 21:00 - 2010-06-29 21:00 - 00027192 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00292424 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegratorStub64.dll
2014-01-09 13:35 - 2014-01-09 13:34 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00548936 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00442952 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\HPG64.DLL
2012-10-08 12:43 - 2014-02-03 15:33 - 02552856 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2010-06-18 18:26 - 2010-06-18 18:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-06-18 18:26 - 2010-06-18 18:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 18:26 - 2010-06-18 18:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2013-04-25 15:22 - 2013-04-25 15:22 - 00137864 _____ () C:\Program Files (x86)\Ask.com\UpdateTask.exe
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-09 13:35 - 2014-01-09 13:34 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2014-02-01 04:11 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-01 04:11 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-01 04:11 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-01 04:11 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-01 04:11 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-10-22 14:37 - 2012-10-22 14:37 - 00166296 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
2009-01-10 05:32 - 2009-01-10 05:32 - 00011362 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
2009-06-22 13:42 - 2009-06-22 13:42 - 00043008 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
2010-09-23 09:52 - 2010-09-23 09:52 - 02537472 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll
2010-09-12 21:16 - 2010-09-12 21:16 - 02173952 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll
2010-09-13 00:12 - 2010-09-13 00:12 - 00744448 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll
2010-09-12 20:30 - 2010-09-12 20:30 - 09814016 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll
2010-09-12 19:51 - 2010-09-12 19:51 - 00399360 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll
2012-10-22 14:32 - 2012-10-22 14:32 - 00107008 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
2012-10-22 14:32 - 2012-10-22 14:32 - 00591360 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
2010-09-12 19:55 - 2010-09-12 19:55 - 01140224 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2014 02:17:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc000070a
Fault offset: 0x000000000005cf99
Faulting process id: 0x900
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (03/01/2014 02:33:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9906563

Error: (03/01/2014 02:33:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9906563

Error: (03/01/2014 02:33:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/01/2014 02:33:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9896501

Error: (03/01/2014 02:33:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9896501

Error: (03/01/2014 02:33:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/01/2014 02:33:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9886704

Error: (03/01/2014 02:33:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9886704

Error: (03/01/2014 02:33:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/02/2014 02:06:17 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053

Error: (03/02/2014 02:06:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

Error: (03/02/2014 02:05:38 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (03/02/2014 02:05:38 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (03/02/2014 02:05:18 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/02/2014 02:04:31 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:20:56 AM on ‎3/‎2/‎2014 was unexpected.

Error: (03/02/2014 01:20:55 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/02/2014 01:20:04 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:40:19 PM on ‎3/‎1/‎2014 was unexpected.

Error: (03/01/2014 07:44:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.

Error: (03/01/2014 05:02:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.


Microsoft Office Sessions:
=========================
Error: (02/24/2014 01:06:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 171186 seconds with 480 seconds of active time. This session ended with a crash.

Error: (01/30/2013 11:53:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 99408 seconds with 0 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 95%
Total physical RAM: 3002.93 MB
Available physical RAM: 137.25 MB
Total Pagefile: 6005.85 MB
Available Pagefile: 2007.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:216.46 GB) (Free:145.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.12 GB) (Free:2.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 92636A50)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=216 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
  • 0

#4
pystryker
Posted 02 March 2014 - 06:55 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello :)

Quite a bit to do here, so let's get started. :thumbsup:

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Program Uninstalls and Disable Chrome Plugins


Please uninstall the following programs from your computer:

  • Akamai Net Session
  • AVG Secure Search
  • Ask Toolbar
  • Ask Toolbar Updater
  • AVG Security Toolbar
  • RadioRage Internet Explorer Toolbar
  • Video Converter
  • Video Converter Bundle


Disable Chrome Plugins

Please disable the following plugins in Chrome by following the instructions below:

Start Chrome and type this into the address bar: chrome:plugins

This will display a page of all the installed plugins. Please disable the plugins in the list below by clicking the word Disable under each one.

If one of the plugins I've asked you to remove is not in the list, don't worry about it. Just move to the next one in the list. :)


  • Coupons Inc., Coupon Printer Manager Plugin
  • MindSpark Toolbar Platform Plugin Stub Plugin



Step 2:FRST Fix


  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
() C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(Akamai Technologies, Inc.) C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Ask.com\UpdateTask.exe
C:\Program Files (x86)\RadioRage_4j
C:\Users\Tonya\AppData\Local\Akamai
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Common Files\AVG Secure Search
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe [548936 2013-11-09] ()
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [RadioRage Search Scope Monitor] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrchMn.exe [44784 2013-11-09] (MindSpark)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe [30096 2013-11-09] (VER_COMPANY_NAME)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [xnakbmts] - C:\Users\Tonya\AppData\Local\fbtdmgtk.exe [145920 2014-02-27] ()
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [wbexhekv] - C:\Users\Tonya\AppData\Local\xgmuxkgb.exe [147456 2014-03-01] ()
C:\Users\Tonya\AppData\Local\fbtdmgtk.exe
C:\Users\Tonya\AppData\Local\xgmuxkgb.exe
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: {8f918ca0-64b3-11e2-ad90-60eb692c3b3a} - G:\LaunchU3.exe -a
SearchScopes: HKLM - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {09971cee-01b8-42bc-9d91-456b1faad6be} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...fr&d=2012-10-08 13:43:27&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {09971cee-01b8-42bc-9d91-456b1faad6be} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...fr&d=2012-10-08 13:43:27&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D8E7AAB5-D02B-452B-A57A-FF8228A7A0F9} URL = http://websearch.ask...22-699B2F53A7C2
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
FF SearchEngineOrder.1: Ask.com
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll (MindSpark)
FF SearchPlugin: C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-09]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-09]
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
c:\program files (x86)\common files\akamai
R2 RadioRage_4jService; C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe [44752 2013-11-09] (COMPANYVERS_NAME)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-09] (AVG Secure Search)
2014-03-02 02:12 - 2014-03-02 02:12 - 00115560 _____ () C:\Users\Tonya\AppData\Local\hrqtdpng.exe
2014-03-01 19:45 - 2014-03-01 19:45 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\icppaxrj.exe
2014-03-01 14:33 - 2014-03-01 14:33 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\incjxaph.exe
2014-03-01 07:24 - 2014-03-01 07:24 - 00147456 _____ () C:\Users\Tonya\AppData\Local\xgmuxkgb.exe
2014-02-28 13:43 - 2014-02-28 13:43 - 00150841 _____ () C:\Users\Tonya\AppData\Local\kjudtmpn.exe
2014-02-27 19:18 - 2014-02-27 19:18 - 00145920 _____ () C:\Users\Tonya\AppData\Local\fbtdmgtk.exe
2014-02-26 01:58 - 2014-02-26 01:58 - 00012326 _____ () C:\Users\Tonya\AppData\Local\tkjcpagd
2014-02-26 01:57 - 2014-02-26 01:57 - 00068161 _____ () C:\Users\Tonya\AppData\Local\fvkrjbsw
2014-01-31 14:21 - 2014-01-31 14:21 - 00000000 ____D () C:\Program Files (x86)\SweetPacks
2014-01-31 14:20 - 2014-01-31 14:20 - 00657840 _____ (Conduit) C:\Users\Tonya\Downloads\Video_Converter_TSV2382ZX.exe
2014-02-28 13:46 - 2014-02-28 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Qasoku
2014-02-28 12:13 - 2014-02-28 12:13 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Ydcoli
2014-02-27 21:33 - 2014-02-28 14:02 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Zoicges
2014-02-26 20:29 - 2014-02-28 13:00 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Nahoocme
2014-02-26 13:44 - 2014-02-26 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Bydituty
2014-02-26 12:14 - 2014-02-26 13:44 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Toraukha
2014-03-01 19:54 - 2014-03-01 19:51 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Fidiim
2014-03-01 08:22 - 2014-03-01 08:19 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Iwficoom
Task: {0715A1D8-7DE3-428E-AAD3-810DEF1448F1} - System32\Tasks\Security Center Update - 2746006228 => C:\Users\Tonya\AppData\Roaming\Fidiim\ukvoobw.exe <==== ATTENTION
Task: {08E5A261-98E1-4229-923A-AB99B6411D39} - System32\Tasks\Security Center Update - 1942578594 => C:\Users\Tonya\AppData\Roaming\Nahoocme\iwupcuu.exe <==== ATTENTION
Task: {13E41291-2290-41C6-AFA2-81D29A627397} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
Task: {1DF5B38E-77E0-4593-9261-EBCAF57CAD65} - System32\Tasks\Security Center Update - 2727043745 => C:\Users\Tonya\AppData\Roaming\Qasoku\syqyiza.exe <==== ATTENTION
Task: {6E571B2C-BFBF-48C5-928D-1D63BFF2FCFD} - System32\Tasks\Security Center Update - 1986258550 => C:\Users\Tonya\AppData\Roaming\Ydcoli\noqufo.exe <==== ATTENTION
Task: {935014E2-ADA3-4FE9-8FD2-3F88E471F324} - System32\Tasks\Security Center Update - 3679279732 => C:\Users\Tonya\AppData\Roaming\Toraukha\eclua.exe <==== ATTENTION
Task: {A79FF054-0F8F-425B-B657-107BB86E68B6} - System32\Tasks\Security Center Update - 2116572899 => C:\Users\Tonya\AppData\Roaming\Bydituty\sypelyi.exe <==== ATTENTION
Task: {BE421926-22D6-4090-8337-5279B2D65E3D} - System32\Tasks\Security Center Update - 752721097 => C:\Users\Tonya\AppData\Roaming\Zoicges\ospay.exe <==== ATTENTION
Task: {E620C7CC-F91C-4945-B1D9-3ED0C70F5395} - System32\Tasks\Security Center Update - 2120323033 => C:\Users\Tonya\AppData\Roaming\Iwficoom\tosakyu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1942578594.job => C:\Users\Tonya\AppData\Roaming\Nahoocme\iwupcuu.exe
Task: C:\Windows\Tasks\Security Center Update - 1986258550.job => C:\Users\Tonya\AppData\Roaming\Ydcoli\noqufo.exe
Task: C:\Windows\Tasks\Security Center Update - 2116572899.job => C:\Users\Tonya\AppData\Roaming\Bydituty\sypelyi.exe
Task: C:\Windows\Tasks\Security Center Update - 2120323033.job => C:\Users\Tonya\AppData\Roaming\Iwficoom\tosakyu.exe
Task: C:\Windows\Tasks\Security Center Update - 2727043745.job => C:\Users\Tonya\AppData\Roaming\Qasoku\syqyiza.exe
Task: C:\Windows\Tasks\Security Center Update - 2746006228.job => C:\Users\Tonya\AppData\Roaming\Fidiim\ukvoobw.exe
Task: C:\Windows\Tasks\Security Center Update - 3679279732.job => C:\Users\Tonya\AppData\Roaming\Toraukha\eclua.exe
Task: C:\Windows\Tasks\Security Center Update - 752721097.job => C:\Users\Tonya\AppData\Roaming\Zoicges\ospay.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00292424 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegratorStub64.dll
2014-01-09 13:35 - 2014-01-09 13:34 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00548936 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00442952 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\HPG64.DLL
2012-10-08 12:43 - 2014-02-03 15:33 - 02552856 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2013-04-25 15:22 - 2013-04-25 15:22 - 00137864 _____ () C:\Program Files (x86)\Ask.com\UpdateTask.exe
2014-01-09 13:35 - 2014-01-09 13:34 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


Posted Image

  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, "Pending, uncheck elements you don't want to remove."
    click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
This report is also saved at C:\AdwCleaner[R0].txt

Step 4: Junkware Removal Tool


Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Step 5: TDSSKiller



Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Put a checkmark beside loaded modules.

    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Posted Image

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


Things I need to see in your next post:

Fixlog.txt

AdwCleaner Log

Junkware Removal Tool Log

TDSSKiller Log

Question: How is the computer running now?
  • 0

#5
gmcube
Posted 02 March 2014 - 06:22 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
I only made it to a certain point.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2014 01
Ran by Tonya at 2014-03-02 17:33:13 Run:1
Running from C:\Users\Tonya\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
() C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(Akamai Technologies, Inc.) C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Ask.com\UpdateTask.exe
C:\Program Files (x86)\RadioRage_4j
C:\Users\Tonya\AppData\Local\Akamai
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Common Files\AVG Secure Search
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe [548936 2013-11-09] ()
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [RadioRage Search Scope Monitor] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrchMn.exe [44784 2013-11-09] (MindSpark)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe [30096 2013-11-09] (VER_COMPANY_NAME)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [xnakbmts] - C:\Users\Tonya\AppData\Local\fbtdmgtk.exe [145920 2014-02-27] ()
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [wbexhekv] - C:\Users\Tonya\AppData\Local\xgmuxkgb.exe [147456 2014-03-01] ()
C:\Users\Tonya\AppData\Local\fbtdmgtk.exe
C:\Users\Tonya\AppData\Local\xgmuxkgb.exe
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: {8f918ca0-64b3-11e2-ad90-60eb692c3b3a} - G:\LaunchU3.exe -a
SearchScopes: HKLM - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {09971cee-01b8-42bc-9d91-456b1faad6be} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...fr&d=2012-10-08 13:43:27&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {09971cee-01b8-42bc-9d91-456b1faad6be} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...fr&d=2012-10-08 13:43:27&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D8E7AAB5-D02B-452B-A57A-FF8228A7A0F9} URL = http://websearch.ask...22-699B2F53A7C2
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
FF SearchEngineOrder.1: Ask.com
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll (MindSpark)
FF SearchPlugin: C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-09]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-09]
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
c:\program files (x86)\common files\akamai
R2 RadioRage_4jService; C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe [44752 2013-11-09] (COMPANYVERS_NAME)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-09] (AVG Secure Search)
2014-03-02 02:12 - 2014-03-02 02:12 - 00115560 _____ () C:\Users\Tonya\AppData\Local\hrqtdpng.exe
2014-03-01 19:45 - 2014-03-01 19:45 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\icppaxrj.exe
2014-03-01 14:33 - 2014-03-01 14:33 - 00074600 _____ ( ) C:\Users\Tonya\AppData\Local\incjxaph.exe
2014-03-01 07:24 - 2014-03-01 07:24 - 00147456 _____ () C:\Users\Tonya\AppData\Local\xgmuxkgb.exe
2014-02-28 13:43 - 2014-02-28 13:43 - 00150841 _____ () C:\Users\Tonya\AppData\Local\kjudtmpn.exe
2014-02-27 19:18 - 2014-02-27 19:18 - 00145920 _____ () C:\Users\Tonya\AppData\Local\fbtdmgtk.exe
2014-02-26 01:58 - 2014-02-26 01:58 - 00012326 _____ () C:\Users\Tonya\AppData\Local\tkjcpagd
2014-02-26 01:57 - 2014-02-26 01:57 - 00068161 _____ () C:\Users\Tonya\AppData\Local\fvkrjbsw
2014-01-31 14:21 - 2014-01-31 14:21 - 00000000 ____D () C:\Program Files (x86)\SweetPacks
2014-01-31 14:20 - 2014-01-31 14:20 - 00657840 _____ (Conduit) C:\Users\Tonya\Downloads\Video_Converter_TSV2382ZX.exe
2014-02-28 13:46 - 2014-02-28 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Qasoku
2014-02-28 12:13 - 2014-02-28 12:13 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Ydcoli
2014-02-27 21:33 - 2014-02-28 14:02 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Zoicges
2014-02-26 20:29 - 2014-02-28 13:00 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Nahoocme
2014-02-26 13:44 - 2014-02-26 13:46 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Bydituty
2014-02-26 12:14 - 2014-02-26 13:44 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Toraukha
2014-03-01 19:54 - 2014-03-01 19:51 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Fidiim
2014-03-01 08:22 - 2014-03-01 08:19 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Iwficoom
Task: {0715A1D8-7DE3-428E-AAD3-810DEF1448F1} - System32\Tasks\Security Center Update - 2746006228 => C:\Users\Tonya\AppData\Roaming\Fidiim\ukvoobw.exe <==== ATTENTION
Task: {08E5A261-98E1-4229-923A-AB99B6411D39} - System32\Tasks\Security Center Update - 1942578594 => C:\Users\Tonya\AppData\Roaming\Nahoocme\iwupcuu.exe <==== ATTENTION
Task: {13E41291-2290-41C6-AFA2-81D29A627397} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
Task: {1DF5B38E-77E0-4593-9261-EBCAF57CAD65} - System32\Tasks\Security Center Update - 2727043745 => C:\Users\Tonya\AppData\Roaming\Qasoku\syqyiza.exe <==== ATTENTION
Task: {6E571B2C-BFBF-48C5-928D-1D63BFF2FCFD} - System32\Tasks\Security Center Update - 1986258550 => C:\Users\Tonya\AppData\Roaming\Ydcoli\noqufo.exe <==== ATTENTION
Task: {935014E2-ADA3-4FE9-8FD2-3F88E471F324} - System32\Tasks\Security Center Update - 3679279732 => C:\Users\Tonya\AppData\Roaming\Toraukha\eclua.exe <==== ATTENTION
Task: {A79FF054-0F8F-425B-B657-107BB86E68B6} - System32\Tasks\Security Center Update - 2116572899 => C:\Users\Tonya\AppData\Roaming\Bydituty\sypelyi.exe <==== ATTENTION
Task: {BE421926-22D6-4090-8337-5279B2D65E3D} - System32\Tasks\Security Center Update - 752721097 => C:\Users\Tonya\AppData\Roaming\Zoicges\ospay.exe <==== ATTENTION
Task: {E620C7CC-F91C-4945-B1D9-3ED0C70F5395} - System32\Tasks\Security Center Update - 2120323033 => C:\Users\Tonya\AppData\Roaming\Iwficoom\tosakyu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1942578594.job => C:\Users\Tonya\AppData\Roaming\Nahoocme\iwupcuu.exe
Task: C:\Windows\Tasks\Security Center Update - 1986258550.job => C:\Users\Tonya\AppData\Roaming\Ydcoli\noqufo.exe
Task: C:\Windows\Tasks\Security Center Update - 2116572899.job => C:\Users\Tonya\AppData\Roaming\Bydituty\sypelyi.exe
Task: C:\Windows\Tasks\Security Center Update - 2120323033.job => C:\Users\Tonya\AppData\Roaming\Iwficoom\tosakyu.exe
Task: C:\Windows\Tasks\Security Center Update - 2727043745.job => C:\Users\Tonya\AppData\Roaming\Qasoku\syqyiza.exe
Task: C:\Windows\Tasks\Security Center Update - 2746006228.job => C:\Users\Tonya\AppData\Roaming\Fidiim\ukvoobw.exe
Task: C:\Windows\Tasks\Security Center Update - 3679279732.job => C:\Users\Tonya\AppData\Roaming\Toraukha\eclua.exe
Task: C:\Windows\Tasks\Security Center Update - 752721097.job => C:\Users\Tonya\AppData\Roaming\Zoicges\ospay.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00292424 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegratorStub64.dll
2014-01-09 13:35 - 2014-01-09 13:34 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00548936 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
2013-11-09 11:26 - 2013-11-09 11:26 - 00442952 _____ () C:\Program Files (x86)\RadioRage_4j\bar\1.bin\HPG64.DLL
2012-10-08 12:43 - 2014-02-03 15:33 - 02552856 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2013-04-25 15:22 - 2013-04-25 15:22 - 00137864 _____ () C:\Program Files (x86)\Ask.com\UpdateTask.exe
2014-01-09 13:35 - 2014-01-09 13:34 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
End

*****************

C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe => No running process found
C:\Users\Tonya\AppData\Local\Akamai\netsession_win.exe => No running process found
C:\Program Files (x86)\Ask.com\Updater\Updater.exe => No running process found
[4020] C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe => Process closed successfully.
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe => No running process found
C:\Program Files (x86)\Ask.com\UpdateTask.exe => No running process found
C:\Program Files (x86)\RadioRage_4j => Moved successfully.
C:\Users\Tonya\AppData\Local\Akamai => Moved successfully.
"C:\Program Files (x86)\Ask.com" => File/Directory not found.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RadioRage Home Page Guard 64 bit => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RadioRage Search Scope Monitor => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RadioRage_4j Browser Plugin Loader => Unable to delete value
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Value deleted successfully.
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\Software\Microsoft\Windows\CurrentVersion\Run\\xnakbmts => Value deleted successfully.
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\Software\Microsoft\Windows\CurrentVersion\Run\\wbexhekv => Value deleted successfully.
C:\Users\Tonya\AppData\Local\fbtdmgtk.exe => Moved successfully.
C:\Users\Tonya\AppData\Local\xgmuxkgb.exe => Moved successfully.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3790915449-1485846204-445597675-1000 => Key not found.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f918ca0-64b3-11e2-ad90-60eb692c3b3a} => Key not found.
HKCR\CLSID\{8f918ca0-64b3-11e2-ad90-60eb692c3b3a} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} => Key deleted successfully.
HKCR\CLSID\{7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{09971cee-01b8-42bc-9d91-456b1faad6be} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} => Key deleted successfully.
HKCR\CLSID\{09971cee-01b8-42bc-9d91-456b1faad6be} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} => Key deleted successfully.
HKCR\CLSID\{7C39E801-41D6-44D6-A301-EA1B9EFA6CF1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8E7AAB5-D02B-452B-A57A-FF8228A7A0F9} => Key deleted successfully.
HKCR\CLSID\{D8E7AAB5-D02B-452B-A57A-FF8228A7A0F9} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48909954-14fb-4971-a7b3-47e7af10b38a} => Key not found.
HKCR\Wow6432Node\CLSID\{48909954-14fb-4971-a7b3-47e7af10b38a} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5848763c-2668-44ca-adbe-2999a6ee2858} => Key not found.
HKCR\Wow6432Node\CLSID\{5848763c-2668-44ca-adbe-2999a6ee2858} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Unable to delete value
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{78ba36c9-6036-482b-b48d-ecca6f964b84} => Unable to delete value
HKCR\Wow6432Node\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value deleted successfully.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.
HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner => Key not found.
HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol => Key not found.
HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin => Key not found.
C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll not found.
C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\searchplugins\avg-secure-search.xml => Moved successfully.
"C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml" => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\avg@toolbar => Unable to delete value
C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => Key not found.
"C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx" => File/Directory not found.
Akamai => Service not found.
"c:\program files (x86)\common files\akamai" => File/Directory not found.
RadioRage_4jService => Service not found.
vToolbarUpdater17.3.0 => Service not found.
"C:\Users\Tonya\AppData\Local\hrqtdpng.exe" => File/Directory not found.
C:\Users\Tonya\AppData\Local\icppaxrj.exe => Moved successfully.
C:\Users\Tonya\AppData\Local\incjxaph.exe => Moved successfully.
"C:\Users\Tonya\AppData\Local\xgmuxkgb.exe" => File/Directory not found.
C:\Users\Tonya\AppData\Local\kjudtmpn.exe => Moved successfully.
"C:\Users\Tonya\AppData\Local\fbtdmgtk.exe" => File/Directory not found.
C:\Users\Tonya\AppData\Local\tkjcpagd => Moved successfully.
C:\Users\Tonya\AppData\Local\fvkrjbsw => Moved successfully.
C:\Program Files (x86)\SweetPacks => Moved successfully.
C:\Users\Tonya\Downloads\Video_Converter_TSV2382ZX.exe => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Qasoku => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Ydcoli => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Zoicges => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Nahoocme => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Bydituty => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Toraukha => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Fidiim => Moved successfully.
C:\Users\Tonya\AppData\Roaming\Iwficoom => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0715A1D8-7DE3-428E-AAD3-810DEF1448F1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0715A1D8-7DE3-428E-AAD3-810DEF1448F1} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2746006228 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2746006228 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08E5A261-98E1-4229-923A-AB99B6411D39} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08E5A261-98E1-4229-923A-AB99B6411D39} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1942578594 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1942578594 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13E41291-2290-41C6-AFA2-81D29A627397} => Key not found.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DF5B38E-77E0-4593-9261-EBCAF57CAD65} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DF5B38E-77E0-4593-9261-EBCAF57CAD65} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2727043745 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2727043745 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E571B2C-BFBF-48C5-928D-1D63BFF2FCFD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E571B2C-BFBF-48C5-928D-1D63BFF2FCFD} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1986258550 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1986258550 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{935014E2-ADA3-4FE9-8FD2-3F88E471F324} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{935014E2-ADA3-4FE9-8FD2-3F88E471F324} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3679279732 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3679279732 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A79FF054-0F8F-425B-B657-107BB86E68B6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A79FF054-0F8F-425B-B657-107BB86E68B6} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2116572899 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2116572899 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE421926-22D6-4090-8337-5279B2D65E3D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE421926-22D6-4090-8337-5279B2D65E3D} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 752721097 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 752721097 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E620C7CC-F91C-4945-B1D9-3ED0C70F5395} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E620C7CC-F91C-4945-B1D9-3ED0C70F5395} => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2120323033 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2120323033 => Key deleted successfully.
C:\Windows\Tasks\Security Center Update - 1942578594.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1986258550.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2116572899.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2120323033.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2727043745.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2746006228.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3679279732.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 752721097.job => Moved successfully.
"C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegratorStub64.dll" => File/Directory not found.
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe" => File/Directory not found.
"C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe" => File/Directory not found.
"C:\Program Files (x86)\RadioRage_4j\bar\1.bin\HPG64.DLL" => File/Directory not found.
"C:\Program Files (x86)\AVG Secure Search\vprot.exe" => File/Directory not found.
"C:\Program Files (x86)\Ask.com\UpdateTask.exe" => File/Directory not found.
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll" => File/Directory not found.

==== End of Fixlog ====






adwcleaner seemed to hit a wall when it got to scanning the firewall policy part of the registry. It would just sit there at the same spot for a Really long time so I ended a bunch of processes to see if that would get it to budge,there was a cmd one that seemed to do the trick. Not sure if that was needed for this or not.




# AdwCleaner v3.020 - Report created 02/03/2014 at 17:40:20
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tonya - TONYA-PC
# Running from : C:\Users\Tonya\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\iMesh.lnk
File Found : C:\Users\Tonya\AppData\Local\Temp\Uninstall.exe
Folder Found C:\Program Files (x86)\FunWebProducts
Folder Found C:\Program Files (x86)\iMesh Applications
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Tonya\AppData\LocalLow\AVG Security Toolbar
Folder Found C:\Users\Tonya\AppData\LocalLow\CouponAlert_2p
Folder Found C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\RadioRage_4j

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\iWon
Key Found : HKCU\Software\AppDataLow\Software\RadioRage_4j
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\RadioRage_4j
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\RadioRage_4j
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKLM\Software\RadioRage_4j
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\prefs.js ]

Line Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "AVG Secure Search");
Line Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Line Found : user_pref("extensions.toolbar.mindspark._4jMembers_.lastActivePing", "1384230021930");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=CB237EB8-3F60-4BC5-897F-1F31FFB8232A&n=77fc72a3&p2=^ZU^zeb113^S05006^us_ZU^xdm918^S05006^us"[...]
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.hp.enabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.hp.lastGuardTime", -1008419631);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.hp.numGuards", 1);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.installation.contextKey", "");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.installation.installDate", "2013033123");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.installation.partnerId", "^ZU^zeb113^S05006^us_ZU^xdm918^S05006^us");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.installation.partnerSubId", "");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.installation.success", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.installation.toolbarId", "CB237EB8-3F60-4BC5-897F-1F31FFB8232A");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.lastActivePing", "1364787903043");
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.options.defaultSearch", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.options.homePageEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.options.keywordEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.options.tabEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._5mMembers_.weather.location", "19963");
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");

-\\ Google Chrome v

[ File : C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7967 octets] - [02/03/2014 17:40:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8027 octets] ##########


As for JRT, that only gave me a command prompt telling me something could not be found (it was there and gone too fast to get it word for word)

At the moment CPU usage is constantly at or near 100%
Should I continue to the TDSSKiller step anyway?

Edited by gmcube, 02 March 2014 - 06:55 PM.

  • 0

#6
pystryker
Posted 02 March 2014 - 06:49 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Ok, go ahead and run AdwCleaner again, and this time hit the Clean when it's finished. It will say "Pending, uncheck items you don't want to remove" but don't worry about unchecking anything, then hit the clean button. Please post the log when it's finished.

We'll hold off on JRT for the moment.

Go ahead and run TDSSKiller as well and post that log when it's finished. :thumbsup:
  • 0

#7
gmcube
Posted 02 March 2014 - 08:18 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
20:27:40.0590 6412 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:27:45.0106 6412 ============================================================
20:27:45.0106 6412 Current date / time: 2014/03/02 20:27:45.0106
20:27:45.0106 6412 SystemInfo:
20:27:45.0106 6412
20:27:45.0106 6412 OS Version: 6.1.7601 ServicePack: 1.0
20:27:45.0106 6412 Product type: Workstation
20:27:45.0106 6412 ComputerName: TONYA-PC
20:27:45.0113 6412 UserName: Tonya
20:27:45.0113 6412 Windows directory: C:\Windows
20:27:45.0113 6412 System windows directory: C:\Windows
20:27:45.0113 6412 Running under WOW64
20:27:45.0113 6412 Processor architecture: Intel x64
20:27:45.0113 6412 Number of processors: 1
20:27:45.0113 6412 Page size: 0x1000
20:27:45.0113 6412 Boot type: Normal boot
20:27:45.0113 6412 ============================================================
20:27:48.0472 6412 BG loaded
20:27:49.0680 6412 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:27:49.0734 6412 ============================================================
20:27:49.0734 6412 \Device\Harddisk0\DR0:
20:27:49.0734 6412 MBR partitions:
20:27:49.0734 6412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:27:49.0734 6412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B0EE000
20:27:49.0734 6412 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B152000, BlocksNum 0x203F800
20:27:49.0734 6412 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
20:27:49.0734 6412 ============================================================
20:27:49.0805 6412 C: <-> \Device\Harddisk0\DR0\Partition2
20:27:50.0112 6412 D: <-> \Device\Harddisk0\DR0\Partition3
20:27:50.0113 6412 ============================================================
20:27:50.0113 6412 Initialize success
20:27:50.0113 6412 ============================================================
20:29:15.0755 5612 ============================================================
20:29:15.0755 5612 Scan started
20:29:15.0755 5612 Mode: Manual; SigCheck; TDLFS;
20:29:15.0755 5612 ============================================================
20:29:22.0743 5612 ================ Scan system memory ========================
20:29:22.0743 5612 System memory - ok
20:29:22.0747 5612 ================ Scan services =============================
20:29:22.0981 5612 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:29:24.0176 5612 1394ohci - ok
20:29:24.0324 5612 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:29:24.0356 5612 ACPI - ok
20:29:24.0433 5612 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:29:24.0586 5612 AcpiPmi - ok
20:29:25.0297 5612 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:29:25.0362 5612 AdobeARMservice - ok
20:29:25.0748 5612 [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:29:25.0784 5612 AdobeFlashPlayerUpdateSvc - ok
20:29:25.0929 5612 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:29:25.0998 5612 adp94xx - ok
20:29:26.0093 5612 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:29:26.0120 5612 adpahci - ok
20:29:26.0182 5612 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:29:26.0199 5612 adpu320 - ok
20:29:26.0235 5612 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:29:26.0566 5612 AeLookupSvc - ok
20:29:26.0732 5612 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:29:26.0745 5612 AERTFilters - ok
20:29:26.0836 5612 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
20:29:27.0249 5612 AFD - ok
20:29:27.0345 5612 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:29:27.0412 5612 agp440 - ok
20:29:27.0561 5612 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:29:28.0316 5612 ALG - ok
20:29:28.0400 5612 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:29:28.0444 5612 aliide - ok
20:29:28.0532 5612 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:29:28.0587 5612 amdide - ok
20:29:28.0740 5612 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:29:29.0377 5612 AmdK8 - ok
20:29:29.0452 5612 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:29:29.0586 5612 AmdPPM - ok
20:29:29.0694 5612 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:29:29.0787 5612 amdsata - ok
20:29:29.0913 5612 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:29:29.0960 5612 amdsbs - ok
20:29:29.0992 5612 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:29:30.0007 5612 amdxata - ok
20:29:30.0104 5612 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:29:31.0070 5612 AppID - ok
20:29:31.0115 5612 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:29:31.0456 5612 AppIDSvc - ok
20:29:31.0561 5612 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:29:31.0918 5612 Appinfo - ok
20:29:32.0191 5612 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:29:32.0203 5612 Apple Mobile Device - ok
20:29:32.0316 5612 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:29:32.0348 5612 arc - ok
20:29:32.0388 5612 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:29:32.0528 5612 arcsas - ok
20:29:32.0736 5612 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:29:33.0044 5612 aspnet_state - ok
20:29:33.0159 5612 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:29:33.0387 5612 AsyncMac - ok
20:29:33.0483 5612 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:29:33.0498 5612 atapi - ok
20:29:33.0704 5612 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:29:34.0035 5612 AudioEndpointBuilder - ok
20:29:34.0136 5612 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:29:34.0386 5612 AudioSrv - ok
20:29:34.0887 5612 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:29:35.0433 5612 AVGIDSAgent - ok
20:29:35.0541 5612 [ 92B7689FBC131E143421A19C18320E34 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:29:35.0674 5612 AVGIDSDriver - ok
20:29:35.0823 5612 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
20:29:35.0947 5612 AVGIDSHA - ok
20:29:36.0049 5612 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
20:29:36.0122 5612 Avgldx64 - ok
20:29:36.0334 5612 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
20:29:36.0427 5612 Avgloga - ok
20:29:36.0488 5612 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
20:29:36.0554 5612 Avgmfx64 - ok
20:29:36.0653 5612 [ E191E443B0F7B05E784279A1C29B9D2A ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
20:29:36.0883 5612 Avgrkx64 - ok
20:29:36.0973 5612 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
20:29:37.0191 5612 Avgtdia - ok
20:29:37.0231 5612 [ D646FA5135A1CD795877AFE9D17FA9ED ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:29:37.0464 5612 avgwd - ok
20:29:37.0558 5612 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:29:38.0344 5612 AxInstSV - ok
20:29:38.0484 5612 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:29:39.0018 5612 b06bdrv - ok
20:29:39.0287 5612 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:29:40.0405 5612 b57nd60a - ok
20:29:41.0001 5612 [ F2E8CEFC8CF4D6454F4121C5FF93136A ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
20:29:41.0193 5612 BBSvc - ok
20:29:41.0474 5612 [ 6E1BCC590C9D30FEE8FC14DBD053CE94 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
20:29:41.0504 5612 BBUpdate - ok
20:29:41.0602 5612 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:29:41.0933 5612 BDESVC - ok
20:29:42.0050 5612 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:29:42.0306 5612 Beep - ok
20:29:42.0493 5612 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:29:42.0642 5612 BFE - ok
20:29:42.0724 5612 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:29:43.0215 5612 BITS - ok
20:29:43.0307 5612 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:29:44.0374 5612 blbdrive - ok
20:29:44.0542 5612 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:29:45.0316 5612 Bonjour Service - ok
20:29:45.0373 5612 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:29:46.0344 5612 bowser - ok
20:29:46.0464 5612 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:29:47.0636 5612 BrFiltLo - ok
20:29:47.0698 5612 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:29:48.0110 5612 BrFiltUp - ok
20:29:48.0221 5612 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:29:48.0630 5612 Browser - ok
20:29:48.0796 5612 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:29:49.0341 5612 Brserid - ok
20:29:49.0372 5612 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:29:49.0541 5612 BrSerWdm - ok
20:29:49.0585 5612 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:29:49.0854 5612 BrUsbMdm - ok
20:29:49.0899 5612 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:29:49.0992 5612 BrUsbSer - ok
20:29:50.0069 5612 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:29:50.0202 5612 BTHMODEM - ok
20:29:50.0266 5612 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:29:50.0411 5612 bthserv - ok
20:29:50.0495 5612 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:29:51.0122 5612 cdfs - ok
20:29:51.0266 5612 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:29:51.0415 5612 cdrom - ok
20:29:51.0485 5612 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:29:51.0850 5612 CertPropSvc - ok
20:29:51.0969 5612 [ 533328A3D9A9C286682525842547540C ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
20:29:52.0078 5612 CinemaNow Service - ok
20:29:52.0220 5612 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:29:52.0310 5612 circlass - ok
20:29:52.0412 5612 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:29:52.0502 5612 CLFS - ok
20:29:52.0681 5612 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:29:52.0732 5612 clr_optimization_v2.0.50727_32 - ok
20:29:52.0894 5612 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:29:52.0974 5612 clr_optimization_v2.0.50727_64 - ok
20:29:53.0110 5612 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:29:53.0379 5612 clr_optimization_v4.0.30319_32 - ok
20:29:53.0416 5612 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:29:53.0467 5612 clr_optimization_v4.0.30319_64 - ok
20:29:53.0576 5612 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:29:53.0795 5612 CmBatt - ok
20:29:53.0863 5612 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:29:53.0922 5612 cmdide - ok
20:29:54.0002 5612 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
20:29:54.0062 5612 CNG - ok
20:29:54.0128 5612 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:29:54.0195 5612 Compbatt - ok
20:29:54.0263 5612 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:29:54.0412 5612 CompositeBus - ok
20:29:54.0453 5612 COMSysApp - ok
20:29:54.0516 5612 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:29:54.0633 5612 crcdisk - ok
20:29:54.0765 5612 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:29:54.0943 5612 CryptSvc - ok
20:29:55.0121 5612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:29:55.0320 5612 DcomLaunch - ok
20:29:55.0491 5612 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:29:55.0901 5612 defragsvc - ok
20:29:56.0030 5612 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:29:56.0116 5612 DfsC - ok
20:29:56.0230 5612 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:29:56.0502 5612 Dhcp - ok
20:29:56.0564 5612 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:29:56.0743 5612 discache - ok
20:29:56.0910 5612 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:29:56.0956 5612 Disk - ok
20:29:57.0047 5612 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:29:57.0446 5612 Dnscache - ok
20:29:57.0563 5612 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:29:57.0725 5612 dot3svc - ok
20:29:57.0794 5612 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:29:58.0056 5612 DPS - ok
20:29:58.0135 5612 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:29:58.0190 5612 drmkaud - ok
20:29:58.0331 5612 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:29:58.0373 5612 DXGKrnl - ok
20:29:58.0426 5612 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:29:58.0757 5612 EapHost - ok
20:29:59.0104 5612 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:29:59.0341 5612 ebdrv - ok
20:29:59.0423 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
20:29:59.0547 5612 EFS - ok
20:29:59.0788 5612 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:30:00.0054 5612 ehRecvr - ok
20:30:00.0095 5612 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:30:00.0430 5612 ehSched - ok
20:30:00.0600 5612 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:30:01.0112 5612 elxstor - ok
20:30:01.0368 5612 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:30:01.0439 5612 EPSON_PM_RPCV4_01 - ok
20:30:01.0494 5612 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:30:01.0775 5612 ErrDev - ok
20:30:01.0886 5612 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:30:02.0130 5612 EventSystem - ok
20:30:02.0267 5612 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:30:02.0612 5612 exfat - ok
20:30:02.0712 5612 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:30:02.0791 5612 fastfat - ok
20:30:02.0890 5612 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:30:03.0273 5612 Fax - ok
20:30:03.0309 5612 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:30:03.0635 5612 fdc - ok
20:30:03.0698 5612 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:30:04.0415 5612 fdPHost - ok
20:30:04.0479 5612 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:30:04.0797 5612 FDResPub - ok
20:30:04.0837 5612 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:30:04.0885 5612 FileInfo - ok
20:30:04.0915 5612 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:30:05.0381 5612 Filetrace - ok
20:30:05.0410 5612 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:30:05.0530 5612 flpydisk - ok
20:30:05.0613 5612 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:30:05.0649 5612 FltMgr - ok
20:30:05.0836 5612 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:30:06.0102 5612 FontCache - ok
20:30:06.0183 5612 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:30:06.0212 5612 FontCache3.0.0.0 - ok
20:30:06.0255 5612 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:30:06.0282 5612 FsDepends - ok
20:30:06.0354 5612 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:30:06.0400 5612 fssfltr - ok
20:30:06.0563 5612 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:30:06.0745 5612 fsssvc - ok
20:30:06.0844 5612 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:30:06.0873 5612 Fs_Rec - ok
20:30:06.0944 5612 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:30:06.0975 5612 fvevol - ok
20:30:07.0005 5612 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:30:07.0059 5612 gagp30kx - ok
20:30:07.0862 5612 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:30:07.0884 5612 GameConsoleService - ok
20:30:07.0975 5612 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:30:07.0987 5612 GEARAspiWDM - ok
20:30:08.0150 5612 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:30:08.0489 5612 gpsvc - ok
20:30:08.0974 5612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:30:08.0986 5612 gupdate - ok
20:30:08.0997 5612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:30:09.0009 5612 gupdatem - ok
20:30:09.0092 5612 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:30:09.0417 5612 hcw85cir - ok
20:30:09.0511 5612 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:30:09.0578 5612 HdAudAddService - ok
20:30:09.0612 5612 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:30:09.0745 5612 HDAudBus - ok
20:30:09.0891 5612 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:30:09.0928 5612 HidBatt - ok
20:30:09.0960 5612 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:30:10.0745 5612 HidBth - ok
20:30:10.0959 5612 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:30:11.0413 5612 HidIr - ok
20:30:11.0467 5612 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:30:11.0645 5612 hidserv - ok
20:30:11.0813 5612 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:30:11.0971 5612 HidUsb - ok
20:30:12.0214 5612 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:30:12.0913 5612 hkmsvc - ok
20:30:13.0218 5612 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:30:13.0453 5612 HomeGroupListener - ok
20:30:13.0516 5612 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:30:13.0608 5612 HomeGroupProvider - ok
20:30:13.0988 5612 [ BE78357FB49759B79CCC01894BCFDDDB ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
20:30:14.0038 5612 HP Health Check Service - ok
20:30:14.0327 5612 [ 3A09322A8AA8B0C79036686A0EBE7B4C ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:30:14.0347 5612 HP Wireless Assistant Service - ok
20:30:14.0762 5612 [ 2DFB151FD34DF104DAC0ADF070EDA83C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:30:14.0802 5612 HPDrvMntSvc.exe - ok
20:30:15.0323 5612 [ 184C500CB9F69585F3FE85E1D2667CD8 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:30:15.0557 5612 hpqwmiex - ok
20:30:15.0630 5612 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:30:15.0660 5612 HpSAMD - ok
20:30:15.0745 5612 [ 5AA89E152634954E15E9DB265C6A8557 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:30:15.0755 5612 HPWMISVC - ok
20:30:15.0825 5612 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:30:16.0237 5612 HTTP - ok
20:30:16.0300 5612 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:30:16.0425 5612 hwpolicy - ok
20:30:16.0511 5612 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:30:16.0617 5612 i8042prt - ok
20:30:17.0115 5612 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:30:17.0217 5612 iaStor - ok
20:30:17.0374 5612 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:30:17.0410 5612 iaStorV - ok
20:30:17.0541 5612 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:30:17.0576 5612 idsvc - ok
20:30:17.0682 5612 IEEtwCollectorService - ok
20:30:18.0941 5612 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:30:19.0887 5612 igfx - ok
20:30:19.0913 5612 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:30:19.0928 5612 iirsp - ok
20:30:20.0057 5612 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
20:30:20.0371 5612 IKEEXT - ok
20:30:21.0743 5612 [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:30:22.0219 5612 IntcAzAudAddService - ok
20:30:22.0270 5612 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:30:22.0309 5612 intelide - ok
20:30:22.0359 5612 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:30:22.0827 5612 intelppm - ok
20:30:22.0904 5612 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:30:23.0767 5612 IPBusEnum - ok
20:30:23.0869 5612 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:30:24.0470 5612 IpFilterDriver - ok
20:30:24.0858 5612 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:30:25.0689 5612 iphlpsvc - ok
20:30:25.0820 5612 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:30:26.0379 5612 IPMIDRV - ok
20:30:26.0406 5612 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:30:27.0142 5612 IPNAT - ok
20:30:27.0405 5612 [ B6E8B931EFEF4112C6A401931627DC6B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:30:27.0438 5612 iPod Service - ok
20:30:27.0521 5612 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:30:28.0296 5612 IRENUM - ok
20:30:28.0470 5612 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:30:28.0900 5612 isapnp - ok
20:30:29.0203 5612 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:30:29.0387 5612 iScsiPrt - ok
20:30:29.0479 5612 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:30:29.0563 5612 kbdclass - ok
20:30:29.0688 5612 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:30:29.0907 5612 kbdhid - ok
20:30:29.0937 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
20:30:29.0956 5612 KeyIso - ok
20:30:30.0024 5612 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:30:30.0077 5612 KSecDD - ok
20:30:30.0126 5612 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:30:30.0187 5612 KSecPkg - ok
20:30:30.0232 5612 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:30:30.0580 5612 ksthunk - ok
20:30:30.0895 5612 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:30:31.0021 5612 KtmRm - ok
20:30:31.0111 5612 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:30:31.0347 5612 LanmanServer - ok
20:30:31.0387 5612 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:30:31.0577 5612 LanmanWorkstation - ok
20:30:31.0666 5612 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:30:32.0170 5612 lltdio - ok
20:30:32.0260 5612 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:30:32.0618 5612 lltdsvc - ok
20:30:32.0638 5612 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:30:32.0711 5612 lmhosts - ok
20:30:32.0816 5612 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:30:32.0833 5612 LSI_FC - ok
20:30:32.0855 5612 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:30:32.0873 5612 LSI_SAS - ok
20:30:32.0909 5612 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:30:32.0924 5612 LSI_SAS2 - ok
20:30:32.0942 5612 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:30:32.0957 5612 LSI_SCSI - ok
20:30:33.0093 5612 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:30:33.0237 5612 luafv - ok
20:30:33.0368 5612 [ 49F5B235EDC9C6AC0ABA44737B190317 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
20:30:33.0433 5612 McComponentHostService - ok
20:30:33.0536 5612 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:30:33.0632 5612 Mcx2Svc - ok
20:30:33.0677 5612 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:30:33.0704 5612 megasas - ok
20:30:33.0793 5612 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:30:33.0827 5612 MegaSR - ok
20:30:34.0092 5612 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:30:34.0173 5612 Microsoft Office Groove Audit Service - ok
20:30:34.0225 5612 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:30:34.0293 5612 MMCSS - ok
20:30:34.0344 5612 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:30:34.0644 5612 Modem - ok
20:30:34.0678 5612 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:30:34.0713 5612 monitor - ok
20:30:34.0740 5612 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:30:34.0755 5612 mouclass - ok
20:30:34.0787 5612 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:30:34.0908 5612 mouhid - ok
20:30:34.0970 5612 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:30:35.0007 5612 mountmgr - ok
20:30:35.0085 5612 [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:30:35.0179 5612 MozillaMaintenance - ok
20:30:35.0209 5612 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:30:35.0242 5612 mpio - ok
20:30:35.0288 5612 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:30:35.0391 5612 mpsdrv - ok
20:30:35.0474 5612 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:30:35.0741 5612 MpsSvc - ok
20:30:35.0832 5612 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:30:35.0972 5612 MRxDAV - ok
20:30:36.0040 5612 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:30:36.0332 5612 mrxsmb - ok
20:30:36.0431 5612 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:30:36.0551 5612 mrxsmb10 - ok
20:30:36.0596 5612 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:30:36.0639 5612 mrxsmb20 - ok
20:30:36.0694 5612 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:30:36.0751 5612 msahci - ok
20:30:36.0797 5612 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:30:36.0814 5612 msdsm - ok
20:30:36.0836 5612 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:30:36.0921 5612 MSDTC - ok
20:30:36.0972 5612 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:30:37.0043 5612 Msfs - ok
20:30:37.0091 5612 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:30:37.0184 5612 mshidkmdf - ok
20:30:37.0274 5612 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:30:37.0302 5612 msisadrv - ok
20:30:37.0338 5612 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:30:37.0733 5612 MSiSCSI - ok
20:30:37.0743 5612 msiserver - ok
20:30:37.0807 5612 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:30:38.0134 5612 MSKSSRV - ok
20:30:38.0261 5612 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:30:38.0544 5612 MSPCLOCK - ok
20:30:38.0572 5612 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:30:38.0814 5612 MSPQM - ok
20:30:38.0885 5612 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:30:38.0998 5612 MsRPC - ok
20:30:39.0048 5612 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:30:39.0061 5612 mssmbios - ok
20:30:39.0092 5612 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:30:39.0353 5612 MSTEE - ok
20:30:39.0374 5612 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:30:39.0501 5612 MTConfig - ok
20:30:39.0541 5612 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:30:39.0557 5612 Mup - ok
20:30:39.0694 5612 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:30:39.0938 5612 napagent - ok
20:30:39.0978 5612 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:30:40.0222 5612 NativeWifiP - ok
20:30:40.0369 5612 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:30:40.0481 5612 NDIS - ok
20:30:40.0809 5612 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:30:41.0342 5612 NdisCap - ok
20:30:41.0387 5612 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:30:41.0484 5612 NdisTapi - ok
20:30:41.0567 5612 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:30:41.0885 5612 Ndisuio - ok
20:30:41.0970 5612 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:30:42.0155 5612 NdisWan - ok
20:30:42.0224 5612 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:30:42.0532 5612 NDProxy - ok
20:30:42.0647 5612 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:30:42.0832 5612 NetBIOS - ok
20:30:42.0930 5612 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:30:43.0077 5612 NetBT - ok
20:30:43.0104 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
20:30:43.0162 5612 Netlogon - ok
20:30:43.0424 5612 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:30:43.0565 5612 Netman - ok
20:30:43.0662 5612 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:30:43.0698 5612 NetMsmqActivator - ok
20:30:43.0787 5612 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:30:43.0805 5612 NetPipeActivator - ok
20:30:43.0997 5612 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:30:44.0194 5612 netprofm - ok
20:30:44.0296 5612 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:30:44.0314 5612 NetTcpActivator - ok
20:30:44.0326 5612 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:30:44.0346 5612 NetTcpPortSharing - ok
20:30:46.0350 5612 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:30:46.0730 5612 netw5v64 - ok
20:30:46.0766 5612 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:30:46.0782 5612 nfrd960 - ok
20:30:46.0866 5612 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:30:46.0945 5612 NlaSvc - ok
20:30:47.0614 5612 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:30:47.0715 5612 NOBU - ok
20:30:47.0776 5612 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:30:47.0938 5612 Npfs - ok
20:30:47.0969 5612 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:30:48.0153 5612 nsi - ok
20:30:48.0200 5612 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:30:48.0369 5612 nsiproxy - ok
20:30:48.0720 5612 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:30:48.0829 5612 Ntfs - ok
20:30:48.0875 5612 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:30:49.0045 5612 Null - ok
20:30:49.0161 5612 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:30:49.0181 5612 nvraid - ok
20:30:49.0254 5612 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:30:49.0298 5612 nvstor - ok
20:30:49.0393 5612 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:30:49.0428 5612 nv_agp - ok
20:30:49.0835 5612 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:30:49.0897 5612 odserv - ok
20:30:49.0953 5612 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:30:50.0005 5612 ohci1394 - ok
20:30:50.0150 5612 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:30:50.0165 5612 ose - ok
20:30:50.0701 5612 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:30:51.0100 5612 osppsvc - ok
20:30:51.0187 5612 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:30:51.0256 5612 p2pimsvc - ok
20:30:51.0286 5612 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:30:51.0363 5612 p2psvc - ok
20:30:51.0400 5612 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:30:51.0464 5612 Parport - ok
20:30:51.0510 5612 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:30:51.0555 5612 partmgr - ok
20:30:51.0614 5612 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:30:51.0918 5612 PcaSvc - ok
20:30:51.0964 5612 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:30:51.0982 5612 pci - ok
20:30:52.0053 5612 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:30:52.0117 5612 pciide - ok
20:30:52.0217 5612 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:30:52.0269 5612 pcmcia - ok
20:30:52.0312 5612 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:30:52.0339 5612 pcw - ok
20:30:52.0368 5612 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:30:52.0497 5612 PEAUTH - ok
20:30:52.0977 5612 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:30:53.0102 5612 PerfHost - ok
20:30:53.0210 5612 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:30:53.0394 5612 pla - ok
20:30:53.0475 5612 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:30:53.0574 5612 PlugPlay - ok
20:30:53.0606 5612 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:30:53.0640 5612 PNRPAutoReg - ok
20:30:53.0681 5612 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:30:53.0807 5612 PNRPsvc - ok
20:30:53.0865 5612 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:30:54.0102 5612 PolicyAgent - ok
20:30:54.0184 5612 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:30:54.0359 5612 Power - ok
20:30:54.0439 5612 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:30:54.0501 5612 PptpMiniport - ok
20:30:54.0572 5612 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:30:54.0684 5612 Processor - ok
20:30:54.0794 5612 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:30:55.0147 5612 ProfSvc - ok
20:30:55.0172 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
20:30:55.0258 5612 ProtectedStorage - ok
20:30:55.0302 5612 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:30:55.0436 5612 Psched - ok
20:30:55.0626 5612 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:30:55.0791 5612 ql2300 - ok
20:30:55.0850 5612 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:30:55.0891 5612 ql40xx - ok
20:30:55.0970 5612 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:30:56.0033 5612 QWAVE - ok
20:30:56.0143 5612 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:30:56.0274 5612 QWAVEdrv - ok
20:30:56.0314 5612 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:30:56.0528 5612 RasAcd - ok
20:30:56.0577 5612 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:30:56.0772 5612 RasAgileVpn - ok
20:30:56.0856 5612 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:30:57.0051 5612 RasAuto - ok
20:30:57.0124 5612 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:30:57.0285 5612 Rasl2tp - ok
20:30:57.0452 5612 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:30:57.0671 5612 RasMan - ok
20:30:57.0732 5612 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:30:57.0934 5612 RasPppoe - ok
20:30:58.0001 5612 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:30:58.0113 5612 RasSstp - ok
20:30:58.0331 5612 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:30:58.0510 5612 rdbss - ok
20:30:58.0564 5612 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:30:58.0819 5612 rdpbus - ok
20:30:58.0870 5612 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:30:59.0001 5612 RDPCDD - ok
20:30:59.0043 5612 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:30:59.0177 5612 RDPENCDD - ok
20:30:59.0220 5612 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:30:59.0307 5612 RDPREFMP - ok
20:30:59.0343 5612 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:30:59.0551 5612 RDPWD - ok
20:30:59.0621 5612 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:30:59.0638 5612 rdyboost - ok
20:30:59.0725 5612 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:30:59.0829 5612 RemoteAccess - ok
20:30:59.0935 5612 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:31:00.0079 5612 RemoteRegistry - ok
20:31:00.0131 5612 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:31:00.0255 5612 RpcEptMapper - ok
20:31:00.0319 5612 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:31:00.0360 5612 RpcLocator - ok
20:31:00.0455 5612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:31:00.0754 5612 RpcSs - ok
20:31:00.0871 5612 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:31:01.0167 5612 rspndr - ok
20:31:01.0399 5612 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:31:01.0479 5612 RTL8167 - ok
20:31:01.0692 5612 [ CD8F32BB993B98E6705F11504A7F7250 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
20:31:01.0822 5612 rtl8192se - ok
20:31:02.0180 5612 [ 5FFF3E71B4724BB10918FD6DD7413D99 ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
20:31:02.0386 5612 RtVOsdService ( UnsignedFile.Multi.Generic ) - warning
20:31:02.0386 5612 RtVOsdService - detected UnsignedFile.Multi.Generic (1)
20:31:02.0439 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
20:31:02.0501 5612 SamSs - ok
20:31:02.0553 5612 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:31:03.0315 5612 sbp2port - ok
20:31:03.0488 5612 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:31:03.0607 5612 SCardSvr - ok
20:31:03.0724 5612 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:31:03.0844 5612 scfilter - ok
20:31:04.0335 5612 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:31:04.0507 5612 Schedule - ok
20:31:04.0637 5612 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:31:04.0718 5612 SCPolicySvc - ok
20:31:05.0145 5612 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:31:05.0210 5612 sdbus - ok
20:31:05.0255 5612 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:31:05.0563 5612 SDRSVC - ok
20:31:06.0107 5612 [ 98EF79CC2B07398AC525F9EA1AE0366F ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:31:06.0595 5612 SDScannerService - ok
20:31:06.0758 5612 [ 14BF6B3AB327D519ED007CDDC56F6900 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:31:07.0123 5612 SDUpdateService - ok
20:31:07.0244 5612 [ 820EBE67AB99F033FDE25B2692157991 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:31:07.0880 5612 SDWSCService - ok
20:31:07.0958 5612 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:31:08.0284 5612 secdrv - ok
20:31:08.0341 5612 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:31:08.0495 5612 seclogon - ok
20:31:08.0581 5612 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:31:08.0692 5612 SENS - ok
20:31:08.0778 5612 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:31:08.0918 5612 SensrSvc - ok
20:31:08.0987 5612 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:31:09.0320 5612 Serenum - ok
20:31:09.0403 5612 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:31:09.0503 5612 Serial - ok
20:31:09.0565 5612 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:31:09.0690 5612 sermouse - ok
20:31:09.0786 5612 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:31:09.0991 5612 SessionEnv - ok
20:31:10.0037 5612 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:31:10.0184 5612 sffdisk - ok
20:31:10.0214 5612 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:31:10.0374 5612 sffp_mmc - ok
20:31:10.0399 5612 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:31:10.0566 5612 sffp_sd - ok
20:31:10.0635 5612 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:31:10.0768 5612 sfloppy - ok
20:31:10.0852 5612 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:31:11.0157 5612 SharedAccess - ok
20:31:11.0268 5612 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:31:11.0525 5612 ShellHWDetection - ok
20:31:11.0598 5612 [ 7799106FEE728B907A86D9C9751E02D5 ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
20:31:11.0790 5612 silabenm - ok
20:31:11.0823 5612 [ 4AD84F9B367B89B48A3338E0AECA06B9 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
20:31:12.0075 5612 silabser - ok
20:31:12.0184 5612 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:31:12.0244 5612 SiSRaid2 - ok
20:31:12.0308 5612 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:31:12.0328 5612 SiSRaid4 - ok
20:31:12.0536 5612 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:31:12.0552 5612 SkypeUpdate - ok
20:31:12.0640 5612 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:31:12.0860 5612 Smb - ok
20:31:12.0973 5612 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:31:13.0038 5612 SNMPTRAP - ok
20:31:13.0084 5612 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:31:13.0193 5612 spldr - ok
20:31:13.0242 5612 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:31:13.0392 5612 Spooler - ok
20:31:13.0991 5612 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:31:14.0376 5612 sppsvc - ok
20:31:14.0462 5612 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:31:14.0821 5612 sppuinotify - ok
20:31:15.0057 5612 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:31:15.0518 5612 srv - ok
20:31:15.0701 5612 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:31:15.0883 5612 srv2 - ok
20:31:15.0967 5612 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:31:16.0122 5612 SrvHsfHDA - ok
20:31:16.0613 5612 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:31:16.0853 5612 SrvHsfV92 - ok
20:31:16.0921 5612 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:31:17.0071 5612 SrvHsfWinac - ok
20:31:17.0141 5612 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:31:17.0358 5612 srvnet - ok
20:31:17.0467 5612 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:31:17.0529 5612 SSDPSRV - ok
20:31:17.0563 5612 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:31:17.0673 5612 SstpSvc - ok
20:31:17.0709 5612 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:31:17.0744 5612 stexstor - ok
20:31:17.0964 5612 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:31:18.0055 5612 stisvc - ok
20:31:18.0227 5612 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:31:18.0336 5612 swenum - ok
20:31:18.0484 5612 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:31:18.0820 5612 swprv - ok
20:31:19.0074 5612 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:31:19.0151 5612 SynTP - ok
20:31:19.0297 5612 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:31:19.0550 5612 SysMain - ok
20:31:19.0624 5612 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:31:19.0945 5612 TabletInputService - ok
20:31:20.0082 5612 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:31:20.0236 5612 TapiSrv - ok
20:31:20.0282 5612 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:31:20.0361 5612 TBS - ok
20:31:20.0883 5612 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:31:20.0984 5612 Tcpip - ok
20:31:21.0326 5612 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:31:21.0422 5612 TCPIP6 - ok
20:31:21.0471 5612 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:31:21.0599 5612 tcpipreg - ok
20:31:21.0647 5612 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:31:21.0861 5612 TDPIPE - ok
20:31:21.0915 5612 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:31:22.0068 5612 TDTCP - ok
20:31:22.0144 5612 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:31:22.0439 5612 tdx - ok
20:31:22.0527 5612 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:31:22.0581 5612 TermDD - ok
20:31:22.0901 5612 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:31:23.0132 5612 TermService - ok
20:31:23.0170 5612 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:31:23.0244 5612 Themes - ok
20:31:23.0307 5612 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:31:23.0406 5612 THREADORDER - ok
20:31:23.0517 5612 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:31:23.0783 5612 TrkWks - ok
20:31:23.0866 5612 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:31:24.0123 5612 TrustedInstaller - ok
20:31:24.0183 5612 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:31:24.0318 5612 tssecsrv - ok
20:31:24.0450 5612 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:31:24.0543 5612 TsUsbFlt - ok
20:31:24.0804 5612 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:31:24.0979 5612 tunnel - ok
20:31:25.0089 5612 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:31:25.0109 5612 uagp35 - ok
20:31:25.0163 5612 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:31:25.0279 5612 udfs - ok
20:31:25.0344 5612 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:31:25.0406 5612 UI0Detect - ok
20:31:25.0467 5612 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:31:25.0523 5612 uliagpkx - ok
20:31:25.0581 5612 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:31:25.0706 5612 umbus - ok
20:31:25.0766 5612 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:31:25.0863 5612 UmPass - ok
20:31:25.0938 5612 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:31:26.0059 5612 upnphost - ok
20:31:26.0288 5612 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:31:26.0512 5612 usbaudio - ok
20:31:26.0626 5612 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
20:31:26.0863 5612 usbccgp - ok
20:31:26.0974 5612 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:31:27.0088 5612 usbcir - ok
20:31:27.0137 5612 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:31:27.0322 5612 usbehci - ok
20:31:27.0411 5612 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:31:27.0527 5612 usbhub - ok
20:31:27.0600 5612 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:31:27.0731 5612 usbohci - ok
20:31:27.0894 5612 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:31:28.0096 5612 usbprint - ok
20:31:28.0224 5612 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:31:28.0420 5612 usbscan - ok
20:31:28.0460 5612 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:31:28.0591 5612 USBSTOR - ok
20:31:28.0611 5612 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:31:28.0702 5612 usbuhci - ok
20:31:28.0933 5612 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:31:29.0220 5612 usbvideo - ok
20:31:29.0258 5612 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:31:29.0561 5612 UxSms - ok
20:31:29.0597 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
20:31:29.0674 5612 VaultSvc - ok
20:31:29.0756 5612 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:31:29.0795 5612 vdrvroot - ok
20:31:29.0838 5612 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:31:29.0911 5612 vds - ok
20:31:29.0998 5612 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:31:30.0058 5612 vga - ok
20:31:30.0082 5612 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:31:30.0137 5612 VgaSave - ok
20:31:30.0231 5612 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:31:30.0264 5612 vhdmp - ok
20:31:30.0305 5612 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:31:30.0362 5612 viaide - ok
20:31:30.0390 5612 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:31:30.0423 5612 volmgr - ok
20:31:30.0483 5612 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:31:30.0506 5612 volmgrx - ok
20:31:30.0537 5612 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:31:30.0557 5612 volsnap - ok
20:31:30.0620 5612 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:31:30.0654 5612 vsmraid - ok
20:31:30.0950 5612 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:31:31.0093 5612 VSS - ok
20:31:31.0118 5612 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:31:31.0218 5612 vwifibus - ok
20:31:31.0274 5612 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:31:31.0593 5612 vwififlt - ok
20:31:31.0740 5612 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:31:31.0953 5612 W32Time - ok
20:31:31.0990 5612 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:31:32.0125 5612 WacomPen - ok
20:31:32.0249 5612 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:31:32.0487 5612 WANARP - ok
20:31:32.0513 5612 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:31:32.0645 5612 Wanarpv6 - ok
20:31:32.0922 5612 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:31:32.0983 5612 WatAdminSvc - ok
20:31:33.0127 5612 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:31:33.0396 5612 wbengine - ok
20:31:33.0514 5612 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:31:33.0701 5612 WbioSrvc - ok
20:31:33.0742 5612 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:31:33.0927 5612 wcncsvc - ok
20:31:33.0977 5612 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:31:34.0307 5612 WcsPlugInService - ok
20:31:34.0368 5612 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:31:35.0124 5612 Wd - ok
20:31:35.0536 5612 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:31:35.0681 5612 Wdf01000 - ok
20:31:35.0754 5612 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:31:36.0028 5612 WdiServiceHost - ok
20:31:36.0058 5612 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:31:36.0132 5612 WdiSystemHost - ok
20:31:36.0204 5612 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
20:31:36.0233 5612 WebClient - ok
20:31:36.0292 5612 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:31:36.0561 5612 Wecsvc - ok
20:31:36.0599 5612 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:31:36.0652 5612 wercplsupport - ok
20:31:36.0772 5612 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:31:37.0177 5612 WerSvc - ok
20:31:37.0325 5612 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:31:37.0652 5612 WfpLwf - ok
20:31:37.0715 5612 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:31:37.0836 5612 WIMMount - ok
20:31:37.0947 5612 WinDefend - ok
20:31:38.0004 5612 WinHttpAutoProxySvc - ok
20:31:38.0232 5612 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:31:39.0177 5612 Winmgmt - ok
20:31:39.0425 5612 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:31:40.0203 5612 WinRM - ok
20:31:40.0291 5612 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:31:41.0343 5612 WinUsb - ok
20:31:43.0657 5612 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:31:44.0446 5612 Wlansvc - ok
20:31:45.0302 5612 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:31:45.0517 5612 wlcrasvc - ok
20:31:45.0732 5612 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:31:46.0747 5612 wlidsvc - ok
20:31:46.0918 5612 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:31:47.0528 5612 WmiAcpi - ok
20:31:47.0598 5612 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:31:47.0636 5612 wmiApSrv - ok
20:31:47.0676 5612 WMPNetworkSvc - ok
20:31:47.0726 5612 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:31:48.0104 5612 WPCSvc - ok
20:31:48.0143 5612 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:31:48.0218 5612 WPDBusEnum - ok
20:31:48.0253 5612 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:31:48.0514 5612 ws2ifsl - ok
20:31:48.0562 5612 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:31:48.0677 5612 wscsvc - ok
20:31:48.0691 5612 WSearch - ok
20:31:48.0971 5612 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:31:49.0226 5612 wuauserv - ok
20:31:49.0287 5612 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:31:49.0547 5612 WudfPf - ok
20:31:49.0748 5612 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:31:49.0787 5612 WUDFRd - ok
20:31:49.0841 5612 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:31:50.0304 5612 wudfsvc - ok
20:31:50.0434 5612 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:31:50.0515 5612 WwanSvc - ok
20:31:50.0599 5612 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:31:50.0987 5612 yukonw7 - ok
20:31:51.0028 5612 ================ Scan global ===============================
20:31:51.0059 5612 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:31:51.0121 5612 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
20:31:51.0140 5612 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
20:31:51.0172 5612 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:31:51.0209 5612 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:31:51.0214 5612 [Global] - ok
20:31:51.0219 5612 ================ Scan MBR ==================================
20:31:51.0234 5612 [ 42DA54E285353B2511826C8134391822 ] \Device\Harddisk0\DR0
20:31:51.0603 5612 \Device\Harddisk0\DR0 - ok
20:31:51.0607 5612 ================ Scan VBR ==================================
20:31:51.0612 5612 [ 81F6D32856C051A95121BBC99FC16EBC ] \Device\Harddisk0\DR0\Partition1
20:31:51.0613 5612 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
20:31:51.0613 5612 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b (0)
20:31:51.0647 5612 [ 935DCD9CDE25889510C924A89C07C207 ] \Device\Harddisk0\DR0\Partition2
20:31:51.0648 5612 \Device\Harddisk0\DR0\Partition2 - ok
20:31:51.0685 5612 [ 04332739EF5F3E22548A805785671296 ] \Device\Harddisk0\DR0\Partition3
20:31:51.0720 5612 \Device\Harddisk0\DR0\Partition3 - ok
20:31:51.0754 5612 [ 138813BCACD1AC69A6EB1F450BFF30C4 ] \Device\Harddisk0\DR0\Partition4
20:31:51.0755 5612 \Device\Harddisk0\DR0\Partition4 - ok
20:31:51.0762 5612 ================ Scan active images ========================
20:31:51.0766 5612 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
20:31:51.0766 5612 C:\Windows\System32\drivers\crashdmp.sys - ok
20:31:51.0780 5612 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] C:\Windows\System32\drivers\iaStor.sys
20:31:51.0780 5612 C:\Windows\System32\drivers\iaStor.sys - ok
20:31:51.0787 5612 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
20:31:51.0787 5612 C:\Windows\System32\drivers\dumpfve.sys - ok
20:31:51.0803 5612 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
20:31:51.0803 5612 C:\Windows\System32\drivers\beep.sys - ok
20:31:51.0813 5612 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
20:31:51.0813 5612 C:\Windows\System32\drivers\cdrom.sys - ok
20:31:51.0823 5612 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
20:31:51.0823 5612 C:\Windows\System32\drivers\videoprt.sys - ok
20:31:51.0833 5612 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
20:31:51.0833 5612 C:\Windows\System32\drivers\watchdog.sys - ok
20:31:51.0843 5612 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
20:31:51.0843 5612 C:\Windows\System32\drivers\vga.sys - ok
20:31:51.0853 5612 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
20:31:51.0853 5612 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:31:51.0863 5612 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
20:31:51.0863 5612 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:31:51.0872 5612 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
20:31:51.0872 5612 C:\Windows\System32\drivers\msfs.sys - ok
20:31:51.0882 5612 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
20:31:51.0882 5612 C:\Windows\System32\drivers\npfs.sys - ok
20:31:51.0892 5612 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
20:31:51.0892 5612 C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:31:51.0902 5612 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
20:31:51.0902 5612 C:\Windows\System32\drivers\tdi.sys - ok
20:31:51.0911 5612 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
20:31:51.0911 5612 C:\Windows\System32\drivers\tdx.sys - ok
20:31:51.0921 5612 [ 69BD90E337625F96C718CACE7A9C9E29 ] C:\Windows\System32\drivers\avgtdia.sys
20:31:51.0921 5612 C:\Windows\System32\drivers\avgtdia.sys - ok
20:31:51.0930 5612 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
20:31:51.0930 5612 C:\Windows\System32\drivers\netbt.sys - ok
20:31:51.0940 5612 [ 79059559E89D06E8B80CE2944BE20228 ] C:\Windows\System32\drivers\afd.sys
20:31:51.0940 5612 C:\Windows\System32\drivers\afd.sys - ok
20:31:51.0950 5612 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
20:31:51.0950 5612 C:\Windows\System32\drivers\wfplwf.sys - ok
20:31:51.0958 5612 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
20:31:51.0959 5612 C:\Windows\System32\drivers\pacer.sys - ok
20:31:51.0968 5612 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
20:31:51.0968 5612 C:\Windows\System32\drivers\vwififlt.sys - ok
20:31:51.0978 5612 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
20:31:51.0978 5612 C:\Windows\System32\drivers\netbios.sys - ok
20:31:51.0988 5612 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
20:31:51.0988 5612 C:\Windows\System32\drivers\wanarp.sys - ok
20:31:51.0999 5612 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
20:31:51.0999 5612 C:\Windows\System32\drivers\termdd.sys - ok
20:31:52.0007 5612 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
20:31:52.0007 5612 C:\Windows\System32\drivers\mssmbios.sys - ok
20:31:52.0020 5612 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
20:31:52.0020 5612 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:31:52.0028 5612 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
20:31:52.0028 5612 C:\Windows\System32\drivers\rdbss.sys - ok
20:31:52.0039 5612 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
20:31:52.0040 5612 C:\Windows\System32\drivers\discache.sys - ok
20:31:52.0050 5612 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
20:31:52.0050 5612 C:\Windows\System32\drivers\blbdrive.sys - ok
20:31:52.0058 5612 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
20:31:52.0058 5612 C:\Windows\System32\drivers\dfsc.sys - ok
20:31:52.0068 5612 [ FACD18A89FDEBC35C85CAF762B294BE2 ] C:\Windows\System32\drivers\avgldx64.sys
20:31:52.0068 5612 C:\Windows\System32\drivers\avgldx64.sys - ok
20:31:52.0077 5612 [ 92B7689FBC131E143421A19C18320E34 ] C:\Windows\System32\drivers\avgidsdrivera.sys
20:31:52.0077 5612 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
20:31:52.0089 5612 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
20:31:52.0089 5612 C:\Windows\System32\drivers\tunnel.sys - ok
20:31:52.0101 5612 [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll
20:31:52.0101 5612 C:\Windows\System32\ntdll.dll - ok
20:31:52.0111 5612 [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe
20:31:52.0111 5612 C:\Windows\System32\smss.exe - ok
20:31:52.0120 5612 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
20:31:52.0120 5612 C:\Windows\System32\drivers\CmBatt.sys - ok
20:31:52.0132 5612 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
20:31:52.0132 5612 C:\Windows\System32\drivers\intelppm.sys - ok
20:31:52.0141 5612 [ 677AA5991026A65ADA128C4B59CF2BAD ] C:\Windows\System32\drivers\igdkmd64.sys
20:31:52.0141 5612 C:\Windows\System32\drivers\igdkmd64.sys - ok
20:31:52.0151 5612 [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:31:52.0151 5612 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:31:52.0160 5612 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
20:31:52.0160 5612 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:31:52.0173 5612 [ 12FEB33791920678F8433701C822BCFD ] C:\Windows\System32\drivers\usbport.sys
20:31:52.0173 5612 C:\Windows\System32\drivers\usbport.sys - ok
20:31:52.0183 5612 [ DD253AFC3BC6CBA412342DE60C3647F3 ] C:\Windows\System32\drivers\usbuhci.sys
20:31:52.0183 5612 C:\Windows\System32\drivers\usbuhci.sys - ok
20:31:52.0193 5612 [ 18A85013A3E0F7E1755365D287443965 ] C:\Windows\System32\drivers\usbehci.sys
20:31:52.0193 5612 C:\Windows\System32\drivers\usbehci.sys - ok
20:31:52.0205 5612 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
20:31:52.0205 5612 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:31:52.0216 5612 [ CD8F32BB993B98E6705F11504A7F7250 ] C:\Windows\System32\drivers\rtl8192se.sys
20:31:52.0216 5612 C:\Windows\System32\drivers\rtl8192se.sys - ok
20:31:52.0226 5612 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
20:31:52.0226 5612 C:\Windows\System32\drivers\vwifibus.sys - ok
20:31:52.0235 5612 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] C:\Windows\System32\drivers\Rt64win7.sys
20:31:52.0235 5612 C:\Windows\System32\drivers\Rt64win7.sys - ok
20:31:52.0247 5612 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
20:31:52.0247 5612 C:\Windows\System32\drivers\i8042prt.sys - ok
20:31:52.0257 5612 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
20:31:52.0257 5612 C:\Windows\System32\drivers\kbdclass.sys - ok
20:31:52.0267 5612 [ 868DFB220A18312A12CEF01BA9AC069B ] C:\Windows\System32\drivers\SynTP.sys
20:31:52.0267 5612 C:\Windows\System32\drivers\SynTP.sys - ok
20:31:52.0277 5612 [ FFA06EF43987ED0DD42AD59B260C0C78 ] C:\Windows\System32\drivers\usbd.sys
20:31:52.0277 5612 C:\Windows\System32\drivers\usbd.sys - ok
20:31:52.0286 5612 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
20:31:52.0286 5612 C:\Windows\System32\drivers\mouclass.sys - ok
20:31:52.0296 5612 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:31:52.0296 5612 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:31:52.0306 5612 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
20:31:52.0306 5612 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:31:52.0315 5612 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
20:31:52.0315 5612 C:\Windows\System32\drivers\wmiacpi.sys - ok
20:31:52.0325 5612 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
20:31:52.0325 5612 C:\Windows\System32\drivers\agilevpn.sys - ok
20:31:52.0334 5612 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
20:31:52.0334 5612 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:31:52.0345 5612 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
20:31:52.0345 5612 C:\Windows\System32\drivers\ndistapi.sys - ok
20:31:52.0355 5612 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
20:31:52.0356 5612 C:\Windows\System32\drivers\ndiswan.sys - ok
20:31:52.0365 5612 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
20:31:52.0365 5612 C:\Windows\System32\drivers\raspppoe.sys - ok
20:31:52.0375 5612 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
20:31:52.0375 5612 C:\Windows\System32\drivers\raspptp.sys - ok
20:31:52.0388 5612 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
20:31:52.0389 5612 C:\Windows\System32\drivers\rassstp.sys - ok
20:31:52.0397 5612 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
20:31:52.0397 5612 C:\Windows\System32\drivers\ks.sys - ok
20:31:52.0407 5612 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
20:31:52.0407 5612 C:\Windows\System32\drivers\swenum.sys - ok
20:31:52.0417 5612 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
20:31:52.0417 5612 C:\Windows\System32\drivers\umbus.sys - ok
20:31:52.0426 5612 [ 8D1196CFBB223621F2C67D45710F25BA ] C:\Windows\System32\drivers\usbhub.sys
20:31:52.0426 5612 C:\Windows\System32\drivers\usbhub.sys - ok
20:31:52.0436 5612 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
20:31:52.0436 5612 C:\Windows\System32\drivers\ndproxy.sys - ok
20:31:52.0445 5612 [ E0D3CD5841E5C7BE7B94BA946AF1E498 ] C:\Windows\System32\drivers\drmk.sys
20:31:52.0445 5612 C:\Windows\System32\drivers\drmk.sys - ok
20:31:52.0455 5612 [ 1E0B4CBBA91C6B041A14ECC2186F7E24 ] C:\Windows\System32\drivers\portcls.sys
20:31:52.0455 5612 C:\Windows\System32\drivers\portcls.sys - ok
20:31:52.0464 5612 [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:31:52.0464 5612 C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:31:52.0474 5612 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
20:31:52.0474 5612 C:\Windows\System32\drivers\ksthunk.sys - ok
20:31:52.0484 5612 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
20:31:52.0484 5612 C:\Windows\System32\autochk.exe - ok
20:31:52.0494 5612 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
20:31:52.0494 5612 C:\Windows\System32\drivers\fastfat.sys - ok
20:31:52.0503 5612 [ 82446D358A9FB51CB9DA32A5C901D7A0 ] C:\Windows\System32\sdnclean64.exe
20:31:52.0503 5612 C:\Windows\System32\sdnclean64.exe - ok
20:31:52.0514 5612 [ 9D07036B26F23FA56A47DF732F3F5146 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
20:31:52.0514 5612 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
20:31:52.0524 5612 [ CA81F2ABE0FD82B6D9ECF07E80738780 ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
20:31:52.0524 5612 C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
20:31:52.0535 5612 [ B988968C8E5A6832CDDF05A74601CF7C ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
20:31:52.0535 5612 C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
20:31:52.0545 5612 [ 323336FB1DA273A0715844BC695951A0 ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
20:31:52.0545 5612 C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
20:31:52.0555 5612 [ 10BC927A9035AA6B244706D9C1641F16 ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll
20:31:52.0555 5612 C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok
20:31:52.0565 5612 [ 55DED6BDA026AEBEAB1FDA6E32D9F5B5 ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll
20:31:52.0565 5612 C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok
20:31:52.0574 5612 [ 4B969AA85CDE4FB9FBCA5F99A66C507B ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll
20:31:52.0574 5612 C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok
20:31:52.0584 5612 [ E55BCC2A12A124216D8B239DF60FDBC3 ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
20:31:52.0584 5612 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
20:31:52.0594 5612 [ 048831E0AAF099132BE332C477CDC2E4 ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
20:31:52.0594 5612 C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
20:31:52.0604 5612 [ 046DF7D9A474763B9A3D19B33AA278E3 ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
20:31:52.0604 5612 C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
20:31:52.0614 5612 [ 84A4EE57462C8483AAE3F1DF2D82F4ED ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
20:31:52.0614 5612 C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
20:31:52.0623 5612 [ C3299EB4427E4058A99A28B569B5E555 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
20:31:52.0623 5612 C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
20:31:52.0633 5612 [ 9A94644E2A9890FC9A7EE961057FFBA1 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
20:31:52.0633 5612 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
20:31:52.0643 5612 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
20:31:52.0643 5612 C:\Windows\System32\ws2_32.dll - ok
20:31:52.0652 5612 [ 22874047B810B5B174C68ACD7C0B6510 ] C:\Windows\System32\urlmon.dll
20:31:52.0652 5612 C:\Windows\System32\urlmon.dll - ok
20:31:52.0662 5612 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
20:31:52.0662 5612 C:\Windows\System32\nsi.dll - ok
20:31:52.0672 5612 [ D8973E71F1B35CD3F3DEA7C12D49D0F0 ] C:\Windows\System32\kernel32.dll
20:31:52.0672 5612 C:\Windows\System32\kernel32.dll - ok
20:31:52.0683 5612 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
20:31:52.0683 5612 C:\Windows\System32\clbcatq.dll - ok
20:31:52.0693 5612 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
20:31:52.0693 5612 C:\Windows\System32\setupapi.dll - ok
20:31:52.0702 5612 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
20:31:52.0702 5612 C:\Windows\System32\user32.dll - ok
20:31:52.0712 5612 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
20:31:52.0712 5612 C:\Windows\System32\usp10.dll - ok
20:31:52.0721 5612 [ 56325BB1FF19F2A5AC8713756AC41140 ] C:\Windows\System32\gdi32.dll
20:31:52.0721 5612 C:\Windows\System32\gdi32.dll - ok
20:31:52.0730 5612 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
20:31:52.0730 5612 C:\Windows\System32\msctf.dll - ok
20:31:52.0740 5612 [ 263B6E451526A90FF8B1CEC759F22956 ] C:\Windows\System32\wininet.dll
20:31:52.0740 5612 C:\Windows\System32\wininet.dll - ok
20:31:52.0748 5612 [ B4F29F65AD3114051F01E9403346047F ] C:\Windows\System32\imagehlp.dll
20:31:52.0749 5612 C:\Windows\System32\imagehlp.dll - ok
20:31:52.0759 5612 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
20:31:52.0759 5612 C:\Windows\System32\comdlg32.dll - ok
20:31:52.0767 5612 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
20:31:52.0767 5612 C:\Windows\System32\msvcrt.dll - ok
20:31:52.0777 5612 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
20:31:52.0777 5612 C:\Windows\System32\difxapi.dll - ok
20:31:52.0786 5612 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
20:31:52.0786 5612 C:\Windows\System32\imm32.dll - ok
20:31:52.0796 5612 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
20:31:52.0796 5612 C:\Windows\System32\normaliz.dll - ok
20:31:52.0806 5612 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
20:31:52.0806 5612 C:\Windows\System32\psapi.dll - ok
20:31:52.0815 5612 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
20:31:52.0815 5612 C:\Windows\System32\sechost.dll - ok
20:31:52.0826 5612 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
20:31:52.0826 5612 C:\Windows\System32\shlwapi.dll - ok
20:31:52.0836 5612 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
20:31:52.0837 5612 C:\Windows\System32\oleaut32.dll - ok
20:31:52.0846 5612 [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll
20:31:52.0846 5612 C:\Windows\System32\shell32.dll - ok
20:31:52.0856 5612 [ 6300AD525D639CECBB3D144B6D7B30F9 ] C:\Windows\System32\iertutil.dll
20:31:52.0856 5612 C:\Windows\System32\iertutil.dll - ok
20:31:52.0865 5612 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
20:31:52.0865 5612 C:\Windows\System32\ole32.dll - ok
20:31:52.0875 5612 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
20:31:52.0875 5612 C:\Windows\System32\Wldap32.dll - ok
20:31:52.0885 5612 [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll
20:31:52.0885 5612 C:\Windows\System32\advapi32.dll - ok
20:31:52.0894 5612 [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll
20:31:52.0894 5612 C:\Windows\System32\rpcrt4.dll - ok
20:31:52.0903 5612 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
20:31:52.0904 5612 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
20:31:52.0913 5612 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
20:31:52.0913 5612 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
20:31:52.0923 5612 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
20:31:52.0923 5612 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
20:31:52.0933 5612 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
20:31:52.0933 5612 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
20:31:52.0942 5612 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
20:31:52.0942 5612 C:\Windows\System32\cfgmgr32.dll - ok
20:31:52.0952 5612 [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll
20:31:52.0952 5612 C:\Windows\System32\KernelBase.dll - ok
20:31:52.0961 5612 [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll
20:31:52.0961 5612 C:\Windows\System32\lpk.dll - ok
20:31:52.0971 5612 [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll
20:31:52.0971 5612 C:\Windows\System32\wintrust.dll - ok
20:31:52.0982 5612 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
20:31:52.0982 5612 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
20:31:52.0991 5612 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
20:31:52.0991 5612 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
20:31:53.0002 5612 [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll
20:31:53.0002 5612 C:\Windows\System32\comctl32.dll - ok
20:31:53.0011 5612 [ 780F6ECC4F55D76C9730E6B6C9B31913 ] C:\Windows\System32\crypt32.dll
20:31:53.0011 5612 C:\Windows\System32\crypt32.dll - ok
20:31:53.0021 5612 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
20:31:53.0021 5612 C:\Windows\System32\devobj.dll - ok
20:31:53.0031 5612 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
20:31:53.0031 5612 C:\Windows\System32\msasn1.dll - ok
20:31:53.0040 5612 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
20:31:53.0040 5612 C:\Windows\SysWOW64\normaliz.dll - ok
20:31:53.0050 5612 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
20:31:53.0050 5612 C:\Windows\System32\drivers\dxapi.sys - ok
20:31:53.0058 5612 [ F2BF71FCEAB8FB8A691408C478E2FF4C ] C:\Windows\System32\win32k.sys
20:31:53.0058 5612 C:\Windows\System32\win32k.sys - ok
20:31:53.0068 5612 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
20:31:53.0068 5612 C:\Windows\System32\csrss.exe - ok
20:31:53.0077 5612 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
20:31:53.0077 5612 C:\Windows\System32\basesrv.dll - ok
20:31:53.0086 5612 [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll
20:31:53.0086 5612 C:\Windows\System32\csrsrv.dll - ok
20:31:53.0096 5612 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll
20:31:53.0096 5612 C:\Windows\System32\winsrv.dll - ok
20:31:53.0106 5612 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
20:31:53.0106 5612 C:\Windows\System32\drivers\monitor.sys - ok
20:31:53.0115 5612 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
20:31:53.0116 5612 C:\Windows\System32\tsddd.dll - ok
20:31:53.0124 5612 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
20:31:53.0125 5612 C:\Windows\System32\sxssrv.dll - ok
20:31:53.0134 5612 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
20:31:53.0134 5612 C:\Windows\System32\wininit.exe - ok
20:31:53.0145 5612 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
20:31:53.0145 5612 C:\Windows\System32\profapi.dll - ok
20:31:53.0154 5612 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
20:31:53.0154 5612 C:\Windows\System32\cdd.dll - ok
20:31:53.0165 5612 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
20:31:53.0165 5612 C:\Windows\System32\RpcRtRemote.dll - ok
20:31:53.0174 5612 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
20:31:53.0175 5612 C:\Windows\System32\winlogon.exe - ok
20:31:53.0184 5612 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
20:31:53.0184 5612 C:\Windows\System32\winsta.dll - ok
20:31:53.0194 5612 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
20:31:53.0194 5612 C:\Windows\System32\KBDUS.DLL - ok
20:31:53.0203 5612 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
20:31:53.0203 5612 C:\Windows\System32\WlS0WndH.dll - ok
20:31:53.0213 5612 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
20:31:53.0213 5612 C:\Windows\System32\sxs.dll - ok
20:31:53.0222 5612 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
20:31:53.0222 5612 C:\Windows\System32\cryptbase.dll - ok
20:31:53.0232 5612 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
20:31:53.0232 5612 C:\Windows\System32\apphelp.dll - ok
20:31:53.0242 5612 [ 4D71227301DD8D09097B9E4CC6527E5A ] C:\Windows\System32\lsass.exe
20:31:53.0242 5612 C:\Windows\System32\lsass.exe - ok
20:31:53.0251 5612 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
20:31:53.0251 5612 C:\Windows\System32\lsm.exe - ok
20:31:53.0260 5612 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
20:31:53.0260 5612 C:\Windows\System32\services.exe - ok
20:31:53.0270 5612 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
20:31:53.0270 5612 C:\Windows\System32\scesrv.dll - ok
20:31:53.0278 5612 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
20:31:53.0278 5612 C:\Windows\System32\scext.dll - ok
20:31:53.0288 5612 [ 208EAAFF40DA400190AA0605C797BEA2 ] C:\Windows\System32\secur32.dll
20:31:53.0288 5612 C:\Windows\System32\secur32.dll - ok
20:31:53.0297 5612 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
20:31:53.0297 5612 C:\Windows\System32\srvcli.dll - ok
20:31:53.0307 5612 [ B08EA91C774AA734E0B9881F85CD9F42 ] C:\Windows\System32\sspicli.dll
20:31:53.0307 5612 C:\Windows\System32\sspicli.dll - ok
20:31:53.0317 5612 [ 7C46EC9CCDE6E793713FA01DB2EB918E ] C:\Windows\System32\sspisrv.dll
20:31:53.0317 5612 C:\Windows\System32\sspisrv.dll - ok
20:31:53.0327 5612 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
20:31:53.0328 5612 C:\Windows\System32\sysntfy.dll - ok
20:31:53.0337 5612 [ 086F906B1D30C0A5D35FE0F6362DAB21 ] C:\Windows\System32\lsasrv.dll
20:31:53.0338 5612 C:\Windows\System32\lsasrv.dll - ok
20:31:53.0347 5612 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
20:31:53.0347 5612 C:\Windows\System32\wmsgapi.dll - ok
20:31:53.0356 5612 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
20:31:53.0356 5612 C:\Windows\System32\cryptdll.dll - ok
20:31:53.0366 5612 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
20:31:53.0366 5612 C:\Windows\System32\samsrv.dll - ok
20:31:53.0375 5612 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
20:31:53.0375 5612 C:\Windows\System32\wevtapi.dll - ok
20:31:53.0385 5612 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
20:31:53.0385 5612 C:\Windows\System32\cngaudit.dll - ok
20:31:53.0394 5612 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
20:31:53.0394 5612 C:\Windows\System32\authz.dll - ok
20:31:53.0404 5612 [ 747B9BA5412422F27934CB21131F0A3E ] C:\Windows\System32\ncrypt.dll
20:31:53.0404 5612 C:\Windows\System32\ncrypt.dll - ok
20:31:53.0413 5612 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
20:31:53.0413 5612 C:\Windows\System32\bcrypt.dll - ok
20:31:53.0423 5612 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
20:31:53.0423 5612 C:\Windows\System32\msprivs.dll - ok
20:31:53.0433 5612 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
20:31:53.0433 5612 C:\Windows\System32\netjoin.dll - ok
20:31:53.0442 5612 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
20:31:53.0442 5612 C:\Windows\System32\negoexts.dll - ok
20:31:53.0453 5612 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
20:31:53.0453 5612 C:\Windows\System32\kerberos.dll - ok
20:31:53.0462 5612 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
20:31:53.0462 5612 C:\Windows\System32\cryptsp.dll - ok
20:31:53.0473 5612 [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll
20:31:53.0473 5612 C:\Windows\System32\mswsock.dll - ok
20:31:53.0483 5612 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
20:31:53.0483 5612 C:\Windows\System32\msv1_0.dll - ok
20:31:53.0492 5612 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
20:31:53.0492 5612 C:\Windows\System32\netlogon.dll - ok
20:31:53.0502 5612 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
20:31:53.0502 5612 C:\Windows\System32\wship6.dll - ok
20:31:53.0512 5612 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
20:31:53.0512 5612 C:\Windows\System32\dnsapi.dll - ok
20:31:53.0521 5612 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
20:31:53.0521 5612 C:\Windows\System32\logoncli.dll - ok
20:31:53.0531 5612 [ 31FFED18C7B836CEC1B559347E32E151 ] C:\Windows\System32\schannel.dll
20:31:53.0531 5612 C:\Windows\System32\schannel.dll - ok
20:31:53.0540 5612 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
20:31:53.0540 5612 C:\Windows\System32\wdigest.dll - ok
20:31:53.0550 5612 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
20:31:53.0550 5612 C:\Windows\System32\rsaenh.dll - ok
20:31:53.0558 5612 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
20:31:53.0558 5612 C:\Windows\System32\pku2u.dll - ok
20:31:53.0567 5612 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
20:31:53.0567 5612 C:\Windows\System32\TSpkg.dll - ok
20:31:53.0577 5612 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
20:31:53.0577 5612 C:\Windows\System32\LIVESSP.DLL - ok
20:31:53.0586 5612 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
20:31:53.0586 5612 C:\Windows\System32\bcryptprimitives.dll - ok
20:31:53.0596 5612 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
20:31:53.0596 5612 C:\Windows\System32\efslsaext.dll - ok
20:31:53.0606 5612 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
20:31:53.0606 5612 C:\Windows\System32\credssp.dll - ok
20:31:53.0616 5612 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
20:31:53.0616 5612 C:\Windows\System32\scecli.dll - ok
20:31:53.0627 5612 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
20:31:53.0627 5612 C:\Windows\System32\ubpm.dll - ok
20:31:53.0636 5612 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
20:31:53.0636 5612 C:\Windows\System32\svchost.exe - ok
20:31:53.0646 5612 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
20:31:53.0646 5612 C:\Windows\System32\devrtl.dll - ok
20:31:53.0656 5612 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
20:31:53.0656 5612 C:\Windows\System32\gpapi.dll - ok
20:31:53.0666 5612 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
20:31:53.0666 5612 C:\Windows\System32\SPInf.dll - ok
20:31:53.0675 5612 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
20:31:53.0675 5612 C:\Windows\System32\umpnpmgr.dll - ok
20:31:53.0684 5612 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
20:31:53.0684 5612 C:\Windows\System32\userenv.dll - ok
20:31:53.0694 5612 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
20:31:53.0694 5612 C:\Windows\System32\pcwum.dll - ok
20:31:53.0703 5612 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
20:31:53.0703 5612 C:\Windows\System32\umpo.dll - ok
20:31:53.0712 5612 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
20:31:53.0712 5612 C:\Windows\System32\powrprof.dll - ok
20:31:53.0722 5612 [ E1BB958681BE311E7CFF06CFEC5F1F2B ] C:\Windows\System32\atmfd.dll
20:31:53.0722 5612 C:\Windows\System32\atmfd.dll - ok
20:31:53.0731 5612 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
20:31:53.0731 5612 C:\Windows\System32\drivers\luafv.sys - ok
20:31:53.0741 5612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
20:31:53.0741 5612 C:\Windows\System32\rpcss.dll - ok
20:31:53.0750 5612 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
20:31:53.0750 5612 C:\Windows\System32\RpcEpMap.dll - ok
20:31:53.0760 5612 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
20:31:53.0760 5612 C:\Windows\System32\WSHTCPIP.DLL - ok
20:31:53.0772 5612 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
20:31:53.0772 5612 C:\Windows\System32\wshqos.dll - ok
20:31:53.0798 5612 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
20:31:53.0798 5612 C:\Windows\System32\FirewallAPI.dll - ok
20:31:53.0807 5612 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
20:31:53.0807 5612 C:\Windows\System32\version.dll - ok
20:31:53.0817 5612 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
20:31:53.0817 5612 C:\Windows\System32\LogonUI.exe - ok
20:31:53.0826 5612 [ 34152997FB906895290E0199AC94B85F ] C:\Windows\System32\authui.dll
20:31:53.0826 5612 C:\Windows\System32\authui.dll - ok
20:31:53.0835 5612 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
20:31:53.0835 5612 C:\Windows\System32\cryptui.dll - ok
20:31:53.0845 5612 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:31:53.0845 5612 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:31:53.0855 5612 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
20:31:53.0855 5612 C:\Windows\System32\shacct.dll - ok
20:31:53.0864 5612 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
20:31:53.0865 5612 C:\Windows\System32\propsys.dll - ok
20:31:53.0874 5612 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
20:31:53.0874 5612 C:\Windows\System32\samlib.dll - ok
20:31:53.0883 5612 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
20:31:53.0883 5612 C:\Windows\System32\uxtheme.dll - ok
20:31:53.0893 5612 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
20:31:53.0893 5612 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
20:31:53.0903 5612 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
20:31:53.0903 5612 C:\Windows\System32\dui70.dll - ok
20:31:53.0912 5612 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
20:31:53.0912 5612 C:\Windows\System32\duser.dll - ok
20:31:53.0921 5612 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
20:31:53.0922 5612 C:\Windows\System32\hid.dll - ok
20:31:53.0931 5612 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
20:31:53.0931 5612 C:\Windows\System32\MMDevAPI.dll - ok
20:31:53.0940 5612 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
20:31:53.0940 5612 C:\Windows\System32\SndVolSSO.dll - ok
20:31:53.0950 5612 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
20:31:53.0950 5612 C:\Windows\System32\dwmapi.dll - ok
20:31:53.0960 5612 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
20:31:53.0960 5612 C:\Windows\System32\xmllite.dll - ok
20:31:53.0971 5612 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
20:31:53.0971 5612 C:\Windows\System32\wevtsvc.dll - ok
20:31:53.0981 5612 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
20:31:53.0981 5612 C:\Windows\System32\audiosrv.dll - ok
20:31:53.0990 5612 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
20:31:53.0990 5612 C:\Windows\System32\avrt.dll - ok
20:31:53.0999 5612 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
20:31:54.0000 5612 C:\Windows\System32\WindowsCodecs.dll - ok
20:31:54.0007 5612 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
20:31:54.0008 5612 C:\Windows\System32\FntCache.dll - ok
20:31:54.0017 5612 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
20:31:54.0017 5612 C:\Windows\System32\netprofm.dll - ok
20:31:54.0027 5612 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
20:31:54.0027 5612 C:\Windows\System32\VaultCredProvider.dll - ok
20:31:54.0036 5612 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
20:31:54.0036 5612 C:\Windows\System32\winbrand.dll - ok
20:31:54.0046 5612 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
20:31:54.0046 5612 C:\Windows\System32\wtsapi32.dll - ok
20:31:54.0056 5612 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
20:31:54.0056 5612 C:\Windows\System32\BioCredProv.dll - ok
20:31:54.0065 5612 [ 8563BA40DF4F1E93A61B70E2C8B60CF8 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:31:54.0066 5612 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:31:54.0075 5612 [ 4403D5ECE7D8323CAF1207D1AA38FA01 ] C:\Windows\System32\credui.dll
20:31:54.0075 5612 C:\Windows\System32\credui.dll - ok
20:31:54.0084 5612 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
20:31:54.0084 5612 C:\Windows\System32\netapi32.dll - ok
20:31:54.0094 5612 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
20:31:54.0095 5612 C:\Windows\System32\netutils.dll - ok
20:31:54.0104 5612 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
20:31:54.0104 5612 C:\Windows\System32\vaultcli.dll - ok
20:31:54.0114 5612 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
20:31:54.0114 5612 C:\Windows\System32\winbio.dll - ok
20:31:54.0125 5612 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
20:31:54.0125 5612 C:\Windows\System32\wkscli.dll - ok
20:31:54.0134 5612 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
20:31:54.0134 5612 C:\Windows\System32\samcli.dll - ok
20:31:54.0144 5612 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
20:31:54.0144 5612 C:\Windows\System32\certCredProvider.dll - ok
20:31:54.0154 5612 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
20:31:54.0154 5612 C:\Windows\System32\adtschema.dll - ok
20:31:54.0164 5612 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:31:54.0164 5612 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:31:54.0174 5612 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
20:31:54.0174 5612 C:\Windows\System32\mmcss.dll - ok
20:31:54.0183 5612 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
20:31:54.0183 5612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
20:31:54.0193 5612 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
20:31:54.0193 5612 C:\Windows\System32\audiodg.exe - ok
20:31:54.0202 5612 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
20:31:54.0202 5612 C:\Windows\System32\wlansvc.dll - ok
20:31:54.0212 5612 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
20:31:54.0212 5612 C:\Windows\System32\drivers\fltMgr.sys - ok
20:31:54.0222 5612 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
20:31:54.0222 5612 C:\Windows\System32\gpsvc.dll - ok
20:31:54.0231 5612 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
20:31:54.0231 5612 C:\Windows\System32\atl.dll - ok
20:31:54.0240 5612 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
20:31:54.0241 5612 C:\Windows\System32\nlaapi.dll - ok
20:31:54.0251 5612 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
20:31:54.0251 5612 C:\Windows\System32\profsvc.dll - ok
20:31:54.0260 5612 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
20:31:54.0260 5612 C:\Windows\System32\PSHED.DLL - ok
20:31:54.0271 5612 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
20:31:54.0271 5612 C:\Windows\System32\ntmarta.dll - ok
20:31:54.0280 5612 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
20:31:54.0280 5612 C:\Windows\System32\themeservice.dll - ok
20:31:54.0290 5612 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
20:31:54.0290 5612 C:\Windows\System32\rasapi32.dll - ok
20:31:54.0299 5612 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
20:31:54.0300 5612 C:\Windows\System32\rasman.dll - ok
20:31:54.0309 5612 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
20:31:54.0309 5612 C:\Windows\System32\rasplap.dll - ok
20:31:54.0318 5612 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
20:31:54.0318 5612 C:\Windows\System32\rtutils.dll - ok
20:31:54.0327 5612 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
20:31:54.0327 5612 C:\Windows\System32\dsrole.dll - ok
20:31:54.0336 5612 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
20:31:54.0336 5612 C:\Windows\System32\slc.dll - ok
20:31:54.0346 5612 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
20:31:54.0346 5612 C:\Windows\System32\es.dll - ok
20:31:54.0355 5612 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
20:31:54.0356 5612 C:\Windows\System32\comres.dll - ok
20:31:54.0365 5612 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:31:54.0365 5612 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:31:54.0375 5612 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
20:31:54.0375 5612 C:\Windows\System32\Sens.dll - ok
20:31:54.0385 5612 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
20:31:54.0385 5612 C:\Windows\System32\uxsms.dll - ok
20:31:54.0394 5612 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
20:31:54.0394 5612 C:\Windows\System32\drivers\lltdio.sys - ok
20:31:54.0405 5612 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
20:31:54.0405 5612 C:\Windows\System32\drivers\nwifi.sys - ok
20:31:54.0416 5612 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
20:31:54.0416 5612 C:\Windows\System32\drivers\ndisuio.sys - ok
20:31:54.0425 5612 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
20:31:54.0425 5612 C:\Windows\System32\drivers\rspndr.sys - ok
20:31:54.0435 5612 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
20:31:54.0435 5612 C:\Windows\System32\lmhsvc.dll - ok
20:31:54.0444 5612 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
20:31:54.0444 5612 C:\Windows\System32\nsisvc.dll - ok
20:31:54.0454 5612 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
20:31:54.0454 5612 C:\Windows\System32\dnsrslvr.dll - ok
20:31:54.0464 5612 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
20:31:54.0464 5612 C:\Windows\System32\keyiso.dll - ok
20:31:54.0473 5612 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
20:31:54.0473 5612 C:\Windows\System32\winnsi.dll - ok
20:31:54.0483 5612 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
20:31:54.0483 5612 C:\Windows\System32\eapphost.dll - ok
20:31:54.0492 5612 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
20:31:54.0492 5612 C:\Windows\System32\eapsvc.dll - ok
20:31:54.0502 5612 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
20:31:54.0502 5612 C:\Windows\System32\IPHLPAPI.DLL - ok
20:31:54.0511 5612 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
20:31:54.0511 5612 C:\Windows\System32\umb.dll - ok
20:31:54.0520 5612 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
20:31:54.0520 5612 C:\Windows\System32\wlanmsm.dll - ok
20:31:54.0530 5612 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
20:31:54.0530 5612 C:\Windows\System32\dhcpcsvc.dll - ok
20:31:54.0539 5612 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
20:31:54.0539 5612 C:\Windows\System32\eappprxy.dll - ok
20:31:54.0550 5612 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
20:31:54.0550 5612 C:\Windows\System32\onex.dll - ok
20:31:54.0560 5612 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
20:31:54.0560 5612 C:\Windows\System32\wlansec.dll - ok
20:31:54.0568 5612 [ D07EB640618F96490DB88C3CE58DB608 ] C:\Windows\System32\FWPUCLNT.DLL
20:31:54.0568 5612 C:\Windows\System32\FWPUCLNT.DLL - ok
20:31:54.0579 5612 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
20:31:54.0580 5612 C:\Windows\System32\winmm.dll - ok
20:31:54.0587 5612 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
20:31:54.0588 5612 C:\Windows\System32\eappcfg.dll - ok
20:31:54.0599 5612 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
20:31:54.0599 5612 C:\Windows\System32\dnsext.dll - ok
20:31:54.0609 5612 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
20:31:54.0609 5612 C:\Windows\System32\UXInit.dll - ok
20:31:54.0617 5612 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
20:31:54.0617 5612 C:\Windows\System32\wdmaud.drv - ok
20:31:54.0627 5612 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
20:31:54.0627 5612 C:\Windows\System32\nrpsrv.dll - ok
20:31:54.0636 5612 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
20:31:54.0636 5612 C:\Windows\System32\wlgpclnt.dll - ok
20:31:54.0646 5612 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
20:31:54.0646 5612 C:\Windows\System32\dhcpcore.dll - ok
20:31:54.0656 5612 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
20:31:54.0656 5612 C:\Windows\System32\l2gpstore.dll - ok
20:31:54.0665 5612 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
20:31:54.0665 5612 C:\Windows\System32\MPSSVC.dll - ok
20:31:54.0675 5612 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
20:31:54.0675 5612 C:\Windows\System32\dhcpcore6.dll - ok
20:31:54.0684 5612 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
20:31:54.0684 5612 C:\Windows\System32\WinSCard.dll - ok
20:31:54.0694 5612 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
20:31:54.0694 5612 C:\Windows\System32\wlanutil.dll - ok
20:31:54.0704 5612 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
20:31:54.0704 5612 C:\Windows\System32\msxml6.dll - ok
20:31:54.0713 5612 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
20:31:54.0713 5612 C:\Windows\System32\dhcpcsvc6.dll - ok
20:31:54.0722 5612 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
20:31:54.0722 5612 C:\Windows\System32\ksuser.dll - ok
20:31:54.0733 5612 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
20:31:54.0733 5612 C:\Windows\System32\shsvcs.dll - ok
20:31:54.0743 5612 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
20:31:54.0743 5612 C:\Windows\System32\schedsvc.dll - ok
20:31:54.0753 5612 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
20:31:54.0753 5612 C:\Windows\System32\ktmw32.dll - ok
20:31:54.0762 5612 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
20:31:54.0763 5612 C:\Windows\System32\fveapi.dll - ok
20:31:54.0772 5612 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
20:31:54.0772 5612 C:\Windows\System32\fvecerts.dll - ok
20:31:54.0782 5612 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
20:31:54.0782 5612 C:\Windows\System32\taskcomp.dll - ok
20:31:54.0791 5612 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
20:31:54.0791 5612 C:\Windows\System32\tbs.dll - ok
20:31:54.0801 5612 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
20:31:54.0801 5612 C:\Windows\System32\AudioSes.dll - ok
20:31:54.0810 5612 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
20:31:54.0810 5612 C:\Windows\System32\msacm32.drv - ok
20:31:54.0820 5612 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
20:31:54.0820 5612 C:\Windows\System32\msacm32.dll - ok
20:31:54.0828 5612 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
20:31:54.0829 5612 C:\Windows\System32\midimap.dll - ok
20:31:54.0838 5612 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
20:31:54.0838 5612 C:\Windows\System32\wiarpc.dll - ok
20:31:54.0847 5612 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
20:31:54.0847 5612 C:\Windows\System32\oleacc.dll - ok
20:31:54.0857 5612 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
20:31:54.0857 5612 C:\Windows\System32\UIAutomationCore.dll - ok
20:31:54.0866 5612 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
20:31:54.0867 5612 C:\Windows\System32\AudioEng.dll - ok
20:31:54.0876 5612 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
20:31:54.0876 5612 C:\Windows\System32\imageres.dll - ok
20:31:54.0885 5612 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
20:31:54.0885 5612 C:\Windows\System32\AUDIOKSE.dll - ok
20:31:54.0897 5612 [ C95EA36228E0174AC53DC57530549AAF ] C:\Windows\System32\RtkAPO64.dll
20:31:54.0897 5612 C:\Windows\System32\RtkAPO64.dll - ok
20:31:54.0906 5612 [ 973ADB6AD47AC047F900C0D760AB6BE2 ] C:\Windows\System32\AERTAR64.dll
20:31:54.0906 5612 C:\Windows\System32\AERTAR64.dll - ok
20:31:54.0916 5612 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
20:31:54.0916 5612 C:\Windows\System32\drivers\http.sys - ok
20:31:54.0926 5612 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
20:31:54.0926 5612 C:\Windows\System32\spoolsv.exe - ok
20:31:54.0936 5612 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
20:31:54.0936 5612 C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:31:54.0945 5612 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
20:31:54.0946 5612 C:\Windows\System32\netcfgx.dll - ok
20:31:54.0955 5612 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
20:31:54.0955 5612 C:\Windows\System32\mfplat.dll - ok
20:31:54.0964 5612 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
20:31:54.0964 5612 C:\Windows\System32\BFE.DLL - ok
20:31:54.0973 5612 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
20:31:54.0973 5612 C:\Windows\System32\drivers\bowser.sys - ok
20:31:54.0983 5612 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
20:31:54.0983 5612 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:31:54.0992 5612 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
20:31:54.0992 5612 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:31:55.0002 5612 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:31:55.0002 5612 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:31:55.0012 5612 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
20:31:55.0012 5612 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:31:55.0021 5612 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
20:31:55.0021 5612 C:\Windows\System32\wkssvc.dll - ok
20:31:55.0031 5612 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
20:31:55.0031 5612 C:\Windows\System32\wfapigp.dll - ok
20:31:55.0040 5612 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
20:31:55.0040 5612 C:\Windows\System32\mscms.dll - ok
20:31:55.0051 5612 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
20:31:55.0051 5612 C:\Windows\System32\pcasvc.dll - ok
20:31:55.0062 5612 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
20:31:55.0062 5612 C:\Windows\System32\snmptrap.exe - ok
20:31:55.0071 5612 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
20:31:55.0071 5612 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
20:31:55.0081 5612 [ 4004299B7AF4CBFF6540F1798899A11F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
20:31:55.0081 5612 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
20:31:55.0091 5612 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
20:31:55.0091 5612 C:\Windows\System32\provsvc.dll - ok
20:31:55.0100 5612 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
20:31:55.0100 5612 C:\Windows\System32\sstpsvc.dll - ok
20:31:55.0110 5612 [ B362181ED3771DC03B4141927C80F801 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:31:55.0110 5612 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
20:31:55.0120 5612 [ A2B0924D50F4435FD389499047CE553A ] C:\Windows\SysWOW64\ntdll.dll
20:31:55.0120 5612 C:\Windows\SysWOW64\ntdll.dll - ok
20:31:55.0130 5612 [ 70833F5A59F65908698093889C34BCA2 ] C:\Windows\System32\wow64.dll
20:31:55.0130 5612 C:\Windows\System32\wow64.dll - ok
20:31:55.0137 5612 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
20:31:55.0139 5612 C:\Windows\System32\wow64win.dll - ok
20:31:55.0147 5612 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
20:31:55.0147 5612 C:\Windows\System32\wow64cpu.dll - ok
20:31:55.0157 5612 [ 365A5034093AD9E04F433046C4CDF6AB ] C:\Windows\SysWOW64\kernel32.dll
20:31:55.0157 5612 C:\Windows\SysWOW64\kernel32.dll - ok
20:31:55.0166 5612 [ 56E3313690866F99CD17AA1342F64AE1 ] C:\Windows\SysWOW64\gdi32.dll
20:31:55.0166 5612 C:\Windows\SysWOW64\gdi32.dll - ok
20:31:55.0176 5612 [ 1B7343C3765638D4D17CB925F84F8ABE ] C:\Windows\SysWOW64\KernelBase.dll
20:31:55.0176 5612 C:\Windows\SysWOW64\KernelBase.dll - ok
20:31:55.0185 5612 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
20:31:55.0185 5612 C:\Windows\SysWOW64\user32.dll - ok
20:31:55.0195 5612 [ D67472125471784DE7147946EDA25FEB ] C:\Windows\SysWOW64\advapi32.dll
20:31:55.0195 5612 C:\Windows\SysWOW64\advapi32.dll - ok
20:31:55.0206 5612 [ CC23295DA8F7B5C53F93804D2F5D30EB ] C:\Windows\SysWOW64\lpk.dll
20:31:55.0206 5612 C:\Windows\SysWOW64\lpk.dll - ok
20:31:55.0215 5612 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
20:31:55.0215 5612 C:\Windows\SysWOW64\msvcrt.dll - ok
20:31:55.0226 5612 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
20:31:55.0226 5612 C:\Windows\SysWOW64\usp10.dll - ok
20:31:55.0235 5612 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
20:31:55.0235 5612 C:\Windows\SysWOW64\cryptbase.dll - ok
20:31:55.0245 5612 [ 4DC999CED9429939D75682EBD7D48901 ] C:\Windows\SysWOW64\rpcrt4.dll
20:31:55.0245 5612 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:31:55.0254 5612 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
20:31:55.0255 5612 C:\Windows\SysWOW64\sechost.dll - ok
20:31:55.0264 5612 [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\SysWOW64\shell32.dll
20:31:55.0264 5612 C:\Windows\SysWOW64\shell32.dll - ok
20:31:55.0274 5612 [ 42B924C5F3924C1EB2539F22C10D7DF1 ] C:\Windows\SysWOW64\sspicli.dll
20:31:55.0274 5612 C:\Windows\SysWOW64\sspicli.dll - ok
20:31:55.0284 5612 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
20:31:55.0284 5612 C:\Windows\SysWOW64\shlwapi.dll - ok
20:31:55.0293 5612 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
20:31:55.0293 5612 C:\Windows\SysWOW64\ole32.dll - ok
20:31:55.0303 5612 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
20:31:55.0303 5612 C:\Windows\SysWOW64\oleaut32.dll - ok
20:31:55.0312 5612 [ CC09E0C9A2D89C6E71D093DC8BD121B7 ] C:\Windows\SysWOW64\crypt32.dll
20:31:55.0312 5612 C:\Windows\SysWOW64\crypt32.dll - ok
20:31:55.0322 5612 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
20:31:55.0322 5612 C:\Windows\SysWOW64\msasn1.dll - ok
20:31:55.0332 5612 [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\SysWOW64\wintrust.dll
20:31:55.0332 5612 C:\Windows\SysWOW64\wintrust.dll - ok
20:31:55.0341 5612 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
20:31:55.0341 5612 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
20:31:55.0351 5612 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
20:31:55.0351 5612 C:\Windows\SysWOW64\imm32.dll - ok
20:31:55.0361 5612 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
20:31:55.0361 5612 C:\Windows\SysWOW64\msctf.dll - ok
20:31:55.0371 5612 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:31:55.0372 5612 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
20:31:55.0382 5612 [ 30E3850F303EAE5C364782EA78579CC9 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:31:55.0382 5612 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:31:55.0392 5612 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:31:55.0392 5612 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:31:55.0402 5612 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:31:55.0402 5612 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:31:55.0413 5612 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:31:55.0413 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:31:55.0422 5612 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
20:31:55.0422 5612 C:\Windows\SysWOW64\version.dll - ok
20:31:55.0432 5612 [ 6D41F6AA35220E7A54543075B27E8F83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:31:55.0432 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:31:55.0442 5612 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:31:55.0442 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:31:55.0452 5612 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:31:55.0452 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:31:55.0462 5612 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
20:31:55.0462 5612 C:\Windows\SysWOW64\nsi.dll - ok
20:31:55.0471 5612 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
20:31:55.0471 5612 C:\Windows\SysWOW64\ws2_32.dll - ok
20:31:55.0481 5612 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
20:31:55.0482 5612 C:\Windows\SysWOW64\wsock32.dll - ok
20:31:55.0491 5612 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
20:31:55.0491 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:31:55.0502 5612 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
20:31:55.0502 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
20:31:55.0513 5612 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
20:31:55.0513 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:31:55.0522 5612 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
20:31:55.0522 5612 C:\Windows\SysWOW64\winmm.dll - ok
20:31:55.0533 5612 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
20:31:55.0533 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:31:55.0543 5612 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
20:31:55.0543 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
20:31:55.0553 5612 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
20:31:55.0553 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:31:55.0563 5612 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
20:31:55.0563 5612 C:\Windows\SysWOW64\profapi.dll - ok
20:31:55.0573 5612 [ 4D9B3DFBAB2EA93B594B74D47E0B4E5D ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:31:55.0573 5612 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:31:55.0582 5612 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
20:31:55.0582 5612 C:\Windows\SysWOW64\setupapi.dll - ok
20:31:55.0592 5612 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:31:55.0592 5612 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:31:55.0601 5612 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
20:31:55.0601 5612 C:\Windows\SysWOW64\devobj.dll - ok
20:31:55.0611 5612 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
20:31:55.0611 5612 C:\Windows\SysWOW64\userenv.dll - ok
20:31:55.0620 5612 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
20:31:55.0620 5612 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:31:55.0630 5612 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
20:31:55.0630 5612 C:\Windows\SysWOW64\dnssd.dll - ok
20:31:55.0640 5612 [ 4DB93F4DB7077801D2D82013506AC1D0 ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:31:55.0640 5612 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
20:31:55.0649 5612 [ E94C583CDE2348950155F2AF2876F34D ] C:\Windows\SysWOW64\mswsock.dll
20:31:55.0649 5612 C:\Windows\SysWOW64\mswsock.dll - ok
20:31:55.0659 5612 [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
20:31:55.0659 5612 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
20:31:55.0670 5612 [ 8BEC8631AED9C58EF8DD7CE1755F86AA ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
20:31:55.0670 5612 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
20:31:55.0680 5612 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
20:31:55.0680 5612 C:\Windows\SysWOW64\msvcp100.dll - ok
20:31:55.0690 5612 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
20:31:55.0690 5612 C:\Windows\SysWOW64\msvcr100.dll - ok
20:31:55.0700 5612 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:31:55.0700 5612 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:31:55.0710 5612 [ FBDC1D23E595C22805BFE35D677732DA ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:31:55.0710 5612 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:31:55.0720 5612 [ 9C89246184979A070B0C6CCF61C68136 ] C:\Windows\SysWOW64\wininet.dll
20:31:55.0720 5612 C:\Windows\SysWOW64\wininet.dll - ok
20:31:55.0729 5612 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
20:31:55.0729 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
20:31:55.0739 5612 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
20:31:55.0739 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
20:31:55.0748 5612 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
20:31:55.0748 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
20:31:55.0757 5612 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
20:31:55.0758 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
20:31:55.0767 5612 [ 34CBED7698D557DDB43F8732FBC2ACB9 ] C:\Windows\SysWOW64\iertutil.dll
20:31:55.0767 5612 C:\Windows\SysWOW64\iertutil.dll - ok
20:31:55.0777 5612 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
20:31:55.0777 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:31:55.0787 5612 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
20:31:55.0787 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
20:31:55.0797 5612 [ A7DDDDE163F16AB49DF3DE9EEC715495 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:31:55.0797 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:31:55.0807 5612 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:31:55.0807 5612 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:31:55.0817 5612 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
20:31:55.0817 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:31:55.0827 5612 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
20:31:55.0827 5612 C:\Windows\SysWOW64\winnsi.dll - ok
20:31:55.0838 5612 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
20:31:55.0838 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:31:55.0849 5612 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
20:31:55.0849 5612 C:\Windows\SysWOW64\psapi.dll - ok
20:31:55.0857 5612 [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
20:31:55.0857 5612 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
20:31:55.0867 5612 [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
20:31:55.0867 5612 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
20:31:55.0877 5612 [ D646FA5135A1CD795877AFE9D17FA9ED ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:31:55.0877 5612 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
20:31:55.0886 5612 [ 8564728CB493B0704EDB9A3607B3DDE9 ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
20:31:55.0886 5612 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
20:31:55.0897 5612 [ 9E335DCB3EA00AA38724E80CEFA963A6 ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
20:31:55.0897 5612 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
20:31:55.0906 5612 [ F2E8CEFC8CF4D6454F4121C5FF93136A ] C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
20:31:55.0906 5612 C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE - ok
20:31:55.0916 5612 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
20:31:55.0916 5612 C:\Windows\SysWOW64\msi.dll - ok
20:31:55.0925 5612 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
20:31:55.0925 5612 C:\Windows\SysWOW64\SensApi.dll - ok
20:31:55.0935 5612 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
20:31:55.0935 5612 C:\Windows\SysWOW64\clbcatq.dll - ok
20:31:55.0944 5612 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
20:31:55.0944 5612 C:\Windows\SysWOW64\cryptsp.dll - ok
20:31:55.0953 5612 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
20:31:55.0954 5612 C:\Windows\SysWOW64\rsaenh.dll - ok
20:31:55.0963 5612 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:31:55.0963 5612 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:31:55.0973 5612 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
20:31:55.0973 5612 C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:31:55.0983 5612 [ 414F57444511B818DB23FA5CF89F3205 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
20:31:55.0983 5612 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
20:31:55.0994 5612 [ 533328A3D9A9C286682525842547540C ] C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
20:31:55.0994 5612 C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe - ok
20:31:56.0004 5612 [ F2056E965C6203B0EC7EA435DA08589A ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
20:31:56.0004 5612 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
20:31:56.0014 5612 [ 6C4B2E1A25841077084EB9F76FF6FFA7 ] C:\Windows\SysWOW64\wmp.dll
20:31:56.0014 5612 C:\Windows\SysWOW64\wmp.dll - ok
20:31:56.0024 5612 [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
20:31:56.0024 5612 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
20:31:56.0033 5612 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
20:31:56.0033 5612 C:\Windows\SysWOW64\dwmapi.dll - ok
20:31:56.0043 5612 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
20:31:56.0043 5612 C:\Windows\System32\dllhost.exe - ok
20:31:56.0052 5612 [ 02DF0628BE8B64B84D50FBE53549AA3B ] C:\Windows\SysWOW64\wmploc.DLL
20:31:56.0052 5612 C:\Windows\SysWOW64\wmploc.DLL - ok
20:31:56.0062 5612 [ 3961DE6134280FD3BC911D5B2119CECF ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
20:31:56.0062 5612 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
20:31:56.0071 5612 [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
20:31:56.0071 5612 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
20:31:56.0081 5612 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
20:31:56.0082 5612 C:\Windows\System32\IDStore.dll - ok
20:31:56.0091 5612 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
20:31:56.0091 5612 C:\Windows\SysWOW64\winsta.dll - ok
20:31:56.0101 5612 [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
20:31:56.0101 5612 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
20:31:56.0110 5612 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
20:31:56.0110 5612 C:\Windows\System32\taskhost.exe - ok
20:31:56.0120 5612 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
20:31:56.0120 5612 C:\Windows\SysWOW64\sfc.dll - ok
20:31:56.0129 5612 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
20:31:56.0129 5612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
20:31:56.0139 5612 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
20:31:56.0139 5612 C:\Windows\SysWOW64\sfc_os.dll - ok
20:31:56.0147 5612 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
20:31:56.0147 5612 C:\Windows\System32\AtBroker.exe - ok
20:31:56.0159 5612 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
20:31:56.0159 5612 C:\Windows\System32\mpr.dll - ok
20:31:56.0167 5612 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
20:31:56.0167 5612 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:31:56.0178 5612 [ 372948BB5E41CE42341C4398DE572E56 ] C:\Windows\SysWOW64\secur32.dll
20:31:56.0178 5612 C:\Windows\SysWOW64\secur32.dll - ok
20:31:56.0187 5612 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
20:31:56.0187 5612 C:\Windows\System32\PlaySndSrv.dll - ok
20:31:56.0197 5612 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
20:31:56.0197 5612 C:\Windows\System32\userinit.exe - ok
20:31:56.0207 5612 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
20:31:56.0207 5612 C:\Windows\System32\HotStartUserAgent.dll - ok
20:31:56.0216 5612 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
20:31:56.0216 5612 C:\Windows\System32\rasadhlp.dll - ok
20:31:56.0226 5612 [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
20:31:56.0226 5612 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
20:31:56.0236 5612 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
20:31:56.0236 5612 C:\Windows\System32\MsCtfMonitor.dll - ok
20:31:56.0245 5612 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
20:31:56.0245 5612 C:\Windows\System32\localspl.dll - ok
20:31:56.0255 5612 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
20:31:56.0255 5612 C:\Windows\System32\msutb.dll - ok
20:31:56.0264 5612 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
20:31:56.0264 5612 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
20:31:56.0274 5612 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
20:31:56.0274 5612 C:\Windows\System32\dwm.exe - ok
20:31:56.0283 5612 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
20:31:56.0284 5612 C:\Windows\System32\spoolss.dll - ok
20:31:56.0292 5612 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
20:31:56.0293 5612 C:\Windows\System32\esent.dll - ok
20:31:56.0302 5612 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
20:31:56.0302 5612 C:\Windows\explorer.exe - ok
20:31:56.0312 5612 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
20:31:56.0314 5612 C:\Windows\System32\winspool.drv - ok
20:31:56.0323 5612 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
20:31:56.0323 5612 C:\Windows\System32\dwmredir.dll - ok
20:31:56.0333 5612 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
20:31:56.0333 5612 C:\Windows\System32\dwmcore.dll - ok
20:31:56.0342 5612 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
20:31:56.0342 5612 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:31:56.0352 5612 [ A6B726DCA228F7878E38368A1BDC68BE ] C:\Windows\System32\cryptnet.dll
20:31:56.0352 5612 C:\Windows\System32\cryptnet.dll - ok
20:31:56.0362 5612 [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll
20:31:56.0362 5612 C:\Windows\System32\cryptsvc.dll - ok
20:31:56.0371 5612 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
20:31:56.0371 5612 C:\Windows\System32\dps.dll - ok
20:31:56.0381 5612 [ 46B8E04B3C35CB93F89EF27746D7A908 ] C:\Windows\System32\EP0SLM01.DLL
20:31:56.0381 5612 C:\Windows\System32\EP0SLM01.DLL - ok
20:31:56.0390 5612 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
20:31:56.0390 5612 C:\Windows\System32\taskschd.dll - ok
20:31:56.0400 5612 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
20:31:56.0400 5612 C:\Windows\System32\vssapi.dll - ok
20:31:56.0410 5612 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
20:31:56.0410 5612 C:\Windows\System32\vsstrace.dll - ok
20:31:56.0419 5612 [ 5119CA537F22E38019C811C0BE314EC2 ] C:\Windows\System32\E_ILMAIA.DLL
20:31:56.0419 5612 C:\Windows\System32\E_ILMAIA.DLL - ok
20:31:56.0429 5612 [ 1E345F2A2D95DA3190596E691CDE9342 ] C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:31:56.0429 5612 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE - ok
20:31:56.0437 5612 [ D222579C912E5871100838F5A4FCCA77 ] C:\Windows\System32\RpcNs4.dll
20:31:56.0437 5612 C:\Windows\System32\RpcNs4.dll - ok
20:31:56.0447 5612 [ 2DFB151FD34DF104DAC0ADF070EDA83C ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:31:56.0447 5612 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
20:31:56.0457 5612 [ 5AA89E152634954E15E9DB265C6A8557 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:31:56.0457 5612 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
20:31:56.0469 5612 [ 5839A8027D6D324A7CD494051A96628C ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:31:56.0470 5612 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe - ok
20:31:56.0480 5612 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
20:31:56.0480 5612 C:\Windows\System32\nlasvc.dll - ok
20:31:56.0489 5612 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
20:31:56.0490 5612 C:\Windows\System32\winhttp.dll - ok
20:31:56.0499 5612 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
20:31:56.0499 5612 C:\Windows\System32\ncsi.dll - ok
20:31:56.0509 5612 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
20:31:56.0509 5612 C:\Windows\System32\webio.dll - ok
20:31:56.0517 5612 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
20:31:56.0517 5612 C:\Windows\System32\ssdpapi.dll - ok
20:31:56.0527 5612 [ 60670A59D6B76AA4E41478A7AB76C282 ] C:\Windows\System32\hpinksts8911LM.dll
20:31:56.0527 5612 C:\Windows\System32\hpinksts8911LM.dll - ok
20:31:56.0536 5612 [ 344789398EC3EE5A4E00C52B31847946 ] C:\Windows\System32\IKEEXT.DLL
20:31:56.0536 5612 C:\Windows\System32\IKEEXT.DLL - ok
20:31:56.0551 5612 [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll
20:31:56.0551 5612 C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll - ok
20:31:56.0561 5612 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
20:31:56.0561 5612 C:\Windows\System32\wsock32.dll - ok
20:31:56.0570 5612 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
20:31:56.0570 5612 C:\Windows\System32\drivers\PEAuth.sys - ok
20:31:56.0580 5612 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
20:31:56.0580 5612 C:\Windows\System32\aepic.dll - ok
20:31:56.0589 5612 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
20:31:56.0590 5612 C:\Windows\System32\sfc.dll - ok
20:31:56.0599 5612 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
20:31:56.0599 5612 C:\Windows\System32\sfc_os.dll - ok
20:31:56.0609 5612 [ 98EF79CC2B07398AC525F9EA1AE0366F ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:31:56.0609 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
20:31:56.0618 5612 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
20:31:56.0619 5612 C:\Windows\SysWOW64\msimg32.dll - ok
20:31:56.0628 5612 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:31:56.0628 5612 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:31:56.0640 5612 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
20:31:56.0640 5612 C:\Windows\System32\d3d10_1.dll - ok
20:31:56.0649 5612 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
20:31:56.0649 5612 C:\Windows\SysWOW64\MMDevAPI.dll - ok
20:31:56.0660 5612 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
20:31:56.0660 5612 C:\Windows\SysWOW64\propsys.dll - ok
20:31:56.0669 5612 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
20:31:56.0669 5612 C:\Windows\SysWOW64\AudioSes.dll - ok
20:31:56.0677 5612 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
20:31:56.0678 5612 C:\Windows\SysWOW64\avrt.dll - ok
20:31:56.0687 5612 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
20:31:56.0688 5612 C:\Windows\SysWOW64\mfplat.dll - ok
20:31:56.0697 5612 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
20:31:56.0697 5612 C:\Windows\SysWOW64\winspool.drv - ok
20:31:56.0707 5612 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
20:31:56.0707 5612 C:\Windows\System32\d3d10_1core.dll - ok
20:31:56.0716 5612 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
20:31:56.0716 5612 C:\Windows\SysWOW64\netapi32.dll - ok
20:31:56.0726 5612 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
20:31:56.0726 5612 C:\Windows\SysWOW64\netutils.dll - ok
20:31:56.0735 5612 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
20:31:56.0735 5612 C:\Windows\SysWOW64\srvcli.dll - ok
20:31:56.0744 5612 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
20:31:56.0744 5612 C:\Windows\System32\dxgi.dll - ok
20:31:56.0754 5612 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
20:31:56.0754 5612 C:\Windows\System32\vpnikeapi.dll - ok
20:31:56.0763 5612 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
20:31:56.0763 5612 C:\Windows\SysWOW64\wkscli.dll - ok
20:31:56.0773 5612 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
20:31:56.0773 5612 C:\Windows\SysWOW64\samcli.dll - ok
20:31:56.0787 5612 [ 14361FB2FD630988816A4F46AEAF0684 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
20:31:56.0787 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll - ok
20:31:56.0800 5612 [ C835670705596AE67EE7E0AE92A12071 ] C:\Windows\System32\HPZLLLHN.DLL
20:31:56.0800 5612 C:\Windows\System32\HPZLLLHN.DLL - ok
20:31:56.0810 5612 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
20:31:56.0810 5612 C:\Windows\System32\aeevts.dll - ok
20:31:56.0821 5612 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
20:31:56.0821 5612 C:\Windows\System32\FXSMON.dll - ok
20:31:56.0831 5612 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
20:31:56.0831 5612 C:\Windows\System32\tcpmon.dll - ok
20:31:56.0841 5612 [ 9B375BB63F99B113C065A5DB4E632E23 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll
20:31:56.0842 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll - ok
20:31:56.0852 5612 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
20:31:56.0852 5612 C:\Windows\System32\d3d11.dll - ok
20:31:56.0862 5612 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
20:31:56.0862 5612 C:\Windows\System32\ExplorerFrame.dll - ok
20:31:56.0871 5612 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
20:31:56.0871 5612 C:\Windows\System32\snmpapi.dll - ok
20:31:56.0881 5612 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
20:31:56.0881 5612 C:\Windows\System32\wsnmp32.dll - ok
20:31:56.0890 5612 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
20:31:56.0891 5612 C:\Windows\System32\usbmon.dll - ok
20:31:56.0900 5612 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
20:31:56.0900 5612 C:\Windows\System32\WSDMon.dll - ok
20:31:56.0910 5612 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
20:31:56.0910 5612 C:\Windows\System32\taskeng.exe - ok
20:31:56.0919 5612 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
20:31:56.0919 5612 C:\Windows\System32\WSDApi.dll - ok
20:31:56.0929 5612 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
20:31:56.0929 5612 C:\Windows\System32\TSChannel.dll - ok
20:31:56.0937 5612 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
20:31:56.0937 5612 C:\Windows\System32\webservices.dll - ok
20:31:56.0949 5612 [ D8F0E941B1E35DEEE3EDF6DF45517607 ] C:\Windows\System32\igd10umd64.dll
20:31:56.0949 5612 C:\Windows\System32\igd10umd64.dll - ok
20:31:56.0960 5612 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
20:31:56.0960 5612 C:\Windows\System32\EhStorShell.dll - ok
20:31:56.0970 5612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:56.0970 5612 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:31:56.0980 5612 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
20:31:56.0980 5612 C:\Windows\System32\ntshrui.dll - ok
20:31:56.0989 5612 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
20:31:56.0989 5612 C:\Windows\System32\fundisc.dll - ok
20:31:56.0998 5612 [ A43B937C580F5DFC43EF63EF72992FE9 ] C:\Program Files (x86)\Google\Update\1.3.22.5\goopdate.dll
20:31:56.0998 5612 C:\Program Files (x86)\Google\Update\1.3.22.5\goopdate.dll - ok
20:31:57.0008 5612 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
20:31:57.0008 5612 C:\Windows\System32\cscapi.dll - ok
20:31:57.0017 5612 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
20:31:57.0018 5612 C:\Windows\System32\fdPnp.dll - ok
20:31:57.0027 5612 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
20:31:57.0027 5612 C:\Windows\System32\IconCodecService.dll - ok
20:31:57.0037 5612 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:31:57.0037 5612 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:31:57.0047 5612 [ 1728FA8A8B98396A1AD3A44CA87DFCBD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
20:31:57.0047 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
20:31:57.0058 5612 [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
20:31:57.0058 5612 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
20:31:57.0067 5612 [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 ] C:\Windows\SysWOW64\imagehlp.dll
20:31:57.0067 5612 C:\Windows\SysWOW64\imagehlp.dll - ok
20:31:57.0077 5612 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
20:31:57.0077 5612 C:\Windows\SysWOW64\uxtheme.dll - ok
20:31:57.0086 5612 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
20:31:57.0086 5612 C:\Windows\SysWOW64\cscapi.dll - ok
20:31:57.0096 5612 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
20:31:57.0096 5612 C:\Windows\SysWOW64\ntmarta.dll - ok
20:31:57.0107 5612 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
20:31:57.0107 5612 C:\Windows\SysWOW64\Wldap32.dll - ok
20:31:57.0116 5612 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
20:31:57.0116 5612 C:\Windows\System32\win32spl.dll - ok
20:31:57.0129 5612 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
20:31:57.0129 5612 C:\Windows\SysWOW64\dbghelp.dll - ok
20:31:57.0141 5612 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
20:31:57.0141 5612 C:\Windows\System32\inetpp.dll - ok
20:31:57.0150 5612 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
20:31:57.0150 5612 C:\Windows\SysWOW64\apphelp.dll - ok
20:31:57.0160 5612 [ C98ACDE22458C8F46FD0503CB9E2D01F ] C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
20:31:57.0160 5612 C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe - ok
20:31:57.0170 5612 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
20:31:57.0170 5612 C:\Windows\System32\uDWM.dll - ok
20:31:57.0179 5612 [ EA8B5B41163A06FFA8930F5316473035 ] C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
20:31:57.0179 5612 C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe - ok
20:31:57.0188 5612 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
20:31:57.0189 5612 C:\Windows\SysWOW64\mstask.dll - ok
20:31:57.0198 5612 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
20:31:57.0198 5612 C:\Windows\System32\ntprint.dll - ok
20:31:57.0208 5612 [ 46B5E0D4DE23D31E7B83E376BD99D7C6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll
20:31:57.0208 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll - ok
20:31:57.0219 5612 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
20:31:57.0219 5612 C:\Windows\System32\dbghelp.dll - ok
20:31:57.0228 5612 [ 4C867B62F6100C107A3A8F5E7A10461D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
20:31:57.0228 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl - ok
20:31:57.0238 5612 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
20:31:57.0238 5612 C:\Windows\SysWOW64\mpr.dll - ok
20:31:57.0248 5612 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
20:31:57.0248 5612 C:\Windows\SysWOW64\shfolder.dll - ok
20:31:57.0258 5612 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
20:31:57.0258 5612 C:\Windows\SysWOW64\oleacc.dll - ok
20:31:57.0268 5612 [ 110145B6EC64C9800468C18ED81B6FC5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
20:31:57.0268 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl - ok
20:31:57.0282 5612 [ 25A2EEF8D22E36F3C7B368BCF245BDC3 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
20:31:57.0282 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
20:31:57.0292 5612 [ D9AF104F7E21FA859EFA3C67E5522E88 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
20:31:57.0292 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl - ok
20:31:57.0303 5612 [ 6686317DC7C3E90F5A20F49E8847EBB9 ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
20:31:57.0303 5612 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
20:31:57.0313 5612 [ 67DABFB8EB4AFA87C558504D5FCD43C8 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
20:31:57.0313 5612 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
20:31:57.0326 5612 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
20:31:57.0326 5612 C:\Windows\SysWOW64\comdlg32.dll - ok
20:31:57.0336 5612 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
20:31:57.0336 5612 C:\Windows\SysWOW64\oledlg.dll - ok
20:31:57.0347 5612 [ 776405A9F755BA8BA5CA9039F0D18067 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
20:31:57.0347 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl - ok
20:31:57.0358 5612 [ 75B5CCDAD97A2A6D245ACA1ACB415DA5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
20:31:57.0358 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl - ok
20:31:57.0368 5612 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
20:31:57.0368 5612 C:\Windows\SysWOW64\bcrypt.dll - ok
20:31:57.0378 5612 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
20:31:57.0378 5612 C:\Windows\SysWOW64\wevtapi.dll - ok
20:31:57.0387 5612 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:31:57.0387 5612 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:31:57.0398 5612 [ DDAEC6977912B3ED0765073E748E6EB6 ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
20:31:57.0398 5612 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
20:31:57.0408 5612 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
20:31:57.0408 5612 C:\Windows\SysWOW64\wscapi.dll - ok
20:31:57.0417 5612 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
20:31:57.0417 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
20:31:57.0428 5612 [ 5D9DC6332A4FC66388B09BBE7CF53750 ] C:\Windows\SysWOW64\urlmon.dll
20:31:57.0428 5612 C:\Windows\SysWOW64\urlmon.dll - ok
20:31:57.0438 5612 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
20:31:57.0438 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
20:31:57.0450 5612 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
20:31:57.0450 5612 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
20:31:57.0462 5612 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
20:31:57.0462 5612 C:\Windows\SysWOW64\wbemcomn.dll - ok
20:31:57.0472 5612 [ FEC92CAB23C9EA531C104EC7DD6B1457 ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
20:31:57.0472 5612 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
20:31:57.0482 5612 [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
20:31:57.0482 5612 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
20:31:57.0493 5612 [ DB02F4D37E5F7F07A0D0F9FAA68249EE ] C:\Windows\System32\ieframe.dll
20:31:57.0493 5612 C:\Windows\System32\ieframe.dll - ok
20:31:57.0502 5612 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
20:31:57.0502 5612 C:\Windows\System32\msvcr100.dll - ok
20:31:57.0512 5612 [ A6639BC625634614DC30392BD81C4001 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
20:31:57.0512 5612 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
20:31:57.0524 5612 [ B6AA8414125791F3D7B7EB0580955815 ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
20:31:57.0524 5612 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
20:31:57.0534 5612 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
20:31:57.0534 5612 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
20:31:57.0544 5612 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
20:31:57.0544 5612 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
20:31:57.0556 5612 [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe
20:31:57.0556 5612 C:\Windows\System32\ctfmon.exe - ok
20:31:57.0565 5612 [ D016F5092E4FFC41147E8555A71D2DDE ] C:\Windows\System32\mshtml.dll
20:31:57.0565 5612 C:\Windows\System32\mshtml.dll - ok
20:31:57.0575 5612 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:31:57.0575 5612 C:\Windows\System32\drivers\secdrv.sys - ok
20:31:57.0588 5612 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
20:31:57.0588 5612 C:\Windows\System32\seclogon.dll - ok
20:31:57.0597 5612 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
20:31:57.0597 5612 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
20:31:57.0607 5612 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
20:31:57.0607 5612 C:\Windows\SysWOW64\devrtl.dll - ok
20:31:57.0621 5612 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
20:31:57.0622 5612 C:\Windows\System32\drivers\srvnet.sys - ok
20:31:57.0631 5612 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
20:31:57.0631 5612 C:\Windows\System32\sysmain.dll - ok
20:31:57.0643 5612 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
20:31:57.0643 5612 C:\Windows\System32\wiaservc.dll - ok
20:31:57.0655 5612 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
20:31:57.0655 5612 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:31:57.0664 5612 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
20:31:57.0664 5612 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:31:57.0676 5612 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
20:31:57.0676 5612 C:\Windows\System32\trkwks.dll - ok
20:31:57.0687 5612 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:31:57.0687 5612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:31:57.0698 5612 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
20:31:57.0698 5612 C:\Windows\System32\wiatrace.dll - ok
20:31:57.0707 5612 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
20:31:57.0707 5612 C:\Windows\System32\wbemcomn.dll - ok
20:31:57.0718 5612 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
20:31:57.0718 5612 C:\Windows\System32\wbem\wbemcore.dll - ok
20:31:57.0727 5612 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:31:57.0727 5612 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:31:57.0737 5612 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
20:31:57.0737 5612 C:\Windows\System32\wbem\fastprox.dll - ok
20:31:57.0746 5612 [ 5922EEA922D3AD686342F866CAEE851F ] C:\Windows\System32\jscript9.dll
20:31:57.0746 5612 C:\Windows\System32\jscript9.dll - ok
20:31:57.0756 5612 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
20:31:57.0756 5612 C:\Windows\System32\SensApi.dll - ok
20:31:57.0766 5612 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:31:57.0766 5612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:31:57.0776 5612 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
20:31:57.0776 5612 C:\Windows\System32\ntdsapi.dll - ok
20:31:57.0797 5612 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
20:31:57.0797 5612 C:\Windows\System32\wbem\esscli.dll - ok
20:31:57.0808 5612 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
20:31:57.0808 5612 C:\Windows\System32\wer.dll - ok
20:31:57.0817 5612 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
20:31:57.0817 5612 C:\Windows\System32\wbem\wbemprox.dll - ok
20:31:57.0832 5612 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
20:31:57.0832 5612 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:31:57.0842 5612 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
20:31:57.0842 5612 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
20:31:57.0851 5612 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
20:31:57.0851 5612 C:\Windows\System32\iphlpsvc.dll - ok
20:31:57.0861 5612 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
20:31:57.0861 5612 C:\Windows\System32\wscsvc.dll - ok
20:31:57.0872 5612 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
20:31:57.0872 5612 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:31:57.0882 5612 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
20:31:57.0882 5612 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
20:31:57.0893 5612 [ 14BF6B3AB327D519ED007CDDC56F6900 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:31:57.0893 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
20:31:57.0902 5612 [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:31:57.0902 5612 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:31:57.0914 5612 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
20:31:57.0914 5612 C:\Windows\System32\sqmapi.dll - ok
20:31:57.0923 5612 [ 0D298133C359AB8CB9EB4FA178BF3947 ] C:\Windows\System32\msxml3.dll
20:31:57.0923 5612 C:\Windows\System32\msxml3.dll - ok
20:31:57.0933 5612 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
20:31:57.0933 5612 C:\Windows\System32\wdscore.dll - ok
20:31:57.0944 5612 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
20:31:57.0944 5612 C:\Windows\SysWOW64\ntdsapi.dll - ok
20:31:57.0956 5612 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
20:31:57.0956 5612 C:\Windows\System32\wbem\wmiutils.dll - ok
20:31:57.0967 5612 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
20:31:57.0967 5612 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
20:31:57.0978 5612 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
20:31:57.0978 5612 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:31:57.0988 5612 [ 816D64F554FBD234DD2C77F4E08C7D5C ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
20:31:57.0988 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
20:31:58.0000 5612 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
20:31:58.0000 5612 C:\Windows\System32\nci.dll - ok
20:31:58.0010 5612 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
20:31:58.0010 5612 C:\Windows\SysWOW64\cabinet.dll - ok
20:31:58.0022 5612 [ DD502A2E7B85EA7A3814C1034E6C23D3 ] C:\Windows\AppPatch\AcGenral.dll
20:31:58.0022 5612 C:\Windows\AppPatch\AcGenral.dll - ok
20:31:58.0032 5612 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
20:31:58.0032 5612 C:\Windows\System32\hnetcfg.dll - ok
20:31:58.0042 5612 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
20:31:58.0042 5612 C:\Windows\SysWOW64\wscisvif.dll - ok
20:31:58.0052 5612 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:31:58.0052 5612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:31:58.0062 5612 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:31:58.0062 5612 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:31:58.0072 5612 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
20:31:58.0072 5612 C:\Windows\System32\dssenh.dll - ok
20:31:58.0081 5612 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
20:31:58.0081 5612 C:\Windows\System32\ncobjapi.dll - ok
20:31:58.0091 5612 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
20:31:58.0091 5612 C:\Windows\SysWOW64\msacm32.dll - ok
20:31:58.0101 5612 [ 6A06EB11F1E5BDAA795DAE7838F9FE20 ] C:\Windows\SysWOW64\jsproxy.dll
20:31:58.0101 5612 C:\Windows\SysWOW64\jsproxy.dll - ok
20:31:58.0110 5612 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
20:31:58.0110 5612 C:\Windows\SysWOW64\winhttp.dll - ok
20:31:58.0120 5612 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
20:31:58.0120 5612 C:\Windows\System32\wbem\wbemess.dll - ok
20:31:58.0128 5612 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
20:31:58.0128 5612 C:\Windows\SysWOW64\webio.dll - ok
20:31:58.0138 5612 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
20:31:58.0138 5612 C:\Windows\SysWOW64\wship6.dll - ok
20:31:58.0151 5612 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
20:31:58.0151 5612 C:\Windows\System32\wbem\NCProv.dll - ok
20:31:58.0160 5612 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
20:31:58.0160 5612 C:\Windows\System32\p2pcollab.dll - ok
20:31:58.0171 5612 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
20:31:58.0171 5612 C:\Windows\System32\QAGENTRT.DLL - ok
20:31:58.0180 5612 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
20:31:58.0180 5612 C:\Windows\System32\fveui.dll - ok
20:31:58.0190 5612 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
20:31:58.0190 5612 C:\Windows\System32\wuapi.dll - ok
20:31:58.0200 5612 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
20:31:58.0200 5612 C:\Windows\System32\cabinet.dll - ok
20:31:58.0208 5612 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
20:31:58.0209 5612 C:\Windows\System32\wups.dll - ok
20:31:58.0219 5612 [ 65AF88D89E9F1F43198EB7D4DBF2E34B ] C:\Program Files\Internet Explorer\sqmapi.dll
20:31:58.0219 5612 C:\Program Files\Internet Explorer\sqmapi.dll - ok
20:31:58.0231 5612 [ 5B8E80EC0D621CDF920AB2141CDBC733 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
20:31:58.0231 5612 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
20:31:58.0239 5612 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
20:31:58.0239 5612 C:\Windows\System32\msimtf.dll - ok
20:31:58.0250 5612 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
20:31:58.0250 5612 C:\Windows\System32\mlang.dll - ok
20:31:58.0258 5612 [ C676E5EA388AF7C4C031F56F9B42E362 ] C:\Windows\System32\d2d1.dll
20:31:58.0258 5612 C:\Windows\System32\d2d1.dll - ok
20:31:58.0268 5612 [ DD85F00EC31F77315AE992B7B0411D65 ] C:\Windows\System32\DWrite.dll
20:31:58.0268 5612 C:\Windows\System32\DWrite.dll - ok
20:31:58.0277 5612 [ 9C253164E7016B42591F08BEB90FB494 ] C:\Windows\System32\igdumd64.dll
20:31:58.0277 5612 C:\Windows\System32\igdumd64.dll - ok
20:31:58.0287 5612 [ C7CFB71A0147F6499316833D18B7F879 ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
20:31:58.0287 5612 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
20:31:58.0297 5612 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
20:31:58.0297 5612 C:\Windows\System32\msvcp100.dll - ok
20:31:58.0308 5612 [ 820EBE67AB99F033FDE25B2692157991 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:31:58.0308 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
20:31:58.0320 5612 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
20:31:58.0320 5612 C:\Windows\System32\drivers\srv2.sys - ok
20:31:58.0330 5612 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
20:31:58.0330 5612 C:\Windows\System32\drivers\srv.sys - ok
20:31:58.0340 5612 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
20:31:58.0340 5612 C:\Windows\System32\srvsvc.dll - ok
20:31:58.0350 5612 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
20:31:58.0350 5612 C:\Windows\System32\browser.dll - ok
20:31:58.0358 5612 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
20:31:58.0358 5612 C:\Windows\System32\netmsg.dll - ok
20:31:58.0368 5612 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
20:31:58.0368 5612 C:\Windows\System32\sscore.dll - ok
20:31:58.0378 5612 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
20:31:58.0378 5612 C:\Windows\System32\clusapi.dll - ok
20:31:58.0387 5612 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
20:31:58.0387 5612 C:\Windows\System32\resutils.dll - ok
20:31:58.0397 5612 [ AD7FB087A238883D1618F29F7BBBD584 ] C:\Windows\SysWOW64\ncrypt.dll
20:31:58.0397 5612 C:\Windows\SysWOW64\ncrypt.dll - ok
20:31:58.0407 5612 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
20:31:58.0407 5612 C:\Windows\SysWOW64\gpapi.dll - ok
20:31:58.0417 5612 [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll
20:31:58.0417 5612 C:\Windows\SysWOW64\cryptnet.dll - ok
20:31:58.0426 5612 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
20:31:58.0427 5612 C:\Windows\SysWOW64\olepro32.dll - ok
20:31:58.0436 5612 [ 6BD3E11E7B82E0964D51975371D7F2E0 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll
20:31:58.0436 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll - ok
20:31:58.0447 5612 [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
20:31:58.0447 5612 C:\Windows\System32\appinfo.dll - ok
20:31:58.0456 5612 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
20:31:58.0456 5612 C:\Windows\System32\wdi.dll - ok
20:31:58.0467 5612 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
20:31:58.0467 5612 C:\Windows\System32\wpdbusenum.dll - ok
20:31:58.0478 5612 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
20:31:58.0478 5612 C:\Windows\System32\IPSECSVC.DLL - ok
20:31:58.0487 5612 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
20:31:58.0487 5612 C:\Windows\System32\dimsjob.dll - ok
20:31:58.0497 5612 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
20:31:58.0497 5612 C:\Windows\System32\diagperf.dll - ok
20:31:58.0507 5612 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
20:31:58.0507 5612 C:\Windows\System32\npmproxy.dll - ok
20:31:58.0516 5612 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
20:31:58.0516 5612 C:\Windows\System32\PortableDeviceApi.dll - ok
20:31:58.0526 5612 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
20:31:58.0526 5612 C:\Windows\System32\NapiNSP.dll - ok
20:31:58.0536 5612 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
20:31:58.0536 5612 C:\Windows\System32\FwRemoteSvr.dll - ok
20:31:58.0546 5612 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
20:31:58.0546 5612 C:\Windows\System32\perftrack.dll - ok
20:31:58.0556 5612 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
20:31:58.0556 5612 C:\Windows\System32\runonce.exe - ok
20:31:58.0566 5612 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:31:58.0566 5612 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:31:58.0575 5612 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
20:31:58.0575 5612 C:\Windows\System32\pnpts.dll - ok
20:31:58.0585 5612 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
20:31:58.0585 5612 C:\Windows\System32\Apphlpdm.dll - ok
20:31:58.0595 5612 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
20:31:58.0595 5612 C:\Windows\System32\radardt.dll - ok
20:31:58.0605 5612 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
20:31:58.0605 5612 C:\Windows\System32\wdiasqmmodule.dll - ok
20:31:58.0615 5612 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
20:31:58.0615 5612 C:\Windows\System32\pnrpnsp.dll - ok
20:31:58.0625 5612 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
20:31:58.0625 5612 C:\Windows\System32\winrnr.dll - ok
20:31:58.0636 5612 [ E4574405ACBB2BEDF9E6B1B99896540E ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
20:31:58.0637 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
20:31:58.0647 5612 [ DD79A6B15C2F28DE98DF4852AAF6B13B ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
20:31:58.0647 5612 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe - ok
20:31:58.0657 5612 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
20:31:58.0657 5612 C:\Windows\System32\mscoree.dll - ok
20:31:58.0668 5612 [ D44067027714CC58B8AB0AC38FDA1A0B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:31:58.0668 5612 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:31:58.0677 5612 [ B24232BCA42AA784A5C951B74B7789D3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
20:31:58.0677 5612 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
20:31:58.0688 5612 [ 6951736D01DB9FB6316277B801208B9B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll
20:31:58.0688 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll - ok
20:31:58.0700 5612 [ 25D23E5A5A627CC718E478B66AD8AFF7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll
20:31:58.0700 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll - ok
20:31:58.0710 5612 [ B608BA52FA1FD29BF81B718818246B4D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
20:31:58.0710 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll - ok
20:31:58.0721 5612 [ 1755023407FDE00D9916505A557569D5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll
20:31:58.0721 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll - ok
20:31:58.0732 5612 [ ADF9F919E10832746ED516230420F749 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll
20:31:58.0732 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll - ok
20:31:58.0742 5612 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
20:31:58.0742 5612 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
20:31:58.0753 5612 [ AB44EE3B916F1626B9C4222F2B6F2DE4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll
20:31:58.0753 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll - ok
20:31:58.0763 5612 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
20:31:58.0763 5612 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
20:31:58.0773 5612 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
20:31:58.0773 5612 C:\Windows\System32\riched20.dll - ok
20:31:58.0784 5612 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
20:31:58.0784 5612 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
20:31:58.0798 5612 [ DE9EC2C90DA5A74ACA19AF8CF564748E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll
20:31:58.0798 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll - ok
20:31:58.0808 5612 [ F0E839CDE31A9FF7F2D77A901099D334 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll
20:31:58.0808 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll - ok
20:31:58.0820 5612 [ F057F73C56937749F0652F8E9326BE1C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\c97010ae0b7cd474407b3824041fbb40\System.Windows.Forms.ni.dll
20:31:58.0820 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\c97010ae0b7cd474407b3824041fbb40\System.Windows.Forms.ni.dll - ok
20:31:58.0830 5612 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
20:31:58.0830 5612 C:\Windows\SysWOW64\runonce.exe - ok
20:31:58.0840 5612 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
20:31:58.0840 5612 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
20:31:58.0851 5612 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
20:31:58.0851 5612 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
20:31:58.0862 5612 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
20:31:58.0862 5612 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
20:31:58.0872 5612 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
20:31:58.0872 5612 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
20:31:58.0883 5612 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
20:31:58.0883 5612 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
20:31:58.0894 5612 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
20:31:58.0894 5612 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
20:31:58.0904 5612 [ E4561704CBFA193761743E5AF746C669 ] C:\Windows\SysWOW64\msxml3.dll
20:31:58.0904 5612 C:\Windows\SysWOW64\msxml3.dll - ok
20:31:58.0914 5612 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
20:31:58.0914 5612 C:\Windows\SysWOW64\cmd.exe - ok
20:31:58.0924 5612 [ BF95EA5809E3BBF55370F7CB309FEBD0 ] C:\Windows\System32\conhost.exe
20:31:58.0924 5612 C:\Windows\System32\conhost.exe - ok
20:31:58.0933 5612 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
20:31:58.0933 5612 C:\Windows\SysWOW64\winbrand.dll - ok
20:31:58.0950 5612 [ 79FA7D8B488F90EDE325963379A6F738 ] C:\Windows\SysWOW64\ieframe.dll
20:31:58.0950 5612 C:\Windows\SysWOW64\ieframe.dll - ok
20:31:58.0962 5612 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
20:31:58.0962 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
20:31:58.0972 5612 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll
20:31:58.0972 5612 C:\Windows\SysWOW64\shdocvw.dll - ok
20:31:58.0983 5612 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Tonya\AppData\Local\Temp\6843EDE4-1156-497F-91D5-79ADEDEBFFC7.exe
20:31:58.0983 5612 C:\Users\Tonya\AppData\Local\Temp\6843EDE4-1156-497F-91D5-79ADEDEBFFC7.exe - ok
20:31:58.0994 5612 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
20:31:58.0994 5612 C:\Windows\System32\aelupsvc.dll - ok
20:31:59.0004 5612 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:31:59.0004 5612 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:31:59.0013 5612 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
20:31:59.0013 5612 C:\Windows\SysWOW64\EhStorShell.dll - ok
20:31:59.0023 5612 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
20:31:59.0023 5612 C:\Windows\SysWOW64\ntshrui.dll - ok
20:31:59.0032 5612 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
20:31:59.0032 5612 C:\Windows\SysWOW64\slc.dll - ok
20:31:59.0042 5612 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
20:31:59.0042 5612 C:\Windows\SysWOW64\imageres.dll - ok
20:31:59.0052 5612 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
20:31:59.0052 5612 C:\Windows\SysWOW64\IconCodecService.dll - ok
20:31:59.0062 5612 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
20:31:59.0062 5612 C:\Windows\System32\timedate.cpl - ok
20:31:59.0072 5612 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
20:31:59.0072 5612 C:\Windows\SysWOW64\credssp.dll - ok
20:31:59.0081 5612 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
20:31:59.0081 5612 C:\Windows\System32\actxprxy.dll - ok
20:31:59.0091 5612 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
20:31:59.0091 5612 C:\Windows\SysWOW64\dnsapi.dll - ok
20:31:59.0101 5612 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:31:59.0101 5612 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:31:59.0111 5612 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
20:31:59.0111 5612 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
20:31:59.0121 5612 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
20:31:59.0121 5612 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
20:31:59.0130 5612 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
20:31:59.0130 5612 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:31:59.0141 5612 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
20:31:59.0141 5612 C:\Windows\System32\msftedit.dll - ok
20:31:59.0152 5612 [ F0D0E883EBBDC7615DC9EDEA0FFB2817 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:31:59.0152 5612 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:31:59.0161 5612 [ 2EBD0C5B090125AECF017C57344C45AB ] C:\Windows\System32\msls31.dll
20:31:59.0161 5612 C:\Windows\System32\msls31.dll - ok
20:31:59.0171 5612 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
20:31:59.0171 5612 C:\Windows\System32\gameux.dll - ok
20:31:59.0181 5612 [ E24810944B2EB49862D835CA5B7E6E43 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:31:59.0181 5612 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:31:59.0191 5612 [ D0EB6410A7D688E26C8D519425E743C8 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:31:59.0191 5612 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
20:31:59.0201 5612 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
20:31:59.0201 5612 C:\Windows\SysWOW64\riched20.dll - ok
20:31:59.0210 5612 [ 49761B7E50CC76B2FB25F99BF243323F ] C:\Windows\System32\SynCOM.dll
20:31:59.0210 5612 C:\Windows\System32\SynCOM.dll - ok
20:31:59.0220 5612 [ F1475C9B509A8643358C6C7F97F4BAB8 ] C:\Windows\System32\SynTPAPI.dll
20:31:59.0220 5612 C:\Windows\System32\SynTPAPI.dll - ok
20:31:59.0230 5612 [ F333A699C8F43048659F0E201CB7268D ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
20:31:59.0231 5612 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
20:31:59.0240 5612 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
20:31:59.0240 5612 C:\Windows\System32\msiltcfg.dll - ok
20:31:59.0250 5612 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
20:31:59.0250 5612 C:\Windows\System32\opengl32.dll - ok
20:31:59.0261 5612 [ A0ABBAD8CE99CBF8467D697073B38E87 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
20:31:59.0261 5612 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe - ok
20:31:59.0270 5612 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
20:31:59.0270 5612 C:\Windows\System32\msi.dll - ok
20:31:59.0280 5612 [ E948D1D42DC68923ABD75EEB5BCCD1D3 ] C:\Windows\System32\consent.exe
20:31:59.0280 5612 C:\Windows\System32\consent.exe - ok
20:31:59.0291 5612 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
20:31:59.0291 5612 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
20:31:59.0302 5612 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
20:31:59.0302 5612 C:\Windows\System32\msimg32.dll - ok
20:31:59.0312 5612 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
20:31:59.0312 5612 C:\Windows\System32\glu32.dll - ok
20:31:59.0321 5612 [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll
20:31:59.0321 5612 C:\Windows\System32\shdocvw.dll - ok
20:31:59.0331 5612 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
20:31:59.0331 5612 C:\Windows\System32\linkinfo.dll - ok
20:31:59.0340 5612 [ 0BBFE08ECCE8A209D07C3B68D63FC293 ] C:\Windows\System32\igfxtray.exe
20:31:59.0341 5612 C:\Windows\System32\igfxtray.exe - ok
20:31:59.0350 5612 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
20:31:59.0350 5612 C:\Windows\System32\DeviceCenter.dll - ok
20:31:59.0360 5612 [ 2F16207A65B62001FC73E6798D0B8F2A ] C:\Windows\System32\hkcmd.exe
20:31:59.0360 5612 C:\Windows\System32\hkcmd.exe - ok
20:31:59.0368 5612 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
20:31:59.0368 5612 C:\Windows\System32\ddraw.dll - ok
20:31:59.0380 5612 [ 05EA520BFB1D3085CB12A4355598081D ] C:\Windows\System32\hccutils.dll
20:31:59.0380 5612 C:\Windows\System32\hccutils.dll - ok
20:31:59.0388 5612 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
20:31:59.0388 5612 C:\Windows\System32\SearchFolder.dll - ok
20:31:59.0398 5612 [ A5ED9421B8D09ED4F57CDA386307713E ] C:\Windows\System32\dciman32.dll
20:31:59.0398 5612 C:\Windows\System32\dciman32.dll - ok
20:31:59.0408 5612 [ B69A01794D44C769C2575AE75E2EB31F ] C:\Windows\System32\igfxpers.exe
20:31:59.0408 5612 C:\Windows\System32\igfxpers.exe - ok
20:31:59.0417 5612 [ D890EDDD0528E04049C9D524FBA1C506 ] C:\Windows\System32\igfxsrvc.exe
20:31:59.0418 5612 C:\Windows\System32\igfxsrvc.exe - ok
20:31:59.0427 5612 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
20:31:59.0427 5612 C:\Windows\System32\dsound.dll - ok
20:31:59.0437 5612 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe
20:31:59.0437 5612 C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe - ok
20:31:59.0448 5612 [ 89AE8D4ED8E4F1102611D94F00279282 ] C:\Windows\System32\spool\drivers\x64\3\E_IATIAIA.EXE
20:31:59.0448 5612 C:\Windows\System32\spool\drivers\x64\3\E_IATIAIA.EXE - ok
20:31:59.0460 5612 [ 83AEBB8EA680F3D85742F3C4E5A50D46 ] C:\Windows\System32\RtkCfg64.dll
20:31:59.0460 5612 C:\Windows\System32\RtkCfg64.dll - ok
20:31:59.0471 5612 [ A43B937C580F5DFC43EF63EF72992FE9 ] C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\goopdate.dll
20:31:59.0471 5612 C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\goopdate.dll - ok
20:31:59.0480 5612 [ 31A6D4B8803CCBA44271F05E08C4955A ] C:\Windows\System32\igfxsrvc.dll
20:31:59.0480 5612 C:\Windows\System32\igfxsrvc.dll - ok
20:31:59.0490 5612 [ FD7A42573DC0109FC2B0EB607F052DBC ] C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe
20:31:59.0490 5612 C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe - ok
20:31:59.0498 5612 [ F51059EE3C543CB364A069CAFB252031 ] C:\Windows\System32\igfxdev.dll
20:31:59.0499 5612 C:\Windows\System32\igfxdev.dll - ok
20:31:59.0508 5612 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
20:31:59.0509 5612 C:\Windows\System32\thumbcache.dll - ok
20:31:59.0518 5612 [ 76DEDCC56A594026986A473E422C41F7 ] C:\Program Files (x86)\PrintMaster Platinum 18\Remind.exe
20:31:59.0518 5612 C:\Program Files (x86)\PrintMaster Platinum 18\Remind.exe - ok
20:31:59.0528 5612 [ 4C8981727B06F718832DD3D42C9EB769 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
20:31:59.0528 5612 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
20:31:59.0540 5612 [ CC8AA478524BB88D53171E8135D5A1FD ] C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
20:31:59.0540 5612 C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe - ok
20:31:59.0548 5612 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
20:31:59.0548 5612 C:\Windows\System32\networkexplorer.dll - ok
20:31:59.0560 5612 [ D3E69D500466C17498AAF7F83D12FFF0 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
20:31:59.0560 5612 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe - ok
20:31:59.0570 5612 [ 4D83DC461F8F4370274CF6E9AC9A34F4 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
20:31:59.0570 5612 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
20:31:59.0578 5612 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files (x86)\PrintMaster Platinum 18\mfc71.dll
20:31:59.0579 5612 C:\Program Files (x86)\PrintMaster Platinum 18\mfc71.dll - ok
20:31:59.0590 5612 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
20:31:59.0590 5612 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
20:31:59.0598 5612 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
20:31:59.0600 5612 C:\Windows\System32\stobject.dll - ok
20:31:59.0609 5612 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
20:31:59.0610 5612 C:\Windows\SysWOW64\samlib.dll - ok
20:31:59.0621 5612 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\PrintMaster Platinum 18\msvcr71.dll
20:31:59.0621 5612 C:\Program Files (x86)\PrintMaster Platinum 18\msvcr71.dll - ok
20:31:59.0630 5612 [ 75838AB28CC1318345DA62B6C339068C ] C:\Windows\System32\GfxUI.exe
20:31:59.0630 5612 C:\Windows\System32\GfxUI.exe - ok
20:31:59.0641 5612 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
20:31:59.0641 5612 C:\Windows\System32\batmeter.dll - ok
20:31:59.0652 5612 [ 61E4289E91E88C90478D7F4BEB10DCF7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:31:59.0652 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
20:31:59.0661 5612 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\SysWOW64\MFC71ENU.DLL
20:31:59.0661 5612 C:\Windows\SysWOW64\MFC71ENU.DLL - ok
20:31:59.0671 5612 [ 352C7C2470C03AFD41889236D849D75C ] C:\Windows\System32\igfxrenu.lrc
20:31:59.0671 5612 C:\Windows\System32\igfxrenu.lrc - ok
20:31:59.0682 5612 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
20:31:59.0682 5612 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
20:31:59.0691 5612 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
20:31:59.0691 5612 C:\Windows\System32\prnfldr.dll - ok
20:31:59.0701 5612 [ A8D3CF1BCEDB663C257F6C20219B718A ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
20:31:59.0701 5612 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
20:31:59.0711 5612 [ 13820B972D74B3DE4F6552A57AC799A7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
20:31:59.0711 5612 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
20:31:59.0721 5612 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
20:31:59.0721 5612 C:\Windows\System32\DXP.dll - ok
20:31:59.0730 5612 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:31:59.0730 5612 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:31:59.0740 5612 [ C98ACDE22458C8F46FD0503CB9E2D01F ] C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
20:31:59.0740 5612 C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe - ok
20:31:59.0750 5612 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
20:31:59.0750 5612 C:\Windows\System32\Syncreg.dll - ok
20:31:59.0761 5612 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
20:31:59.0761 5612 C:\Windows\ehome\ehSSO.dll - ok
20:31:59.0768 5612 [ C863E5A2417DF0F2A31ED32C3B2CB23F ] C:\Windows\SysWOW64\mshtml.dll
20:31:59.0768 5612 C:\Windows\SysWOW64\mshtml.dll - ok
20:31:59.0786 5612 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
20:31:59.0786 5612 C:\Windows\System32\wbem\wmiprov.dll - ok
20:31:59.0797 5612 [ EA8B5B41163A06FFA8930F5316473035 ] C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
20:31:59.0797 5612 C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe - ok
20:31:59.0813 5612 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
20:31:59.0813 5612 C:\Windows\System32\netshell.dll - ok
20:31:59.0824 5612 [ 593AD9042E84A7BADB7E84C6A97D6494 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll
20:31:59.0824 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll - ok
20:31:59.0835 5612 [ D9184C5FF3FD526761D518A95ABA74A3 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
20:31:59.0835 5612 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
20:31:59.0847 5612 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
20:31:59.0847 5612 C:\Windows\System32\WPDShServiceObj.dll - ok
20:31:59.0861 5612 [ 3721A8FB00D07D66E6E84A53ACFC28F0 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
20:31:59.0861 5612 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
20:31:59.0872 5612 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
20:31:59.0872 5612 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:31:59.0885 5612 [ 4DD6AD381C9701DEA5C17198E42E850D ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
20:31:59.0885 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe - ok
20:31:59.0897 5612 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
20:31:59.0897 5612 C:\Windows\System32\ActionCenter.dll - ok
20:31:59.0908 5612 [ 184C500CB9F69585F3FE85E1D2667CD8 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:31:59.0908 5612 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
20:31:59.0921 5612 [ EFCD571D096682970EF998DD7154EBC3 ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
20:31:59.0921 5612 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
20:31:59.0932 5612 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
20:31:59.0932 5612 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
20:31:59.0946 5612 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
20:31:59.0946 5612 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
20:31:59.0957 5612 [ F87EAF29C38913728E14EF9645EED92F ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
20:31:59.0957 5612 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
20:31:59.0968 5612 [ 7919F90EAE0C6B6085E7AF7F47B14C0F ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
20:31:59.0968 5612 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
20:31:59.0980 5612 [ 80537057E6EFDC1272F8AF572DAF0FBB ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
20:31:59.0980 5612 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
20:31:59.0992 5612 [ 0A09A781B1A209BDCC8E7431055E4C45 ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
20:31:59.0992 5612 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
20:32:00.0014 5612 [ DA7214AF0526F182E5AB0244358AE365 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
20:32:00.0014 5612 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
20:32:00.0023 5612 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
20:32:00.0024 5612 C:\Windows\System32\AltTab.dll - ok
20:32:00.0034 5612 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
20:32:00.0035 5612 C:\Windows\System32\FXSST.dll - ok
20:32:00.0045 5612 [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\SysWOW64\DWrite.dll
20:32:00.0045 5612 C:\Windows\SysWOW64\DWrite.dll - ok
20:32:00.0054 5612 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
20:32:00.0054 5612 C:\Windows\System32\FXSAPI.dll - ok
20:32:00.0065 5612 [ D9B9FA5132E0868911737E44536536EB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll
20:32:00.0065 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll - ok
20:32:00.0076 5612 [ AE10A0533A1F6A246DA633C034914B84 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
20:32:00.0076 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll - ok
20:32:00.0087 5612 [ DBDA60D92E774B4ACB3B1CD71F909426 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
20:32:00.0087 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll - ok
20:32:00.0097 5612 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
20:32:00.0097 5612 C:\Windows\System32\FXSRESM.dll - ok
20:32:00.0107 5612 [ C4B4409F186DA70FCF2BCC60D5F05489 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
20:32:00.0107 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll - ok
20:32:00.0117 5612 [ 048EA4B978851788E9F5E8E4F081DF7A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:32:00.0117 5612 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:32:00.0127 5612 [ C4BF1E5EAAE3CC897D97B61776229173 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll
20:32:00.0128 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll - ok
20:32:00.0138 5612 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
20:32:00.0138 5612 C:\Windows\SysWOW64\msimtf.dll - ok
20:32:00.0148 5612 [ 298FDE634538B62CEEEC266D8773B21A ] C:\Windows\SysWOW64\msls31.dll
20:32:00.0148 5612 C:\Windows\SysWOW64\msls31.dll - ok
20:32:00.0157 5612 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3 ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:32:00.0157 5612 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
20:32:00.0170 5612 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
20:32:00.0170 5612 C:\Windows\SysWOW64\sxs.dll - ok
20:32:00.0178 5612 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
20:32:00.0178 5612 C:\Windows\System32\pnidui.dll - ok
20:32:00.0190 5612 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
20:32:00.0190 5612 C:\Windows\SysWOW64\msiltcfg.dll - ok
20:32:00.0201 5612 [ 14800BD31701A5047AC3145BB1E698AE ] C:\Windows\SysWOW64\d2d1.dll
20:32:00.0201 5612 C:\Windows\SysWOW64\d2d1.dll - ok
20:32:00.0210 5612 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
20:32:00.0211 5612 C:\Windows\SysWOW64\mfc100u.dll - ok
20:32:00.0221 5612 [ 9E0B8310AE1A6762E3373181A2DB4EDE ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll
20:32:00.0221 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll - ok
20:32:00.0231 5612 [ CCDA8E6A2AC68FD417A8BB8D88CBFDAC ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
20:32:00.0231 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
20:32:00.0241 5612 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
20:32:00.0241 5612 C:\Windows\System32\QUTIL.DLL - ok
20:32:00.0252 5612 [ C6097B864F628594ED3E53BA55FE0E0C ] C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
20:32:00.0252 5612 C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll - ok
20:32:00.0262 5612 [ C4F8E5684A636D4D16BE409FD5E5AF6F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll
20:32:00.0262 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll - ok
20:32:00.0271 5612 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
20:32:00.0271 5612 C:\Windows\System32\srchadmin.dll - ok
20:32:00.0281 5612 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
20:32:00.0281 5612 C:\Windows\SysWOW64\wshqos.dll - ok
20:32:00.0291 5612 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
20:32:00.0291 5612 C:\Windows\System32\wbem\cimwin32.dll - ok
20:32:00.0302 5612 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:32:00.0302 5612 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
20:32:00.0313 5612 [ 8A02CB4204008852CABE45F420BDF7EF ] C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe
20:32:00.0313 5612 C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe - ok
20:32:00.0322 5612 [ 696C96941EAABF7847846A8E17539792 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll
20:32:00.0322 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll - ok
20:32:00.0334 5612 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
20:32:00.0334 5612 C:\Windows\System32\bthprops.cpl - ok
20:32:00.0345 5612 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
20:32:00.0345 5612 C:\Windows\System32\SearchIndexer.exe - ok
20:32:00.0355 5612 [ AF49D1C79EA49A7833017F290EE63B82 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
20:32:00.0355 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - ok
20:32:00.0365 5612 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
20:32:00.0365 5612 C:\Windows\System32\FXSSVC.exe - ok
20:32:00.0375 5612 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
20:32:00.0375 5612 C:\Windows\System32\tquery.dll - ok
20:32:00.0385 5612 [ 728C9194B532E7BB6D0E539C8F798098 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll
20:32:00.0385 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll - ok
20:32:00.0396 5612 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
20:32:00.0396 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
20:32:00.0406 5612 [ 7DCE7A74764EB7C67D21A32BC579453D ] C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
20:32:00.0406 5612 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe - ok
20:32:00.0415 5612 [ DCD78A37FB33BF0141A231109B052785 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:32:00.0416 5612 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
20:32:00.0426 5612 [ EABFF69AD1F443AD5D6105339E893BC0 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
20:32:00.0426 5612 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
20:32:00.0436 5612 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
20:32:00.0436 5612 C:\Windows\System32\framedynos.dll - ok
20:32:00.0447 5612 [ BF458B83875B9638CF4DEC48B3D39136 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
20:32:00.0447 5612 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
20:32:00.0457 5612 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
20:32:00.0457 5612 C:\Windows\System32\wmi.dll - ok
20:32:00.0467 5612 [ 58EC9523F6A3FA0EF28BE22FA9CCF876 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
20:32:00.0467 5612 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
20:32:00.0477 5612 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
20:32:00.0477 5612 C:\Windows\SysWOW64\dxgi.dll - ok
20:32:00.0487 5612 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
20:32:00.0487 5612 C:\Windows\SysWOW64\mfc100enu.dll - ok
20:32:00.0497 5612 [ 83DD0972788E79A722F6993CC1266043 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
20:32:00.0497 5612 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
20:32:00.0508 5612 [ BA38C50F523DC053488AC3F9EF99AA0B ] C:\Windows\SysWOW64\igdumdx32.dll
20:32:00.0508 5612 C:\Windows\SysWOW64\igdumdx32.dll - ok
20:32:00.0521 5612 [ 2EE693BE96C0D9E885CBC0FAC177D379 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
20:32:00.0521 5612 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
20:32:00.0531 5612 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
20:32:00.0531 5612 C:\Windows\System32\mssrch.dll - ok
20:32:00.0541 5612 [ AE098D9D3BD83440C59A0C3386F4F5DD ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
20:32:00.0541 5612 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
20:32:00.0551 5612 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\SysWOW64\d3d11.dll
20:32:00.0551 5612 C:\Windows\SysWOW64\d3d11.dll - ok
20:32:00.0561 5612 [ C6BCC1BE95AE7258D013EEA1C9159C8D ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
20:32:00.0561 5612 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
20:32:00.0571 5612 [ 193A0626CA65A5AEDDDD161560615D24 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
20:32:00.0571 5612 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
20:32:00.0582 5612 [ 557E7BC173C9E65B2BAFEB6D32345605 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll
20:32:00.0582 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll - ok
20:32:00.0592 5612 [ CAD0B60DF3E790FA7DDD205C117BA5C0 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
20:32:00.0592 5612 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
20:32:00.0602 5612 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
20:32:00.0602 5612 C:\Windows\System32\UIAnimation.dll - ok
20:32:00.0612 5612 [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
20:32:00.0612 5612 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
20:32:00.0622 5612 [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
20:32:00.0622 5612 C:\Windows\SysWOW64\srclient.dll - ok
20:32:00.0633 5612 [ C0DA0A273540D3A8B50AD1C9E01B4AEB ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
20:32:00.0633 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll - ok
20:32:00.0643 5612 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
20:32:00.0643 5612 C:\Windows\SysWOW64\spp.dll - ok
20:32:00.0653 5612 [ B6E8B931EFEF4112C6A401931627DC6B ] C:\Program Files\iPod\bin\iPodService.exe
20:32:00.0653 5612 C:\Program Files\iPod\bin\iPodService.exe - ok
20:32:00.0665 5612 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
20:32:00.0666 5612 C:\Windows\System32\netman.dll - ok
20:32:00.0675 5612 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
20:32:00.0675 5612 C:\Windows\System32\msidle.dll - ok
20:32:00.0685 5612 [ ED88C8281B49B34A39D5BCBC6DE935E8 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
20:32:00.0685 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll - ok
20:32:00.0696 5612 [ 463DADBE8F36AB3C8906D5BE6012659D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
20:32:00.0696 5612 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
20:32:00.0706 5612 [ D96106CF60505734B14F6AE80AAA4B07 ] C:\Windows\SysWOW64\d3d10warp.dll
20:32:00.0706 5612 C:\Windows\SysWOW64\d3d10warp.dll - ok
20:32:00.0717 5612 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
20:32:00.0717 5612 C:\Windows\System32\mssprxy.dll - ok
20:32:00.0728 5612 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
20:32:00.0728 5612 C:\Windows\SysWOW64\vssapi.dll - ok
20:32:00.0737 5612 [ B0335E0E041106E15ACC6D36D6D75BF5 ] C:\Windows\SysWOW64\igd10umd32.dll
20:32:00.0737 5612 C:\Windows\SysWOW64\igd10umd32.dll - ok
20:32:00.0748 5612 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
20:32:00.0748 5612 C:\Windows\System32\rasdlg.dll - ok
20:32:00.0757 5612 [ 040DD0C4B58D7860E14F313ACB722087 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll
20:32:00.0757 5612 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll - ok
20:32:00.0768 5612 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
20:32:00.0768 5612 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:32:00.0780 5612 [ D15B6E53340C2DA47370147B82C1796B ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
20:32:00.0780 5612 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
20:32:00.0791 5612 [ 9B0B6C93BADE51868D93DC50B5AD3118 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
20:32:00.0791 5612 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
20:32:00.0800 5612 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
20:32:00.0800 5612 C:\Windows\SysWOW64\atl.dll - ok
20:32:00.0811 5612 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
20:32:00.0811 5612 C:\Windows\System32\mprapi.dll - ok
20:32:00.0820 5612 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
20:32:00.0820 5612 C:\Windows\SysWOW64\vsstrace.dll - ok
20:32:00.0831 5612 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
20:32:00.0831 5612 C:\Windows\SysWOW64\mlang.dll - ok
20:32:00.0841 5612 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:32:00.0841 5612 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:32:00.0852 5612 [ 6E656C325A5519A3A9D951709958CF6F ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
20:32:00.0852 5612 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
20:32:00.0862 5612 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
20:32:00.0862 5612 C:\Windows\System32\dot3api.dll - ok
20:32:00.0873 5612 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
20:32:00.0873 5612 C:\Windows\SysWOW64\netprofm.dll - ok
20:32:00.0882 5612 [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
20:32:00.0882 5612 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
20:32:00.0893 5612 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
20:32:00.0893 5612 C:\Windows\System32\wlanhlp.dll - ok
20:32:00.0902 5612 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
20:32:00.0902 5612 C:\Windows\SysWOW64\nlaapi.dll - ok
20:32:00.0913 5612 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:32:00.0913 5612 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:32:00.0922 5612 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:32:00.0923 5612 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:32:00.0933 5612 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
20:32:00.0933 5612 C:\Windows\SysWOW64\npmproxy.dll - ok
20:32:00.0943 5612 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
20:32:00.0943 5612 C:\Windows\System32\wlanapi.dll - ok
20:32:00.0953 5612 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
20:32:00.0953 5612 C:\Windows\SysWOW64\duser.dll - ok
20:32:00.0962 5612 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
20:32:00.0962 5612 C:\Windows\System32\WWanAPI.dll - ok
20:32:00.0973 5612 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\SysWOW64\UIAutomationCore.dll
20:32:00.0973 5612 C:\Windows\SysWOW64\UIAutomationCore.dll - ok
20:32:00.0982 5612 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
20:32:00.0983 5612 C:\Windows\SysWOW64\dui70.dll - ok
20:32:00.0992 5612 [ B80B70609797F944517186DDAC174A50 ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll
20:32:00.0992 5612 C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok
20:32:01.0003 5612 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
20:32:01.0003 5612 C:\Windows\SysWOW64\d3d10_1.dll - ok
20:32:01.0013 5612 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
20:32:01.0013 5612 C:\Windows\System32\wwapi.dll - ok
20:32:01.0023 5612 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
20:32:01.0024 5612 C:\Windows\System32\QAGENT.DLL - ok
20:32:01.0034 5612 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
20:32:01.0034 5612 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
20:32:01.0044 5612 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
20:32:01.0044 5612 C:\Windows\SysWOW64\d3d10_1core.dll - ok
20:32:01.0054 5612 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
20:32:01.0054 5612 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
20:32:01.0065 5612 [ FE482FFCB2B484B60556EB1D384F341A ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
20:32:01.0065 5612 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
20:32:01.0074 5612 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
20:32:01.0074 5612 C:\Windows\SysWOW64\mscms.dll - ok
20:32:01.0085 5612 [ 3C611E94321D6A82EB4C5BCD34FC9F5D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll
20:32:01.0085 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll - ok
20:32:01.0095 5612 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
20:32:01.0095 5612 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
20:32:01.0105 5612 [ 0EC4190B22A0E37010CC69371432FC0C ] C:\Windows\System32\gfxSrvc.dll
20:32:01.0105 5612 C:\Windows\System32\gfxSrvc.dll - ok
20:32:01.0115 5612 [ 58957A04853F47B791D68B960258043C ] C:\Windows\System32\IGFXDEVLib.dll
20:32:01.0115 5612 C:\Windows\System32\IGFXDEVLib.dll - ok
20:32:01.0124 5612 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
20:32:01.0125 5612 C:\Windows\SysWOW64\linkinfo.dll - ok
20:32:01.0134 5612 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
20:32:01.0134 5612 C:\Windows\System32\d3d9.dll - ok
20:32:01.0144 5612 [ ADA5C3D49A12CED9F07913DC00E547A8 ] C:\Windows\System32\imgutil.dll
20:32:01.0144 5612 C:\Windows\System32\imgutil.dll - ok
20:32:01.0154 5612 [ AC673746F0EFBF0F09D35651163C04E8 ] C:\Windows\System32\Macromed\Flash\Flash64_12_0_0_70.ocx
20:32:01.0155 5612 C:\Windows\System32\Macromed\Flash\Flash64_12_0_0_70.ocx - ok
20:32:01.0166 5612 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
20:32:01.0166 5612 C:\Windows\System32\d3d8thk.dll - ok
20:32:01.0176 5612 [ 547BE09D331BBCF57F3AF5B4FC02C310 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll
20:32:01.0176 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll - ok
20:32:01.0188 5612 [ E1B029A730548B18FACE500EE46F659B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll
20:32:01.0188 5612 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll - ok
20:32:01.0200 5612 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
20:32:01.0200 5612 C:\Windows\SysWOW64\NapiNSP.dll - ok
20:32:01.0211 5612 [ 1FD1215C4B622EB21D50BC6F80821023 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\d6a43130081227fd48defe1a87040123\System.Configuration.ni.dll
20:32:01.0211 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\d6a43130081227fd48defe1a87040123\System.Configuration.ni.dll - ok
20:32:01.0220 5612 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
20:32:01.0220 5612 C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:32:01.0231 5612 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
20:32:01.0231 5612 C:\Windows\SysWOW64\winrnr.dll - ok
20:32:01.0240 5612 [ F00AE7B953ABEF1B53FBBA187DFC8238 ] C:\Windows\System32\webcheck.dll
20:32:01.0240 5612 C:\Windows\System32\webcheck.dll - ok
20:32:01.0251 5612 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
20:32:01.0251 5612 C:\Windows\System32\SearchProtocolHost.exe - ok
20:32:01.0260 5612 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
20:32:01.0260 5612 C:\Windows\System32\msshooks.dll - ok
20:32:01.0270 5612 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
20:32:01.0270 5612 C:\Windows\System32\SearchFilterHost.exe - ok
20:32:01.0280 5612 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
20:32:01.0280 5612 C:\Windows\System32\SyncCenter.dll - ok
20:32:01.0290 5612 [ F1C19F0AA151B90A7416FA1D50DDB582 ] C:\Windows\System32\WindowsCodecsExt.dll
20:32:01.0290 5612 C:\Windows\System32\WindowsCodecsExt.dll - ok
20:32:01.0300 5612 [ E87213F37A13E2B54391E40934F071D0 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:32:01.0300 5612 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:32:01.0310 5612 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
20:32:01.0310 5612 C:\Windows\System32\icm32.dll - ok
20:32:01.0318 5612 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
20:32:01.0318 5612 C:\Windows\System32\mssph.dll - ok
20:32:01.0331 5612 [ 90C98B905CF3A4E60C537AE37C95B1A5 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7dd846e826e689fce547aefb6e6f16ac\WindowsFormsIntegration.ni.dll
20:32:01.0331 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7dd846e826e689fce547aefb6e6f16ac\WindowsFormsIntegration.ni.dll - ok
20:32:01.0343 5612 [ 7D33B37BB6E53A9368904C5EEA1778C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9fb53c000500919c5c98fd3c749a2393\PresentationFramework.Aero.ni.dll
20:32:01.0343 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9fb53c000500919c5c98fd3c749a2393\PresentationFramework.Aero.ni.dll - ok
20:32:01.0353 5612 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
20:32:01.0353 5612 C:\Windows\System32\mapi32.dll - ok
20:32:01.0363 5612 [ 0DCA5F8AF83975061D9D8340DC471B5C ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
20:32:01.0363 5612 C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
20:32:01.0373 5612 [ DA783E6B6614F61DA8083FBFBBF57E3C ] C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
20:32:01.0373 5612 C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - ok
20:32:01.0383 5612 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
20:32:01.0383 5612 C:\Windows\System32\imapi2.dll - ok
20:32:01.0393 5612 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
20:32:01.0393 5612 C:\Windows\SysWOW64\mscoree.dll - ok
20:32:01.0402 5612 [ 6E42D6759EF29A36BA321823494CCB35 ] C:\Windows\System32\dinput8.dll
20:32:01.0402 5612 C:\Windows\System32\dinput8.dll - ok
20:32:01.0413 5612 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
20:32:01.0413 5612 C:\Windows\System32\hgcpl.dll - ok
20:32:01.0422 5612 [ BFEBB6F76A0988A38260870C61A6D1B7 ] C:\Windows\SysWOW64\mfreadwrite.dll
20:32:01.0423 5612 C:\Windows\SysWOW64\mfreadwrite.dll - ok
20:32:01.0432 5612 [ EE10AB99A480875E012CA339EC48F02B ] C:\Windows\System32\mshtmlmedia.dll
20:32:01.0432 5612 C:\Windows\System32\mshtmlmedia.dll - ok
20:32:01.0442 5612 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
20:32:01.0442 5612 C:\Windows\SysWOW64\mf.dll - ok
20:32:01.0452 5612 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:32:01.0452 5612 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
20:32:01.0462 5612 [ F7AB315A4D400CA876381D1E188A2E20 ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:32:01.0462 5612 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
20:32:01.0472 5612 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
20:32:01.0472 5612 C:\Windows\System32\Query.dll - ok
20:32:01.0482 5612 [ 81FB155132AE12BA18119D5B36A85476 ] C:\Windows\System32\msvcr110_clr0400.dll
20:32:01.0482 5612 C:\Windows\System32\msvcr110_clr0400.dll - ok
20:32:01.0493 5612 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
20:32:01.0493 5612 C:\Windows\System32\mf.dll - ok
20:32:01.0503 5612 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
20:32:01.0503 5612 C:\Windows\SysWOW64\ksuser.dll - ok
20:32:01.0513 5612 [ 3834316FE8A653227282196525E07DFE ] C:\Windows\System32\d3d10level9.dll
20:32:01.0513 5612 C:\Windows\System32\d3d10level9.dll - ok
20:32:01.0523 5612 [ AA6F6457116B559B76BC6A012CB4C293 ] C:\Windows\SysWOW64\schannel.dll
20:32:01.0523 5612 C:\Windows\SysWOW64\schannel.dll - ok
20:32:01.0533 5612 [ D0B90C38FA3CD4F4A03F0BF1FD45B635 ] C:\Program Files (x86)\Google\Update\1.3.22.5\goopdateres_en.dll
20:32:01.0533 5612 C:\Program Files (x86)\Google\Update\1.3.22.5\goopdateres_en.dll - ok
20:32:01.0543 5612 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
20:32:01.0543 5612 C:\Windows\SysWOW64\dxva2.dll - ok
20:32:01.0553 5612 [ BE78357FB49759B79CCC01894BCFDDDB ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
20:32:01.0553 5612 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
20:32:01.0563 5612 [ 3F2C5D443777650ACD8FE56AC1E34D25 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\7934f9795ad87e109e4df93b3a5cdf06\System.ServiceProcess.ni.dll
20:32:01.0563 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\7934f9795ad87e109e4df93b3a5cdf06\System.ServiceProcess.ni.dll - ok
20:32:01.0573 5612 [ 8E066CBA11F1256B56847676375970A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\fa3d1590f15acc02e87b266c0b971523\System.Runtime.Remoting.ni.dll
20:32:01.0573 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\fa3d1590f15acc02e87b266c0b971523\System.Runtime.Remoting.ni.dll - ok
20:32:01.0583 5612 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
20:32:01.0584 5612 C:\Windows\System32\NaturalLanguage6.dll - ok
20:32:01.0593 5612 [ F043FE6A119ACEAA0C0209E01ADA8230 ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
20:32:01.0593 5612 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
20:32:01.0603 5612 [ 3A09322A8AA8B0C79036686A0EBE7B4C ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:32:01.0603 5612 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe - ok
20:32:01.0613 5612 [ 9AED8E824CF5FAAB67957EDBC5512060 ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
20:32:01.0614 5612 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
20:32:01.0623 5612 [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
20:32:01.0623 5612 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
20:32:01.0633 5612 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
20:32:01.0633 5612 C:\Windows\System32\NlsData0009.dll - ok
20:32:01.0643 5612 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
20:32:01.0643 5612 C:\Windows\System32\NlsLexicons0009.dll - ok
20:32:01.0653 5612 [ B6CCB6129ABFC60421EAF2404431FA8F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\02e876a42f8f4ae5d74c8f07819a4870\System.Core.ni.dll
20:32:01.0653 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\02e876a42f8f4ae5d74c8f07819a4870\System.Core.ni.dll - ok
20:32:01.0664 5612 [ A2F0B6A45EF5B68173AAA2A39690904E ] C:\Windows\SysWOW64\zipfldr.dll
20:32:01.0664 5612 C:\Windows\SysWOW64\zipfldr.dll - ok
20:32:01.0674 5612 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
20:32:01.0674 5612 C:\Windows\System32\ELSCore.dll - ok
20:32:01.0684 5612 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
20:32:01.0685 5612 C:\Windows\System32\shfolder.dll - ok
20:32:01.0695 5612 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
20:32:01.0695 5612 C:\Windows\System32\elsTrans.dll - ok
20:32:01.0704 5612 [ 5FBA7AA0224C5574845A2AFE28BAE4A3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\bf76ec576453e56f4d41d99cbed88e5c\System.Management.ni.dll
20:32:01.0705 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\bf76ec576453e56f4d41d99cbed88e5c\System.Management.ni.dll - ok
20:32:01.0715 5612 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
20:32:01.0715 5612 C:\Windows\System32\certcli.dll - ok
20:32:01.0724 5612 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
20:32:01.0724 5612 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
20:32:01.0735 5612 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
20:32:01.0735 5612 C:\Windows\System32\elslad.dll - ok
20:32:01.0745 5612 [ 5FFF3E71B4724BB10918FD6DD7413D99 ] C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
20:32:01.0745 5612 C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe - ok
20:32:01.0754 5612 [ 36142F4057158C4269A94594C68C9381 ] C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
20:32:01.0754 5612 C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe - ok
20:32:01.0764 5612 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
20:32:01.0764 5612 C:\Windows\System32\wersvc.dll - ok
20:32:01.0774 5612 [ 99280392987A1A96C756A9F38C4CE396 ] C:\Windows\SysWOW64\jscript9.dll
20:32:01.0774 5612 C:\Windows\SysWOW64\jscript9.dll - ok
20:32:01.0784 5612 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
20:32:01.0784 5612 C:\Windows\System32\dxva2.dll - ok
20:32:01.0794 5612 [ CE3C3DBFF97A7A4DC0B59F2FC710439B ] C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
20:32:01.0794 5612 C:\Program Files\Realtek\RtVOsd\RtVOsd.exe - ok
20:32:01.0804 5612 [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
20:32:01.0804 5612 C:\Windows\SysWOW64\WerFault.exe - ok
20:32:01.0818 5612 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
20:32:01.0818 5612 C:\Windows\SysWOW64\wer.dll - ok
20:32:01.0834 5612 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
20:32:01.0834 5612 C:\Windows\System32\oledlg.dll - ok
20:32:01.0847 5612 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
20:32:01.0847 5612 C:\Windows\System32\sppsvc.exe - ok
20:32:01.0858 5612 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
20:32:01.0858 5612 C:\Windows\SysWOW64\Faultrep.dll - ok
20:32:01.0867 5612 [ BB3C7E48088D37417EB37F1A9E3D2449 ] C:\Windows\SysWOW64\werui.dll
20:32:01.0867 5612 C:\Windows\SysWOW64\werui.dll - ok
20:32:01.0878 5612 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
20:32:01.0878 5612 C:\Windows\SysWOW64\xmllite.dll - ok
20:32:01.0888 5612 [ B8E6A174428F7E6EACD7655D129FCADF ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
20:32:01.0888 5612 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe - ok
20:32:01.0898 5612 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:32:01.0898 5612 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:32:01.0908 5612 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
20:32:01.0908 5612 C:\Windows\System32\drivers\spsys.sys - ok
20:32:01.0918 5612 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
20:32:01.0918 5612 C:\Windows\System32\wmdrmdev.dll - ok
20:32:01.0928 5612 [ 8808B725F60DFE66E59620940A193CAF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
20:32:01.0928 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok
20:32:01.0940 5612 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
20:32:01.0940 5612 C:\Windows\System32\drmv2clt.dll - ok
20:32:01.0951 5612 [ 6F1AF8E1206E92256459E3012C20472A ] C:\Windows\System32\jsIntl.dll
20:32:01.0951 5612 C:\Windows\System32\jsIntl.dll - ok
20:32:01.0960 5612 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
20:32:01.0960 5612 C:\Windows\System32\wuaueng.dll - ok
20:32:01.0970 5612 [ 4FAFC27DBEF9A19134620633F5CDC680 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\45e0966acaad1f6fa698d599615bb921\System.Web.ni.dll
20:32:01.0970 5612 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\45e0966acaad1f6fa698d599615bb921\System.Web.ni.dll - ok
20:32:01.0980 5612 [ 950E73D43BA3D8415EF788D301CBE364 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_12_0_0_70.ocx
20:32:01.0980 5612 C:\Windows\SysWOW64\Macromed\Flash\Flash32_12_0_0_70.ocx - ok
20:32:01.0990 5612 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
20:32:01.0990 5612 C:\Windows\SysWOW64\dsound.dll - ok
20:32:02.0001 5612 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
20:32:02.0001 5612 C:\Windows\SysWOW64\powrprof.dll - ok
20:32:02.0011 5612 [ 5E08AC958BE05247FF1539E0D1CE7905 ] C:\Windows\SysWOW64\dinput8.dll
20:32:02.0011 5612 C:\Windows\SysWOW64\dinput8.dll - ok
20:32:02.0022 5612 [ 040B198DA82AC2C4DB22E088BBAFD10B ] C:\Windows\System32\t2embed.dll
20:32:02.0022 5612 C:\Windows\System32\t2embed.dll - ok
20:32:02.0032 5612 [ BE501CBC29B2025A263D80D399F1797A ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
20:32:02.0032 5612 C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll - ok
20:32:02.0042 5612 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
20:32:02.0042 5612 C:\Windows\System32\mspatcha.dll - ok
20:32:02.0052 5612 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
20:32:02.0052 5612 C:\Windows\System32\sppwinob.dll - ok
20:32:02.0062 5612 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
20:32:02.0062 5612 C:\Windows\System32\wscinterop.dll - ok
20:32:02.0072 5612 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
20:32:02.0072 5612 C:\Windows\System32\wscapi.dll - ok
20:32:02.0082 5612 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
20:32:02.0082 5612 C:\Windows\System32\wscui.cpl - ok
20:32:02.0091 5612 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
20:32:02.0091 5612 C:\Windows\System32\werconcpl.dll - ok
20:32:02.0101 5612 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
20:32:02.0101 5612 C:\Windows\System32\wercplsupport.dll - ok
20:32:02.0110 5612 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
20:32:02.0111 5612 C:\Windows\System32\hcproviders.dll - ok
20:32:02.0121 5612 [ E515A809318ECDC8D9462810CB5D12B8 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
20:32:02.0121 5612 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
20:32:02.0131 5612 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll
20:32:02.0131 5612 C:\Windows\SysWOW64\UIAnimation.dll - ok
20:32:02.0141 5612 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
20:32:02.0141 5612 C:\Windows\System32\wups2.dll - ok
20:32:02.0151 5612 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
20:32:02.0151 5612 C:\Windows\System32\upnp.dll - ok
20:32:02.0163 5612 [ 08B56CF57B7CE44315034247CC76D0F1 ] C:\Windows\SysWOW64\dxtrans.dll
20:32:02.0163 5612 C:\Windows\SysWOW64\dxtrans.dll - ok
20:32:02.0172 5612 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
20:32:02.0172 5612 C:\Windows\System32\ssdpsrv.dll - ok
20:32:02.0183 5612 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
20:32:02.0183 5612 C:\Windows\SysWOW64\ddrawex.dll - ok
20:32:02.0193 5612 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
20:32:02.0193 5612 C:\Windows\SysWOW64\ddraw.dll - ok
20:32:02.0202 5612 [ 2342EC9254F4C60CA98441BD65C89E12 ] C:\Windows\SysWOW64\dciman32.dll
20:32:02.0203 5612 C:\Windows\SysWOW64\dciman32.dll - ok
20:32:02.0213 5612 [ 017B1CDDA13B2FBBD54232BA19C8C6A5 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
20:32:02.0213 5612 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe - ok
20:32:02.0222 5612 [ C3B0DBD04CC18574B0706CA119902474 ] C:\Windows\SysWOW64\dxtmsft.dll
20:32:02.0222 5612 C:\Windows\SysWOW64\dxtmsft.dll - ok
20:32:02.0232 5612 [ 8CBBB27369F9F07BC5E874E750EAF9D0 ] C:\Windows\System32\wmp.dll
20:32:02.0232 5612 C:\Windows\System32\wmp.dll - ok
20:32:02.0243 5612 [ AB272BBFB05A8585C3405EFA9F605774 ] C:\Windows\System32\wmploc.DLL
20:32:02.0243 5612 C:\Windows\System32\wmploc.DLL - ok
20:32:02.0252 5612 [ FB7784A74CAA1DECE064954E73408F59 ] C:\Program Files\Internet Explorer\ieproxy.dll
20:32:02.0252 5612 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:32:02.0262 5612 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
20:32:02.0262 5612 C:\Windows\System32\wmpps.dll - ok
20:32:02.0271 5612 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
20:32:02.0271 5612 C:\Windows\System32\wmpmde.dll - ok
20:32:02.0282 5612 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
20:32:02.0282 5612 C:\Windows\System32\httpapi.dll - ok
20:32:02.0292 5612 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
20:32:02.0292 5612 C:\Windows\System32\WinSATAPI.dll - ok
20:32:02.0301 5612 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
20:32:02.0301 5612 C:\Windows\System32\MSMPEG2ENC.DLL - ok
20:32:02.0311 5612 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
20:32:02.0312 5612 C:\Windows\System32\devenum.dll - ok
20:32:02.0321 5612 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
20:32:02.0321 5612 C:\Windows\System32\msdmo.dll - ok
20:32:02.0332 5612 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
20:32:02.0332 5612 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
20:32:02.0343 5612 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
20:32:02.0343 5612 C:\Windows\System32\upnphost.dll - ok
20:32:02.0352 5612 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
20:32:02.0352 5612 C:\Windows\System32\wbem\WMIADAP.exe - ok
20:32:02.0363 5612 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
20:32:02.0363 5612 C:\Windows\System32\loadperf.dll - ok
20:32:02.0373 5612 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Tonya\Desktop\tdsskiller.exe
20:32:02.0373 5612 C:\Users\Tonya\Desktop\tdsskiller.exe - ok
20:32:02.0386 5612 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
20:32:02.0386 5612 C:\Windows\System32\udhisapi.dll - ok
20:32:02.0395 5612 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
20:32:02.0395 5612 C:\Windows\System32\drprov.dll - ok
20:32:02.0405 5612 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
20:32:02.0405 5612 C:\Windows\System32\ntlanman.dll - ok
20:32:02.0415 5612 [ B32AB94A432289AC2DF77A3DCAD32EED ] C:\Windows\System32\davclnt.dll
20:32:02.0415 5612 C:\Windows\System32\davclnt.dll - ok
20:32:02.0425 5612 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
20:32:02.0425 5612 C:\Windows\System32\davhlpr.dll - ok
20:32:02.0435 5612 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
20:32:02.0435 5612 C:\Windows\SysWOW64\d3d9.dll - ok
20:32:02.0444 5612 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
20:32:02.0444 5612 C:\Windows\SysWOW64\d3d8thk.dll - ok
20:32:02.0454 5612 [ 10AB9C9ADB89816BEFB077E72659D029 ] C:\Windows\SysWOW64\igdumd32.dll
20:32:02.0454 5612 C:\Windows\SysWOW64\igdumd32.dll - ok
20:32:02.0464 5612 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\37965036.sys
20:32:02.0464 5612 C:\Windows\System32\drivers\37965036.sys - ok
20:32:02.0473 5612 [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
20:32:02.0474 5612 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
20:32:02.0484 5612 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
20:32:02.0484 5612 C:\Windows\SysWOW64\msxml6.dll - ok
20:32:02.0493 5612 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
20:32:02.0493 5612 C:\Windows\SysWOW64\icm32.dll - ok
20:32:02.0504 5612 [ 502600A59BA0F8308F3ABE7884BC5D30 ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
20:32:02.0504 5612 C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll - ok
20:32:02.0515 5612 [ C9A733CCFEBA5CD0535CCEB7819CC65C ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Accessibility.api
20:32:02.0515 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Accessibility.api - ok
20:32:02.0525 5612 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
20:32:02.0525 5612 C:\Windows\System32\sppobjs.dll - ok
20:32:02.0535 5612 [ A38299A2425BF40763CE3537EFE81664 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\AcroForm.api
20:32:02.0535 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\AcroForm.api - ok
20:32:02.0545 5612 [ 6EB0B7301E00F717BD68A742D1391FAF ] C:\Windows\SysWOW64\imgutil.dll
20:32:02.0545 5612 C:\Windows\SysWOW64\imgutil.dll - ok
20:32:02.0555 5612 [ FEFE759B03EC1E0212B402034385295A ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Annots.api
20:32:02.0555 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Annots.api - ok
20:32:02.0566 5612 [ 5378AD5A54C074EBA41B7D97FC96D63F ] C:\Program Files (x86)\AVG\AVG2013\avgadvisorx.dll
20:32:02.0566 5612 C:\Program Files (x86)\AVG\AVG2013\avgadvisorx.dll - ok
20:32:02.0575 5612 [ 88016B5658AE82D289FC7403511B21EC ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Checkers.api
20:32:02.0575 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Checkers.api - ok
20:32:02.0586 5612 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
20:32:02.0586 5612 C:\Windows\SysWOW64\snmpapi.dll - ok
20:32:02.0596 5612 [ 4CF9BE091EC379549AA795F8737A1AC7 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\DigSig.api
20:32:02.0596 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\DigSig.api - ok
20:32:02.0605 5612 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
20:32:02.0605 5612 C:\Windows\SysWOW64\wlanapi.dll - ok
20:32:02.0615 5612 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
20:32:02.0615 5612 C:\Windows\SysWOW64\wlanutil.dll - ok
20:32:02.0625 5612 [ 7062783AB7A72B702C55CAF96B795AC8 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\DVA.api
20:32:02.0625 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\DVA.api - ok
20:32:02.0635 5612 [ 110F9D4A06B5FF7BFCEA531053D418F0 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\eBook.api
20:32:02.0635 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\eBook.api - ok
20:32:02.0646 5612 [ D6907AA012124BC6101C84C36BF82193 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api
20:32:02.0646 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api - ok
20:32:02.0655 5612 [ E69A7AD873CAF58D3A39DD8B0DB94724 ] C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll
20:32:02.0655 5612 C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll - ok
20:32:02.0666 5612 [ 46D3CD622B193D93A9EBD5FF5EAA9F4D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api
20:32:02.0666 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api - ok
20:32:02.0678 5612 [ C1738A0ABBC74AA10A636DAED2C80E42 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\MakeAccessible.api
20:32:02.0678 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\MakeAccessible.api - ok
20:32:02.0687 5612 [ 3AEF260BE97996854DC1AE645864264A ] C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
20:32:02.0687 5612 C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe - ok
20:32:02.0698 5612 [ 5AE2ACF1987847FF43E83DC27F13BAEB ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Multimedia.api
20:32:02.0698 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Multimedia.api - ok
20:32:02.0710 5612 [ 5436F8191CF866309EAD6F62905CDDCA ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\PDDom.api
20:32:02.0710 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\PDDom.api - ok
20:32:02.0718 5612 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
20:32:02.0718 5612 C:\Windows\SysWOW64\pdh.dll - ok
20:32:02.0728 5612 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
20:32:02.0728 5612 C:\Windows\SysWOW64\rasapi32.dll - ok
20:32:02.0737 5612 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
20:32:02.0737 5612 C:\Windows\SysWOW64\rasman.dll - ok
20:32:02.0748 5612 [ 5331E8707AA0E5D5ECC392D0F57F050F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\PPKLite.api
20:32:02.0748 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\PPKLite.api - ok
20:32:02.0758 5612 [ DC79D7014F9EF67823A9AD8001D9DC40 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\ReadOutLoud.api
20:32:02.0758 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\ReadOutLoud.api - ok
20:32:02.0768 5612 [ 8EE00F9B3947678D492AF342D71FE820 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\reflow.api
20:32:02.0768 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\reflow.api - ok
20:32:02.0793 5612 [ 1AB77934ABC7AEA3246F50599826883D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\SaveAsRTF.api
20:32:02.0793 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\SaveAsRTF.api - ok
20:32:02.0804 5612 [ CBB1D341E22EBAB68F4872AC403A11EE ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Search.api
20:32:02.0804 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Search.api - ok
20:32:02.0815 5612 [ 96A942FB20CB0C73220D8681D5F270CA ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\SendMail.api
20:32:02.0815 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\SendMail.api - ok
20:32:02.0826 5612 [ 09EBC2DA215E8DEAAA00A7BC2C301ACE ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Spelling.api
20:32:02.0826 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Spelling.api - ok
20:32:02.0837 5612 [ 205E89CC5F0C05A659444029A40D7457 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Updater.api
20:32:02.0837 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Updater.api - ok
20:32:02.0847 5612 [ 245C90656B40C81CB63A6F3A35847E45 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api
20:32:02.0847 5612 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api - ok
20:32:02.0857 5612 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
20:32:02.0857 5612 C:\Windows\System32\security.dll - ok
20:32:02.0866 5612 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
20:32:02.0866 5612 C:\Windows\System32\browcli.dll - ok
20:32:02.0876 5612 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
20:32:02.0876 5612 C:\Windows\System32\schedcli.dll - ok
20:32:02.0886 5612 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
20:32:02.0886 5612 C:\Windows\System32\wbem\wmipcima.dll - ok
20:32:02.0896 5612 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
20:32:02.0896 5612 C:\Windows\System32\qmgr.dll - ok
20:32:02.0905 5612 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
20:32:02.0905 5612 C:\Windows\System32\bitsperf.dll - ok
20:32:02.0915 5612 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
20:32:02.0915 5612 C:\Windows\System32\bitsigd.dll - ok
20:32:02.0925 5612 [ 3D485254E43EF4E4F707346B5731EA9A ] C:\Windows\SysWOW64\vbscript.dll
20:32:02.0925 5612 C:\Windows\SysWOW64\vbscript.dll - ok
20:32:02.0935 5612 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
20:32:02.0935 5612 C:\Windows\System32\slwga.dll - ok
20:32:02.0944 5612 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
20:32:02.0944 5612 C:\Windows\System32\sppc.dll - ok
20:32:02.0954 5612 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
20:32:02.0954 5612 C:\Windows\System32\qmgrprxy.dll - ok
20:32:02.0963 5612 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
20:32:02.0963 5612 C:\Windows\SysWOW64\qmgrprxy.dll - ok
20:32:02.0973 5612 [ 050F9C98EEDE361356245BFF2889DF67 ] C:\Program Files (x86)\QuickTime\QTPlugin.ocx
20:32:02.0973 5612 C:\Program Files (x86)\QuickTime\QTPlugin.ocx - ok
20:32:02.0983 5612 [ 7ECBD4D3EA0B9166E33A1A0F78BE6A00 ] C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts
20:32:02.0983 5612 C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts - ok
20:32:02.0993 5612 [ 62FDAC66B79C812763372D1962F5D721 ] C:\Windows\SysWOW64\Adobe\Director\SwDir_1200112.dll
20:32:02.0993 5612 C:\Windows\SysWOW64\Adobe\Director\SwDir_1200112.dll - ok
20:32:03.0004 5612 [ 5891CE435D9E654A8F5641CEE90BFBC9 ] C:\Windows\SysWOW64\Adobe\Shockwave 12\Control.dll
20:32:03.0004 5612 C:\Windows\SysWOW64\Adobe\Shockwave 12\Control.dll - ok
20:32:03.0015 5612 [ 19DF2DDEE194F4BB86A9EB3A3046B99C ] C:\Windows\SysWOW64\Macromed\Shockwave 10\Control.dll
20:32:03.0015 5612 C:\Windows\SysWOW64\Macromed\Shockwave 10\Control.dll - ok
20:32:03.0024 5612 [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\SysWOW64\t2embed.dll
20:32:03.0024 5612 C:\Windows\SysWOW64\t2embed.dll - ok
20:32:03.0035 5612 [ 779E142FE2159935E78C0FA2E190FF1E ] C:\Windows\SysWOW64\jscript.dll
20:32:03.0035 5612 C:\Windows\SysWOW64\jscript.dll - ok
20:32:03.0044 5612 [ D20E2CF32C16735528FF5EF418FF9C5C ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\agcore.dll
20:32:03.0044 5612 C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\agcore.dll - ok
20:32:03.0051 5612 ============================================================
20:32:03.0051 5612 Scan finished
20:32:03.0051 5612 ============================================================
20:32:03.0073 4980 Detected object count: 2
20:32:03.0073 4980 Actual detected object count: 2
20:33:51.0595 4980 RtVOsdService ( UnsignedFile.Multi.Generic ) - skipped by user
20:33:51.0595 4980 RtVOsdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:33:52.0014 4980 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
20:33:52.0186 4980 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
20:33:52.0222 4980 \Device\Harddisk0\DR0\Partition1 - ok
20:33:52.0222 4980 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
20:33:59.0397 6392 Deinitialize success





Hope I have the right one here, its a slightly different file name.

# AdwCleaner v3.020 - Report created 02/03/2014 at 21:05:09
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tonya - TONYA-PC
# Running from : C:\Users\Tonya\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8183 octets] - [02/03/2014 17:40:20]
AdwCleaner[R1].txt - [1005 octets] - [02/03/2014 19:39:21]
AdwCleaner[R2].txt - [1126 octets] - [02/03/2014 20:58:22]
AdwCleaner[S0].txt - [8384 octets] - [02/03/2014 18:24:41]
AdwCleaner[S1].txt - [1066 octets] - [02/03/2014 20:04:18]
AdwCleaner[S2].txt - [1048 octets] - [02/03/2014 21:05:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1108 octets] ##########
  • 0

#8
pystryker
Posted 02 March 2014 - 08:37 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Thank you for the logs :) We've got a rootkit hiding in there, so let's send it packing.

Run TDSSKiller again, and when it finishes scanning select Cure or Delete for this entry:

20:33:52.0186 4980 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b )


Let the machine reboot and then post the log it will generate. :thumbsup:
  • 0

#9
gmcube
Posted 02 March 2014 - 09:09 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
Hmm, this time didn't turn up any threats.



21:53:21.0780 0x0d90 TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
21:53:23.0793 0x0d90 ============================================================
21:53:23.0793 0x0d90 Current date / time: 2014/03/02 21:53:23.0793
21:53:23.0793 0x0d90 SystemInfo:
21:53:23.0793 0x0d90
21:53:23.0793 0x0d90 OS Version: 6.1.7601 ServicePack: 1.0
21:53:23.0793 0x0d90 Product type: Workstation
21:53:23.0793 0x0d90 ComputerName: TONYA-PC
21:53:24.0027 0x0d90 UserName: Tonya
21:53:24.0027 0x0d90 Windows directory: C:\Windows
21:53:24.0027 0x0d90 System windows directory: C:\Windows
21:53:24.0027 0x0d90 Running under WOW64
21:53:24.0027 0x0d90 Processor architecture: Intel x64
21:53:24.0027 0x0d90 Number of processors: 1
21:53:24.0027 0x0d90 Page size: 0x1000
21:53:24.0027 0x0d90 Boot type: Normal boot
21:53:24.0027 0x0d90 ============================================================
21:53:24.0042 0x0d90 BG loaded
21:53:24.0261 0x0d90 System UUID: {94979810-1F61-98E5-8B97-5CDBE08CD032}
21:53:25.0134 0x0d90 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:53:25.0134 0x0d90 ============================================================
21:53:25.0134 0x0d90 \Device\Harddisk0\DR0:
21:53:25.0134 0x0d90 MBR partitions:
21:53:25.0134 0x0d90 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:53:25.0134 0x0d90 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B0EE000
21:53:25.0134 0x0d90 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B152000, BlocksNum 0x203F800
21:53:25.0134 0x0d90 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
21:53:25.0134 0x0d90 ============================================================
21:53:25.0181 0x0d90 C: <-> \Device\Harddisk0\DR0\Partition2
21:53:25.0415 0x0d90 D: <-> \Device\Harddisk0\DR0\Partition3
21:53:25.0415 0x0d90 ============================================================
21:53:25.0415 0x0d90 Initialize success
21:53:25.0415 0x0d90 ============================================================
21:53:39.0440 0x0c30 ============================================================
21:53:39.0440 0x0c30 Scan started
21:53:39.0440 0x0c30 Mode: Manual; SigCheck; TDLFS;
21:53:39.0440 0x0c30 ============================================================
21:53:39.0440 0x0c30 KSN ping started
21:53:43.0511 0x0c30 KSN ping finished: true
21:54:43.0499 0x0c30 ================ Scan system memory ========================
21:54:43.0499 0x0c30 System memory - ok
21:54:43.0499 0x0c30 ================ Scan services =============================
21:54:43.0921 0x0c30 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:54:44.0233 0x0c30 1394ohci - ok
21:54:44.0342 0x0c30 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:54:44.0373 0x0c30 ACPI - ok
21:54:44.0513 0x0c30 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:54:44.0825 0x0c30 AcpiPmi - ok
21:54:45.0262 0x0c30 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:45.0278 0x0c30 AdobeARMservice - ok
21:54:45.0699 0x0c30 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:54:45.0715 0x0c30 AdobeFlashPlayerUpdateSvc - ok
21:54:45.0793 0x0c30 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:54:45.0824 0x0c30 adp94xx - ok
21:54:45.0949 0x0c30 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:54:45.0964 0x0c30 adpahci - ok
21:54:46.0073 0x0c30 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:54:46.0105 0x0c30 adpu320 - ok
21:54:46.0167 0x0c30 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:54:46.0417 0x0c30 AeLookupSvc - ok
21:54:46.0557 0x0c30 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:54:46.0557 0x0c30 AERTFilters - ok
21:54:46.0651 0x0c30 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
21:54:46.0744 0x0c30 AFD - ok
21:54:46.0947 0x0c30 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:54:46.0963 0x0c30 agp440 - ok
21:54:47.0009 0x0c30 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:54:47.0087 0x0c30 ALG - ok
21:54:47.0181 0x0c30 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:54:47.0181 0x0c30 aliide - ok
21:54:47.0212 0x0c30 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:54:47.0228 0x0c30 amdide - ok
21:54:47.0259 0x0c30 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:54:47.0321 0x0c30 AmdK8 - ok
21:54:47.0353 0x0c30 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:54:47.0415 0x0c30 AmdPPM - ok
21:54:47.0509 0x0c30 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:54:47.0555 0x0c30 amdsata - ok
21:54:47.0665 0x0c30 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:54:47.0711 0x0c30 amdsbs - ok
21:54:47.0774 0x0c30 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:54:47.0805 0x0c30 amdxata - ok
21:54:47.0852 0x0c30 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:54:49.0677 0x0c30 AppID - ok
21:54:49.0739 0x0c30 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:54:49.0880 0x0c30 AppIDSvc - ok
21:54:50.0005 0x0c30 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:54:50.0114 0x0c30 Appinfo - ok
21:54:50.0332 0x0c30 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:54:50.0379 0x0c30 Apple Mobile Device - ok
21:54:50.0473 0x0c30 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:54:50.0519 0x0c30 arc - ok
21:54:50.0597 0x0c30 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:54:50.0629 0x0c30 arcsas - ok
21:54:51.0299 0x0c30 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:54:51.0471 0x0c30 aspnet_state - ok
21:54:51.0533 0x0c30 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:54:51.0627 0x0c30 AsyncMac - ok
21:54:51.0721 0x0c30 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:54:51.0736 0x0c30 atapi - ok
21:54:51.0877 0x0c30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:54:52.0001 0x0c30 AudioEndpointBuilder - ok
21:54:52.0079 0x0c30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:54:52.0157 0x0c30 AudioSrv - ok
21:54:53.0421 0x0c30 [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
21:54:53.0749 0x0c30 AVGIDSAgent - ok
21:54:53.0842 0x0c30 [ 92B7689FBC131E143421A19C18320E34, D3A323015790355070A380731CA56547F518F8AF800BC71670481A646C8FEEB3 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
21:54:53.0873 0x0c30 AVGIDSDriver - ok
21:54:53.0967 0x0c30 [ C8D9EEACF266512C1FA52E2ECF5AD944, 01972886F4324C55BE4450F2E18F263FBF0BE7525A9390714216E6C7A1827B1D ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
21:54:53.0983 0x0c30 AVGIDSHA - ok
21:54:54.0029 0x0c30 [ FACD18A89FDEBC35C85CAF762B294BE2, FD6EBE87ACA6CC017AB7ED886B2BC13CA05BDA38E4B7E8A63F33EF7E5C755BB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
21:54:54.0045 0x0c30 Avgldx64 - ok
21:54:54.0107 0x0c30 [ 29FCDEAC6086FB7E55344B51E35D99CE, 06408D79DF92B8A31DE0CA518BD93CA211D3192496CA3783762F289549F8F615 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
21:54:54.0123 0x0c30 Avgloga - ok
21:54:54.0154 0x0c30 [ 85053293DCDE19829E8691A9E9E8A6FF, 1F115376DCF888C0ED928D5E7150CC4602510FDA785DE76912D415366D8D7393 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
21:54:54.0170 0x0c30 Avgmfx64 - ok
21:54:54.0201 0x0c30 [ E191E443B0F7B05E784279A1C29B9D2A, 24B2B048C2CE5520A6B0E6702F55B5B65411E3E3D0857301E430EF2F9D7ECAFE ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
21:54:54.0217 0x0c30 Avgrkx64 - ok
21:54:54.0279 0x0c30 [ 69BD90E337625F96C718CACE7A9C9E29, 586948D6715ACB845D58BB5A73B8E5DA96A5415BC67D0508054F03D9A5C21768 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
21:54:54.0295 0x0c30 Avgtdia - ok
21:54:54.0341 0x0c30 [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
21:54:54.0357 0x0c30 avgwd - ok
21:54:54.0435 0x0c30 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:54:54.0529 0x0c30 AxInstSV - ok
21:54:54.0575 0x0c30 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:54:54.0653 0x0c30 b06bdrv - ok
21:54:54.0747 0x0c30 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:54:54.0778 0x0c30 b57nd60a - ok
21:54:54.0934 0x0c30 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
21:54:54.0950 0x0c30 BBSvc - ok
21:54:54.0997 0x0c30 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
21:54:55.0012 0x0c30 BBUpdate - ok
21:54:55.0059 0x0c30 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:54:55.0121 0x0c30 BDESVC - ok
21:54:55.0199 0x0c30 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:54:55.0277 0x0c30 Beep - ok
21:54:55.0449 0x0c30 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:54:55.0558 0x0c30 BFE - ok
21:54:55.0683 0x0c30 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:54:55.0792 0x0c30 BITS - ok
21:54:55.0839 0x0c30 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:54:55.0870 0x0c30 blbdrive - ok
21:54:56.0089 0x0c30 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:54:56.0104 0x0c30 Bonjour Service - ok
21:54:56.0151 0x0c30 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:54:56.0198 0x0c30 bowser - ok
21:54:56.0245 0x0c30 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:54:56.0323 0x0c30 BrFiltLo - ok
21:54:56.0338 0x0c30 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:54:56.0354 0x0c30 BrFiltUp - ok
21:54:56.0432 0x0c30 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:54:56.0494 0x0c30 Browser - ok
21:54:56.0541 0x0c30 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:54:56.0603 0x0c30 Brserid - ok
21:54:56.0635 0x0c30 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:54:56.0681 0x0c30 BrSerWdm - ok
21:54:56.0713 0x0c30 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:54:56.0759 0x0c30 BrUsbMdm - ok
21:54:56.0775 0x0c30 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:54:56.0837 0x0c30 BrUsbSer - ok
21:54:56.0853 0x0c30 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:54:56.0900 0x0c30 BTHMODEM - ok
21:54:56.0978 0x0c30 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:54:57.0071 0x0c30 bthserv - ok
21:54:57.0118 0x0c30 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:54:57.0212 0x0c30 cdfs - ok
21:54:57.0290 0x0c30 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:54:57.0321 0x0c30 cdrom - ok
21:54:57.0383 0x0c30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:54:57.0461 0x0c30 CertPropSvc - ok
21:54:57.0539 0x0c30 [ 533328A3D9A9C286682525842547540C, 56BFE3213244E66555AC509140D5512430BE40E196DB3DA45BBC52687393B770 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
21:54:57.0571 0x0c30 CinemaNow Service - ok
21:54:57.0602 0x0c30 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:54:57.0649 0x0c30 circlass - ok
21:54:57.0695 0x0c30 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:54:57.0727 0x0c30 CLFS - ok
21:54:57.0836 0x0c30 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:57.0851 0x0c30 clr_optimization_v2.0.50727_32 - ok
21:54:57.0898 0x0c30 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:57.0929 0x0c30 clr_optimization_v2.0.50727_64 - ok
21:54:58.0007 0x0c30 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:58.0117 0x0c30 clr_optimization_v4.0.30319_32 - ok
21:54:58.0148 0x0c30 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:58.0226 0x0c30 clr_optimization_v4.0.30319_64 - ok
21:54:58.0273 0x0c30 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:54:58.0335 0x0c30 CmBatt - ok
21:54:58.0382 0x0c30 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:54:58.0397 0x0c30 cmdide - ok
21:54:58.0491 0x0c30 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
21:54:58.0538 0x0c30 CNG - ok
21:54:58.0569 0x0c30 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:54:58.0585 0x0c30 Compbatt - ok
21:54:58.0631 0x0c30 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:54:58.0725 0x0c30 CompositeBus - ok
21:54:58.0741 0x0c30 COMSysApp - ok
21:54:58.0772 0x0c30 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:54:58.0803 0x0c30 crcdisk - ok
21:54:58.0912 0x0c30 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:54:58.0975 0x0c30 CryptSvc - ok
21:54:59.0068 0x0c30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:54:59.0146 0x0c30 DcomLaunch - ok
21:54:59.0193 0x0c30 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:54:59.0271 0x0c30 defragsvc - ok
21:54:59.0333 0x0c30 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:54:59.0396 0x0c30 DfsC - ok
21:54:59.0458 0x0c30 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:54:59.0567 0x0c30 Dhcp - ok
21:54:59.0599 0x0c30 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:54:59.0661 0x0c30 discache - ok
21:54:59.0723 0x0c30 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:54:59.0739 0x0c30 Disk - ok
21:54:59.0817 0x0c30 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:54:59.0879 0x0c30 Dnscache - ok
21:54:59.0942 0x0c30 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:55:00.0020 0x0c30 dot3svc - ok
21:55:00.0098 0x0c30 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:55:00.0160 0x0c30 DPS - ok
21:55:00.0223 0x0c30 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:55:00.0301 0x0c30 drmkaud - ok
21:55:00.0535 0x0c30 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:55:00.0581 0x0c30 DXGKrnl - ok
21:55:00.0628 0x0c30 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:55:00.0706 0x0c30 EapHost - ok
21:55:00.0847 0x0c30 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:55:00.0987 0x0c30 ebdrv - ok
21:55:01.0049 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
21:55:01.0112 0x0c30 EFS - ok
21:55:01.0299 0x0c30 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:55:01.0361 0x0c30 ehRecvr - ok
21:55:01.0408 0x0c30 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:55:01.0455 0x0c30 ehSched - ok
21:55:01.0502 0x0c30 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:55:01.0533 0x0c30 elxstor - ok
21:55:01.0642 0x0c30 [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:55:01.0689 0x0c30 EPSON_PM_RPCV4_01 - ok
21:55:01.0736 0x0c30 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:55:01.0783 0x0c30 ErrDev - ok
21:55:01.0876 0x0c30 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:55:01.0954 0x0c30 EventSystem - ok
21:55:01.0985 0x0c30 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:55:02.0063 0x0c30 exfat - ok
21:55:02.0095 0x0c30 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:55:02.0157 0x0c30 fastfat - ok
21:55:02.0235 0x0c30 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:55:02.0329 0x0c30 Fax - ok
21:55:02.0375 0x0c30 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:55:02.0422 0x0c30 fdc - ok
21:55:02.0453 0x0c30 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:55:02.0531 0x0c30 fdPHost - ok
21:55:02.0547 0x0c30 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:55:02.0609 0x0c30 FDResPub - ok
21:55:02.0641 0x0c30 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:55:02.0672 0x0c30 FileInfo - ok
21:55:02.0687 0x0c30 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:55:02.0781 0x0c30 Filetrace - ok
21:55:02.0812 0x0c30 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:55:02.0828 0x0c30 flpydisk - ok
21:55:02.0906 0x0c30 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:55:02.0937 0x0c30 FltMgr - ok
21:55:03.0046 0x0c30 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:55:03.0124 0x0c30 FontCache - ok
21:55:03.0187 0x0c30 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:55:03.0202 0x0c30 FontCache3.0.0.0 - ok
21:55:03.0233 0x0c30 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:55:03.0280 0x0c30 FsDepends - ok
21:55:03.0343 0x0c30 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:55:03.0358 0x0c30 fssfltr - ok
21:55:03.0639 0x0c30 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:55:03.0701 0x0c30 fsssvc - ok
21:55:03.0748 0x0c30 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:55:03.0779 0x0c30 Fs_Rec - ok
21:55:03.0842 0x0c30 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:55:03.0857 0x0c30 fvevol - ok
21:55:03.0889 0x0c30 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:55:03.0920 0x0c30 gagp30kx - ok
21:55:04.0013 0x0c30 [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:55:04.0029 0x0c30 GameConsoleService - ok
21:55:04.0091 0x0c30 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:55:04.0107 0x0c30 GEARAspiWDM - ok
21:55:04.0232 0x0c30 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:55:04.0310 0x0c30 gpsvc - ok
21:55:04.0450 0x0c30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:04.0466 0x0c30 gupdate - ok
21:55:04.0481 0x0c30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:04.0497 0x0c30 gupdatem - ok
21:55:04.0528 0x0c30 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:55:04.0591 0x0c30 hcw85cir - ok
21:55:04.0637 0x0c30 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:55:04.0684 0x0c30 HdAudAddService - ok
21:55:04.0747 0x0c30 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:55:04.0809 0x0c30 HDAudBus - ok
21:55:04.0856 0x0c30 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:55:04.0887 0x0c30 HidBatt - ok
21:55:04.0918 0x0c30 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:55:04.0981 0x0c30 HidBth - ok
21:55:04.0996 0x0c30 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:55:05.0074 0x0c30 HidIr - ok
21:55:05.0137 0x0c30 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:55:05.0230 0x0c30 hidserv - ok
21:55:05.0371 0x0c30 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:55:05.0433 0x0c30 HidUsb - ok
21:55:05.0480 0x0c30 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:55:05.0714 0x0c30 hkmsvc - ok
21:55:05.0792 0x0c30 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:55:05.0839 0x0c30 HomeGroupListener - ok
21:55:05.0932 0x0c30 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:55:05.0979 0x0c30 HomeGroupProvider - ok
21:55:06.0104 0x0c30 [ BE78357FB49759B79CCC01894BCFDDDB, 102754808BC8E8057EDA972FBF255521BFCA2F704BC318FB6141C2F6C53A94A9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:55:06.0119 0x0c30 HP Health Check Service - ok
21:55:06.0229 0x0c30 [ 3A09322A8AA8B0C79036686A0EBE7B4C, A110ECBBD9A0EDAA134B95F9FB3428F33F7629480ABCF36F58891837EE1B04C0 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
21:55:06.0322 0x0c30 HP Wireless Assistant Service - ok
21:55:06.0478 0x0c30 [ 2DFB151FD34DF104DAC0ADF070EDA83C, 8F127C7AAA2229FF1BD940274648EE84DB291B641390B1FA6B2DD9D8C8A9257A ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:55:06.0494 0x0c30 HPDrvMntSvc.exe - ok
21:55:06.0697 0x0c30 [ 184C500CB9F69585F3FE85E1D2667CD8, 188452FC824305F24F2021432DB4A9170F1F0DEEDF2245A16D01EF27511FD365 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:55:06.0728 0x0c30 hpqwmiex - ok
21:55:06.0806 0x0c30 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:55:06.0899 0x0c30 HpSAMD - ok
21:55:06.0977 0x0c30 [ 5AA89E152634954E15E9DB265C6A8557, 62ECC2B15AB920AD76FE3B8069F599C8354125BEECAF89B3475C37940760157F ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:55:06.0977 0x0c30 HPWMISVC - ok
21:55:07.0071 0x0c30 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:55:07.0196 0x0c30 HTTP - ok
21:55:07.0274 0x0c30 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:55:07.0305 0x0c30 hwpolicy - ok
21:55:07.0367 0x0c30 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:55:07.0399 0x0c30 i8042prt - ok
21:55:07.0523 0x0c30 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:55:07.0555 0x0c30 iaStor - ok
21:55:07.0679 0x0c30 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:55:07.0726 0x0c30 iaStorV - ok
21:55:07.0960 0x0c30 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:55:08.0584 0x0c30 idsvc - ok
21:55:08.0662 0x0c30 IEEtwCollectorService - ok
21:55:10.0097 0x0c30 [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:55:10.0487 0x0c30 igfx - ok
21:55:10.0550 0x0c30 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:55:10.0581 0x0c30 iirsp - ok
21:55:10.0737 0x0c30 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:55:10.0799 0x0c30 IKEEXT - ok
21:55:11.0408 0x0c30 [ B88E24BD77A0CE2CFFEE2FACF1151BE0, 7BC5EE908C1150E5F85843131BCE5A29806F15BCBF4ECE6AE7EEF10398AC3BBB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:55:11.0579 0x0c30 IntcAzAudAddService - ok
21:55:11.0626 0x0c30 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:55:11.0673 0x0c30 intelide - ok
21:55:11.0720 0x0c30 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:55:11.0829 0x0c30 intelppm - ok
21:55:11.0860 0x0c30 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:55:12.0079 0x0c30 IPBusEnum - ok
21:55:12.0157 0x0c30 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:55:12.0266 0x0c30 IpFilterDriver - ok
21:55:12.0484 0x0c30 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:55:12.0593 0x0c30 iphlpsvc - ok
21:55:12.0703 0x0c30 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:55:12.0827 0x0c30 IPMIDRV - ok
21:55:12.0859 0x0c30 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:55:13.0015 0x0c30 IPNAT - ok
21:55:13.0233 0x0c30 [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:55:13.0311 0x0c30 iPod Service - ok
21:55:13.0358 0x0c30 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:55:13.0966 0x0c30 IRENUM - ok
21:55:14.0013 0x0c30 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:55:14.0029 0x0c30 isapnp - ok
21:55:14.0138 0x0c30 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:55:14.0200 0x0c30 iScsiPrt - ok
21:55:14.0247 0x0c30 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:55:14.0309 0x0c30 kbdclass - ok
21:55:14.0341 0x0c30 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:55:14.0419 0x0c30 kbdhid - ok
21:55:14.0434 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
21:55:14.0481 0x0c30 KeyIso - ok
21:55:14.0575 0x0c30 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:55:14.0637 0x0c30 KSecDD - ok
21:55:14.0762 0x0c30 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:55:14.0809 0x0c30 KSecPkg - ok
21:55:14.0840 0x0c30 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:55:15.0011 0x0c30 ksthunk - ok
21:55:15.0058 0x0c30 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:55:15.0199 0x0c30 KtmRm - ok
21:55:15.0355 0x0c30 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:55:15.0479 0x0c30 LanmanServer - ok
21:55:15.0573 0x0c30 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:55:15.0745 0x0c30 LanmanWorkstation - ok
21:55:15.0854 0x0c30 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:55:15.0963 0x0c30 lltdio - ok
21:55:16.0166 0x0c30 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:55:16.0696 0x0c30 lltdsvc - ok
21:55:16.0805 0x0c30 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:55:17.0102 0x0c30 lmhosts - ok
21:55:17.0242 0x0c30 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:55:17.0741 0x0c30 LSI_FC - ok
21:55:17.0819 0x0c30 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:55:17.0866 0x0c30 LSI_SAS - ok
21:55:17.0975 0x0c30 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:55:18.0022 0x0c30 LSI_SAS2 - ok
21:55:18.0100 0x0c30 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:55:18.0397 0x0c30 LSI_SCSI - ok
21:55:18.0428 0x0c30 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:55:18.0490 0x0c30 luafv - ok
21:55:18.0724 0x0c30 [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
21:55:18.0865 0x0c30 McComponentHostService - ok
21:55:19.0161 0x0c30 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:55:19.0223 0x0c30 Mcx2Svc - ok
21:55:19.0286 0x0c30 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:55:19.0395 0x0c30 megasas - ok
21:55:19.0660 0x0c30 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:55:19.0832 0x0c30 MegaSR - ok
21:55:21.0267 0x0c30 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:55:21.0329 0x0c30 Microsoft Office Groove Audit Service - ok
21:55:21.0501 0x0c30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:55:21.0673 0x0c30 MMCSS - ok
21:55:21.0766 0x0c30 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:55:21.0891 0x0c30 Modem - ok
21:55:22.0000 0x0c30 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:55:22.0078 0x0c30 monitor - ok
21:55:22.0203 0x0c30 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:55:22.0234 0x0c30 mouclass - ok
21:55:22.0359 0x0c30 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:55:22.0468 0x0c30 mouhid - ok
21:55:22.0624 0x0c30 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:55:22.0671 0x0c30 mountmgr - ok
21:55:23.0139 0x0c30 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:55:23.0279 0x0c30 MozillaMaintenance - ok
21:55:23.0435 0x0c30 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:55:23.0529 0x0c30 mpio - ok
21:55:23.0732 0x0c30 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:55:23.0794 0x0c30 mpsdrv - ok
21:55:24.0153 0x0c30 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:55:24.0247 0x0c30 MpsSvc - ok
21:55:24.0325 0x0c30 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:55:24.0465 0x0c30 MRxDAV - ok
21:55:24.0605 0x0c30 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:55:24.0902 0x0c30 mrxsmb - ok
21:55:25.0105 0x0c30 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:55:25.0214 0x0c30 mrxsmb10 - ok
21:55:25.0307 0x0c30 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:55:25.0354 0x0c30 mrxsmb20 - ok
21:55:25.0432 0x0c30 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:55:25.0463 0x0c30 msahci - ok
21:55:25.0526 0x0c30 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:55:25.0573 0x0c30 msdsm - ok
21:55:25.0604 0x0c30 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:55:25.0713 0x0c30 MSDTC - ok
21:55:25.0807 0x0c30 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:55:25.0885 0x0c30 Msfs - ok
21:55:26.0056 0x0c30 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:55:26.0134 0x0c30 mshidkmdf - ok
21:55:26.0228 0x0c30 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:55:26.0259 0x0c30 msisadrv - ok
21:55:26.0493 0x0c30 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:55:26.0665 0x0c30 MSiSCSI - ok
21:55:26.0680 0x0c30 msiserver - ok
21:55:26.0758 0x0c30 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:55:26.0930 0x0c30 MSKSSRV - ok
21:55:27.0242 0x0c30 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:55:27.0413 0x0c30 MSPCLOCK - ok
21:55:27.0647 0x0c30 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:55:27.0757 0x0c30 MSPQM - ok
21:55:27.0913 0x0c30 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:55:27.0975 0x0c30 MsRPC - ok
21:55:28.0193 0x0c30 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:55:28.0225 0x0c30 mssmbios - ok
21:55:28.0271 0x0c30 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:55:28.0396 0x0c30 MSTEE - ok
21:55:28.0490 0x0c30 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:55:28.0599 0x0c30 MTConfig - ok
21:55:28.0708 0x0c30 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:55:28.0739 0x0c30 Mup - ok
21:55:29.0083 0x0c30 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:55:29.0285 0x0c30 napagent - ok
21:55:29.0457 0x0c30 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:55:29.0597 0x0c30 NativeWifiP - ok
21:55:29.0972 0x0c30 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:55:30.0003 0x0c30 NDIS - ok
21:55:30.0190 0x0c30 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:55:30.0377 0x0c30 NdisCap - ok
21:55:30.0487 0x0c30 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:55:30.0549 0x0c30 NdisTapi - ok
21:55:30.0752 0x0c30 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:55:30.0861 0x0c30 Ndisuio - ok
21:55:31.0017 0x0c30 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:55:31.0189 0x0c30 NdisWan - ok
21:55:31.0313 0x0c30 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:55:31.0423 0x0c30 NDProxy - ok
21:55:31.0610 0x0c30 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:55:31.0719 0x0c30 NetBIOS - ok
21:55:31.0891 0x0c30 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:55:32.0047 0x0c30 NetBT - ok
21:55:32.0093 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
21:55:32.0327 0x0c30 Netlogon - ok
21:55:32.0546 0x0c30 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:55:32.0717 0x0c30 Netman - ok
21:55:32.0936 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:33.0139 0x0c30 NetMsmqActivator - ok
21:55:33.0326 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:33.0357 0x0c30 NetPipeActivator - ok
21:55:33.0607 0x0c30 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:55:33.0747 0x0c30 netprofm - ok
21:55:34.0012 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:34.0059 0x0c30 NetTcpActivator - ok
21:55:34.0106 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:34.0153 0x0c30 NetTcpPortSharing - ok
21:55:37.0366 0x0c30 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
21:55:37.0787 0x0c30 netw5v64 - ok
21:55:37.0881 0x0c30 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:55:38.0053 0x0c30 nfrd960 - ok
21:55:38.0193 0x0c30 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:55:38.0302 0x0c30 NlaSvc - ok
21:55:39.0831 0x0c30 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
21:55:39.0925 0x0c30 NOBU - ok
21:55:40.0034 0x0c30 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:55:40.0096 0x0c30 Npfs - ok
21:55:40.0283 0x0c30 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:55:40.0408 0x0c30 nsi - ok
21:55:40.0439 0x0c30 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:55:40.0595 0x0c30 nsiproxy - ok
21:55:41.0422 0x0c30 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:55:41.0500 0x0c30 Ntfs - ok
21:55:41.0719 0x0c30 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:55:41.0812 0x0c30 Null - ok
21:55:42.0015 0x0c30 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:55:42.0140 0x0c30 nvraid - ok
21:55:42.0343 0x0c30 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:55:42.0374 0x0c30 nvstor - ok
21:55:42.0483 0x0c30 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:55:42.0608 0x0c30 nv_agp - ok
21:55:44.0090 0x0c30 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:55:44.0277 0x0c30 odserv - ok
21:55:44.0355 0x0c30 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:55:44.0449 0x0c30 ohci1394 - ok
21:55:44.0683 0x0c30 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:55:44.0839 0x0c30 ose - ok
21:55:47.0600 0x0c30 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:55:47.0974 0x0c30 osppsvc - ok
21:55:48.0239 0x0c30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:55:48.0505 0x0c30 p2pimsvc - ok
21:55:48.0770 0x0c30 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:55:48.0910 0x0c30 p2psvc - ok
21:55:48.0957 0x0c30 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:55:49.0035 0x0c30 Parport - ok
21:55:49.0097 0x0c30 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:55:49.0144 0x0c30 partmgr - ok
21:55:49.0316 0x0c30 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:55:49.0409 0x0c30 PcaSvc - ok
21:55:49.0581 0x0c30 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:55:49.0643 0x0c30 pci - ok
21:55:49.0721 0x0c30 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:55:49.0753 0x0c30 pciide - ok
21:55:49.0909 0x0c30 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:55:49.0987 0x0c30 pcmcia - ok
21:55:50.0049 0x0c30 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:55:50.0080 0x0c30 pcw - ok
21:55:50.0283 0x0c30 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:55:50.0392 0x0c30 PEAUTH - ok
21:55:55.0821 0x0c30 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:55:56.0008 0x0c30 PerfHost - ok
21:55:56.0773 0x0c30 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:55:56.0991 0x0c30 pla - ok
21:55:57.0319 0x0c30 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:55:57.0459 0x0c30 PlugPlay - ok
21:55:57.0506 0x0c30 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:55:57.0568 0x0c30 PNRPAutoReg - ok
21:55:57.0818 0x0c30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:55:57.0880 0x0c30 PNRPsvc - ok
21:55:58.0005 0x0c30 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:55:58.0130 0x0c30 PolicyAgent - ok
21:55:58.0224 0x0c30 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:55:58.0317 0x0c30 Power - ok
21:55:58.0629 0x0c30 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:55:58.0692 0x0c30 PptpMiniport - ok
21:55:58.0738 0x0c30 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:55:58.0816 0x0c30 Processor - ok
21:55:58.0894 0x0c30 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:55:58.0957 0x0c30 ProfSvc - ok
21:55:59.0019 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:55:59.0082 0x0c30 ProtectedStorage - ok
21:55:59.0222 0x0c30 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:55:59.0347 0x0c30 Psched - ok
21:56:00.0236 0x0c30 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:56:00.0501 0x0c30 ql2300 - ok
21:56:00.0626 0x0c30 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:56:00.0657 0x0c30 ql40xx - ok
21:56:00.0720 0x0c30 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:56:00.0844 0x0c30 QWAVE - ok
21:56:00.0891 0x0c30 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:56:01.0000 0x0c30 QWAVEdrv - ok
21:56:01.0094 0x0c30 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:56:01.0344 0x0c30 RasAcd - ok
21:56:01.0500 0x0c30 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:56:01.0671 0x0c30 RasAgileVpn - ok
21:56:01.0812 0x0c30 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:56:02.0061 0x0c30 RasAuto - ok
21:56:02.0186 0x0c30 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:56:02.0358 0x0c30 Rasl2tp - ok
21:56:02.0607 0x0c30 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:56:02.0857 0x0c30 RasMan - ok
21:56:02.0935 0x0c30 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:56:03.0013 0x0c30 RasPppoe - ok
21:56:03.0075 0x0c30 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:56:03.0169 0x0c30 RasSstp - ok
21:56:03.0309 0x0c30 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:56:03.0434 0x0c30 rdbss - ok
21:56:03.0574 0x0c30 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:56:03.0730 0x0c30 rdpbus - ok
21:56:03.0855 0x0c30 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:56:04.0074 0x0c30 RDPCDD - ok
21:56:04.0167 0x0c30 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:56:04.0308 0x0c30 RDPENCDD - ok
21:56:04.0354 0x0c30 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:56:04.0417 0x0c30 RDPREFMP - ok
21:56:04.0526 0x0c30 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:56:04.0729 0x0c30 RDPWD - ok
21:56:04.0916 0x0c30 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:56:04.0963 0x0c30 rdyboost - ok
21:56:05.0010 0x0c30 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:56:05.0228 0x0c30 RemoteAccess - ok
21:56:05.0337 0x0c30 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:56:05.0509 0x0c30 RemoteRegistry - ok
21:56:05.0712 0x0c30 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:56:05.0899 0x0c30 RpcEptMapper - ok
21:56:06.0024 0x0c30 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:56:06.0944 0x0c30 RpcLocator - ok
21:56:07.0287 0x0c30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:56:07.0381 0x0c30 RpcSs - ok
21:56:07.0537 0x0c30 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:56:07.0615 0x0c30 rspndr - ok
21:56:07.0755 0x0c30 [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:56:07.0880 0x0c30 RTL8167 - ok
21:56:08.0754 0x0c30 [ CD8F32BB993B98E6705F11504A7F7250, 299E47B5D945F47FDCF5FF272EE6673F85871B45676B146AC1CDEB3FF2110AB6 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
21:56:08.0832 0x0c30 rtl8192se - ok
21:56:09.0019 0x0c30 [ 5FFF3E71B4724BB10918FD6DD7413D99, CD59C3FF5D8CF1BB30B6E86793E332EDEAC3164498C11F12BE8E40AE213B46F2 ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
21:56:09.0144 0x0c30 RtVOsdService - detected UnsignedFile.Multi.Generic ( 1 )
21:56:11.0905 0x0c30 Detect skipped due to KSN trusted
21:56:11.0905 0x0c30 RtVOsdService - ok
21:56:11.0952 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
21:56:11.0998 0x0c30 SamSs - ok
21:56:12.0092 0x0c30 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:56:12.0123 0x0c30 sbp2port - ok
21:56:12.0326 0x0c30 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:56:12.0544 0x0c30 SCardSvr - ok
21:56:12.0591 0x0c30 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:56:12.0732 0x0c30 scfilter - ok
21:56:13.0215 0x0c30 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:56:13.0543 0x0c30 Schedule - ok
21:56:13.0746 0x0c30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:56:13.0808 0x0c30 SCPolicySvc - ok
21:56:14.0011 0x0c30 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
21:56:14.0307 0x0c30 sdbus - ok
21:56:14.0604 0x0c30 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:56:15.0040 0x0c30 SDRSVC - ok
21:56:18.0457 0x0c30 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:56:18.0613 0x0c30 SDScannerService - ok
21:56:19.0346 0x0c30 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:56:19.0455 0x0c30 SDUpdateService - ok
21:56:20.0001 0x0c30 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:56:20.0064 0x0c30 SDWSCService - ok
21:56:20.0235 0x0c30 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:56:20.0313 0x0c30 secdrv - ok
21:56:20.0391 0x0c30 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:56:20.0454 0x0c30 seclogon - ok
21:56:20.0766 0x0c30 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:56:20.0906 0x0c30 SENS - ok
21:56:21.0046 0x0c30 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:56:21.0249 0x0c30 SensrSvc - ok
21:56:21.0514 0x0c30 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:56:21.0733 0x0c30 Serenum - ok
21:56:21.0904 0x0c30 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:56:22.0014 0x0c30 Serial - ok
21:56:22.0125 0x0c30 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:56:22.0459 0x0c30 sermouse - ok
21:56:22.0537 0x0c30 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:56:22.0896 0x0c30 SessionEnv - ok
21:56:22.0958 0x0c30 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:56:23.0208 0x0c30 sffdisk - ok
21:56:23.0270 0x0c30 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:56:23.0489 0x0c30 sffp_mmc - ok
21:56:23.0567 0x0c30 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:56:23.0848 0x0c30 sffp_sd - ok
21:56:24.0425 0x0c30 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:56:24.0862 0x0c30 sfloppy - ok
21:56:25.0252 0x0c30 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:56:25.0637 0x0c30 SharedAccess - ok
21:56:26.0004 0x0c30 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:26.0217 0x0c30 ShellHWDetection - ok
21:56:26.0357 0x0c30 [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
21:56:26.0669 0x0c30 silabenm - ok
21:56:26.0919 0x0c30 [ 4AD84F9B367B89B48A3338E0AECA06B9, CF88743CF494047715271B589AC5442D12C7269EE2016C352B549FB5A95F5B18 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
21:56:27.0091 0x0c30 silabser - ok
21:56:27.0184 0x0c30 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:56:27.0325 0x0c30 SiSRaid2 - ok
21:56:27.0527 0x0c30 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:56:27.0683 0x0c30 SiSRaid4 - ok
21:56:28.0089 0x0c30 [ A4FAB5F7818A69DA6E740943CB8F7CA9, 6FA24FD46AD6642B21EF3BE4212FF22F3645EC7B0056859FCA184177F5C85AA2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:28.0151 0x0c30 SkypeUpdate - ok
21:56:28.0276 0x0c30 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:56:28.0448 0x0c30 Smb - ok
21:56:28.0729 0x0c30 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:56:28.0822 0x0c30 SNMPTRAP - ok
21:56:29.0041 0x0c30 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:56:29.0290 0x0c30 spldr - ok
21:56:29.0727 0x0c30 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:56:30.0023 0x0c30 Spooler - ok
21:56:31.0911 0x0c30 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:56:32.0223 0x0c30 sppsvc - ok
21:56:32.0317 0x0c30 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:56:32.0457 0x0c30 sppuinotify - ok
21:56:32.0691 0x0c30 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:56:32.0831 0x0c30 srv - ok
21:56:33.0315 0x0c30 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:56:33.0455 0x0c30 srv2 - ok
21:56:33.0721 0x0c30 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:56:34.0313 0x0c30 SrvHsfHDA - ok
21:56:35.0489 0x0c30 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:56:36.0228 0x0c30 SrvHsfV92 - ok
21:56:36.0687 0x0c30 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:56:37.0029 0x0c30 SrvHsfWinac - ok
21:56:37.0169 0x0c30 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:56:37.0323 0x0c30 srvnet - ok
21:56:37.0515 0x0c30 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:56:37.0704 0x0c30 SSDPSRV - ok
21:56:37.0799 0x0c30 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:56:37.0978 0x0c30 SstpSvc - ok
21:56:38.0010 0x0c30 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:56:38.0035 0x0c30 stexstor - ok
21:56:38.0613 0x0c30 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:56:38.0946 0x0c30 stisvc - ok
21:56:39.0009 0x0c30 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
21:56:39.0169 0x0c30 swenum - ok
21:56:39.0462 0x0c30 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:56:40.0052 0x0c30 swprv - ok
21:56:40.0161 0x0c30 [ 868DFB220A18312A12CEF01BA9AC069B, D4C002963E236CEA8BF1FDC0B3333176693B41B8B3F2DD9469AA8B74C1F38E9C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:56:40.0336 0x0c30 SynTP - ok
21:56:41.0857 0x0c30 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:56:42.0359 0x0c30 SysMain - ok
21:56:42.0475 0x0c30 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:42.0720 0x0c30 TabletInputService - ok
21:56:42.0789 0x0c30 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:56:43.0350 0x0c30 TapiSrv - ok
21:56:43.0709 0x0c30 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:56:44.0312 0x0c30 TBS - ok
21:56:46.0453 0x0c30 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:56:46.0960 0x0c30 Tcpip - ok
21:56:47.0309 0x0c30 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:56:47.0659 0x0c30 TCPIP6 - ok
21:56:47.0830 0x0c30 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:56:47.0967 0x0c30 tcpipreg - ok
21:56:48.0019 0x0c30 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:56:48.0408 0x0c30 TDPIPE - ok
21:56:48.0755 0x0c30 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:56:49.0095 0x0c30 TDTCP - ok
21:56:49.0165 0x0c30 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:56:49.0506 0x0c30 tdx - ok
21:56:49.0565 0x0c30 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
21:56:50.0253 0x0c30 TermDD - ok
21:56:51.0022 0x0c30 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
21:56:51.0880 0x0c30 TermService - ok
21:56:52.0138 0x0c30 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:56:52.0506 0x0c30 Themes - ok
21:56:52.0735 0x0c30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:56:53.0144 0x0c30 THREADORDER - ok
21:56:53.0278 0x0c30 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:56:53.0501 0x0c30 TrkWks - ok
21:56:53.0997 0x0c30 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:54.0334 0x0c30 TrustedInstaller - ok
21:56:54.0560 0x0c30 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:56:55.0554 0x0c30 tssecsrv - ok
21:56:55.0839 0x0c30 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:56:56.0887 0x0c30 TsUsbFlt - ok
21:56:56.0965 0x0c30 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:56:57.0481 0x0c30 tunnel - ok
21:56:57.0698 0x0c30 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:56:58.0087 0x0c30 uagp35 - ok
21:56:58.0176 0x0c30 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:56:58.0721 0x0c30 udfs - ok
21:56:59.0021 0x0c30 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:56:59.0387 0x0c30 UI0Detect - ok
21:56:59.0450 0x0c30 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:56:59.0853 0x0c30 uliagpkx - ok
21:56:59.0940 0x0c30 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
21:57:00.0633 0x0c30 umbus - ok
21:57:00.0692 0x0c30 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:57:01.0178 0x0c30 UmPass - ok
21:57:02.0123 0x0c30 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:57:02.0587 0x0c30 upnphost - ok
21:57:02.0745 0x0c30 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:57:03.0563 0x0c30 usbaudio - ok
21:57:03.0630 0x0c30 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
21:57:04.0295 0x0c30 usbccgp - ok
21:57:04.0357 0x0c30 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:57:04.0885 0x0c30 usbcir - ok
21:57:05.0149 0x0c30 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:57:05.0402 0x0c30 usbehci - ok
21:57:05.0784 0x0c30 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:57:06.0314 0x0c30 usbhub - ok
21:57:06.0350 0x0c30 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:57:06.0830 0x0c30 usbohci - ok
21:57:06.0903 0x0c30 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:57:07.0199 0x0c30 usbprint - ok
21:57:07.0264 0x0c30 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
21:57:07.0678 0x0c30 usbscan - ok
21:57:08.0035 0x0c30 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:57:08.0643 0x0c30 USBSTOR - ok
21:57:08.0683 0x0c30 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:57:09.0477 0x0c30 usbuhci - ok
21:57:09.0542 0x0c30 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:57:10.0118 0x0c30 usbvideo - ok
21:57:10.0153 0x0c30 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:57:10.0375 0x0c30 UxSms - ok
21:57:10.0463 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
21:57:10.0808 0x0c30 VaultSvc - ok
21:57:11.0048 0x0c30 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:57:11.0132 0x0c30 vdrvroot - ok
21:57:12.0234 0x0c30 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:57:13.0088 0x0c30 vds - ok
21:57:13.0140 0x0c30 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:57:13.0343 0x0c30 vga - ok
21:57:13.0428 0x0c30 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:57:14.0120 0x0c30 VgaSave - ok
21:57:14.0392 0x0c30 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:57:14.0539 0x0c30 vhdmp - ok
21:57:14.0600 0x0c30 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:57:14.0676 0x0c30 viaide - ok
21:57:14.0740 0x0c30 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:57:14.0890 0x0c30 volmgr - ok
21:57:15.0252 0x0c30 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:57:15.0280 0x0c30 volmgrx - ok
21:57:15.0540 0x0c30 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:57:15.0626 0x0c30 volsnap - ok
21:57:15.0804 0x0c30 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:57:15.0978 0x0c30 vsmraid - ok
21:57:17.0334 0x0c30 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:57:18.0692 0x0c30 VSS - ok
21:57:19.0079 0x0c30 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:57:20.0220 0x0c30 vwifibus - ok
21:57:20.0278 0x0c30 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:57:20.0515 0x0c30 vwififlt - ok
21:57:20.0562 0x0c30 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:57:21.0213 0x0c30 W32Time - ok
21:57:21.0426 0x0c30 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:57:21.0944 0x0c30 WacomPen - ok
21:57:22.0348 0x0c30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:57:22.0793 0x0c30 WANARP - ok
21:57:22.0870 0x0c30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:57:23.0528 0x0c30 Wanarpv6 - ok
21:57:24.0978 0x0c30 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:57:25.0490 0x0c30 WatAdminSvc - ok
21:57:26.0629 0x0c30 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:57:27.0095 0x0c30 wbengine - ok
21:57:27.0319 0x0c30 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:57:27.0564 0x0c30 WbioSrvc - ok
21:57:27.0822 0x0c30 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:57:28.0189 0x0c30 wcncsvc - ok
21:57:28.0229 0x0c30 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:57:28.0836 0x0c30 WcsPlugInService - ok
21:57:28.0877 0x0c30 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:57:29.0095 0x0c30 Wd - ok
21:57:29.0862 0x0c30 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:57:30.0336 0x0c30 Wdf01000 - ok
21:57:30.0406 0x0c30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:57:35.0428 0x0c30 WdiServiceHost - ok
21:57:35.0553 0x0c30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:57:35.0738 0x0c30 WdiSystemHost - ok
21:57:36.0045 0x0c30 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:57:36.0277 0x0c30 WebClient - ok
21:57:36.0347 0x0c30 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:57:37.0028 0x0c30 Wecsvc - ok
21:57:37.0264 0x0c30 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:57:37.0574 0x0c30 wercplsupport - ok
21:57:37.0713 0x0c30 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:57:39.0375 0x0c30 WerSvc - ok
21:57:39.0719 0x0c30 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:57:41.0608 0x0c30 WfpLwf - ok
21:57:41.0701 0x0c30 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:57:41.0926 0x0c30 WIMMount - ok
21:57:41.0978 0x0c30 WinDefend - ok
21:57:42.0035 0x0c30 WinHttpAutoProxySvc - ok
21:57:42.0277 0x0c30 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:57:42.0799 0x0c30 Winmgmt - ok
21:57:44.0714 0x0c30 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:57:45.0485 0x0c30 WinRM - ok
21:57:45.0634 0x0c30 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:57:46.0214 0x0c30 WinUsb - ok
21:57:46.0466 0x0c30 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:57:46.0989 0x0c30 Wlansvc - ok
21:57:48.0420 0x0c30 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:57:48.0723 0x0c30 wlcrasvc - ok
21:57:51.0699 0x0c30 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:57:52.0049 0x0c30 wlidsvc - ok
21:57:52.0329 0x0c30 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:57:52.0870 0x0c30 WmiAcpi - ok
21:57:52.0965 0x0c30 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:57:53.0471 0x0c30 wmiApSrv - ok
21:57:53.0550 0x0c30 WMPNetworkSvc - ok
21:57:53.0589 0x0c30 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:57:53.0900 0x0c30 WPCSvc - ok
21:57:53.0996 0x0c30 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:57:54.0258 0x0c30 WPDBusEnum - ok
21:57:54.0603 0x0c30 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:57:55.0301 0x0c30 ws2ifsl - ok
21:57:55.0572 0x0c30 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:57:55.0795 0x0c30 wscsvc - ok
21:57:55.0807 0x0c30 WSearch - ok
21:57:58.0424 0x0c30 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
21:57:58.0646 0x0c30 wuauserv - ok
21:57:59.0086 0x0c30 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:58:00.0524 0x0c30 WudfPf - ok
21:58:00.0645 0x0c30 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:58:01.0357 0x0c30 WUDFRd - ok
21:58:01.0421 0x0c30 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:58:01.0726 0x0c30 wudfsvc - ok
21:58:02.0295 0x0c30 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:58:03.0396 0x0c30 WwanSvc - ok
21:58:04.0407 0x0c30 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
21:58:04.0857 0x0c30 yukonw7 - ok
21:58:04.0940 0x0c30 ================ Scan global ===============================
21:58:04.0990 0x0c30 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:58:05.0044 0x0c30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:58:05.0120 0x0c30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:58:05.0535 0x0c30 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:58:06.0027 0x0c30 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:58:06.0051 0x0c30 [ Global ] - ok
21:58:06.0056 0x0c30 ================ Scan MBR ==================================
21:58:06.0076 0x0c30 [ 42DA54E285353B2511826C8134391822 ] \Device\Harddisk0\DR0
21:59:10.0714 0x0c30 \Device\Harddisk0\DR0 - ok
21:59:10.0718 0x0c30 ================ Scan VBR ==================================
21:59:10.0736 0x0c30 [ 1CA4C3731A3EEBD198336D148CCA5CCF ] \Device\Harddisk0\DR0\Partition1
21:59:10.0753 0x0c30 \Device\Harddisk0\DR0\Partition1 - ok
21:59:10.0769 0x0c30 [ 935DCD9CDE25889510C924A89C07C207 ] \Device\Harddisk0\DR0\Partition2
21:59:10.0771 0x0c30 \Device\Harddisk0\DR0\Partition2 - ok
21:59:10.0821 0x0c30 [ 04332739EF5F3E22548A805785671296 ] \Device\Harddisk0\DR0\Partition3
21:59:10.0878 0x0c30 \Device\Harddisk0\DR0\Partition3 - ok
21:59:10.0913 0x0c30 [ 138813BCACD1AC69A6EB1F450BFF30C4 ] \Device\Harddisk0\DR0\Partition4
21:59:10.0965 0x0c30 \Device\Harddisk0\DR0\Partition4 - ok
21:59:10.0970 0x0c30 ================ Scan active images ========================
21:59:10.0975 0x0c30 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
21:59:10.0975 0x0c30 C:\Windows\System32\drivers\crashdmp.sys - ok
21:59:10.0984 0x0c30 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] C:\Windows\System32\drivers\iaStor.sys
21:59:10.0985 0x0c30 C:\Windows\System32\drivers\iaStor.sys - ok
21:59:10.0996 0x0c30 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
21:59:10.0996 0x0c30 C:\Windows\System32\drivers\dumpfve.sys - ok
21:59:11.0007 0x0c30 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
21:59:11.0007 0x0c30 C:\Windows\System32\drivers\cdrom.sys - ok
21:59:11.0017 0x0c30 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
21:59:11.0018 0x0c30 C:\Windows\System32\drivers\beep.sys - ok
21:59:11.0028 0x0c30 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
21:59:11.0028 0x0c30 C:\Windows\System32\drivers\null.sys - ok
21:59:11.0039 0x0c30 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
21:59:11.0039 0x0c30 C:\Windows\System32\drivers\RDPCDD.sys - ok
21:59:11.0048 0x0c30 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
21:59:11.0048 0x0c30 C:\Windows\System32\drivers\vga.sys - ok
21:59:11.0059 0x0c30 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
21:59:11.0059 0x0c30 C:\Windows\System32\drivers\videoprt.sys - ok
21:59:11.0071 0x0c30 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
21:59:11.0071 0x0c30 C:\Windows\System32\drivers\watchdog.sys - ok
21:59:11.0080 0x0c30 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
21:59:11.0080 0x0c30 C:\Windows\System32\drivers\msfs.sys - ok
21:59:11.0092 0x0c30 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
21:59:11.0092 0x0c30 C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:59:11.0102 0x0c30 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
21:59:11.0102 0x0c30 C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:59:11.0114 0x0c30 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
21:59:11.0114 0x0c30 C:\Windows\System32\drivers\npfs.sys - ok
21:59:11.0125 0x0c30 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
21:59:11.0125 0x0c30 C:\Windows\System32\drivers\tdi.sys - ok
21:59:11.0137 0x0c30 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
21:59:11.0137 0x0c30 C:\Windows\System32\drivers\tdx.sys - ok
21:59:11.0147 0x0c30 [ 69BD90E337625F96C718CACE7A9C9E29, 586948D6715ACB845D58BB5A73B8E5DA96A5415BC67D0508054F03D9A5C21768 ] C:\Windows\System32\drivers\avgtdia.sys
21:59:11.0147 0x0c30 C:\Windows\System32\drivers\avgtdia.sys - ok
21:59:11.0158 0x0c30 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
21:59:11.0159 0x0c30 C:\Windows\System32\drivers\netbt.sys - ok
21:59:11.0169 0x0c30 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] C:\Windows\System32\drivers\afd.sys
21:59:11.0169 0x0c30 C:\Windows\System32\drivers\afd.sys - ok
21:59:11.0180 0x0c30 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
21:59:11.0180 0x0c30 C:\Windows\System32\drivers\wfplwf.sys - ok
21:59:11.0190 0x0c30 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
21:59:11.0190 0x0c30 C:\Windows\System32\drivers\pacer.sys - ok
21:59:11.0203 0x0c30 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
21:59:11.0203 0x0c30 C:\Windows\System32\drivers\vwififlt.sys - ok
21:59:11.0214 0x0c30 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
21:59:11.0214 0x0c30 C:\Windows\System32\drivers\netbios.sys - ok
21:59:11.0223 0x0c30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
21:59:11.0224 0x0c30 C:\Windows\System32\drivers\wanarp.sys - ok
21:59:11.0235 0x0c30 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
21:59:11.0235 0x0c30 C:\Windows\System32\drivers\termdd.sys - ok
21:59:11.0246 0x0c30 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
21:59:11.0246 0x0c30 C:\Windows\System32\drivers\rdbss.sys - ok
21:59:11.0257 0x0c30 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
21:59:11.0257 0x0c30 C:\Windows\System32\drivers\mssmbios.sys - ok
21:59:11.0267 0x0c30 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
21:59:11.0267 0x0c30 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:59:11.0279 0x0c30 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
21:59:11.0279 0x0c30 C:\Windows\System32\drivers\blbdrive.sys - ok
21:59:11.0289 0x0c30 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
21:59:11.0289 0x0c30 C:\Windows\System32\drivers\dfsc.sys - ok
21:59:11.0300 0x0c30 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
21:59:11.0300 0x0c30 C:\Windows\System32\drivers\discache.sys - ok
21:59:11.0312 0x0c30 [ FACD18A89FDEBC35C85CAF762B294BE2, FD6EBE87ACA6CC017AB7ED886B2BC13CA05BDA38E4B7E8A63F33EF7E5C755BB8 ] C:\Windows\System32\drivers\avgldx64.sys
21:59:11.0313 0x0c30 C:\Windows\System32\drivers\avgldx64.sys - ok
21:59:11.0322 0x0c30 [ 92B7689FBC131E143421A19C18320E34, D3A323015790355070A380731CA56547F518F8AF800BC71670481A646C8FEEB3 ] C:\Windows\System32\drivers\avgidsdrivera.sys
21:59:11.0322 0x0c30 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
21:59:11.0332 0x0c30 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
21:59:11.0332 0x0c30 C:\Windows\System32\drivers\tunnel.sys - ok
21:59:11.0342 0x0c30 [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
21:59:11.0342 0x0c30 C:\Windows\System32\ntdll.dll - ok
21:59:11.0350 0x0c30 [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
21:59:11.0350 0x0c30 C:\Windows\System32\smss.exe - ok
21:59:11.0360 0x0c30 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
21:59:11.0360 0x0c30 C:\Windows\System32\drivers\intelppm.sys - ok
21:59:11.0370 0x0c30 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
21:59:11.0370 0x0c30 C:\Windows\System32\drivers\CmBatt.sys - ok
21:59:11.0380 0x0c30 [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] C:\Windows\System32\drivers\igdkmd64.sys
21:59:11.0380 0x0c30 C:\Windows\System32\drivers\igdkmd64.sys - ok
21:59:11.0390 0x0c30 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] C:\Windows\System32\drivers\dxgkrnl.sys
21:59:11.0390 0x0c30 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:59:11.0400 0x0c30 [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
21:59:11.0400 0x0c30 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:59:11.0410 0x0c30 [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
21:59:11.0410 0x0c30 C:\Windows\System32\drivers\usbport.sys - ok
21:59:11.0419 0x0c30 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] C:\Windows\System32\drivers\usbuhci.sys
21:59:11.0419 0x0c30 C:\Windows\System32\drivers\usbuhci.sys - ok
21:59:11.0430 0x0c30 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
21:59:11.0430 0x0c30 C:\Windows\System32\drivers\usbehci.sys - ok
21:59:11.0442 0x0c30 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
21:59:11.0443 0x0c30 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:59:11.0453 0x0c30 [ CD8F32BB993B98E6705F11504A7F7250, 299E47B5D945F47FDCF5FF272EE6673F85871B45676B146AC1CDEB3FF2110AB6 ] C:\Windows\System32\drivers\rtl8192se.sys
21:59:11.0453 0x0c30 C:\Windows\System32\drivers\rtl8192se.sys - ok
21:59:11.0462 0x0c30 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
21:59:11.0462 0x0c30 C:\Windows\System32\drivers\vwifibus.sys - ok
21:59:11.0472 0x0c30 [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] C:\Windows\System32\drivers\Rt64win7.sys
21:59:11.0472 0x0c30 C:\Windows\System32\drivers\Rt64win7.sys - ok
21:59:11.0481 0x0c30 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
21:59:11.0481 0x0c30 C:\Windows\System32\drivers\i8042prt.sys - ok
21:59:11.0492 0x0c30 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
21:59:11.0493 0x0c30 C:\Windows\System32\drivers\kbdclass.sys - ok
21:59:11.0503 0x0c30 [ 868DFB220A18312A12CEF01BA9AC069B, D4C002963E236CEA8BF1FDC0B3333176693B41B8B3F2DD9469AA8B74C1F38E9C ] C:\Windows\System32\drivers\SynTP.sys
21:59:11.0503 0x0c30 C:\Windows\System32\drivers\SynTP.sys - ok
21:59:11.0511 0x0c30 [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
21:59:11.0511 0x0c30 C:\Windows\System32\drivers\usbd.sys - ok
21:59:11.0522 0x0c30 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
21:59:11.0522 0x0c30 C:\Windows\System32\drivers\mouclass.sys - ok
21:59:11.0531 0x0c30 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
21:59:11.0531 0x0c30 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
21:59:11.0541 0x0c30 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
21:59:11.0541 0x0c30 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:59:11.0552 0x0c30 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
21:59:11.0552 0x0c30 C:\Windows\System32\drivers\agilevpn.sys - ok
21:59:11.0561 0x0c30 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
21:59:11.0561 0x0c30 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:59:11.0571 0x0c30 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
21:59:11.0571 0x0c30 C:\Windows\System32\drivers\ndistapi.sys - ok
21:59:11.0580 0x0c30 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
21:59:11.0580 0x0c30 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:59:11.0592 0x0c30 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
21:59:11.0592 0x0c30 C:\Windows\System32\drivers\ndiswan.sys - ok
21:59:11.0603 0x0c30 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
21:59:11.0603 0x0c30 C:\Windows\System32\drivers\raspppoe.sys - ok
21:59:11.0612 0x0c30 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
21:59:11.0612 0x0c30 C:\Windows\System32\drivers\raspptp.sys - ok
21:59:11.0623 0x0c30 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
21:59:11.0623 0x0c30 C:\Windows\System32\drivers\rassstp.sys - ok
21:59:11.0633 0x0c30 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
21:59:11.0633 0x0c30 C:\Windows\System32\drivers\ks.sys - ok
21:59:11.0642 0x0c30 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
21:59:11.0642 0x0c30 C:\Windows\System32\drivers\swenum.sys - ok
21:59:11.0653 0x0c30 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
21:59:11.0653 0x0c30 C:\Windows\System32\drivers\umbus.sys - ok
21:59:11.0661 0x0c30 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
21:59:11.0661 0x0c30 C:\Windows\System32\drivers\usbhub.sys - ok
21:59:11.0671 0x0c30 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
21:59:11.0672 0x0c30 C:\Windows\System32\drivers\ndproxy.sys - ok
21:59:11.0682 0x0c30 [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
21:59:11.0682 0x0c30 C:\Windows\System32\drivers\drmk.sys - ok
21:59:11.0691 0x0c30 [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
21:59:11.0691 0x0c30 C:\Windows\System32\drivers\portcls.sys - ok
21:59:11.0701 0x0c30 [ B88E24BD77A0CE2CFFEE2FACF1151BE0, 7BC5EE908C1150E5F85843131BCE5A29806F15BCBF4ECE6AE7EEF10398AC3BBB ] C:\Windows\System32\drivers\RTKVHD64.sys
21:59:11.0701 0x0c30 C:\Windows\System32\drivers\RTKVHD64.sys - ok
21:59:11.0712 0x0c30 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
21:59:11.0712 0x0c30 C:\Windows\System32\drivers\ksthunk.sys - ok
21:59:11.0720 0x0c30 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
21:59:11.0720 0x0c30 C:\Windows\System32\autochk.exe - ok
21:59:11.0731 0x0c30 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
21:59:11.0732 0x0c30 C:\Windows\System32\drivers\fastfat.sys - ok
21:59:11.0740 0x0c30 [ 82446D358A9FB51CB9DA32A5C901D7A0, AC91F2B52C0ADB39CF9AE1D2B3FFA5AB310F3AEE6677421315D23549F5093A55 ] C:\Windows\System32\sdnclean64.exe
21:59:11.0740 0x0c30 C:\Windows\System32\sdnclean64.exe - ok
21:59:11.0752 0x0c30 [ 9D07036B26F23FA56A47DF732F3F5146, 98DC06922E919FD9AF2C9A09F2D1369C5936E295931E2930DD88955E74CB159D ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
21:59:11.0752 0x0c30 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
21:59:11.0763 0x0c30 [ CA81F2ABE0FD82B6D9ECF07E80738780, 587CA7C0475E1530F88F7496173A55D5DAF2BF85F8AA660B47E831BB16B9F15D ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
21:59:11.0763 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
21:59:11.0771 0x0c30 [ B988968C8E5A6832CDDF05A74601CF7C, D17F5BCD2C3B68BC4C159E6765B343328FB969862F7C51359DD54693D7471213 ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
21:59:11.0771 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
21:59:11.0816 0x0c30 [ 323336FB1DA273A0715844BC695951A0, E0D3A4BE7FB79DE2093AEEE8B13FD4F1268DD7A15FD28BD6FEB8FF5EF8D173CF ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
21:59:11.0816 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
21:59:11.0826 0x0c30 [ 10BC927A9035AA6B244706D9C1641F16, F80FC56605F2168253C9ECD8FA8857ACCE6F661F310175FBA318EB2A464C9475 ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll
21:59:11.0827 0x0c30 C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok
21:59:11.0836 0x0c30 [ 55DED6BDA026AEBEAB1FDA6E32D9F5B5, 1A6927BD9BBC10B2DBCB0967C757DC5888BE3EC657B854A9838E43C0B46BFE1E ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll
21:59:11.0836 0x0c30 C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok
21:59:11.0846 0x0c30 [ 4B969AA85CDE4FB9FBCA5F99A66C507B, 853EB4D254268F88C73A3CBCCE0934D2C6965F769A56CB4386C2E868BC5A507E ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll
21:59:11.0846 0x0c30 C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok
21:59:11.0856 0x0c30 [ E55BCC2A12A124216D8B239DF60FDBC3, E8D2675AB292E3CE2C130F757E76573ED213CB7A57CE1FCC98D97C88594FB9E1 ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
21:59:11.0857 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
21:59:11.0873 0x0c30 [ 048831E0AAF099132BE332C477CDC2E4, ECBEEDFF5E417E98E98B26647DCA843786B7457314982F73125424AA46D3FB75 ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
21:59:11.0873 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
21:59:11.0883 0x0c30 [ 046DF7D9A474763B9A3D19B33AA278E3, 1DE8C39104694DC439F83BB43A552A6BCD0F3EBE9C6F35D637DC86E6D865E7B6 ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
21:59:11.0883 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
21:59:11.0893 0x0c30 [ 84A4EE57462C8483AAE3F1DF2D82F4ED, 8CA8DD01376FC338DC887890179BFA1CE0FE9F7CEC8BACF683F3A9ED5DE97B27 ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
21:59:11.0893 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
21:59:11.0902 0x0c30 [ C3299EB4427E4058A99A28B569B5E555, 50135AABDC22BD3CF73FEB3558540165CFFA8F476E5E37941706C8F4464B3F80 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
21:59:11.0902 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
21:59:11.0914 0x0c30 [ 9A94644E2A9890FC9A7EE961057FFBA1, 717D2187ADB542F80577789AE9B5FBE0AB26E86350B6478A0631AC2381F242B0 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
21:59:11.0914 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
21:59:11.0923 0x0c30 [ 263B6E451526A90FF8B1CEC759F22956, 8225A6B0A31A68D3CB11A7A274A7E2153E98F7DF657195408A365A0AF789BD72 ] C:\Windows\System32\wininet.dll
21:59:11.0923 0x0c30 C:\Windows\System32\wininet.dll - ok
21:59:11.0932 0x0c30 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
21:59:11.0932 0x0c30 C:\Windows\System32\msvcrt.dll - ok
21:59:11.0942 0x0c30 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
21:59:11.0942 0x0c30 C:\Windows\System32\user32.dll - ok
21:59:11.0950 0x0c30 [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll
21:59:11.0951 0x0c30 C:\Windows\System32\gdi32.dll - ok
21:59:11.0964 0x0c30 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
21:59:11.0964 0x0c30 C:\Windows\System32\ole32.dll - ok
21:59:11.0974 0x0c30 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
21:59:11.0974 0x0c30 C:\Windows\System32\Wldap32.dll - ok
21:59:11.0983 0x0c30 [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
21:59:11.0983 0x0c30 C:\Windows\System32\lpk.dll - ok
21:59:11.0993 0x0c30 [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
21:59:11.0993 0x0c30 C:\Windows\System32\rpcrt4.dll - ok
21:59:12.0006 0x0c30 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
21:59:12.0006 0x0c30 C:\Windows\System32\clbcatq.dll - ok
21:59:12.0016 0x0c30 [ 22874047B810B5B174C68ACD7C0B6510, D3DC88210DBC13A2F3B41960C6C0E59A16D1AE20FC24AD059DF3B46A40A77095 ] C:\Windows\System32\urlmon.dll
21:59:12.0016 0x0c30 C:\Windows\System32\urlmon.dll - ok
21:59:12.0025 0x0c30 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
21:59:12.0025 0x0c30 C:\Windows\System32\shlwapi.dll - ok
21:59:12.0035 0x0c30 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
21:59:12.0035 0x0c30 C:\Windows\System32\psapi.dll - ok
21:59:12.0044 0x0c30 [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll
21:59:12.0045 0x0c30 C:\Windows\System32\kernel32.dll - ok
21:59:12.0059 0x0c30 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
21:59:12.0059 0x0c30 C:\Windows\System32\msctf.dll - ok
21:59:12.0069 0x0c30 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
21:59:12.0069 0x0c30 C:\Windows\System32\ws2_32.dll - ok
21:59:12.0078 0x0c30 [ 6300AD525D639CECBB3D144B6D7B30F9, 9A7BA443CC0A40215AC99599F4DF6A852D1DE3BD7AD1FBBCEBCCFD7F86062FA6 ] C:\Windows\System32\iertutil.dll
21:59:12.0078 0x0c30 C:\Windows\System32\iertutil.dll - ok
21:59:12.0090 0x0c30 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
21:59:12.0090 0x0c30 C:\Windows\System32\comdlg32.dll - ok
21:59:12.0100 0x0c30 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
21:59:12.0100 0x0c30 C:\Windows\System32\oleaut32.dll - ok
21:59:12.0114 0x0c30 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
21:59:12.0114 0x0c30 C:\Windows\System32\imm32.dll - ok
21:59:12.0123 0x0c30 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
21:59:12.0123 0x0c30 C:\Windows\System32\normaliz.dll - ok
21:59:12.0133 0x0c30 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
21:59:12.0133 0x0c30 C:\Windows\System32\nsi.dll - ok
21:59:12.0142 0x0c30 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
21:59:12.0142 0x0c30 C:\Windows\System32\setupapi.dll - ok
21:59:12.0155 0x0c30 [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
21:59:12.0155 0x0c30 C:\Windows\System32\usp10.dll - ok
21:59:12.0165 0x0c30 [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
21:59:12.0165 0x0c30 C:\Windows\System32\advapi32.dll - ok
21:59:12.0175 0x0c30 [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll
21:59:12.0175 0x0c30 C:\Windows\System32\shell32.dll - ok
21:59:12.0186 0x0c30 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
21:59:12.0186 0x0c30 C:\Windows\System32\sechost.dll - ok
21:59:12.0196 0x0c30 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
21:59:12.0196 0x0c30 C:\Windows\System32\difxapi.dll - ok
21:59:12.0208 0x0c30 [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
21:59:12.0208 0x0c30 C:\Windows\System32\imagehlp.dll - ok
21:59:12.0218 0x0c30 [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
21:59:12.0219 0x0c30 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
21:59:12.0229 0x0c30 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
21:59:12.0229 0x0c30 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
21:59:12.0238 0x0c30 [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
21:59:12.0238 0x0c30 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
21:59:12.0248 0x0c30 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
21:59:12.0248 0x0c30 C:\Windows\System32\comctl32.dll - ok
21:59:12.0257 0x0c30 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
21:59:12.0257 0x0c30 C:\Windows\System32\devobj.dll - ok
21:59:12.0267 0x0c30 [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
21:59:12.0267 0x0c30 C:\Windows\System32\wintrust.dll - ok
21:59:12.0277 0x0c30 [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
21:59:12.0277 0x0c30 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
21:59:12.0287 0x0c30 [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
21:59:12.0287 0x0c30 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
21:59:12.0297 0x0c30 [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
21:59:12.0297 0x0c30 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
21:59:12.0307 0x0c30 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
21:59:12.0307 0x0c30 C:\Windows\System32\cfgmgr32.dll - ok
21:59:12.0316 0x0c30 [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
21:59:12.0316 0x0c30 C:\Windows\System32\crypt32.dll - ok
21:59:12.0326 0x0c30 [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll
21:59:12.0326 0x0c30 C:\Windows\System32\KernelBase.dll - ok
21:59:12.0335 0x0c30 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
21:59:12.0335 0x0c30 C:\Windows\System32\msasn1.dll - ok
21:59:12.0344 0x0c30 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
21:59:12.0344 0x0c30 C:\Windows\SysWOW64\normaliz.dll - ok
21:59:12.0354 0x0c30 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
21:59:12.0354 0x0c30 C:\Windows\System32\drivers\dxapi.sys - ok
21:59:12.0363 0x0c30 [ F2BF71FCEAB8FB8A691408C478E2FF4C, B271A8B43FFC29C9CFEA2B50A2370760A38274D491CD2BA02A0EA4D0A3998DE6 ] C:\Windows\System32\win32k.sys
21:59:12.0363 0x0c30 C:\Windows\System32\win32k.sys - ok
21:59:12.0374 0x0c30 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
21:59:12.0374 0x0c30 C:\Windows\System32\basesrv.dll - ok
21:59:12.0383 0x0c30 [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
21:59:12.0383 0x0c30 C:\Windows\System32\csrsrv.dll - ok
21:59:12.0394 0x0c30 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
21:59:12.0394 0x0c30 C:\Windows\System32\csrss.exe - ok
21:59:12.0404 0x0c30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
21:59:12.0404 0x0c30 C:\Windows\System32\winsrv.dll - ok
21:59:12.0413 0x0c30 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
21:59:12.0413 0x0c30 C:\Windows\System32\drivers\monitor.sys - ok
21:59:12.0423 0x0c30 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
21:59:12.0423 0x0c30 C:\Windows\System32\tsddd.dll - ok
21:59:12.0431 0x0c30 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
21:59:12.0432 0x0c30 C:\Windows\System32\sxssrv.dll - ok
21:59:12.0441 0x0c30 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
21:59:12.0441 0x0c30 C:\Windows\System32\wininit.exe - ok
21:59:12.0450 0x0c30 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
21:59:12.0450 0x0c30 C:\Windows\System32\profapi.dll - ok
21:59:12.0460 0x0c30 [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
21:59:12.0460 0x0c30 C:\Windows\System32\cdd.dll - ok
21:59:12.0469 0x0c30 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
21:59:12.0470 0x0c30 C:\Windows\System32\RpcRtRemote.dll - ok
21:59:12.0479 0x0c30 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
21:59:12.0479 0x0c30 C:\Windows\System32\winlogon.exe - ok
21:59:12.0489 0x0c30 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
21:59:12.0489 0x0c30 C:\Windows\System32\winsta.dll - ok
21:59:12.0498 0x0c30 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
21:59:12.0498 0x0c30 C:\Windows\System32\KBDUS.DLL - ok
21:59:12.0509 0x0c30 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
21:59:12.0509 0x0c30 C:\Windows\System32\WlS0WndH.dll - ok
21:59:12.0519 0x0c30 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
21:59:12.0519 0x0c30 C:\Windows\System32\sxs.dll - ok
21:59:12.0528 0x0c30 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
21:59:12.0528 0x0c30 C:\Windows\System32\cryptbase.dll - ok
21:59:12.0538 0x0c30 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
21:59:12.0538 0x0c30 C:\Windows\System32\apphelp.dll - ok
21:59:12.0547 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] C:\Windows\System32\lsass.exe
21:59:12.0547 0x0c30 C:\Windows\System32\lsass.exe - ok
21:59:12.0557 0x0c30 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
21:59:12.0557 0x0c30 C:\Windows\System32\lsm.exe - ok
21:59:12.0566 0x0c30 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
21:59:12.0566 0x0c30 C:\Windows\System32\services.exe - ok
21:59:12.0575 0x0c30 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
21:59:12.0575 0x0c30 C:\Windows\System32\scext.dll - ok
21:59:12.0585 0x0c30 [ B08EA91C774AA734E0B9881F85CD9F42, C0757F98D190D426EBF5B0B6C151BFFD0A128344BAA4A1BA36DB28C16BB4A0F2 ] C:\Windows\System32\sspicli.dll
21:59:12.0585 0x0c30 C:\Windows\System32\sspicli.dll - ok
21:59:12.0594 0x0c30 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
21:59:12.0594 0x0c30 C:\Windows\System32\scesrv.dll - ok
21:59:12.0604 0x0c30 [ 208EAAFF40DA400190AA0605C797BEA2, 24C349881E7102267D1648F9CA6A9AF871F1CAA3290AC96CEABCC3724D833C5B ] C:\Windows\System32\secur32.dll
21:59:12.0604 0x0c30 C:\Windows\System32\secur32.dll - ok
21:59:12.0614 0x0c30 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
21:59:12.0614 0x0c30 C:\Windows\System32\srvcli.dll - ok
21:59:12.0623 0x0c30 [ 7C46EC9CCDE6E793713FA01DB2EB918E, 36647EF5E68B39A972AE2EDBE446F4CCC59ADAC5C4C172F2A66D79139E66BB30 ] C:\Windows\System32\sspisrv.dll
21:59:12.0623 0x0c30 C:\Windows\System32\sspisrv.dll - ok
21:59:12.0632 0x0c30 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
21:59:12.0632 0x0c30 C:\Windows\System32\sysntfy.dll - ok
21:59:12.0640 0x0c30 [ 086F906B1D30C0A5D35FE0F6362DAB21, C4C8CD9C60C6426E0402A4BE1D30CE30792D0A5FE1057266467E0C143DD1050C ] C:\Windows\System32\lsasrv.dll
21:59:12.0640 0x0c30 C:\Windows\System32\lsasrv.dll - ok
21:59:12.0651 0x0c30 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
21:59:12.0652 0x0c30 C:\Windows\System32\samsrv.dll - ok
21:59:12.0663 0x0c30 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
21:59:12.0663 0x0c30 C:\Windows\System32\wmsgapi.dll - ok
21:59:12.0670 0x0c30 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
21:59:12.0670 0x0c30 C:\Windows\System32\cryptdll.dll - ok
21:59:12.0680 0x0c30 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
21:59:12.0680 0x0c30 C:\Windows\System32\wevtapi.dll - ok
21:59:12.0689 0x0c30 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
21:59:12.0689 0x0c30 C:\Windows\System32\authz.dll - ok
21:59:12.0699 0x0c30 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
21:59:12.0699 0x0c30 C:\Windows\System32\bcrypt.dll - ok
21:59:12.0709 0x0c30 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
21:59:12.0709 0x0c30 C:\Windows\System32\cngaudit.dll - ok
21:59:12.0718 0x0c30 [ 747B9BA5412422F27934CB21131F0A3E, 2441F925C3B46A15141A0A1E1AA9DFCCA2891D823D55C6E6DA0E30C2DE3A7341 ] C:\Windows\System32\ncrypt.dll
21:59:12.0718 0x0c30 C:\Windows\System32\ncrypt.dll - ok
21:59:12.0727 0x0c30 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
21:59:12.0727 0x0c30 C:\Windows\System32\msprivs.dll - ok
21:59:12.0736 0x0c30 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
21:59:12.0737 0x0c30 C:\Windows\System32\netjoin.dll - ok
21:59:12.0746 0x0c30 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
21:59:12.0747 0x0c30 C:\Windows\System32\negoexts.dll - ok
21:59:12.0755 0x0c30 [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
21:59:12.0756 0x0c30 C:\Windows\System32\kerberos.dll - ok
21:59:12.0765 0x0c30 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
21:59:12.0765 0x0c30 C:\Windows\System32\cryptsp.dll - ok
21:59:12.0775 0x0c30 [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
21:59:12.0775 0x0c30 C:\Windows\System32\mswsock.dll - ok
21:59:12.0785 0x0c30 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
21:59:12.0785 0x0c30 C:\Windows\System32\wship6.dll - ok
21:59:12.0796 0x0c30 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
21:59:12.0796 0x0c30 C:\Windows\System32\msv1_0.dll - ok
21:59:12.0807 0x0c30 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
21:59:12.0807 0x0c30 C:\Windows\System32\netlogon.dll - ok
21:59:12.0815 0x0c30 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
21:59:12.0815 0x0c30 C:\Windows\System32\dnsapi.dll - ok
21:59:12.0825 0x0c30 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
21:59:12.0825 0x0c30 C:\Windows\System32\logoncli.dll - ok
21:59:12.0834 0x0c30 [ 31FFED18C7B836CEC1B559347E32E151, 80BA8E74EC60BF50240D95FC526485FD6A18F2316A4C4E2804C451164676EDEE ] C:\Windows\System32\schannel.dll
21:59:12.0835 0x0c30 C:\Windows\System32\schannel.dll - ok
21:59:12.0844 0x0c30 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
21:59:12.0844 0x0c30 C:\Windows\System32\wdigest.dll - ok
21:59:12.0853 0x0c30 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
21:59:12.0853 0x0c30 C:\Windows\System32\rsaenh.dll - ok
21:59:12.0863 0x0c30 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
21:59:12.0863 0x0c30 C:\Windows\System32\pku2u.dll - ok
21:59:12.0872 0x0c30 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
21:59:12.0873 0x0c30 C:\Windows\System32\TSpkg.dll - ok
21:59:12.0880 0x0c30 [ 55C892560C1B42BC57FB61AEFCED2F22, 9A15D6559B4FD2FE3A5C5CE13F3C1AD01D9576F6023BDBD12336A1654D33EC63 ] C:\Windows\System32\LIVESSP.DLL
21:59:12.0881 0x0c30 C:\Windows\System32\LIVESSP.DLL - ok
21:59:12.0891 0x0c30 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
21:59:12.0891 0x0c30 C:\Windows\System32\bcryptprimitives.dll - ok
21:59:12.0900 0x0c30 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
21:59:12.0900 0x0c30 C:\Windows\System32\credssp.dll - ok
21:59:12.0912 0x0c30 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
21:59:12.0912 0x0c30 C:\Windows\System32\efslsaext.dll - ok
21:59:12.0922 0x0c30 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
21:59:12.0923 0x0c30 C:\Windows\System32\scecli.dll - ok
21:59:12.0931 0x0c30 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
21:59:12.0931 0x0c30 C:\Windows\System32\ubpm.dll - ok
21:59:12.0942 0x0c30 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
21:59:12.0942 0x0c30 C:\Windows\System32\svchost.exe - ok
21:59:12.0951 0x0c30 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
21:59:12.0951 0x0c30 C:\Windows\System32\umpnpmgr.dll - ok
21:59:12.0960 0x0c30 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
21:59:12.0960 0x0c30 C:\Windows\System32\devrtl.dll - ok
21:59:12.0970 0x0c30 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
21:59:12.0970 0x0c30 C:\Windows\System32\SPInf.dll - ok
21:59:12.0979 0x0c30 [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
21:59:12.0979 0x0c30 C:\Windows\System32\atmfd.dll - ok
21:59:12.0988 0x0c30 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
21:59:12.0988 0x0c30 C:\Windows\System32\userenv.dll - ok
21:59:12.0998 0x0c30 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
21:59:12.0998 0x0c30 C:\Windows\System32\gpapi.dll - ok
21:59:13.0007 0x0c30 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
21:59:13.0008 0x0c30 C:\Windows\System32\pcwum.dll - ok
21:59:13.0017 0x0c30 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
21:59:13.0017 0x0c30 C:\Windows\System32\umpo.dll - ok
21:59:13.0026 0x0c30 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
21:59:13.0026 0x0c30 C:\Windows\System32\powrprof.dll - ok
21:59:13.0036 0x0c30 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
21:59:13.0036 0x0c30 C:\Windows\System32\drivers\luafv.sys - ok
21:59:13.0045 0x0c30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
21:59:13.0045 0x0c30 C:\Windows\System32\rpcss.dll - ok
21:59:13.0055 0x0c30 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
21:59:13.0055 0x0c30 C:\Windows\System32\RpcEpMap.dll - ok
21:59:13.0064 0x0c30 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
21:59:13.0064 0x0c30 C:\Windows\System32\wshqos.dll - ok
21:59:13.0074 0x0c30 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
21:59:13.0074 0x0c30 C:\Windows\System32\WSHTCPIP.DLL - ok
21:59:13.0085 0x0c30 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
21:59:13.0085 0x0c30 C:\Windows\System32\FirewallAPI.dll - ok
21:59:13.0094 0x0c30 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
21:59:13.0094 0x0c30 C:\Windows\System32\version.dll - ok
21:59:13.0104 0x0c30 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
21:59:13.0104 0x0c30 C:\Windows\System32\LogonUI.exe - ok
21:59:13.0114 0x0c30 [ 34152997FB906895290E0199AC94B85F, 6AEEB989FA6E4354F96F70D0169CC6CAAA56EEE3056F1CD20F5FE846EAC058C1 ] C:\Windows\System32\authui.dll
21:59:13.0114 0x0c30 C:\Windows\System32\authui.dll - ok
21:59:13.0123 0x0c30 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
21:59:13.0123 0x0c30 C:\Windows\System32\cryptui.dll - ok
21:59:13.0133 0x0c30 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:59:13.0133 0x0c30 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:59:13.0142 0x0c30 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
21:59:13.0142 0x0c30 C:\Windows\System32\wevtsvc.dll - ok
21:59:13.0151 0x0c30 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
21:59:13.0151 0x0c30 C:\Windows\System32\shacct.dll - ok
21:59:13.0161 0x0c30 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
21:59:13.0161 0x0c30 C:\Windows\System32\propsys.dll - ok
21:59:13.0170 0x0c30 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
21:59:13.0170 0x0c30 C:\Windows\System32\samlib.dll - ok
21:59:13.0180 0x0c30 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
21:59:13.0180 0x0c30 C:\Windows\System32\uxtheme.dll - ok
21:59:13.0189 0x0c30 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
21:59:13.0189 0x0c30 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
21:59:13.0200 0x0c30 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
21:59:13.0200 0x0c30 C:\Windows\System32\dui70.dll - ok
21:59:13.0211 0x0c30 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
21:59:13.0211 0x0c30 C:\Windows\System32\duser.dll - ok
21:59:13.0220 0x0c30 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
21:59:13.0220 0x0c30 C:\Windows\System32\SndVolSSO.dll - ok
21:59:13.0230 0x0c30 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
21:59:13.0230 0x0c30 C:\Windows\System32\hid.dll - ok
21:59:13.0239 0x0c30 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
21:59:13.0239 0x0c30 C:\Windows\System32\MMDevAPI.dll - ok
21:59:13.0249 0x0c30 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
21:59:13.0249 0x0c30 C:\Windows\System32\dwmapi.dll - ok
21:59:13.0259 0x0c30 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
21:59:13.0259 0x0c30 C:\Windows\System32\xmllite.dll - ok
21:59:13.0268 0x0c30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
21:59:13.0268 0x0c30 C:\Windows\System32\audiosrv.dll - ok
21:59:13.0278 0x0c30 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
21:59:13.0278 0x0c30 C:\Windows\System32\avrt.dll - ok
21:59:13.0287 0x0c30 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
21:59:13.0287 0x0c30 C:\Windows\System32\FntCache.dll - ok
21:59:13.0296 0x0c30 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
21:59:13.0297 0x0c30 C:\Windows\System32\profsvc.dll - ok
21:59:13.0307 0x0c30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
21:59:13.0307 0x0c30 C:\Windows\System32\mmcss.dll - ok
21:59:13.0316 0x0c30 [ 3D7BB6DD7A87B3E36E44CA94444247A8, 8EC25387910A85624A76C0312A7A8C2A4624E9B7A546FD071F70FE3C2F7F7333 ] C:\Windows\System32\WindowsCodecs.dll
21:59:13.0316 0x0c30 C:\Windows\System32\WindowsCodecs.dll - ok
21:59:13.0326 0x0c30 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
21:59:13.0326 0x0c30 C:\Windows\System32\winbrand.dll - ok
21:59:13.0336 0x0c30 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
21:59:13.0336 0x0c30 C:\Windows\System32\wtsapi32.dll - ok
21:59:13.0346 0x0c30 [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:59:13.0346 0x0c30 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:59:13.0357 0x0c30 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
21:59:13.0357 0x0c30 C:\Windows\System32\VaultCredProvider.dll - ok
21:59:13.0366 0x0c30 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
21:59:13.0366 0x0c30 C:\Windows\System32\BioCredProv.dll - ok
21:59:13.0376 0x0c30 [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
21:59:13.0376 0x0c30 C:\Windows\System32\credui.dll - ok
21:59:13.0389 0x0c30 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
21:59:13.0389 0x0c30 C:\Windows\System32\winbio.dll - ok
21:59:13.0398 0x0c30 [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
21:59:13.0398 0x0c30 C:\Windows\System32\netapi32.dll - ok
21:59:13.0408 0x0c30 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
21:59:13.0408 0x0c30 C:\Windows\System32\netutils.dll - ok
21:59:13.0418 0x0c30 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
21:59:13.0418 0x0c30 C:\Windows\System32\samcli.dll - ok
21:59:13.0427 0x0c30 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
21:59:13.0427 0x0c30 C:\Windows\System32\vaultcli.dll - ok
21:59:13.0436 0x0c30 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
21:59:13.0437 0x0c30 C:\Windows\System32\wkscli.dll - ok
21:59:13.0446 0x0c30 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
21:59:13.0446 0x0c30 C:\Windows\System32\certCredProvider.dll - ok
21:59:13.0456 0x0c30 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
21:59:13.0456 0x0c30 C:\Windows\System32\audiodg.exe - ok
21:59:13.0465 0x0c30 [ 7097425051CE67B450EBF2B1390AE492, 45354BA04E383B65D13A073F63EA5EA185D8B0C1E208B6671ED8EBC64711D109 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
21:59:13.0465 0x0c30 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
21:59:13.0475 0x0c30 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
21:59:13.0475 0x0c30 C:\Windows\System32\adtschema.dll - ok
21:59:13.0485 0x0c30 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:59:13.0485 0x0c30 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:59:13.0495 0x0c30 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
21:59:13.0495 0x0c30 C:\Windows\System32\ntmarta.dll - ok
21:59:13.0506 0x0c30 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
21:59:13.0506 0x0c30 C:\Windows\System32\gpsvc.dll - ok
21:59:13.0516 0x0c30 [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
21:59:13.0516 0x0c30 C:\Windows\System32\nlaapi.dll - ok
21:59:13.0525 0x0c30 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
21:59:13.0525 0x0c30 C:\Windows\System32\atl.dll - ok
21:59:13.0535 0x0c30 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
21:59:13.0535 0x0c30 C:\Windows\System32\themeservice.dll - ok
21:59:13.0544 0x0c30 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
21:59:13.0544 0x0c30 C:\Windows\System32\rasplap.dll - ok
21:59:13.0553 0x0c30 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
21:59:13.0553 0x0c30 C:\Windows\System32\rasapi32.dll - ok
21:59:13.0563 0x0c30 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
21:59:13.0563 0x0c30 C:\Windows\System32\rasman.dll - ok
21:59:13.0572 0x0c30 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
21:59:13.0572 0x0c30 C:\Windows\System32\rtutils.dll - ok
21:59:13.0581 0x0c30 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
21:59:13.0581 0x0c30 C:\Windows\System32\dsrole.dll - ok
21:59:13.0590 0x0c30 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
21:59:13.0590 0x0c30 C:\Windows\System32\es.dll - ok
21:59:13.0599 0x0c30 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
21:59:13.0599 0x0c30 C:\Windows\System32\slc.dll - ok
21:59:13.0609 0x0c30 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
21:59:13.0609 0x0c30 C:\Windows\System32\Sens.dll - ok
21:59:13.0618 0x0c30 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
21:59:13.0618 0x0c30 C:\Windows\System32\drivers\lltdio.sys - ok
21:59:13.0629 0x0c30 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
21:59:13.0629 0x0c30 C:\Windows\System32\uxsms.dll - ok
21:59:13.0638 0x0c30 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
21:59:13.0638 0x0c30 C:\Windows\System32\drivers\nwifi.sys - ok
21:59:13.0648 0x0c30 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
21:59:13.0648 0x0c30 C:\Windows\System32\drivers\ndisuio.sys - ok
21:59:13.0657 0x0c30 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
21:59:13.0657 0x0c30 C:\Windows\System32\drivers\rspndr.sys - ok
21:59:13.0667 0x0c30 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
21:59:13.0668 0x0c30 C:\Windows\System32\lmhsvc.dll - ok
21:59:13.0677 0x0c30 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
21:59:13.0677 0x0c30 C:\Windows\System32\nsisvc.dll - ok
21:59:13.0687 0x0c30 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
21:59:13.0687 0x0c30 C:\Windows\System32\dnsrslvr.dll - ok
21:59:13.0696 0x0c30 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
21:59:13.0697 0x0c30 C:\Windows\System32\IPHLPAPI.DLL - ok
21:59:13.0705 0x0c30 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
21:59:13.0705 0x0c30 C:\Windows\System32\keyiso.dll - ok
21:59:13.0715 0x0c30 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
21:59:13.0715 0x0c30 C:\Windows\System32\winnsi.dll - ok
21:59:13.0725 0x0c30 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
21:59:13.0725 0x0c30 C:\Windows\System32\eapsvc.dll - ok
21:59:13.0734 0x0c30 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
21:59:13.0734 0x0c30 C:\Windows\System32\eapphost.dll - ok
21:59:13.0744 0x0c30 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
21:59:13.0744 0x0c30 C:\Windows\System32\nrpsrv.dll - ok
21:59:13.0753 0x0c30 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
21:59:13.0753 0x0c30 C:\Windows\System32\wlansvc.dll - ok
21:59:13.0763 0x0c30 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
21:59:13.0763 0x0c30 C:\Windows\System32\dhcpcore.dll - ok
21:59:13.0774 0x0c30 [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
21:59:13.0774 0x0c30 C:\Windows\System32\dhcpcore6.dll - ok
21:59:13.0784 0x0c30 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
21:59:13.0784 0x0c30 C:\Windows\System32\umb.dll - ok
21:59:13.0794 0x0c30 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
21:59:13.0794 0x0c30 C:\Windows\System32\wlanmsm.dll - ok
21:59:13.0803 0x0c30 [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
21:59:13.0804 0x0c30 C:\Windows\System32\FWPUCLNT.DLL - ok
21:59:13.0813 0x0c30 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
21:59:13.0813 0x0c30 C:\Windows\System32\wlansec.dll - ok
21:59:13.0823 0x0c30 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
21:59:13.0823 0x0c30 C:\Windows\System32\UXInit.dll - ok
21:59:13.0831 0x0c30 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
21:59:13.0832 0x0c30 C:\Windows\System32\comres.dll - ok
21:59:13.0841 0x0c30 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
21:59:13.0841 0x0c30 C:\Windows\System32\drivers\fltMgr.sys - ok
21:59:13.0850 0x0c30 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
21:59:13.0850 0x0c30 C:\Windows\System32\onex.dll - ok
21:59:13.0859 0x0c30 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
21:59:13.0859 0x0c30 C:\Windows\System32\dhcpcsvc.dll - ok
21:59:13.0869 0x0c30 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
21:59:13.0869 0x0c30 C:\Windows\System32\eappprxy.dll - ok
21:59:13.0878 0x0c30 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
21:59:13.0878 0x0c30 C:\Windows\System32\winmm.dll - ok
21:59:13.0888 0x0c30 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
21:59:13.0888 0x0c30 C:\Windows\System32\eappcfg.dll - ok
21:59:13.0897 0x0c30 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
21:59:13.0898 0x0c30 C:\Windows\System32\l2gpstore.dll - ok
21:59:13.0908 0x0c30 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
21:59:13.0908 0x0c30 C:\Windows\System32\WinSCard.dll - ok
21:59:13.0918 0x0c30 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
21:59:13.0919 0x0c30 C:\Windows\System32\wlanutil.dll - ok
21:59:13.0928 0x0c30 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
21:59:13.0928 0x0c30 C:\Windows\System32\wlgpclnt.dll - ok
21:59:13.0938 0x0c30 [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
21:59:13.0938 0x0c30 C:\Windows\System32\msxml6.dll - ok
21:59:13.0960 0x0c30 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
21:59:13.0960 0x0c30 C:\Windows\System32\netprofm.dll - ok
21:59:13.0969 0x0c30 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
21:59:13.0969 0x0c30 C:\Windows\System32\wdmaud.drv - ok
21:59:13.0978 0x0c30 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
21:59:13.0978 0x0c30 C:\Windows\System32\dnsext.dll - ok
21:59:13.0988 0x0c30 [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
21:59:13.0988 0x0c30 C:\Windows\System32\dhcpcsvc6.dll - ok
21:59:13.0998 0x0c30 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
21:59:13.0998 0x0c30 C:\Windows\System32\shsvcs.dll - ok
21:59:14.0007 0x0c30 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
21:59:14.0007 0x0c30 C:\Windows\System32\schedsvc.dll - ok
21:59:14.0016 0x0c30 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
21:59:14.0016 0x0c30 C:\Windows\System32\ktmw32.dll - ok
21:59:14.0025 0x0c30 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
21:59:14.0025 0x0c30 C:\Windows\System32\fveapi.dll - ok
21:59:14.0035 0x0c30 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
21:59:14.0035 0x0c30 C:\Windows\System32\fvecerts.dll - ok
21:59:14.0044 0x0c30 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
21:59:14.0044 0x0c30 C:\Windows\System32\taskcomp.dll - ok
21:59:14.0055 0x0c30 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
21:59:14.0055 0x0c30 C:\Windows\System32\tbs.dll - ok
21:59:14.0066 0x0c30 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
21:59:14.0066 0x0c30 C:\Windows\System32\ksuser.dll - ok
21:59:14.0075 0x0c30 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
21:59:14.0075 0x0c30 C:\Windows\System32\PSHED.DLL - ok
21:59:14.0084 0x0c30 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
21:59:14.0084 0x0c30 C:\Windows\System32\wiarpc.dll - ok
21:59:14.0094 0x0c30 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:59:14.0094 0x0c30 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:59:14.0104 0x0c30 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
21:59:14.0104 0x0c30 C:\Windows\System32\oleacc.dll - ok
21:59:14.0113 0x0c30 [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
21:59:14.0113 0x0c30 C:\Windows\System32\UIAutomationCore.dll - ok
21:59:14.0122 0x0c30 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
21:59:14.0122 0x0c30 C:\Windows\System32\MPSSVC.dll - ok
21:59:14.0132 0x0c30 [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
21:59:14.0132 0x0c30 C:\Windows\System32\AudioSes.dll - ok
21:59:14.0140 0x0c30 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
21:59:14.0141 0x0c30 C:\Windows\System32\imageres.dll - ok
21:59:14.0150 0x0c30 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
21:59:14.0150 0x0c30 C:\Windows\System32\drivers\http.sys - ok
21:59:14.0160 0x0c30 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
21:59:14.0160 0x0c30 C:\Windows\System32\spoolsv.exe - ok
21:59:14.0169 0x0c30 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
21:59:14.0169 0x0c30 C:\Windows\System32\msacm32.drv - ok
21:59:14.0179 0x0c30 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
21:59:14.0179 0x0c30 C:\Windows\System32\midimap.dll - ok
21:59:14.0188 0x0c30 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
21:59:14.0188 0x0c30 C:\Windows\System32\msacm32.dll - ok
21:59:14.0199 0x0c30 [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
21:59:14.0199 0x0c30 C:\Windows\System32\AudioEng.dll - ok
21:59:14.0209 0x0c30 [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
21:59:14.0209 0x0c30 C:\Windows\System32\AUDIOKSE.dll - ok
21:59:14.0218 0x0c30 [ C95EA36228E0174AC53DC57530549AAF, 65DB2AECA1A6970FADB34C1187E7C1C847572CBC39F46BEFA2C5D261469487A3 ] C:\Windows\System32\RtkAPO64.dll
21:59:14.0218 0x0c30 C:\Windows\System32\RtkAPO64.dll - ok
21:59:14.0228 0x0c30 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
21:59:14.0228 0x0c30 C:\Windows\System32\netcfgx.dll - ok
21:59:14.0237 0x0c30 [ 973ADB6AD47AC047F900C0D760AB6BE2, 5F2F5B069973725FF94CF8C0D595F23FD3149115223D61C97D94784D84AC5E09 ] C:\Windows\System32\AERTAR64.dll
21:59:14.0237 0x0c30 C:\Windows\System32\AERTAR64.dll - ok
21:59:14.0247 0x0c30 [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
21:59:14.0247 0x0c30 C:\Windows\System32\WMALFXGFXDSP.dll - ok
21:59:14.0258 0x0c30 [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
21:59:14.0258 0x0c30 C:\Windows\System32\mfplat.dll - ok
21:59:14.0267 0x0c30 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
21:59:14.0267 0x0c30 C:\Windows\System32\BFE.DLL - ok
21:59:14.0276 0x0c30 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
21:59:14.0277 0x0c30 C:\Windows\System32\drivers\bowser.sys - ok
21:59:14.0286 0x0c30 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
21:59:14.0286 0x0c30 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:59:14.0296 0x0c30 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
21:59:14.0296 0x0c30 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:59:14.0306 0x0c30 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
21:59:14.0306 0x0c30 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:59:14.0315 0x0c30 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
21:59:14.0315 0x0c30 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:59:14.0325 0x0c30 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
21:59:14.0325 0x0c30 C:\Windows\System32\wfapigp.dll - ok
21:59:14.0337 0x0c30 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
21:59:14.0337 0x0c30 C:\Windows\System32\mscms.dll - ok
21:59:14.0346 0x0c30 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
21:59:14.0346 0x0c30 C:\Windows\System32\pcasvc.dll - ok
21:59:14.0356 0x0c30 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
21:59:14.0356 0x0c30 C:\Windows\System32\snmptrap.exe - ok
21:59:14.0365 0x0c30 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
21:59:14.0365 0x0c30 C:\Windows\System32\wkssvc.dll - ok
21:59:14.0375 0x0c30 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
21:59:14.0375 0x0c30 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
21:59:14.0386 0x0c30 [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
21:59:14.0386 0x0c30 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
21:59:14.0395 0x0c30 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
21:59:14.0395 0x0c30 C:\Windows\System32\provsvc.dll - ok
21:59:14.0405 0x0c30 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
21:59:14.0405 0x0c30 C:\Windows\System32\sstpsvc.dll - ok
21:59:14.0414 0x0c30 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:59:14.0414 0x0c30 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
21:59:14.0424 0x0c30 [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
21:59:14.0424 0x0c30 C:\Windows\SysWOW64\ntdll.dll - ok
21:59:14.0434 0x0c30 [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
21:59:14.0434 0x0c30 C:\Windows\System32\wow64.dll - ok
21:59:14.0443 0x0c30 [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
21:59:14.0443 0x0c30 C:\Windows\System32\wow64win.dll - ok
21:59:14.0453 0x0c30 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
21:59:14.0453 0x0c30 C:\Windows\System32\wow64cpu.dll - ok
21:59:14.0462 0x0c30 [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
21:59:14.0462 0x0c30 C:\Windows\SysWOW64\kernel32.dll - ok
21:59:14.0473 0x0c30 [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
21:59:14.0473 0x0c30 C:\Windows\SysWOW64\KernelBase.dll - ok
21:59:14.0484 0x0c30 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
21:59:14.0484 0x0c30 C:\Windows\SysWOW64\user32.dll - ok
21:59:14.0493 0x0c30 [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll
21:59:14.0493 0x0c30 C:\Windows\SysWOW64\gdi32.dll - ok
21:59:14.0502 0x0c30 [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
21:59:14.0503 0x0c30 C:\Windows\SysWOW64\lpk.dll - ok
21:59:14.0510 0x0c30 [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
21:59:14.0510 0x0c30 C:\Windows\SysWOW64\usp10.dll - ok
21:59:14.0520 0x0c30 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
21:59:14.0521 0x0c30 C:\Windows\SysWOW64\msvcrt.dll - ok
21:59:14.0530 0x0c30 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
21:59:14.0530 0x0c30 C:\Windows\SysWOW64\advapi32.dll - ok
21:59:14.0539 0x0c30 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
21:59:14.0539 0x0c30 C:\Windows\SysWOW64\sechost.dll - ok
21:59:14.0549 0x0c30 [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
21:59:14.0549 0x0c30 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:59:14.0558 0x0c30 [ 42B924C5F3924C1EB2539F22C10D7DF1, 5C922A6B9F4B5320ECEF67E81B37E6736BF01AF964A6966E24C8B29D0DDDDA3B ] C:\Windows\SysWOW64\sspicli.dll
21:59:14.0558 0x0c30 C:\Windows\SysWOW64\sspicli.dll - ok
21:59:14.0568 0x0c30 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
21:59:14.0568 0x0c30 C:\Windows\SysWOW64\cryptbase.dll - ok
21:59:14.0577 0x0c30 [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
21:59:14.0578 0x0c30 C:\Windows\SysWOW64\shell32.dll - ok
21:59:14.0587 0x0c30 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
21:59:14.0587 0x0c30 C:\Windows\SysWOW64\shlwapi.dll - ok
21:59:14.0596 0x0c30 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
21:59:14.0597 0x0c30 C:\Windows\SysWOW64\ole32.dll - ok
21:59:14.0606 0x0c30 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
21:59:14.0606 0x0c30 C:\Windows\SysWOW64\oleaut32.dll - ok
21:59:14.0615 0x0c30 [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
21:59:14.0616 0x0c30 C:\Windows\SysWOW64\crypt32.dll - ok
21:59:14.0627 0x0c30 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
21:59:14.0627 0x0c30 C:\Windows\SysWOW64\msasn1.dll - ok
21:59:14.0636 0x0c30 [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
21:59:14.0636 0x0c30 C:\Windows\SysWOW64\wintrust.dll - ok
21:59:14.0647 0x0c30 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:59:14.0647 0x0c30 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:59:14.0656 0x0c30 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
21:59:14.0656 0x0c30 C:\Windows\SysWOW64\imm32.dll - ok
21:59:14.0666 0x0c30 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
21:59:14.0666 0x0c30 C:\Windows\SysWOW64\msctf.dll - ok
21:59:14.0676 0x0c30 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:59:14.0676 0x0c30 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
21:59:14.0685 0x0c30 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:59:14.0686 0x0c30 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
21:59:14.0696 0x0c30 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
21:59:14.0696 0x0c30 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
21:59:14.0706 0x0c30 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
21:59:14.0706 0x0c30 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
21:59:14.0716 0x0c30 [ 60C079CB2150760263D1FE5FF6218961, FDC5B854D44033F2B6063E4964BA753E7F8280F210103FF9AAC72CFDF70F08DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
21:59:14.0716 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
21:59:14.0727 0x0c30 [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
21:59:14.0727 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
21:59:14.0736 0x0c30 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
21:59:14.0736 0x0c30 C:\Windows\SysWOW64\version.dll - ok
21:59:14.0746 0x0c30 [ EF8CD3C64EE9C08980D6D06CCCE46C68, 7DC061E0552BE776DC79662364DA1D90A4FF6D795002865DD1B1C3DEB77E4B98 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
21:59:14.0746 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
21:59:14.0757 0x0c30 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
21:59:14.0757 0x0c30 C:\Windows\SysWOW64\ws2_32.dll - ok
21:59:14.0766 0x0c30 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD, 668B6A8E029D364B70C965E2692EC0B8138D798AA26FDAB00AD71183BFFC60A8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
21:59:14.0766 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
21:59:14.0850 0x0c30 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
21:59:14.0850 0x0c30 C:\Windows\SysWOW64\nsi.dll - ok
21:59:14.0859 0x0c30 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
21:59:14.0859 0x0c30 C:\Windows\SysWOW64\wsock32.dll - ok
21:59:14.0869 0x0c30 [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
21:59:14.0869 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
21:59:14.0879 0x0c30 [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
21:59:14.0879 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
21:59:14.0889 0x0c30 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
21:59:14.0889 0x0c30 C:\Windows\SysWOW64\winmm.dll - ok
21:59:14.0898 0x0c30 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D, 416DA89AD7BF8D830BD9FAAC0D05B7327D8AF8D82E2B32C1BA3501123FA9192A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
21:59:14.0898 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
21:59:14.0908 0x0c30 [ A3609397EF273B03295DBB10274BE12C, E8B676074B1C17A6380248DEBC1C8D337FD3AC7CCCAD9B0E1F1A41D30F6146DC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
21:59:14.0908 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
21:59:14.0918 0x0c30 [ 149D74E1128A86DC9CFB2851FBEA11EB, 95E2FF3379DEE729089CF85140C4D4C202B7FEFE239024D48DFFD5CB1E7415BC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
21:59:14.0918 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
21:59:14.0928 0x0c30 [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
21:59:14.0928 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
21:59:14.0938 0x0c30 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
21:59:14.0938 0x0c30 C:\Windows\SysWOW64\profapi.dll - ok
21:59:14.0947 0x0c30 [ 4D9B3DFBAB2EA93B594B74D47E0B4E5D, 01DD03D27E27BC7E8B454543C36F83D9F71BD7A17D39D72B815DA5F5AFF115BF ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
21:59:14.0948 0x0c30 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
21:59:14.0957 0x0c30 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
21:59:14.0957 0x0c30 C:\Windows\SysWOW64\setupapi.dll - ok
21:59:14.0967 0x0c30 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:59:14.0967 0x0c30 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:59:14.0976 0x0c30 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
21:59:14.0976 0x0c30 C:\Windows\SysWOW64\devobj.dll - ok
21:59:14.0987 0x0c30 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
21:59:14.0987 0x0c30 C:\Windows\SysWOW64\userenv.dll - ok
21:59:14.0998 0x0c30 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
21:59:14.0998 0x0c30 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:59:15.0007 0x0c30 [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\Windows\SysWOW64\dnssd.dll
21:59:15.0007 0x0c30 C:\Windows\SysWOW64\dnssd.dll - ok
21:59:15.0017 0x0c30 [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
21:59:15.0017 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
21:59:15.0026 0x0c30 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
21:59:15.0027 0x0c30 C:\Windows\SysWOW64\mswsock.dll - ok
21:59:15.0036 0x0c30 [ AE4D9DC676A2517DEE3E51978BCFE47C, 8393F3E696CA5D675718FE801CBD253017468009584E9ED4B085E0F8F7341E43 ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
21:59:15.0036 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
21:59:15.0046 0x0c30 [ 8BEC8631AED9C58EF8DD7CE1755F86AA, AD4FB54349F04A4823C4085A0D9271CA3C8AC9BD0717CBE95C019F63F07B100F ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
21:59:15.0046 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
21:59:15.0055 0x0c30 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:59:15.0055 0x0c30 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:59:15.0065 0x0c30 [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\SysWOW64\msvcp100.dll
21:59:15.0065 0x0c30 C:\Windows\SysWOW64\msvcp100.dll - ok
21:59:15.0074 0x0c30 [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\SysWOW64\msvcr100.dll
21:59:15.0074 0x0c30 C:\Windows\SysWOW64\msvcr100.dll - ok
21:59:15.0084 0x0c30 [ FBDC1D23E595C22805BFE35D677732DA, C2D17DB780F45D408AC14296B4CE2F4C32CDC479599DCB176CA7708A57CDA5A2 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
21:59:15.0084 0x0c30 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
21:59:15.0094 0x0c30 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:59:15.0094 0x0c30 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:59:15.0103 0x0c30 [ 9C89246184979A070B0C6CCF61C68136, 409D5CB32E803B623F79A0CBAB094D33B078ED164002687B1CEA236E2B77C7D8 ] C:\Windows\SysWOW64\wininet.dll
21:59:15.0103 0x0c30 C:\Windows\SysWOW64\wininet.dll - ok
21:59:15.0114 0x0c30 [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
21:59:15.0114 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
21:59:15.0123 0x0c30 [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
21:59:15.0123 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
21:59:15.0134 0x0c30 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
21:59:15.0134 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
21:59:15.0145 0x0c30 [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
21:59:15.0145 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
21:59:15.0154 0x0c30 [ 34CBED7698D557DDB43F8732FBC2ACB9, 2406E009E037F0C577984792FD41CECD96078AA8B6EAC9207051CDE8DBED89CD ] C:\Windows\SysWOW64\iertutil.dll
21:59:15.0154 0x0c30 C:\Windows\SysWOW64\iertutil.dll - ok
21:59:15.0164 0x0c30 [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
21:59:15.0164 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
21:59:15.0174 0x0c30 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
21:59:15.0174 0x0c30 C:\Windows\SysWOW64\winnsi.dll - ok
21:59:15.0183 0x0c30 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
21:59:15.0183 0x0c30 C:\Windows\SysWOW64\psapi.dll - ok
21:59:15.0193 0x0c30 [ 5BDB1E096DEA119A4D205ACB6E958175, A4D7B0AAA4274827471FDE321A0BA5DADB7413A4ED0BD2A09A7191889B1B0809 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
21:59:15.0193 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
21:59:15.0202 0x0c30 [ A56CCBBFCCEDCE2FD9C69FED24E035E3, F2D59EBD24EF8ED039EDA084229201D180F8CE8C2B4A2F48FFD364979697AC85 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
21:59:15.0202 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
21:59:15.0212 0x0c30 [ A7DDDDE163F16AB49DF3DE9EEC715495, 00F83712F55C4B54F5B54595CDA2BCCDFCB72F0B31EED8274F87232106995EA6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
21:59:15.0212 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
21:59:15.0223 0x0c30 [ 21139ED432EFB4A8CDF715862DBDF9E0, 7F065A00ED796F3D5747DB781AE3E698543B3F4CD7F5A215C67470FAE9F26E7A ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
21:59:15.0223 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
21:59:15.0232 0x0c30 [ C28FD3B37B6F18751C99E6022A2A9782, 0D59CEE5F5E0731DD250A4FFD794E4F8ACA43BB5408145261D218245C4683551 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
21:59:15.0232 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
21:59:15.0243 0x0c30 [ 18301B40411B2108076AB685B4E4B6DC, 5E9DCB2376FCBAB5958BF3272B180221D547B3AE3D6758BBD354B9F57BD28C43 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
21:59:15.0243 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
21:59:15.0252 0x0c30 [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
21:59:15.0253 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
21:59:15.0262 0x0c30 [ 8564728CB493B0704EDB9A3607B3DDE9, 7EA1A11C6DAEA7CE251BD8ABF1A439EA360FC2C51473F13777FE6237EAC0B02F ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
21:59:15.0262 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
21:59:15.0273 0x0c30 [ 9E335DCB3EA00AA38724E80CEFA963A6, 0576CA5FA9CCFBD96B68824CC0C8CBC2B3336D5A75E17833C0C24B36AE456EE8 ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
21:59:15.0273 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
21:59:15.0283 0x0c30 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
21:59:15.0283 0x0c30 C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE - ok
21:59:15.0293 0x0c30 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
21:59:15.0293 0x0c30 C:\Windows\SysWOW64\msi.dll - ok
21:59:15.0303 0x0c30 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
21:59:15.0303 0x0c30 C:\Windows\SysWOW64\SensApi.dll - ok
21:59:15.0313 0x0c30 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
21:59:15.0313 0x0c30 C:\Windows\SysWOW64\clbcatq.dll - ok
21:59:15.0322 0x0c30 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
21:59:15.0323 0x0c30 C:\Windows\SysWOW64\cryptsp.dll - ok
21:59:15.0331 0x0c30 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] C:\Program Files\Bonjour\mDNSResponder.exe
21:59:15.0331 0x0c30 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:59:15.0340 0x0c30 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
21:59:15.0340 0x0c30 C:\Windows\SysWOW64\rsaenh.dll - ok
21:59:15.0350 0x0c30 [ 533328A3D9A9C286682525842547540C, 56BFE3213244E66555AC509140D5512430BE40E196DB3DA45BBC52687393B770 ] C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
21:59:15.0350 0x0c30 C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe - ok
21:59:15.0360 0x0c30 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:59:15.0361 0x0c30 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:59:15.0371 0x0c30 [ 414F57444511B818DB23FA5CF89F3205, 607959664741A23214B23293B4878DAD577F32B9D49D8E3F1E4B0F3B6727184B ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
21:59:15.0371 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
21:59:15.0380 0x0c30 [ 6C4B2E1A25841077084EB9F76FF6FFA7, 777D9E5D81409A54BF387BDDF4E471932FFB636406E390EC29EDF1FFFE3D8880 ] C:\Windows\SysWOW64\wmp.dll
21:59:15.0380 0x0c30 C:\Windows\SysWOW64\wmp.dll - ok
21:59:15.0390 0x0c30 [ 84174CA0E190BB9D1EFD0F005FE13B35, B0146E651DAD4A8050FAF70026F1B7CE16EF454EB6E31088CDEBE3CD57E6591C ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
21:59:15.0390 0x0c30 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
21:59:15.0400 0x0c30 [ F2056E965C6203B0EC7EA435DA08589A, E384F7D8C8BEB9657EF12928F46D68821D2CE885337AFD552C6F8353AF8E4BE1 ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
21:59:15.0400 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
21:59:15.0409 0x0c30 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
21:59:15.0409 0x0c30 C:\Windows\SysWOW64\dwmapi.dll - ok
21:59:15.0419 0x0c30 [ 02DF0628BE8B64B84D50FBE53549AA3B, AED50B07451F14D0C0682EDDC11ED5BBAD63D6DB11A91826B0ADBDBE411F0084 ] C:\Windows\SysWOW64\wmploc.DLL
21:59:15.0419 0x0c30 C:\Windows\SysWOW64\wmploc.DLL - ok
21:59:15.0428 0x0c30 [ 3961DE6134280FD3BC911D5B2119CECF, 37FC9E28C4D1A0BC7EC90040BBB59C61BDC3D4806C5DA77E0440C45EB8E523E1 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
21:59:15.0429 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
21:59:15.0439 0x0c30 [ 2E967B05E5D1EF57632819BDC54F19B1, 42C2C7D4994567509EA159E50FEA811F31B86667BFCFABF001D1295009700439 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
21:59:15.0439 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
21:59:15.0449 0x0c30 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
21:59:15.0449 0x0c30 C:\Windows\SysWOW64\sfc.dll - ok
21:59:15.0458 0x0c30 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
21:59:15.0458 0x0c30 C:\Windows\SysWOW64\sfc_os.dll - ok
21:59:15.0468 0x0c30 [ 372948BB5E41CE42341C4398DE572E56, A12A3CB0C04FD02A17E202FEE79EA1B4009DAE4B5DB8B9B9D4919D1FFB270CF3 ] C:\Windows\SysWOW64\secur32.dll
21:59:15.0468 0x0c30 C:\Windows\SysWOW64\secur32.dll - ok
21:59:15.0477 0x0c30 [ 099D9F937F6EE23672391B3A5BD6D7E5, E1D0A81C3A7E61EDA0B5F5C1B16DA2059622BE86F21B1205BE5809239065FCA7 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
21:59:15.0477 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
21:59:15.0487 0x0c30 [ 6686317DC7C3E90F5A20F49E8847EBB9, 356F34417CCA2623CE17D89A55007C2E5DFDA5E855CDA1469ECDB2D780F47AE5 ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
21:59:15.0487 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
21:59:15.0496 0x0c30 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
21:59:15.0496 0x0c30 C:\Windows\System32\cryptsvc.dll - ok
21:59:15.0505 0x0c30 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
21:59:15.0505 0x0c30 C:\Windows\System32\dps.dll - ok
21:59:15.0515 0x0c30 [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
21:59:15.0515 0x0c30 C:\Windows\System32\cryptnet.dll - ok
21:59:15.0524 0x0c30 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
21:59:15.0524 0x0c30 C:\Windows\System32\taskschd.dll - ok
21:59:15.0534 0x0c30 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
21:59:15.0534 0x0c30 C:\Windows\System32\vssapi.dll - ok
21:59:15.0543 0x0c30 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
21:59:15.0543 0x0c30 C:\Windows\System32\vsstrace.dll - ok
21:59:15.0553 0x0c30 [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
21:59:15.0553 0x0c30 C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:59:15.0564 0x0c30 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
21:59:15.0564 0x0c30 C:\Windows\SysWOW64\propsys.dll - ok
21:59:15.0573 0x0c30 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B, 7A8A051F414A0A11252A361461A086890BCE9F49CE1AF794061184AE16517EF1 ] C:\Windows\SysWOW64\mfplat.dll
21:59:15.0573 0x0c30 C:\Windows\SysWOW64\mfplat.dll - ok
21:59:15.0583 0x0c30 [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
21:59:15.0583 0x0c30 C:\Windows\SysWOW64\AudioSes.dll - ok
21:59:15.0593 0x0c30 [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
21:59:15.0593 0x0c30 C:\Windows\SysWOW64\avrt.dll - ok
21:59:15.0600 0x0c30 [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:59:15.0600 0x0c30 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE - ok
21:59:15.0610 0x0c30 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
21:59:15.0610 0x0c30 C:\Windows\System32\winspool.drv - ok
21:59:15.0619 0x0c30 [ 67DABFB8EB4AFA87C558504D5FCD43C8, 8B792DCDB6D2A7FA0136E38DE2253DB2EC39344109D200DF2654C7A021725CD8 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
21:59:15.0619 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
21:59:15.0629 0x0c30 [ D222579C912E5871100838F5A4FCCA77, 0246BB799425BA548EB5DCC006E9D87732EFC84DD2FD4E01F5E2F3D85E891582 ] C:\Windows\System32\RpcNs4.dll
21:59:15.0629 0x0c30 C:\Windows\System32\RpcNs4.dll - ok
21:59:15.0638 0x0c30 [ 2DFB151FD34DF104DAC0ADF070EDA83C, 8F127C7AAA2229FF1BD940274648EE84DB291B641390B1FA6B2DD9D8C8A9257A ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:59:15.0638 0x0c30 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
21:59:15.0648 0x0c30 [ 5AA89E152634954E15E9DB265C6A8557, 62ECC2B15AB920AD76FE3B8069F599C8354125BEECAF89B3475C37940760157F ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:59:15.0648 0x0c30 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
21:59:15.0658 0x0c30 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
21:59:15.0658 0x0c30 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe - ok
21:59:15.0667 0x0c30 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
21:59:15.0668 0x0c30 C:\Windows\System32\nlasvc.dll - ok
21:59:15.0677 0x0c30 [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
21:59:15.0677 0x0c30 C:\Windows\System32\ncsi.dll - ok
21:59:15.0687 0x0c30 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
21:59:15.0687 0x0c30 C:\Windows\System32\webio.dll - ok
21:59:15.0697 0x0c30 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
21:59:15.0697 0x0c30 C:\Windows\System32\winhttp.dll - ok
21:59:15.0707 0x0c30 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
21:59:15.0707 0x0c30 C:\Windows\System32\ssdpapi.dll - ok
21:59:15.0716 0x0c30 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
21:59:15.0716 0x0c30 C:\Windows\System32\IKEEXT.DLL - ok
21:59:15.0726 0x0c30 [ 5672C775FAB584EB5BABBB79C74C530E, 832C6D0FDFCB388CDFD1A75EA22E807B13DE7C68D246FFFA7C2E117921B29006 ] C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll
21:59:15.0726 0x0c30 C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll - ok
21:59:15.0736 0x0c30 [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
21:59:15.0737 0x0c30 C:\Windows\System32\wsock32.dll - ok
21:59:15.0745 0x0c30 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
21:59:15.0745 0x0c30 C:\Windows\System32\drivers\PEAuth.sys - ok
21:59:15.0755 0x0c30 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
21:59:15.0755 0x0c30 C:\Windows\System32\aepic.dll - ok
21:59:15.0764 0x0c30 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
21:59:15.0764 0x0c30 C:\Windows\System32\sfc.dll - ok
21:59:15.0774 0x0c30 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:59:15.0774 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
21:59:15.0792 0x0c30 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
21:59:15.0792 0x0c30 C:\Windows\SysWOW64\msimg32.dll - ok
21:59:15.0803 0x0c30 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:59:15.0804 0x0c30 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:59:15.0814 0x0c30 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
21:59:15.0814 0x0c30 C:\Windows\System32\sfc_os.dll - ok
21:59:15.0825 0x0c30 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
21:59:15.0825 0x0c30 C:\Windows\System32\vpnikeapi.dll - ok
21:59:15.0837 0x0c30 [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
21:59:15.0837 0x0c30 C:\Windows\SysWOW64\winsta.dll - ok
21:59:15.0847 0x0c30 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
21:59:15.0847 0x0c30 C:\Windows\SysWOW64\winspool.drv - ok
21:59:15.0858 0x0c30 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
21:59:15.0858 0x0c30 C:\Windows\SysWOW64\netapi32.dll - ok
21:59:15.0868 0x0c30 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
21:59:15.0868 0x0c30 C:\Windows\SysWOW64\netutils.dll - ok
21:59:15.0879 0x0c30 [ 14361FB2FD630988816A4F46AEAF0684, 62444B8B9CF07B281966DD9D22811B67B0F721DE199BCE07C2D3405EAED6B570 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
21:59:15.0879 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll - ok
21:59:15.0889 0x0c30 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
21:59:15.0889 0x0c30 C:\Windows\SysWOW64\samcli.dll - ok
21:59:15.0899 0x0c30 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
21:59:15.0899 0x0c30 C:\Windows\SysWOW64\srvcli.dll - ok
21:59:15.0908 0x0c30 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
21:59:15.0908 0x0c30 C:\Windows\SysWOW64\wkscli.dll - ok
21:59:15.0917 0x0c30 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
21:59:15.0918 0x0c30 C:\Windows\System32\aeevts.dll - ok
21:59:15.0927 0x0c30 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
21:59:15.0927 0x0c30 C:\Windows\System32\dllhost.exe - ok
21:59:15.0937 0x0c30 [ 9B375BB63F99B113C065A5DB4E632E23, 842627E881B8E4D32CBACFD1C13A640603C2709CAFAFB9AF2A5A2AFD0BB569DE ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll
21:59:15.0937 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll - ok
21:59:15.0947 0x0c30 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
21:59:15.0947 0x0c30 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
21:59:15.0957 0x0c30 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
21:59:15.0957 0x0c30 C:\Windows\System32\IDStore.dll - ok
21:59:15.0966 0x0c30 [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
21:59:15.0966 0x0c30 C:\Windows\SysWOW64\wevtapi.dll - ok
21:59:15.0976 0x0c30 [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
21:59:15.0976 0x0c30 C:\Windows\System32\taskhost.exe - ok
21:59:15.0986 0x0c30 [ 28AD5E311996A34025CFB07E131058DD, 89C8B29105DE5917A33A7682C8A62CB543609F1227A4890D7130646A0F54D946 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
21:59:15.0986 0x0c30 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
21:59:15.0997 0x0c30 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
21:59:15.0997 0x0c30 C:\Windows\System32\taskeng.exe - ok
21:59:16.0006 0x0c30 [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll
21:59:16.0006 0x0c30 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:59:16.0016 0x0c30 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
21:59:16.0017 0x0c30 C:\Windows\System32\PlaySndSrv.dll - ok
21:59:16.0027 0x0c30 [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
21:59:16.0027 0x0c30 C:\Windows\System32\AtBroker.exe - ok
21:59:16.0036 0x0c30 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
21:59:16.0036 0x0c30 C:\Windows\System32\MsCtfMonitor.dll - ok
21:59:16.0046 0x0c30 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
21:59:16.0046 0x0c30 C:\Windows\System32\rasadhlp.dll - ok
21:59:16.0055 0x0c30 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
21:59:16.0055 0x0c30 C:\Windows\System32\mpr.dll - ok
21:59:16.0065 0x0c30 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
21:59:16.0065 0x0c30 C:\Windows\System32\msutb.dll - ok
21:59:16.0075 0x0c30 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
21:59:16.0075 0x0c30 C:\Windows\System32\localspl.dll - ok
21:59:16.0084 0x0c30 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
21:59:16.0084 0x0c30 C:\Windows\System32\userinit.exe - ok
21:59:16.0094 0x0c30 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
21:59:16.0094 0x0c30 C:\Windows\System32\TSChannel.dll - ok
21:59:16.0103 0x0c30 [ DDAEC6977912B3ED0765073E748E6EB6, 370F4C9D6D68AAE3025DB26540E76EC2CE1A64324AB3773E5421A3D6B935C39C ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
21:59:16.0103 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
21:59:16.0113 0x0c30 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
21:59:16.0113 0x0c30 C:\Windows\System32\HotStartUserAgent.dll - ok
21:59:16.0123 0x0c30 [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
21:59:16.0123 0x0c30 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
21:59:16.0133 0x0c30 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
21:59:16.0133 0x0c30 C:\Windows\System32\dwm.exe - ok
21:59:16.0143 0x0c30 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
21:59:16.0144 0x0c30 C:\Windows\SysWOW64\wscapi.dll - ok
21:59:16.0152 0x0c30 [ 5D9DC6332A4FC66388B09BBE7CF53750, 497961D2ED6C83E1198C3706E4A6CB8B01FE55FCD96E19EEB279352CF56679C1 ] C:\Windows\SysWOW64\urlmon.dll
21:59:16.0153 0x0c30 C:\Windows\SysWOW64\urlmon.dll - ok
21:59:16.0163 0x0c30 [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
21:59:16.0163 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
21:59:16.0173 0x0c30 [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
21:59:16.0173 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
21:59:16.0182 0x0c30 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
21:59:16.0182 0x0c30 C:\Windows\explorer.exe - ok
21:59:16.0192 0x0c30 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:59:16.0192 0x0c30 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:59:16.0200 0x0c30 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
21:59:16.0200 0x0c30 C:\Windows\System32\spoolss.dll - ok
21:59:16.0211 0x0c30 [ 1728FA8A8B98396A1AD3A44CA87DFCBD, 5BDC2EBD4B6DA812350823DA6F157E5751CCE5B4677023FD950C3006CDF8CDB1 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
21:59:16.0211 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
21:59:16.0222 0x0c30 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
21:59:16.0222 0x0c30 C:\Windows\System32\dwmredir.dll - ok
21:59:16.0230 0x0c30 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
21:59:16.0230 0x0c30 C:\Windows\System32\PrintIsolationProxy.dll - ok
21:59:16.0240 0x0c30 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
21:59:16.0240 0x0c30 C:\Windows\SysWOW64\wbemcomn.dll - ok
21:59:16.0249 0x0c30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:16.0249 0x0c30 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
21:59:16.0259 0x0c30 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
21:59:16.0260 0x0c30 C:\Windows\System32\dwmcore.dll - ok
21:59:16.0270 0x0c30 [ 46B8E04B3C35CB93F89EF27746D7A908, D77F8BD5D6C82AE24334B682D9DD43EFA8F48E2BE6A64007192569129459B9B8 ] C:\Windows\System32\EP0SLM01.DLL
21:59:16.0270 0x0c30 C:\Windows\System32\EP0SLM01.DLL - ok
21:59:16.0280 0x0c30 [ 5119CA537F22E38019C811C0BE314EC2, E4C39FB7196E51177F4A61DDEE4319DF59A2C5C4573E104CD16BE6CD80B60EB1 ] C:\Windows\System32\E_ILMAIA.DLL
21:59:16.0280 0x0c30 C:\Windows\System32\E_ILMAIA.DLL - ok
21:59:16.0290 0x0c30 [ 60670A59D6B76AA4E41478A7AB76C282, 794B546AAA0AD3CE090EF8425A538D145D3589EFFAC64BC7DB5769F23FBED0C2 ] C:\Windows\System32\hpinksts8911LM.dll
21:59:16.0290 0x0c30 C:\Windows\System32\hpinksts8911LM.dll - ok
21:59:16.0300 0x0c30 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
21:59:16.0300 0x0c30 C:\Windows\SysWOW64\apphelp.dll - ok
21:59:16.0310 0x0c30 [ 46B5E0D4DE23D31E7B83E376BD99D7C6, B03B12F8AA7225B81AD4FC50B45CB53C88B9672C3560DE7E8D28620CB475E31C ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll
21:59:16.0310 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll - ok
21:59:16.0322 0x0c30 [ FEC92CAB23C9EA531C104EC7DD6B1457, 009B8AEA70A7D3B11233CC508E0FD6AA76780CFBC72A4A4D1A9AB829B55A8B05 ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
21:59:16.0322 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
21:59:16.0330 0x0c30 [ 6A0A8D20469EFD39A4A3463A88811A57, D33A8E023EF474E5E78793495E16F4E09EE8C113DB9CE87A1988A364F2C33429 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
21:59:16.0330 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
21:59:16.0340 0x0c30 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
21:59:16.0340 0x0c30 C:\Windows\System32\esent.dll - ok
21:59:16.0350 0x0c30 [ A43B937C580F5DFC43EF63EF72992FE9, 1B1C9B434BF12D39B2CC750AABB953169E3B43095827CD086750B2195BBC5B64 ] C:\Program Files (x86)\Google\Update\1.3.22.5\goopdate.dll
21:59:16.0350 0x0c30 C:\Program Files (x86)\Google\Update\1.3.22.5\goopdate.dll - ok
21:59:16.0360 0x0c30 [ C835670705596AE67EE7E0AE92A12071, CEC45F1315B320CD7D9DB9307061BBA21F6C23EC12002145318DE1CB0E9ECF14 ] C:\Windows\System32\HPZLLLHN.DLL
21:59:16.0360 0x0c30 C:\Windows\System32\HPZLLLHN.DLL - ok
21:59:16.0369 0x0c30 [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
21:59:16.0370 0x0c30 C:\Windows\System32\FXSMON.dll - ok
21:59:16.0380 0x0c30 [ 4C867B62F6100C107A3A8F5E7A10461D, 890A90A16B0ED6B2F5EE16B140C22586B2068389CAF25F630B11CAAC336D7007 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
21:59:16.0380 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl - ok
21:59:16.0390 0x0c30 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
21:59:16.0390 0x0c30 C:\Windows\System32\tcpmon.dll - ok
21:59:16.0400 0x0c30 [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
21:59:16.0400 0x0c30 C:\Windows\System32\d3d10_1.dll - ok
21:59:16.0410 0x0c30 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
21:59:16.0410 0x0c30 C:\Windows\System32\snmpapi.dll - ok
21:59:16.0420 0x0c30 [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
21:59:16.0420 0x0c30 C:\Windows\SysWOW64\imagehlp.dll - ok
21:59:16.0430 0x0c30 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
21:59:16.0430 0x0c30 C:\Windows\SysWOW64\uxtheme.dll - ok
21:59:16.0439 0x0c30 [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
21:59:16.0439 0x0c30 C:\Windows\System32\d3d10_1core.dll - ok
21:59:16.0449 0x0c30 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
21:59:16.0449 0x0c30 C:\Windows\System32\wsnmp32.dll - ok
21:59:16.0458 0x0c30 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
21:59:16.0459 0x0c30 C:\Windows\SysWOW64\cscapi.dll - ok
21:59:16.0468 0x0c30 [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
21:59:16.0468 0x0c30 C:\Windows\System32\msvcr100.dll - ok
21:59:16.0478 0x0c30 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
21:59:16.0478 0x0c30 C:\Windows\SysWOW64\ntmarta.dll - ok
21:59:16.0487 0x0c30 [ A6639BC625634614DC30392BD81C4001, 28747093AF4466887C440B810A0B4F655573D8548711B3C8C0F63FEFCFF43591 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
21:59:16.0487 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
21:59:16.0497 0x0c30 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
21:59:16.0497 0x0c30 C:\Windows\System32\usbmon.dll - ok
21:59:16.0506 0x0c30 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
21:59:16.0506 0x0c30 C:\Windows\SysWOW64\Wldap32.dll - ok
21:59:16.0516 0x0c30 [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
21:59:16.0516 0x0c30 C:\Windows\System32\dxgi.dll - ok
21:59:16.0526 0x0c30 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
21:59:16.0526 0x0c30 C:\Windows\SysWOW64\dbghelp.dll - ok
21:59:16.0535 0x0c30 [ B6AA8414125791F3D7B7EB0580955815, 7B6E843329144B98582E39ECC19CF3547F36EE23C07AF8B43EC66B8BB11B82CF ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
21:59:16.0535 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
21:59:16.0545 0x0c30 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
21:59:16.0545 0x0c30 C:\Windows\System32\WSDMon.dll - ok
21:59:16.0554 0x0c30 [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
21:59:16.0554 0x0c30 C:\Windows\System32\d3d11.dll - ok
21:59:16.0565 0x0c30 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
21:59:16.0565 0x0c30 C:\Windows\SysWOW64\mpr.dll - ok
21:59:16.0575 0x0c30 [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
21:59:16.0575 0x0c30 C:\Windows\SysWOW64\shfolder.dll - ok
21:59:16.0584 0x0c30 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
21:59:16.0584 0x0c30 C:\Windows\SysWOW64\oleacc.dll - ok
21:59:16.0594 0x0c30 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
21:59:16.0595 0x0c30 C:\Windows\System32\WSDApi.dll - ok
21:59:16.0604 0x0c30 [ 110145B6EC64C9800468C18ED81B6FC5, 14E1806F59C8141842E26CE0D10136B367BDBDE35FBCDA5619CDF33B1105932C ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
21:59:16.0604 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl - ok
21:59:16.0615 0x0c30 [ C98ACDE22458C8F46FD0503CB9E2D01F, C3B06C13F2EC3DCD6B91F02D11204FE06FBEE6C673E8CDEF1134C764250438AA ] C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
21:59:16.0615 0x0c30 C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe - ok
21:59:16.0625 0x0c30 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
21:59:16.0625 0x0c30 C:\Windows\System32\webservices.dll - ok
21:59:16.0634 0x0c30 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
21:59:16.0634 0x0c30 C:\Windows\System32\ExplorerFrame.dll - ok
21:59:16.0644 0x0c30 [ EA8B5B41163A06FFA8930F5316473035, 4F17F02AECBE5890ED5A2ECCEFDE519CB35754BE8ECE5F8ACC28410FC4774804 ] C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
21:59:16.0644 0x0c30 C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe - ok
21:59:16.0654 0x0c30 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
21:59:16.0654 0x0c30 C:\Windows\System32\cscapi.dll - ok
21:59:16.0663 0x0c30 [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
21:59:16.0663 0x0c30 C:\Windows\System32\dbghelp.dll - ok
21:59:16.0674 0x0c30 [ 25A2EEF8D22E36F3C7B368BCF245BDC3, 2DB48BC960406394082301A701AF31F468FC0DC4D432A2A18E3754BBB1A3C1CA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
21:59:16.0674 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
21:59:16.0683 0x0c30 [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
21:59:16.0683 0x0c30 C:\Windows\SysWOW64\mstask.dll - ok
21:59:16.0695 0x0c30 [ D9AF104F7E21FA859EFA3C67E5522E88, F821D0A103BCEF48ABECE5EF52F5B48DE19351B196EDCD2A2B1D48DA94A83443 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
21:59:16.0695 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl - ok
21:59:16.0706 0x0c30 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
21:59:16.0706 0x0c30 C:\Windows\System32\fundisc.dll - ok
21:59:16.0715 0x0c30 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
21:59:16.0715 0x0c30 C:\Windows\System32\fdPnp.dll - ok
21:59:16.0725 0x0c30 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
21:59:16.0725 0x0c30 C:\Windows\System32\EhStorShell.dll - ok
21:59:16.0734 0x0c30 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
21:59:16.0734 0x0c30 C:\Windows\SysWOW64\comdlg32.dll - ok
21:59:16.0744 0x0c30 [ D8F0E941B1E35DEEE3EDF6DF45517607, 7E240ABF23AA4B078D4CE6072C28C6CB968F74D5A82DF3780EE8A5E594960212 ] C:\Windows\System32\igd10umd64.dll
21:59:16.0744 0x0c30 C:\Windows\System32\igd10umd64.dll - ok
21:59:16.0755 0x0c30 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
21:59:16.0755 0x0c30 C:\Windows\System32\ntshrui.dll - ok
21:59:16.0764 0x0c30 [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:59:16.0764 0x0c30 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:59:16.0774 0x0c30 [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
21:59:16.0774 0x0c30 C:\Windows\SysWOW64\oledlg.dll - ok
21:59:16.0789 0x0c30 [ C30A50449EA4B611484A5F1F1F016774, 92A7799326EE3E889938E35408F8F9B831B6EA8A90691757445BFBE5080AFD46 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
21:59:16.0789 0x0c30 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
21:59:16.0799 0x0c30 [ 776405A9F755BA8BA5CA9039F0D18067, 4960C047B17021AC2CDB1947722FC3577B29AE24D8C41ED81D7CD5238A30EFD7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
21:59:16.0799 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl - ok
21:59:16.0809 0x0c30 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
21:59:16.0809 0x0c30 C:\Windows\System32\IconCodecService.dll - ok
21:59:16.0819 0x0c30 [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
21:59:16.0819 0x0c30 C:\Windows\System32\win32spl.dll - ok
21:59:16.0830 0x0c30 [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
21:59:16.0830 0x0c30 C:\Windows\System32\inetpp.dll - ok
21:59:16.0842 0x0c30 [ 75B5CCDAD97A2A6D245ACA1ACB415DA5, 60B2A2337B1AC67B9EAB08017ED012A89D293BC994329EF1CD654BDF8F1BF456 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
21:59:16.0842 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl - ok
21:59:16.0853 0x0c30 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
21:59:16.0853 0x0c30 C:\Windows\System32\uDWM.dll - ok
21:59:16.0862 0x0c30 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
21:59:16.0862 0x0c30 C:\Windows\SysWOW64\bcrypt.dll - ok
21:59:16.0875 0x0c30 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:59:16.0875 0x0c30 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:59:16.0885 0x0c30 [ FDC385A0F7D7DD880C4622D1DF08ABE9, D9596264D98B09A5C44DD63B69B7253377B5FF237B6F2C4F97258E86FFAD055A ] C:\Windows\System32\ntprint.dll
21:59:16.0885 0x0c30 C:\Windows\System32\ntprint.dll - ok
21:59:16.0894 0x0c30 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
21:59:16.0894 0x0c30 C:\Windows\System32\drivers\secdrv.sys - ok
21:59:16.0904 0x0c30 [ A4FAB5F7818A69DA6E740943CB8F7CA9, 6FA24FD46AD6642B21EF3BE4212FF22F3645EC7B0056859FCA184177F5C85AA2 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:16.0904 0x0c30 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
21:59:16.0915 0x0c30 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
21:59:16.0915 0x0c30 C:\Windows\System32\drivers\srvnet.sys - ok
21:59:16.0928 0x0c30 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
21:59:16.0928 0x0c30 C:\Windows\System32\sysmain.dll - ok
21:59:16.0937 0x0c30 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
21:59:16.0937 0x0c30 C:\Windows\System32\wiaservc.dll - ok
21:59:16.0947 0x0c30 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
21:59:16.0947 0x0c30 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:59:16.0957 0x0c30 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
21:59:16.0957 0x0c30 C:\Windows\System32\wiatrace.dll - ok
21:59:16.0966 0x0c30 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
21:59:16.0966 0x0c30 C:\Windows\System32\trkwks.dll - ok
21:59:16.0977 0x0c30 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:59:16.0977 0x0c30 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
21:59:16.0989 0x0c30 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
21:59:16.0989 0x0c30 C:\Windows\System32\seclogon.dll - ok
21:59:17.0000 0x0c30 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
21:59:17.0000 0x0c30 C:\Windows\SysWOW64\devrtl.dll - ok
21:59:17.0012 0x0c30 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
21:59:17.0012 0x0c30 C:\Windows\System32\SensApi.dll - ok
21:59:17.0022 0x0c30 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
21:59:17.0022 0x0c30 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
21:59:17.0036 0x0c30 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
21:59:17.0036 0x0c30 C:\Windows\System32\wer.dll - ok
21:59:17.0051 0x0c30 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
21:59:17.0051 0x0c30 C:\Windows\System32\drivers\srv2.sys - ok
21:59:17.0062 0x0c30 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
21:59:17.0062 0x0c30 C:\Windows\System32\drivers\srv.sys - ok
21:59:17.0070 0x0c30 [ DC1BBA01FFB5745B8862931E7DE7304A, BE128A621B074FEB0EFEFD5642314E911C4D1EB07B175A502006CC9F53BB1CB4 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
21:59:17.0070 0x0c30 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
21:59:17.0080 0x0c30 [ 0D298133C359AB8CB9EB4FA178BF3947, C876CE5E463BB116E41D1C90105D75F2DFCAEBF5FDE2A68AED0D2988470CEB31 ] C:\Windows\System32\msxml3.dll
21:59:17.0080 0x0c30 C:\Windows\System32\msxml3.dll - ok
21:59:17.0090 0x0c30 [ 70A176BF2ED362862944C371838262F8, 7F54164AB73160826991B565D1B1804BA9F6223830503B5A4F84B7E8AEFAF6A1 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
21:59:17.0091 0x0c30 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
21:59:17.0103 0x0c30 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
21:59:17.0103 0x0c30 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:59:17.0113 0x0c30 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
21:59:17.0113 0x0c30 C:\Windows\System32\wbemcomn.dll - ok
21:59:17.0123 0x0c30 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
21:59:17.0123 0x0c30 C:\Windows\System32\srvsvc.dll - ok
21:59:17.0132 0x0c30 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:59:17.0132 0x0c30 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:59:17.0142 0x0c30 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:59:17.0142 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
21:59:17.0152 0x0c30 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
21:59:17.0152 0x0c30 C:\Windows\System32\browser.dll - ok
21:59:17.0163 0x0c30 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
21:59:17.0163 0x0c30 C:\Windows\System32\wbem\fastprox.dll - ok
21:59:17.0173 0x0c30 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
21:59:17.0173 0x0c30 C:\Windows\System32\netmsg.dll - ok
21:59:17.0183 0x0c30 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
21:59:17.0183 0x0c30 C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:59:17.0193 0x0c30 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
21:59:17.0193 0x0c30 C:\Windows\System32\wbem\wbemcore.dll - ok
21:59:17.0203 0x0c30 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
21:59:17.0203 0x0c30 C:\Windows\System32\wbem\esscli.dll - ok
21:59:17.0213 0x0c30 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
21:59:17.0213 0x0c30 C:\Windows\System32\ntdsapi.dll - ok
21:59:17.0222 0x0c30 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
21:59:17.0222 0x0c30 C:\Windows\System32\wbem\wbemprox.dll - ok
21:59:17.0232 0x0c30 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
21:59:17.0232 0x0c30 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
21:59:17.0243 0x0c30 [ 816D64F554FBD234DD2C77F4E08C7D5C, C3434F5C3AC23457415A8A0F118130717B11E9DD6F37F589355C674198586387 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
21:59:17.0243 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
21:59:17.0253 0x0c30 [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
21:59:17.0253 0x0c30 C:\Windows\SysWOW64\cabinet.dll - ok
21:59:17.0262 0x0c30 [ DD502A2E7B85EA7A3814C1034E6C23D3, 551D6C28DA6116DC65111BFA21E23BA8AE77193BEAF3DF505C343E6DC3CD5304 ] C:\Windows\AppPatch\AcGenral.dll
21:59:17.0262 0x0c30 C:\Windows\AppPatch\AcGenral.dll - ok
21:59:17.0272 0x0c30 [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
21:59:17.0272 0x0c30 C:\Windows\SysWOW64\msacm32.dll - ok
21:59:17.0280 0x0c30 [ 6A06EB11F1E5BDAA795DAE7838F9FE20, 1BDE12A181AA921FB83476FB05A5D9739FAED6093E459DDA3B0B73430E3951E0 ] C:\Windows\SysWOW64\jsproxy.dll
21:59:17.0281 0x0c30 C:\Windows\SysWOW64\jsproxy.dll - ok
21:59:17.0296 0x0c30 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
21:59:17.0296 0x0c30 C:\Windows\SysWOW64\winhttp.dll - ok
21:59:17.0307 0x0c30 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
21:59:17.0307 0x0c30 C:\Windows\SysWOW64\webio.dll - ok
21:59:17.0318 0x0c30 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
21:59:17.0318 0x0c30 C:\Windows\SysWOW64\wship6.dll - ok
21:59:17.0327 0x0c30 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
21:59:17.0327 0x0c30 C:\Windows\System32\sscore.dll - ok
21:59:17.0337 0x0c30 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
21:59:17.0337 0x0c30 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:59:17.0347 0x0c30 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:59:17.0347 0x0c30 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:59:17.0356 0x0c30 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
21:59:17.0356 0x0c30 C:\Windows\System32\clusapi.dll - ok
21:59:17.0366 0x0c30 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:59:17.0366 0x0c30 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:59:17.0375 0x0c30 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
21:59:17.0375 0x0c30 C:\Windows\SysWOW64\ntdsapi.dll - ok
21:59:17.0385 0x0c30 [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
21:59:17.0385 0x0c30 C:\Windows\System32\dssenh.dll - ok
21:59:17.0394 0x0c30 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
21:59:17.0394 0x0c30 C:\Windows\System32\resutils.dll - ok
21:59:17.0404 0x0c30 [ AD7FB087A238883D1618F29F7BBBD584, D9541CA4D2AADFEEEC195863133B16C2EC94CA63F842F5646F7834F2D0E85FF3 ] C:\Windows\SysWOW64\ncrypt.dll
21:59:17.0404 0x0c30 C:\Windows\SysWOW64\ncrypt.dll - ok
21:59:17.0414 0x0c30 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
21:59:17.0414 0x0c30 C:\Windows\SysWOW64\gpapi.dll - ok
21:59:17.0423 0x0c30 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
21:59:17.0423 0x0c30 C:\Windows\System32\wbem\wmiutils.dll - ok
21:59:17.0433 0x0c30 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
21:59:17.0433 0x0c30 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:59:17.0442 0x0c30 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:59:17.0442 0x0c30 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:59:17.0454 0x0c30 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
21:59:17.0454 0x0c30 C:\Windows\System32\ncobjapi.dll - ok
21:59:17.0464 0x0c30 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
21:59:17.0464 0x0c30 C:\Windows\System32\wbem\wbemess.dll - ok
21:59:17.0474 0x0c30 [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
21:59:17.0474 0x0c30 C:\Windows\SysWOW64\cryptnet.dll - ok
21:59:17.0484 0x0c30 [ D21AB32F16E8DE67D45E5A383B5E52BA, 29870BFD4337A80BE9C96897C59CBBF412971EE67CB65BA9C0622CAD90FA3CB5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
21:59:17.0485 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll - ok
21:59:17.0495 0x0c30 [ B009D6171147BE129636A49C4178E487, DBAA8C7FDD8F6A55AE10F9E1537CE71283A34920BFAD5CD386BA3EC05C1F4E76 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
21:59:17.0495 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll - ok
21:59:17.0505 0x0c30 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
21:59:17.0505 0x0c30 C:\Windows\System32\iphlpsvc.dll - ok
21:59:17.0515 0x0c30 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
21:59:17.0515 0x0c30 C:\Windows\System32\sqmapi.dll - ok
21:59:17.0525 0x0c30 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
21:59:17.0525 0x0c30 C:\Windows\System32\wdscore.dll - ok
21:59:17.0537 0x0c30 [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
21:59:17.0537 0x0c30 C:\Windows\System32\nci.dll - ok
21:59:17.0547 0x0c30 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
21:59:17.0547 0x0c30 C:\Windows\System32\hnetcfg.dll - ok
21:59:17.0557 0x0c30 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
21:59:17.0557 0x0c30 C:\Windows\System32\wscsvc.dll - ok
21:59:17.0566 0x0c30 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:59:17.0567 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
21:59:17.0577 0x0c30 [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
21:59:17.0577 0x0c30 C:\Windows\System32\wbem\NCProv.dll - ok
21:59:17.0586 0x0c30 [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
21:59:17.0586 0x0c30 C:\Windows\System32\p2pcollab.dll - ok
21:59:17.0597 0x0c30 [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
21:59:17.0597 0x0c30 C:\Windows\SysWOW64\olepro32.dll - ok
21:59:17.0608 0x0c30 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
21:59:17.0608 0x0c30 C:\Windows\System32\QAGENTRT.DLL - ok
21:59:17.0617 0x0c30 [ 6BD3E11E7B82E0964D51975371D7F2E0, C810DBDB15DB75AEFAC06FC1AAC1D71D82268C4B0910A28BE390D66F164F2341 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll
21:59:17.0617 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll - ok
21:59:17.0628 0x0c30 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
21:59:17.0628 0x0c30 C:\Windows\System32\fveui.dll - ok
21:59:17.0637 0x0c30 [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
21:59:17.0637 0x0c30 C:\Windows\System32\wuapi.dll - ok
21:59:17.0647 0x0c30 [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
21:59:17.0647 0x0c30 C:\Windows\System32\cabinet.dll - ok
21:59:17.0656 0x0c30 [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
21:59:17.0657 0x0c30 C:\Windows\System32\wups.dll - ok
21:59:17.0666 0x0c30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
21:59:17.0666 0x0c30 C:\Windows\System32\wdi.dll - ok
21:59:17.0675 0x0c30 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
21:59:17.0675 0x0c30 C:\Windows\System32\appinfo.dll - ok
21:59:17.0685 0x0c30 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
21:59:17.0685 0x0c30 C:\Windows\System32\wpdbusenum.dll - ok
21:59:17.0695 0x0c30 [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
21:59:17.0695 0x0c30 C:\Windows\System32\dimsjob.dll - ok
21:59:17.0704 0x0c30 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
21:59:17.0705 0x0c30 C:\Windows\System32\diagperf.dll - ok
21:59:17.0715 0x0c30 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
21:59:17.0715 0x0c30 C:\Windows\System32\IPSECSVC.DLL - ok
21:59:17.0725 0x0c30 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
21:59:17.0725 0x0c30 C:\Windows\System32\perftrack.dll - ok
21:59:17.0734 0x0c30 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
21:59:17.0735 0x0c30 C:\Windows\System32\PortableDeviceApi.dll - ok
21:59:17.0744 0x0c30 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
21:59:17.0744 0x0c30 C:\Windows\System32\runonce.exe - ok
21:59:17.0755 0x0c30 [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
21:59:17.0755 0x0c30 C:\Windows\SysWOW64\wscisvif.dll - ok
21:59:17.0764 0x0c30 [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
21:59:17.0764 0x0c30 C:\Windows\System32\FwRemoteSvr.dll - ok
21:59:17.0775 0x0c30 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
21:59:17.0775 0x0c30 C:\Windows\System32\npmproxy.dll - ok
21:59:17.0810 0x0c30 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
21:59:17.0810 0x0c30 C:\Windows\System32\pnpts.dll - ok
21:59:17.0820 0x0c30 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
21:59:17.0820 0x0c30 C:\Windows\System32\NapiNSP.dll - ok
21:59:17.0829 0x0c30 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
21:59:17.0829 0x0c30 C:\Windows\System32\radardt.dll - ok
21:59:17.0839 0x0c30 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
21:59:17.0839 0x0c30 C:\Windows\System32\Apphlpdm.dll - ok
21:59:17.0850 0x0c30 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
21:59:17.0850 0x0c30 C:\Windows\System32\pnrpnsp.dll - ok
21:59:17.0859 0x0c30 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
21:59:17.0859 0x0c30 C:\Windows\System32\wdiasqmmodule.dll - ok
21:59:17.0869 0x0c30 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:59:17.0869 0x0c30 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:59:17.0879 0x0c30 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
21:59:17.0879 0x0c30 C:\Windows\System32\winrnr.dll - ok
21:59:17.0892 0x0c30 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
21:59:17.0892 0x0c30 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe - ok
21:59:17.0904 0x0c30 [ E4574405ACBB2BEDF9E6B1B99896540E, 1C9DB791D438ADE9D6D2AAD3CB4918DCD946FEEA273906F4859E7B2AC4EEE685 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
21:59:17.0904 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
21:59:17.0915 0x0c30 [ 5B8E80EC0D621CDF920AB2141CDBC733, CDF4BD7BE5B6ADEDD06448DCDCF9FCA6FA9EC57788342FF42D0EF09F651C3245 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
21:59:17.0915 0x0c30 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
21:59:17.0925 0x0c30 [ C7CFB71A0147F6499316833D18B7F879, 66E10CFFA0108BF7787F1A06BF23DDD0B5808847C5DA35CC42603918DA2917AE ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
21:59:17.0925 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
21:59:17.0935 0x0c30 [ D029339C0F59CF662094EDDF8C42B2B5, 934D882EFD3C0F3F1EFBC238EF87708F3879F5BB456D30AF62F3368D58B6AA4C ] C:\Windows\System32\msvcp100.dll
21:59:17.0935 0x0c30 C:\Windows\System32\msvcp100.dll - ok
21:59:17.0950 0x0c30 [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
21:59:17.0950 0x0c30 C:\Windows\System32\mscoree.dll - ok
21:59:17.0960 0x0c30 [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:59:17.0960 0x0c30 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:59:17.0970 0x0c30 [ 6951736D01DB9FB6316277B801208B9B, 9BC3B95335D4EF92DF08193A01E38940FE7D8D1534F7A32723BA7123656F98DC ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll
21:59:17.0970 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll - ok
21:59:17.0982 0x0c30 [ B24232BCA42AA784A5C951B74B7789D3, CE9706D8E92DAB71D3AC6177DF13C300B680A003418B56EF1C1052C3E9B6C0D0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
21:59:17.0982 0x0c30 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
21:59:17.0997 0x0c30 [ 25D23E5A5A627CC718E478B66AD8AFF7, EFEE79C9ABC23CE3745928247BE63A3DCE74B39C47F2AF0C62C8380E7EDCBFB7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll
21:59:17.0997 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll - ok
21:59:18.0008 0x0c30 [ B608BA52FA1FD29BF81B718818246B4D, F1167F0F02D860BE15920760AC09532D844913C0787947E3E5739FD3F9D1AADC ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
21:59:18.0008 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll - ok
21:59:18.0018 0x0c30 [ 1755023407FDE00D9916505A557569D5, DA76FDB86B8A2C67FD5D04DC276C24D84A71B7EC3FD97577D9ABA56E4442DE7B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll
21:59:18.0018 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll - ok
21:59:18.0029 0x0c30 [ ADF9F919E10832746ED516230420F749, 52CB002E48F4AD07B4082DE82D965463454BA9A21772CCC689AAFD6304DCAE22 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll
21:59:18.0029 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll - ok
21:59:18.0044 0x0c30 [ 06A754FE28A06F780A099703CFCAAA22, FCADF16C88EEC651258149616202CC29D649FE8CBBBA481BEA9A67C2ED82844B ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
21:59:18.0044 0x0c30 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
21:59:18.0058 0x0c30 [ AB44EE3B916F1626B9C4222F2B6F2DE4, 9203116FF307FA6B37D0FCC7460BBF441CEBAE510C78967359EDB43A9FE2448E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll
21:59:18.0058 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll - ok
21:59:18.0069 0x0c30 [ 0A94DE4AA9864D312E60D747FD249ABE, C3A7D31624240142F745C2D5A86D383386ECDA875B8ACA0C3081F995CE1EF900 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
21:59:18.0069 0x0c30 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
21:59:18.0084 0x0c30 [ 850BD2D2D9CB5894935C3B6333CAD6FD, AB1EE5FD5E2F1CC927C3EA92E71C91ACA566E69622D47AE780DA391B7C30DDD6 ] C:\Windows\System32\riched20.dll
21:59:18.0084 0x0c30 C:\Windows\System32\riched20.dll - ok
21:59:18.0096 0x0c30 [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
21:59:18.0096 0x0c30 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
21:59:18.0108 0x0c30 [ DE9EC2C90DA5A74ACA19AF8CF564748E, B640D88884262526842779A3A891F225BA52F34E18E27B25152DB018C00F598E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll
21:59:18.0109 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll - ok
21:59:18.0119 0x0c30 [ F0E839CDE31A9FF7F2D77A901099D334, B4FA1F7D4616FD90AB12963729C11BED0989D862871C8A115F3E97464A510BCE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll
21:59:18.0119 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll - ok
21:59:18.0130 0x0c30 [ F057F73C56937749F0652F8E9326BE1C, 585AE0FB5B9A76C739CEEEE3BA198A872D0D9BB60EAC9D88B0036D4B620A043C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\c97010ae0b7cd474407b3824041fbb40\System.Windows.Forms.ni.dll
21:59:18.0130 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\c97010ae0b7cd474407b3824041fbb40\System.Windows.Forms.ni.dll - ok
21:59:18.0142 0x0c30 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
21:59:18.0142 0x0c30 C:\Windows\SysWOW64\runonce.exe - ok
21:59:18.0153 0x0c30 [ 30DB64D316F502558DB2380F7343C9FD, 4C1B8F9637EA79644CDD86AEA0A3360482905321DD32B158587FBB60884E93D6 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
21:59:18.0154 0x0c30 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
21:59:18.0165 0x0c30 [ 207204AF80505AF51271FE164B56F662, 509E2F4D2F696108E4DBE40A7828C633E988289EE4756D2E0FAC9D59604445C6 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
21:59:18.0165 0x0c30 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
21:59:18.0175 0x0c30 [ 30EFEBDC960A482E3E188B9960B286E2, C4B0ABD3C8E4D6C78F713B93C382E9DC2C86F03B479FDE461EAD2DB1BCDF0578 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
21:59:18.0175 0x0c30 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
21:59:18.0187 0x0c30 [ D5E459BED3DB9CF7FC6CC1455F177D2D, FCAB2130FAB57B6728C50D5B9E9924F001C43538DE4F675DE03537FF0D9B84BD ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
21:59:18.0187 0x0c30 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
21:59:18.0197 0x0c30 [ D8C2B95BC2353E1F18850D6B8F5DBA13, 0C448A46CDDD0C39092E371EEDF2DD9A0F21E051109ED15C3D7F3C6E9E53782D ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
21:59:18.0197 0x0c30 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
21:59:18.0208 0x0c30 [ 533AECD1B5356870AE2D905B4D3B42B7, 953338C70D58C65D64503694B2CAFE60D71B204EFAA326FCB9685B8AAF756B84 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
21:59:18.0208 0x0c30 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
21:59:18.0219 0x0c30 [ E4561704CBFA193761743E5AF746C669, DCABD67A2B988BEF70BDD0613B4271BCFD572FAF8018CFA2EA60B8AEFE08C73B ] C:\Windows\SysWOW64\msxml3.dll
21:59:18.0219 0x0c30 C:\Windows\SysWOW64\msxml3.dll - ok
21:59:18.0228 0x0c30 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
21:59:18.0229 0x0c30 C:\Windows\SysWOW64\cmd.exe - ok
21:59:18.0238 0x0c30 [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
21:59:18.0239 0x0c30 C:\Windows\System32\conhost.exe - ok
21:59:18.0249 0x0c30 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
21:59:18.0249 0x0c30 C:\Windows\SysWOW64\winbrand.dll - ok
21:59:18.0258 0x0c30 [ 79FA7D8B488F90EDE325963379A6F738, 90E0F2022D1697D5FEBE00AAB7D7E232AE42EA2AB243CD132B3BB739A6987CDD ] C:\Windows\SysWOW64\ieframe.dll
21:59:18.0259 0x0c30 C:\Windows\SysWOW64\ieframe.dll - ok
21:59:18.0269 0x0c30 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
21:59:18.0269 0x0c30 C:\Windows\System32\aelupsvc.dll - ok
21:59:18.0278 0x0c30 [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
21:59:18.0278 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
21:59:18.0288 0x0c30 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
21:59:18.0289 0x0c30 C:\Windows\SysWOW64\shdocvw.dll - ok
21:59:18.0299 0x0c30 [ F672155776ABADF6A23C59E74491C9F2, B623F7901B85BA72808EC4AF9A195236C601A6B965F9202DB557746AE3FFC327 ] C:\Users\Tonya\AppData\Local\Temp\{BAA1EB89-04E9-472F-A900-10930E5B50A7}.exe
21:59:18.0299 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{BAA1EB89-04E9-472F-A900-10930E5B50A7}.exe - ok
21:59:18.0313 0x0c30 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
21:59:18.0313 0x0c30 C:\Windows\System32\timedate.cpl - ok
21:59:18.0323 0x0c30 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
21:59:18.0323 0x0c30 C:\Windows\System32\actxprxy.dll - ok
21:59:18.0332 0x0c30 [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
21:59:18.0332 0x0c30 C:\Windows\SysWOW64\credssp.dll - ok
21:59:18.0341 0x0c30 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
21:59:18.0342 0x0c30 C:\Windows\SysWOW64\dnsapi.dll - ok
21:59:18.0352 0x0c30 [ 9D4A1690AF93F233E15380398BEC7431, 8CC99491880DBC444651EB7D245EEE46FE77F4FA74FECFCD29E734AA21AF9D75 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
21:59:18.0352 0x0c30 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
21:59:18.0360 0x0c30 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
21:59:18.0360 0x0c30 C:\Windows\System32\msftedit.dll - ok
21:59:18.0370 0x0c30 [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
21:59:18.0370 0x0c30 C:\Windows\System32\msls31.dll - ok
21:59:18.0380 0x0c30 [ FA752544EE1EE59E8AD938CBB43CAC93, EA633416EF79F5FC1C841D46F3AAEC6A56BD09D2FD8B9CD8584E4AF65B890974 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
21:59:18.0380 0x0c30 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
21:59:18.0389 0x0c30 [ E24810944B2EB49862D835CA5B7E6E43, B3DD421497D9630DAC9B2CCD269F13D415FF10F7F0CE1A66320F13A9DA5301C4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
21:59:18.0389 0x0c30 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
21:59:18.0400 0x0c30 [ D0EB6410A7D688E26C8D519425E743C8, 5DD08C444FDDA8ACBD497D468D13576C29B7AE778D09C647F3C05E37DE12383C ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:59:18.0400 0x0c30 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
21:59:18.0412 0x0c30 [ 49761B7E50CC76B2FB25F99BF243323F, 578A4CE587AF4F6373322CAACFB0024AB27C74A85B14B1258F899253B8AD22BD ] C:\Windows\System32\SynCOM.dll
21:59:18.0412 0x0c30 C:\Windows\System32\SynCOM.dll - ok
21:59:18.0420 0x0c30 [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
21:59:18.0420 0x0c30 C:\Windows\System32\gameux.dll - ok
21:59:18.0430 0x0c30 [ F1475C9B509A8643358C6C7F97F4BAB8, 5B9ABF8C18EFD73540D07BB344AC05D454B9765AF957E3E30660C08C1955275F ] C:\Windows\System32\SynTPAPI.dll
21:59:18.0430 0x0c30 C:\Windows\System32\SynTPAPI.dll - ok
21:59:18.0440 0x0c30 [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
21:59:18.0440 0x0c30 C:\Windows\System32\opengl32.dll - ok
21:59:18.0449 0x0c30 [ F333A699C8F43048659F0E201CB7268D, 7FC06EC012C976E801A0E2400B049A20499AC0C3573E5F9F24F4772F43B9A032 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
21:59:18.0450 0x0c30 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
21:59:18.0459 0x0c30 [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
21:59:18.0459 0x0c30 C:\Windows\System32\glu32.dll - ok
21:59:18.0469 0x0c30 [ E948D1D42DC68923ABD75EEB5BCCD1D3, 74218AE72B6B9940315F17D297E97F9F5CE4962C956AF8049367E14769D6EDD5 ] C:\Windows\System32\consent.exe
21:59:18.0469 0x0c30 C:\Windows\System32\consent.exe - ok
21:59:18.0478 0x0c30 [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
21:59:18.0478 0x0c30 C:\Windows\System32\ddraw.dll - ok
21:59:18.0487 0x0c30 [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
21:59:18.0488 0x0c30 C:\Windows\System32\dciman32.dll - ok
21:59:18.0497 0x0c30 [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
21:59:18.0497 0x0c30 C:\Windows\System32\dsound.dll - ok
21:59:18.0507 0x0c30 [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
21:59:18.0507 0x0c30 C:\Windows\System32\msimg32.dll - ok
21:59:18.0517 0x0c30 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
21:59:18.0517 0x0c30 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
21:59:18.0526 0x0c30 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
21:59:18.0527 0x0c30 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:59:18.0536 0x0c30 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{42D6B5D4-31DF-48DA-B67D-E5DF911400F9}.tmp
21:59:18.0536 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{42D6B5D4-31DF-48DA-B67D-E5DF911400F9}.tmp - ok
21:59:18.0547 0x0c30 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{48468DEB-7A27-4211-805E-1A1B718FF8C3}.tmp
21:59:18.0547 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{48468DEB-7A27-4211-805E-1A1B718FF8C3}.tmp - ok
21:59:18.0563 0x0c30 [ 83AEBB8EA680F3D85742F3C4E5A50D46, 366CC76A7406678852E6AD20A6A05EE7417C0D8AAF1A4E48F72DA37E8D915547 ] C:\Windows\System32\RtkCfg64.dll
21:59:18.0563 0x0c30 C:\Windows\System32\RtkCfg64.dll - ok
21:59:18.0573 0x0c30 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{78B452BC-AFDA-419B-BDF0-537DAFBD5280}.tmp
21:59:18.0573 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{78B452BC-AFDA-419B-BDF0-537DAFBD5280}.tmp - ok
21:59:18.0582 0x0c30 [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:59:18.0583 0x0c30 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:59:18.0594 0x0c30 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{96C6B3E0-6C43-4208-B8D7-6E76788EE5F4}.tmp
21:59:18.0594 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{96C6B3E0-6C43-4208-B8D7-6E76788EE5F4}.tmp - ok
21:59:18.0604 0x0c30 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{02063351-55F0-4F4F-975F-6244C7F2E32E}.tmp
21:59:18.0604 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{02063351-55F0-4F4F-975F-6244C7F2E32E}.tmp - ok
21:59:18.0613 0x0c30 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{FCDD768B-9638-4408-B5D0-85D387CE02C8}.tmp
21:59:18.0614 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{FCDD768B-9638-4408-B5D0-85D387CE02C8}.tmp - ok
21:59:18.0624 0x0c30 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{51B9FF13-4E17-4991-B812-57C329C2F753}.tmp
21:59:18.0624 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{51B9FF13-4E17-4991-B812-57C329C2F753}.tmp - ok
21:59:18.0633 0x0c30 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{4FD9E8CA-70AD-4637-97B1-A20A25F22BD6}.tmp
21:59:18.0633 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{4FD9E8CA-70AD-4637-97B1-A20A25F22BD6}.tmp - ok
21:59:18.0644 0x0c30 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{7847A3DA-5E48-49CA-AEC0-21192571A834}.tmp
21:59:18.0644 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{7847A3DA-5E48-49CA-AEC0-21192571A834}.tmp - ok
21:59:18.0654 0x0c30 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{D32ED871-A24D-4ED6-AB97-26DD1B33FE1B}.tmp
21:59:18.0654 0x0c30 C:\Users\Tonya\AppData\Local\Temp\{62D73A76-CC37-49FC-ADEE-B057C803360E}\{D32ED871-A24D-4ED6-AB97-26DD1B33FE1B}.tmp - ok
21:59:18.0666 0x0c30 [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
21:59:18.0666 0x0c30 C:\Windows\System32\shdocvw.dll - ok
21:59:18.0676 0x0c30 [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
21:59:18.0676 0x0c30 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe - ok
21:59:18.0686 0x0c30 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
21:59:18.0687 0x0c30 C:\Windows\System32\linkinfo.dll - ok
21:59:18.0696 0x0c30 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
21:59:18.0696 0x0c30 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
21:59:18.0707 0x0c30 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
21:59:18.0707 0x0c30 C:\Windows\SysWOW64\riched20.dll - ok
21:59:18.0719 0x0c30 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:59:18.0719 0x0c30 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:59:18.0728 0x0c30 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
21:59:18.0728 0x0c30 C:\Windows\SysWOW64\duser.dll - ok
21:59:18.0738 0x0c30 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
21:59:18.0738 0x0c30 C:\Windows\SysWOW64\dui70.dll - ok
21:59:18.0748 0x0c30 [ 0BBFE08ECCE8A209D07C3B68D63FC293, 0374316F3586D191437F5A54F9A322B3F68002652920477DBCFD48EF049E6F21 ] C:\Windows\System32\igfxtray.exe
21:59:18.0748 0x0c30 C:\Windows\System32\igfxtray.exe - ok
21:59:18.0757 0x0c30 [ 05EA520BFB1D3085CB12A4355598081D, E6CFC3C911D01A90AC05F964BDFF98C42C4A91C0F1BF52A214B2F00152C5194F ] C:\Windows\System32\hccutils.dll
21:59:18.0757 0x0c30 C:\Windows\System32\hccutils.dll - ok
21:59:18.0768 0x0c30 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
21:59:18.0768 0x0c30 C:\Windows\System32\msiltcfg.dll - ok
21:59:18.0778 0x0c30 [ 2F16207A65B62001FC73E6798D0B8F2A, 44B3B7E0ED654480EE6CB238976FCDC745BE3EFD7CDC71B262146A4CE63731CD ] C:\Windows\System32\hkcmd.exe
21:59:18.0778 0x0c30 C:\Windows\System32\hkcmd.exe - ok
21:59:18.0789 0x0c30 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
21:59:18.0789 0x0c30 C:\Windows\System32\DeviceCenter.dll - ok
21:59:18.0799 0x0c30 [ D890EDDD0528E04049C9D524FBA1C506, B71A297D13E1E4C9551C5674037B29C59E1A2AD83B4FF967E10197469EF7CFBF ] C:\Windows\System32\igfxsrvc.exe
21:59:18.0799 0x0c30 C:\Windows\System32\igfxsrvc.exe - ok
21:59:18.0815 0x0c30 [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
21:59:18.0815 0x0c30 C:\Windows\System32\UIAnimation.dll - ok
21:59:18.0824 0x0c30 [ 31A6D4B8803CCBA44271F05E08C4955A, 985EF96EF70E082DB414A113F43F1EF7C73741077A82291CB02025DDB9BF4E8D ] C:\Windows\System32\igfxsrvc.dll
21:59:18.0824 0x0c30 C:\Windows\System32\igfxsrvc.dll - ok
21:59:18.0834 0x0c30 [ F51059EE3C543CB364A069CAFB252031, 7B83EB0CB93B76076663D1F872BD63F06B7C0B9421D0DD0D43FC18AEADC5C256 ] C:\Windows\System32\igfxdev.dll
21:59:18.0834 0x0c30 C:\Windows\System32\igfxdev.dll - ok
21:59:18.0844 0x0c30 [ B69A01794D44C769C2575AE75E2EB31F, CE19EEA3F738A5F2A2C43EB6699AACB21D798B9649D744FB983868FB3E58E7C1 ] C:\Windows\System32\igfxpers.exe
21:59:18.0844 0x0c30 C:\Windows\System32\igfxpers.exe - ok
21:59:18.0856 0x0c30 [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
21:59:18.0856 0x0c30 C:\Windows\System32\msi.dll - ok
21:59:18.0866 0x0c30 [ B0F69B9DE0AEBFD7E4CEADE6758DF627, 60235E6D0614ED72CDF05E9A62B2B264614CAB29C47246ED408B85BEBE602CCD ] C:\Windows\System32\SearchFolder.dll
21:59:18.0866 0x0c30 C:\Windows\System32\SearchFolder.dll - ok
21:59:18.0879 0x0c30 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
21:59:18.0879 0x0c30 C:\Windows\System32\stobject.dll - ok
21:59:18.0889 0x0c30 [ 352C7C2470C03AFD41889236D849D75C, 0E26DA6402ED9E2AD080CC5848114FA801C1BD05BEB9046EE51F76BE819907DE ] C:\Windows\System32\igfxrenu.lrc
21:59:18.0889 0x0c30 C:\Windows\System32\igfxrenu.lrc - ok
21:59:18.0900 0x0c30 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
21:59:18.0900 0x0c30 C:\Windows\System32\batmeter.dll - ok
21:59:18.0910 0x0c30 [ DB02F4D37E5F7F07A0D0F9FAA68249EE, E5CD7EEA5019D6F7A52E33C3C30800EEE360B9787388E16411FD9057E2918BDA ] C:\Windows\System32\ieframe.dll
21:59:18.0910 0x0c30 C:\Windows\System32\ieframe.dll - ok
21:59:18.0920 0x0c30 [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
21:59:18.0920 0x0c30 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
21:59:18.0930 0x0c30 [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
21:59:18.0930 0x0c30 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
21:59:18.0940 0x0c30 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe
21:59:18.0940 0x0c30 C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe - ok
21:59:18.0952 0x0c30 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
21:59:18.0952 0x0c30 C:\Windows\System32\prnfldr.dll - ok
21:59:18.0963 0x0c30 [ A43B937C580F5DFC43EF63EF72992FE9, 1B1C9B434BF12D39B2CC750AABB953169E3B43095827CD086750B2195BBC5B64 ] C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\goopdate.dll
21:59:18.0963 0x0c30 C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\goopdate.dll - ok
21:59:18.0973 0x0c30 [ 75838AB28CC1318345DA62B6C339068C, BDB9C4C5EE52CE822C64E38E633DDF800023B88347028A22DD7CCBACCE0BD8C0 ] C:\Windows\System32\GfxUI.exe
21:59:18.0974 0x0c30 C:\Windows\System32\GfxUI.exe - ok
21:59:18.0983 0x0c30 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
21:59:18.0983 0x0c30 C:\Windows\System32\thumbcache.dll - ok
21:59:18.0993 0x0c30 [ 89AE8D4ED8E4F1102611D94F00279282, 0233556B90396866F15049D9E82F6BCB05DD665FB9F7BBE5DD144D948B52FB74 ] C:\Windows\System32\spool\drivers\x64\3\E_IATIAIA.EXE
21:59:18.0993 0x0c30 C:\Windows\System32\spool\drivers\x64\3\E_IATIAIA.EXE - ok
21:59:19.0008 0x0c30 [ FD7A42573DC0109FC2B0EB607F052DBC, 539EF6ECD52BE0BB1585067A1079102EB6731418156767DB668DF352BD22C983 ] C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe
21:59:19.0008 0x0c30 C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe - ok
21:59:19.0018 0x0c30 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
21:59:19.0018 0x0c30 C:\Windows\System32\DXP.dll - ok
21:59:19.0029 0x0c30 [ 4C8981727B06F718832DD3D42C9EB769, 018C6FBECDB115B938AB6647EE2F062189DA9261B7F12AC1D04BCFB243D6F07B ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
21:59:19.0029 0x0c30 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
21:59:19.0040 0x0c30 [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
21:59:19.0040 0x0c30 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe - ok
21:59:19.0050 0x0c30 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
21:59:19.0050 0x0c30 C:\Windows\System32\Syncreg.dll - ok
21:59:19.0066 0x0c30 [ 76DEDCC56A594026986A473E422C41F7, 2B180174FDE53A678463455E7314DD0387DD132B037AECD63B16965793847E5D ] C:\Program Files (x86)\PrintMaster Platinum 18\Remind.exe
21:59:19.0066 0x0c30 C:\Program Files (x86)\PrintMaster Platinum 18\Remind.exe - ok
21:59:19.0076 0x0c30 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
21:59:19.0077 0x0c30 C:\Windows\ehome\ehSSO.dll - ok
21:59:19.0087 0x0c30 [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
21:59:19.0087 0x0c30 C:\Windows\SysWOW64\samlib.dll - ok
21:59:19.0096 0x0c30 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
21:59:19.0096 0x0c30 C:\Windows\System32\netshell.dll - ok
21:59:19.0107 0x0c30 [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\Program Files (x86)\PrintMaster Platinum 18\mfc71.dll
21:59:19.0107 0x0c30 C:\Program Files (x86)\PrintMaster Platinum 18\mfc71.dll - ok
21:59:19.0116 0x0c30 [ 593AD9042E84A7BADB7E84C6A97D6494, 9D7B6868DFEA9D67C3FCDE1E10B6194161B40D2CBAB72EAFAE431A7CFE3BCECF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll
21:59:19.0116 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll - ok
21:59:19.0127 0x0c30 [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
21:59:19.0127 0x0c30 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
21:59:19.0137 0x0c30 [ 4D83DC461F8F4370274CF6E9AC9A34F4, E84F573534C0AC02C9D3329A09F31E594A782FE9BEFB69DFA337D5505135D694 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
21:59:19.0137 0x0c30 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
21:59:19.0147 0x0c30 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
21:59:19.0147 0x0c30 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
21:59:19.0158 0x0c30 [ C98ACDE22458C8F46FD0503CB9E2D01F, C3B06C13F2EC3DCD6B91F02D11204FE06FBEE6C673E8CDEF1134C764250438AA ] C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
21:59:19.0158 0x0c30 C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe - ok
21:59:19.0170 0x0c30 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:59:19.0170 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
21:59:19.0179 0x0c30 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
21:59:19.0179 0x0c30 C:\Windows\System32\networkexplorer.dll - ok
21:59:19.0190 0x0c30 [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:59:19.0190 0x0c30 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:59:19.0202 0x0c30 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files (x86)\PrintMaster Platinum 18\msvcr71.dll
21:59:19.0202 0x0c30 C:\Program Files (x86)\PrintMaster Platinum 18\msvcr71.dll - ok
21:59:19.0212 0x0c30 [ EA8B5B41163A06FFA8930F5316473035, 4F17F02AECBE5890ED5A2ECCEFDE519CB35754BE8ECE5F8ACC28410FC4774804 ] C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
21:59:19.0212 0x0c30 C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe - ok
21:59:19.0223 0x0c30 [ 13820B972D74B3DE4F6552A57AC799A7, B85C6840A98E93BE928A61E46F8C712874B10D942BB9A8377045623AC877F8E4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
21:59:19.0223 0x0c30 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
21:59:19.0234 0x0c30 [ A8D3CF1BCEDB663C257F6C20219B718A, 2A6BEEA3375CBC696FE7079DD046955BB0846002418CD167BC9F1563F2BCBD77 ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
21:59:19.0234 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
21:59:19.0244 0x0c30 [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
21:59:19.0244 0x0c30 C:\Windows\System32\wbem\wmiprov.dll - ok
21:59:19.0254 0x0c30 [ BAF751E7061FF626AA60F56D1D5D1FDC, 177B0BAC987E7882449BD7C5900406F61A997F97EA1797614C8D86F40F03648B ] C:\Windows\SysWOW64\MFC71ENU.DLL
21:59:19.0254 0x0c30 C:\Windows\SysWOW64\MFC71ENU.DLL - ok
21:59:19.0264 0x0c30 [ C863E5A2417DF0F2A31ED32C3B2CB23F, EC77B4DB94CF2D13304240CA7056C56BFFFF17BD7B93ADA4CA978723AEE3102C ] C:\Windows\SysWOW64\mshtml.dll
21:59:19.0264 0x0c30 C:\Windows\SysWOW64\mshtml.dll - ok
21:59:19.0273 0x0c30 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
21:59:19.0273 0x0c30 C:\Windows\System32\AltTab.dll - ok
21:59:19.0283 0x0c30 [ CC8AA478524BB88D53171E8135D5A1FD, A235B415D371B8472DB7F806FA373602DB354403603D005F6778741A7267C731 ] C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
21:59:19.0284 0x0c30 C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe - ok
21:59:19.0293 0x0c30 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
21:59:19.0293 0x0c30 C:\Windows\System32\ActionCenter.dll - ok
21:59:19.0303 0x0c30 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
21:59:19.0303 0x0c30 C:\Windows\System32\WPDShServiceObj.dll - ok
21:59:19.0319 0x0c30 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
21:59:19.0319 0x0c30 C:\Windows\System32\pnidui.dll - ok
21:59:19.0329 0x0c30 [ 3721A8FB00D07D66E6E84A53ACFC28F0, 8A6A7F92E57B1CEE58C55D91C6A28C3708B5F6E37CA55CC0340DD05B0ED80191 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
21:59:19.0329 0x0c30 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
21:59:19.0339 0x0c30 [ D9B9FA5132E0868911737E44536536EB, A32F1827DD93CA74CA13EBD0EE2A244448454598EFB7099A975AA7C5436D812B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll
21:59:19.0339 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll - ok
21:59:19.0350 0x0c30 [ 184C500CB9F69585F3FE85E1D2667CD8, 188452FC824305F24F2021432DB4A9170F1F0DEEDF2245A16D01EF27511FD365 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:59:19.0350 0x0c30 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
21:59:19.0360 0x0c30 [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
21:59:19.0360 0x0c30 C:\Windows\SysWOW64\nlaapi.dll - ok
21:59:19.0370 0x0c30 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
21:59:19.0370 0x0c30 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:59:19.0380 0x0c30 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:59:19.0380 0x0c30 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:59:19.0389 0x0c30 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
21:59:19.0389 0x0c30 C:\Windows\SysWOW64\winrnr.dll - ok
21:59:19.0399 0x0c30 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
21:59:19.0399 0x0c30 C:\Windows\System32\QUTIL.DLL - ok
21:59:19.0410 0x0c30 [ 4DD6AD381C9701DEA5C17198E42E850D, 9D0B330504D7A3822D6A00DE364133413DCB8210AB1372994CA07DBAAEAA3FD5 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
21:59:19.0410 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe - ok
21:59:19.0420 0x0c30 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:59:19.0420 0x0c30 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:59:19.0432 0x0c30 [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:59:19.0432 0x0c30 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:59:19.0443 0x0c30 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
21:59:19.0443 0x0c30 C:\Windows\System32\FXSST.dll - ok
21:59:19.0453 0x0c30 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
21:59:19.0453 0x0c30 C:\Windows\System32\FXSAPI.dll - ok
21:59:19.0463 0x0c30 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
21:59:19.0463 0x0c30 C:\Windows\SysWOW64\sxs.dll - ok
21:59:19.0474 0x0c30 [ F3DE10AABD5C7A1A186C9966F037D0C0, BC50848AEEF466DFF4A3D8C386BF0D0EC35B8E5B438031AE885AA5371F2E1A42 ] C:\Windows\SysWOW64\mfc100u.dll
21:59:19.0474 0x0c30 C:\Windows\SysWOW64\mfc100u.dll - ok
21:59:19.0484 0x0c30 [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll
21:59:19.0484 0x0c30 C:\Windows\SysWOW64\msiltcfg.dll - ok
21:59:19.0499 0x0c30 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
21:59:19.0499 0x0c30 C:\Windows\System32\PortableDeviceTypes.dll - ok
21:59:19.0510 0x0c30 [ AE10A0533A1F6A246DA633C034914B84, EE9D072B07C0E9B03E810F929DD73CB9E1A3D8B60C535FB189492C5FAB9DCCCC ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
21:59:19.0510 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll - ok
21:59:19.0522 0x0c30 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
21:59:19.0522 0x0c30 C:\Windows\System32\FXSRESM.dll - ok
21:59:19.0530 0x0c30 [ DBDA60D92E774B4ACB3B1CD71F909426, 56A59DAE638D9BB45CE729A5D6FDFB0ECBE88B37047E4D6D20DBDEF1FC90BD72 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
21:59:19.0530 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll - ok
21:59:19.0543 0x0c30 [ C4B4409F186DA70FCF2BCC60D5F05489, B35F2A8F4C8F1833F3CDEC20739C58E295758CE22021D03D4335043148BD7610 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
21:59:19.0543 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll - ok
21:59:19.0554 0x0c30 [ C4BF1E5EAAE3CC897D97B61776229173, A661E31B8F0CDF48B18F91F99EA564BBA70BCB4BF7B9C4C7BAAA030E4C68512E ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll
21:59:19.0554 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll - ok
21:59:19.0563 0x0c30 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:59:19.0563 0x0c30 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
21:59:19.0578 0x0c30 [ C4F8E5684A636D4D16BE409FD5E5AF6F, 4D7C5236ADF622EDFC2A59B17442875248B6D3C4A079BE9CCAA1DF5E1754A427 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll
21:59:19.0578 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll - ok
21:59:19.0590 0x0c30 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:59:19.0590 0x0c30 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
21:59:19.0600 0x0c30 [ 65AF88D89E9F1F43198EB7D4DBF2E34B, F1E3BC3A4AF6D8481ACC2C20AAF99D63DC96B3B8163E4E503A1336188879367F ] C:\Program Files\Internet Explorer\sqmapi.dll
21:59:19.0600 0x0c30 C:\Program Files\Internet Explorer\sqmapi.dll - ok
21:59:19.0610 0x0c30 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:59:19.0612 0x0c30 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
21:59:19.0623 0x0c30 [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
21:59:19.0623 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - ok
21:59:19.0634 0x0c30 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
21:59:19.0634 0x0c30 C:\Windows\System32\bthprops.cpl - ok
21:59:19.0643 0x0c30 [ DCD78A37FB33BF0141A231109B052785, BCF3EB4D038D7D5DB74C8BBB564681C16086EB0E5BDED25C7EA4147A361A9D6F ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
21:59:19.0644 0x0c30 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
21:59:19.0655 0x0c30 [ CCDA8E6A2AC68FD417A8BB8D88CBFDAC, EA9226AB7559B9D136566FDF7FCEDA34D0956E8065C6A3B692C88E2A945136E0 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
21:59:19.0655 0x0c30 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
21:59:19.0665 0x0c30 [ 7DCE7A74764EB7C67D21A32BC579453D, 50539C4F885658B79AE30F4FB88268129EC6C78337AA1F0F84CEB43A95680ED2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
21:59:19.0665 0x0c30 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe - ok
21:59:19.0675 0x0c30 [ EABFF69AD1F443AD5D6105339E893BC0, 4DE9FCA2D6AAAD16B9E9B79CFDF201825E62C4E1B4125E6A11EFCC1F57B0EDAD ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
21:59:19.0675 0x0c30 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
21:59:19.0685 0x0c30 [ 9E0B8310AE1A6762E3373181A2DB4EDE, 47BD069283214427F72DBD732FFAFC48EB3DE68FA0F7A5DB5B51446ABBE6372A ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll
21:59:19.0685 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll - ok
21:59:19.0695 0x0c30 [ BF458B83875B9638CF4DEC48B3D39136, C17A7AA1DD01BAF12204A2F43567D4ABF58CA8C7CF62107AF6872AEA8AFA6F27 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
21:59:19.0695 0x0c30 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
21:59:19.0705 0x0c30 [ 2A2C442F00B45E01D4C882EEA69A01BC, D71DB839DE0BC1FCC01A125D57CED2AAEA3F444A992426C316CE18C267C33A8C ] C:\Windows\SysWOW64\mfc100enu.dll
21:59:19.0705 0x0c30 C:\Windows\SysWOW64\mfc100enu.dll - ok
21:59:19.0715 0x0c30 [ 58EC9523F6A3FA0EF28BE22FA9CCF876, BF7050CDD8C43E1B20F425993A49C2510E2F4A00F412781DB2B72ED630698434 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
21:59:19.0715 0x0c30 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
21:59:19.0725 0x0c30 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
21:59:19.0725 0x0c30 C:\Windows\System32\srchadmin.dll - ok
21:59:19.0735 0x0c30 [ 83DD0972788E79A722F6993CC1266043, 45909E9952EC87BE98BD153E262B88FF0302CF6751D6F14E81BE71E2EB9F306D ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
21:59:19.0735 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
21:59:19.0745 0x0c30 [ 58B8702C20DE211D1FCB248D2FDD71D1, B2F6E3BA6FB5250F0E70555B39D34F19ADA760BDDA7E1A44113B97C3A1FD3F8B ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
21:59:19.0745 0x0c30 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
21:59:19.0755 0x0c30 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
21:59:19.0755 0x0c30 C:\Windows\System32\SearchIndexer.exe - ok
21:59:19.0765 0x0c30 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
21:59:19.0765 0x0c30 C:\Windows\System32\FXSSVC.exe - ok
21:59:19.0775 0x0c30 [ 2EE693BE96C0D9E885CBC0FAC177D379, 893E602670925E1FDD3849FE944F48CDD04505D82F8190FF25E3C91187496C9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
21:59:19.0775 0x0c30 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
21:59:19.0864 0x0c30 [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\SysWOW64\msimtf.dll
21:59:19.0864 0x0c30 C:\Windows\SysWOW64\msimtf.dll - ok
21:59:19.0874 0x0c30 [ AE098D9D3BD83440C59A0C3386F4F5DD, 13CFA7323349A2746D7FE662A7FCFC678F4E7AA9E12B45C62328022E3272384F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
21:59:19.0874 0x0c30 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
21:59:19.0885 0x0c30 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
21:59:19.0885 0x0c30 C:\Windows\System32\tquery.dll - ok
21:59:19.0895 0x0c30 [ 696C96941EAABF7847846A8E17539792, 8DF0EBEF372162B94092DC507E783EF45C89F473A3E6670B6E1DC8E9FEAEC66F ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll
21:59:19.0896 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll - ok
21:59:19.0905 0x0c30 [ 298FDE634538B62CEEEC266D8773B21A, E6E445282D17CEAFEAB66A5A1E0124DD50F2438205BCE5649DB998BDAED06CB7 ] C:\Windows\SysWOW64\msls31.dll
21:59:19.0905 0x0c30 C:\Windows\SysWOW64\msls31.dll - ok
21:59:19.0915 0x0c30 [ 14800BD31701A5047AC3145BB1E698AE, 05B4E33B14B9623EE065634708D9C4CDC7226146F9614C4F374E6B097BB35A50 ] C:\Windows\SysWOW64\d2d1.dll
21:59:19.0915 0x0c30 C:\Windows\SysWOW64\d2d1.dll - ok
21:59:19.0925 0x0c30 [ 728C9194B532E7BB6D0E539C8F798098, B08B6A44196099ECEE879A3923490BAFB9DAD4DB839C83D03BF5DC9BEB8CE101 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll
21:59:19.0925 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll - ok
21:59:19.0935 0x0c30 [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0, 48301E05A17910812F69AB9614C41E1757D85EF1BB594E13C0EC4EAC71B0F529 ] C:\Windows\SysWOW64\srclient.dll
21:59:19.0935 0x0c30 C:\Windows\SysWOW64\srclient.dll - ok
21:59:19.0945 0x0c30 [ 971A36C4827AD1AE2A54E6407478921A, 22FC1DD7476F6A9E8C6272D982F2F10600AE97D2157C8531EA2F4C7874E6D24D ] C:\Windows\SysWOW64\spp.dll
21:59:19.0945 0x0c30 C:\Windows\SysWOW64\spp.dll - ok
21:59:19.0955 0x0c30 [ 9EED448E2C6306BFD8B2B19063FC21A1, 501ECCC20259339238C67523336283FE18151042C3187EBF1619B89F750F1F92 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
21:59:19.0955 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
21:59:19.0965 0x0c30 [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
21:59:19.0965 0x0c30 C:\Windows\SysWOW64\vssapi.dll - ok
21:59:19.0975 0x0c30 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
21:59:19.0975 0x0c30 C:\Windows\System32\mssrch.dll - ok
21:59:19.0984 0x0c30 [ 1C0E369575F387460E2A5F28269B2CC4, 96F26EF7483F9EB7B79DFCF50BB0261B981322BF8FB9F239D617FEACCEC466C8 ] C:\Windows\SysWOW64\DWrite.dll
21:59:19.0985 0x0c30 C:\Windows\SysWOW64\DWrite.dll - ok
21:59:19.0994 0x0c30 [ 2FEF21EEE9934BB10165AA02E530183C, B7A0E4F9755DDA9F3045AD136A46430C1FB509891938310587DCDEFF9D6E25F4 ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
21:59:19.0994 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
21:59:20.0005 0x0c30 [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
21:59:20.0005 0x0c30 C:\Windows\SysWOW64\atl.dll - ok
21:59:20.0015 0x0c30 [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
21:59:20.0015 0x0c30 C:\Windows\SysWOW64\vsstrace.dll - ok
21:59:20.0026 0x0c30 [ 557E7BC173C9E65B2BAFEB6D32345605, C5AEFADDE26E2182DDA98DE7869BC7BDB4BC18CCC95CC08F1DAE21E885DEAAE9 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll
21:59:20.0026 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll - ok
21:59:20.0037 0x0c30 [ 3C611E94321D6A82EB4C5BCD34FC9F5D, 15821FC6A858C97F3AC614CD12121C3E0421B0D44C604DF555DFBC6EE7DE54EA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll
21:59:20.0037 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll - ok
21:59:20.0047 0x0c30 [ C0DA0A273540D3A8B50AD1C9E01B4AEB, 51BBD3FC48CCDF4C196EC961017D0267657CFF07202E1F7B41920AA791B927CE ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
21:59:20.0047 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll - ok
21:59:20.0059 0x0c30 [ ED88C8281B49B34A39D5BCBC6DE935E8, 4BA248C00C89805D5E72BAA4FCB698A9687C406A170BA141A7F6866D622234A4 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
21:59:20.0059 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll - ok
21:59:20.0069 0x0c30 [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
21:59:20.0069 0x0c30 C:\Windows\SysWOW64\dxgi.dll - ok
21:59:20.0079 0x0c30 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
21:59:20.0079 0x0c30 C:\Windows\System32\netman.dll - ok
21:59:20.0089 0x0c30 [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] C:\Program Files\iPod\bin\iPodService.exe
21:59:20.0089 0x0c30 C:\Program Files\iPod\bin\iPodService.exe - ok
21:59:20.0099 0x0c30 [ BA38C50F523DC053488AC3F9EF99AA0B, 6D0B5972C63C5629BD9FC18899E32EC6474B2F3A9567995B9E9A5683A104ADFD ] C:\Windows\SysWOW64\igdumdx32.dll
21:59:20.0099 0x0c30 C:\Windows\SysWOW64\igdumdx32.dll - ok
21:59:20.0114 0x0c30 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
21:59:20.0114 0x0c30 C:\Windows\System32\rasdlg.dll - ok
21:59:20.0124 0x0c30 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
21:59:20.0124 0x0c30 C:\Windows\System32\msidle.dll - ok
21:59:20.0134 0x0c30 [ 6E656C325A5519A3A9D951709958CF6F, 1DC1D4BDF42F40A381D569297FEFB79B53CBD87088BA61A9EEA5AE4526B6182E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
21:59:20.0134 0x0c30 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
21:59:20.0144 0x0c30 [ B80B70609797F944517186DDAC174A50, D0858167DC7CD82F70673E75B891618C4FA483D8215E657718DA8FF4B71314CA ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll
21:59:20.0144 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok
21:59:20.0154 0x0c30 [ 040DD0C4B58D7860E14F313ACB722087, 9C676976F4C99AC6341B5925442CFBDC63E0B5CE1C6A35D98F9CF3BDE8E846EB ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll
21:59:20.0154 0x0c30 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll - ok
21:59:20.0166 0x0c30 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
21:59:20.0166 0x0c30 C:\Windows\System32\mssprxy.dll - ok
21:59:20.0176 0x0c30 [ D15B6E53340C2DA47370147B82C1796B, EBDAA96D16F4E2FBAE7E7057E527A95AC1943D27E5AA4752EADD3079E7CF5D2E ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
21:59:20.0176 0x0c30 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
21:59:20.0187 0x0c30 [ 9223A2810B73069F4A03A636052EF14A, 15649BD7ED249466CB46F88D830AC4738B01EF5FA832EC8145548CC88C1C4165 ] C:\Program Files (x86)\Java\jre7\bin\javaws.exe
21:59:20.0187 0x0c30 C:\Program Files (x86)\Java\jre7\bin\javaws.exe - ok
21:59:20.0198 0x0c30 [ 9B0B6C93BADE51868D93DC50B5AD3118, 5519EE918F2069F105CA08242B3FC085CBDFA46AB97CEE2E61F5B0C5A46F00EB ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
21:59:20.0198 0x0c30 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
21:59:20.0208 0x0c30 [ 658633D255FEF154EA1CB8705B4468C5, 2E83F8904EA9744207D4128C6E0F3578DBBE41E197B159F9659A97740209F102 ] C:\Program Files (x86)\Java\jre7\bin\java.exe
21:59:20.0208 0x0c30 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
21:59:20.0217 0x0c30 [ 2E1C21CD420CE8FC958E2A237F81B781, 16E6BE9B962FC5BAF69D74DD51E0EF416FB69BFBF7E8B8DC05E782435216C849 ] C:\Program Files (x86)\Java\jre7\bin\jpishare.dll
21:59:20.0217 0x0c30 C:\Program Files (x86)\Java\jre7\bin\jpishare.dll - ok
21:59:20.0227 0x0c30 [ 11C6C8B9D5B482DDEEA831374C82E2F0, FF1666171F67C478DA0BC31364C046EFDAB9F8F045828A751F097F665DBBCA7A ] C:\Program Files (x86)\Java\jre7\bin\java.dll
21:59:20.0227 0x0c30 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok
21:59:20.0236 0x0c30 [ 6DE66FE7C526637E74CD066461C7C871, 7E8980A3751762180D795EAC38458303BEAF8D1F85AB5F2D10D9CE7013090CBE ] C:\Windows\SysWOW64\d3d11.dll
21:59:20.0236 0x0c30 C:\Windows\SysWOW64\d3d11.dll - ok
21:59:20.0246 0x0c30 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
21:59:20.0246 0x0c30 C:\Windows\System32\mprapi.dll - ok
21:59:20.0256 0x0c30 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
21:59:20.0256 0x0c30 C:\Windows\System32\en-US\tquery.dll.mui - ok
21:59:20.0266 0x0c30 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
21:59:20.0266 0x0c30 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
21:59:20.0275 0x0c30 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
21:59:20.0275 0x0c30 C:\Windows\System32\dot3api.dll - ok
21:59:20.0286 0x0c30 [ FE482FFCB2B484B60556EB1D384F341A, 83331F75D851012FBAA0B21C0710E9878B4DB3C2FF0A661931C74C0E43A80C2A ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
21:59:20.0286 0x0c30 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
21:59:20.0295 0x0c30 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
21:59:20.0296 0x0c30 C:\Windows\System32\wlanhlp.dll - ok
21:59:20.0306 0x0c30 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
21:59:20.0306 0x0c30 C:\Windows\System32\wlanapi.dll - ok
21:59:20.0316 0x0c30 [ 123F2A33E8E193D64060DD9AC0511BCF, B70C4BCEE0D9C487E66789AC3C29AFD8EB26C704C5C3E24AC21E10492A474604 ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll
21:59:20.0316 0x0c30 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok
21:59:20.0327 0x0c30 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
21:59:20.0327 0x0c30 C:\Windows\System32\WWanAPI.dll - ok
21:59:20.0337 0x0c30 [ DC1342498BEE7EF1646E9D63138B69CC, 68C457CD03FB9F031AA7D30E5F9092BC331C45F4875F673C79A77D470E0B7821 ] C:\Program Files (x86)\Java\jre7\bin\javaw.exe
21:59:20.0337 0x0c30 C:\Program Files (x86)\Java\jre7\bin\javaw.exe - ok
21:59:20.0347 0x0c30 [ D96106CF60505734B14F6AE80AAA4B07, 900B5186D665FBDCFB2F367C30013F07D16EE65EC959528D72E9C5339007CF2E ] C:\Windows\SysWOW64\d3d10warp.dll
21:59:20.0347 0x0c30 C:\Windows\SysWOW64\d3d10warp.dll - ok
21:59:20.0362 0x0c30 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
21:59:20.0362 0x0c30 C:\Windows\System32\wwapi.dll - ok
21:59:20.0370 0x0c30 [ D64D99EC088B54FFE8EE67A480386C20, A6D1E4CA40843B0B9B32019E69479457D46CA99A2804E937CDC385C9DEDFDE62 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
21:59:20.0370 0x0c30 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
21:59:20.0382 0x0c30 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
21:59:20.0382 0x0c30 C:\Windows\System32\QAGENT.DLL - ok
21:59:20.0392 0x0c30 [ 244C6722289F4869068992FD7D8A8832, 8644D0A55C46C3F081F0AB43D253D13E56E77D89336A87108DB8C47D6EDC3A64 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
21:59:20.0392 0x0c30 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
21:59:20.0402 0x0c30 [ E1B029A730548B18FACE500EE46F659B, 1B17499AC35E987EA60370BC336C04F5BCB1CD81F355824B5586A6BD43E141D4 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll
21:59:20.0403 0x0c30 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll - ok
21:59:20.0413 0x0c30 [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
21:59:20.0413 0x0c30 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
21:59:20.0423 0x0c30 [ 0EC4190B22A0E37010CC69371432FC0C, 97B52CE3F6F596489D43A6B3EFD9426986C84DEAB940FAE163FF1C8A6D195991 ] C:\Windows\System32\gfxSrvc.dll
21:59:20.0423 0x0c30 C:\Windows\System32\gfxSrvc.dll - ok
21:59:20.0433 0x0c30 [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
21:59:20.0433 0x0c30 C:\Windows\System32\wbem\cimwin32.dll - ok
21:59:20.0442 0x0c30 [ 58957A04853F47B791D68B960258043C, 52CB4F36B05672ED0619D8F43385FA1D4ADA29D2FCB820DE552383844259320B ] C:\Windows\System32\IGFXDEVLib.dll
21:59:20.0442 0x0c30 C:\Windows\System32\IGFXDEVLib.dll - ok
21:59:20.0452 0x0c30 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
21:59:20.0452 0x0c30 C:\Windows\SysWOW64\netprofm.dll - ok
21:59:20.0462 0x0c30 [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
21:59:20.0462 0x0c30 C:\Windows\SysWOW64\linkinfo.dll - ok
21:59:20.0474 0x0c30 [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
21:59:20.0474 0x0c30 C:\Windows\SysWOW64\ntshrui.dll - ok
21:59:20.0483 0x0c30 [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
21:59:20.0483 0x0c30 C:\Windows\SysWOW64\npmproxy.dll - ok
21:59:20.0493 0x0c30 [ 4C3DAEE652B005B483F16B8E9131C99D, 188DFF96F3B18A610C52775C8F95C99ABF27FF2E1D52B50EDF9F80FE337239CD ] C:\Windows\System32\d3d9.dll
21:59:20.0493 0x0c30 C:\Windows\System32\d3d9.dll - ok
21:59:20.0502 0x0c30 [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
21:59:20.0502 0x0c30 C:\Windows\SysWOW64\mlang.dll - ok
21:59:20.0512 0x0c30 [ B55D17E86CF910171CCDAA1A302E6163, 6CEB464CEBCF7D6FF3E5A8D4547FC786584967646E4C0A8DD0C948A03481DF1B ] C:\Program Files (x86)\Java\jre7\bin\verify.dll
21:59:20.0512 0x0c30 C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok
21:59:20.0522 0x0c30 [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
21:59:20.0523 0x0c30 C:\Windows\SysWOW64\slc.dll - ok
21:59:20.0533 0x0c30 [ 043684CFE34C546CB3044A9CE1F49443, 5D7E81ED1BB141DE13D1484B5EC5C01E54C5AEB953D68C4879233041E9DBC4F1 ] C:\Program Files (x86)\Java\jre7\bin\awt.dll
21:59:20.0533 0x0c30 C:\Program Files (x86)\Java\jre7\bin\awt.dll - ok
21:59:20.0542 0x0c30 [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
21:59:20.0542 0x0c30 C:\Windows\System32\framedynos.dll - ok
21:59:20.0550 0x0c30 [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
21:59:20.0550 0x0c30 C:\Windows\SysWOW64\wshqos.dll - ok
21:59:20.0560 0x0c30 [ AA6F6457116B559B76BC6A012CB4C293, 87888451759EECCEA178BDB23AE48EEA534202AC40ED0DD83474ED7CE557C9F1 ] C:\Windows\SysWOW64\schannel.dll
21:59:20.0560 0x0c30 C:\Windows\SysWOW64\schannel.dll - ok
21:59:20.0570 0x0c30 [ 9CB933E4926691A5F3C76AFAA4F1C1AE, DFABE29E91D639F39F0278457BEFA3C342598CBD40EC2259A19DDE80A3B5C05C ] C:\Program Files (x86)\Java\jre7\bin\zip.dll
21:59:20.0570 0x0c30 C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok
21:59:20.0580 0x0c30 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
21:59:20.0580 0x0c30 C:\Windows\System32\d3d8thk.dll - ok
21:59:20.0590 0x0c30 [ 9C253164E7016B42591F08BEB90FB494, 60B53A3223ACBC937EC68A64A86B53AEB03F76CDAAB25DB0FACDD2D1C53B675B ] C:\Windows\System32\igdumd64.dll
21:59:20.0590 0x0c30 C:\Windows\System32\igdumd64.dll - ok
21:59:20.0602 0x0c30 [ 58A2EC6C59BCED3BBB30F28B11D24899, BA5E8F0745D5E67108C2D6640D25E6DBFDAB343C0E1538A8334535D09823430D ] C:\Program Files (x86)\Java\jre7\bin\deploy.dll
21:59:20.0602 0x0c30 C:\Program Files (x86)\Java\jre7\bin\deploy.dll - ok
21:59:20.0618 0x0c30 [ 27CFBA7983B29D8A9754971648904801, AAE4D733BB79383D2E9B2217211868A28AC608C2053C18E218BB60ED7DEEE81E ] C:\Program Files (x86)\Java\jre7\bin\net.dll
21:59:20.0618 0x0c30 C:\Program Files (x86)\Java\jre7\bin\net.dll - ok
21:59:20.0628 0x0c30 [ 8A02CB4204008852CABE45F420BDF7EF, 1478B600314840CB83BB5A7E0A8F365A86FF9534B425DA81F68289C42FE4DB2C ] C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe
21:59:20.0628 0x0c30 C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe - ok
21:59:20.0638 0x0c30 [ E0A8CC3AA6FDD44DD151A2B68873496F, 1F26306CFFCE43DE181E5DA9FE21EC466A3EE260A1CA05C26B5BB6D8E3533149 ] C:\Program Files (x86)\Java\jre7\bin\nio.dll
21:59:20.0638 0x0c30 C:\Program Files (x86)\Java\jre7\bin\nio.dll - ok
21:59:20.0649 0x0c30 [ 547BE09D331BBCF57F3AF5B4FC02C310, DF89E703C87E735BE80960CDCF003155D85F1BE765336DBD88CD387884788A5A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll
21:59:20.0649 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll - ok
21:59:20.0658 0x0c30 [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
21:59:20.0658 0x0c30 C:\Windows\System32\webcheck.dll - ok
21:59:20.0668 0x0c30 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
21:59:20.0668 0x0c30 C:\Windows\System32\SyncCenter.dll - ok
21:59:20.0679 0x0c30 [ 1FD1215C4B622EB21D50BC6F80821023, F3606881CA5A906AE82ABDA5349AD559B280ED1C46BB4362B4BF9B8363747E4A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\d6a43130081227fd48defe1a87040123\System.Configuration.ni.dll
21:59:20.0679 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\d6a43130081227fd48defe1a87040123\System.Configuration.ni.dll - ok
21:59:20.0689 0x0c30 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
21:59:20.0689 0x0c30 C:\Windows\System32\imapi2.dll - ok
21:59:20.0699 0x0c30 [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
21:59:20.0699 0x0c30 C:\Windows\System32\SearchProtocolHost.exe - ok
21:59:20.0709 0x0c30 [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
21:59:20.0709 0x0c30 C:\Windows\System32\WindowsCodecsExt.dll - ok
21:59:20.0719 0x0c30 [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
21:59:20.0719 0x0c30 C:\Windows\System32\msshooks.dll - ok
21:59:20.0729 0x0c30 [ 1D296F090ED401967B30BD2B970DC306, 9D83B54050E7BD6D807E437CFD22FF803D450194ABA4FD0EDEBF27BEC90521AC ] C:\Windows\System32\icm32.dll
21:59:20.0729 0x0c30 C:\Windows\System32\icm32.dll - ok
21:59:20.0738 0x0c30 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
21:59:20.0738 0x0c30 C:\Windows\System32\hgcpl.dll - ok
21:59:20.0748 0x0c30 [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
21:59:20.0748 0x0c30 C:\Windows\System32\SearchFilterHost.exe - ok
21:59:20.0758 0x0c30 [ 90C98B905CF3A4E60C537AE37C95B1A5, 184BBF8A0874F24FBC854648A338F94F5DB6D009BFFD7930C26D43EA57530F11 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7dd846e826e689fce547aefb6e6f16ac\WindowsFormsIntegration.ni.dll
21:59:20.0759 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7dd846e826e689fce547aefb6e6f16ac\WindowsFormsIntegration.ni.dll - ok
21:59:20.0768 0x0c30 [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
21:59:20.0768 0x0c30 C:\Windows\System32\mssph.dll - ok
21:59:20.0789 0x0c30 [ 7D33B37BB6E53A9368904C5EEA1778C0, 8774A92DFB8D624CD4E73015A5DBBD575363D18A724DC4109E27346F713E343D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9fb53c000500919c5c98fd3c749a2393\PresentationFramework.Aero.ni.dll
21:59:20.0789 0x0c30 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9fb53c000500919c5c98fd3c749a2393\PresentationFramework.Aero.ni.dll - ok
21:59:20.0803 0x0c30 [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
21:59:20.0803 0x0c30 C:\Windows\System32\mapi32.dll - ok
21:59:23.0389 0x0c30 AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files (x86)\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x42000 ( disabled : updated )
21:59:25.0175 0x0c30 Win FW state via NFP2: enabled
21:59:29.0668 0x0c30 ============================================================
21:59:29.0668 0x0c30 Scan finished
21:59:29.0668 0x0c30 ============================================================
21:59:29.0687 0x0cbc Detected object count: 0
21:59:29.0687 0x0cbc Actual detected object count: 0

I may have already tried to remove it earlier. One got cured, the other skipped.



Its still running very slow though. I keep seeing a process called xihepo.exe*32 that keeps hogging my cpu.
  • 0

#10
pystryker
Posted 02 March 2014 - 09:24 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Ok, let's take a fresh look with FRST and see how things look. I see the file you're talking about, and I can find nothing on the directory or file name, which usually means malware. But let me take a look at a fresh FRST log.

Start FRST and press the Scan button. When finished, it will produce a log on the desktop, please post it in your next reply. :thumbsup:
  • 0

Advertisements

#11
gmcube
Posted 02 March 2014 - 09:44 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
I had to stay on the task manager to end the xihepo.exe processes that keep poping up, otherwise frst would just hang.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Tonya (administrator) on TONYA-PC on 02-03-2014 22:42:19
Running from C:\Users\Tonya\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-25] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CaddieSyncConduit] - C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2379160 2012-10-22] (SkyHawke)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Google Update] - C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-11-27] (Google Inc.)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [EPSON Stylus Photo R220 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAIA.EXE [211456 2006-12-25] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Ewkemygayflyra] - C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe [276992 2011-07-19] (Cloud Company)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: {8f918ca0-64b3-11e2-ad90-60eb692c3b3a} - G:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKCU - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://xfinity.comcast.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: No Name - C:\Users\Tonya\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2012-09-01]
FF Extension: Adblock Plus - C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-05]
FF Extension: Greasemonkey - C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-23]

Chrome:
=======
CHR HomePage: hxxp://comcast.net/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Google Update) - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Entanglement Web App) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-03-26]
CHR Extension: (Poppit) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-03-26]
CHR Extension: (Google Wallet) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-02 22:42 - 2014-03-02 22:42 - 00020483 _____ () C:\Users\Tonya\Desktop\FRST.txt
2014-03-02 21:49 - 2014-03-02 21:49 - 04110135 _____ () C:\Users\Tonya\Downloads\tdsskiller.zip
2014-03-02 21:49 - 2014-03-02 21:49 - 00000000 ____D () C:\Users\Tonya\Downloads\tdsskiller
2014-03-02 21:27 - 2014-03-02 21:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 20:33 - 2014-03-02 20:33 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-03-02 18:39 - 2014-03-02 18:40 - 01037734 _____ (Thisisu) C:\Users\Tonya\Desktop\JRT.exe
2014-03-02 17:43 - 2014-03-02 22:00 - 00000806 _____ () C:\Windows\Tasks\Security Center Update - 1686658791.job
2014-03-02 17:43 - 2014-03-02 17:43 - 00003814 _____ () C:\Windows\System32\Tasks\Security Center Update - 1686658791
2014-03-02 17:43 - 2014-03-02 17:43 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Foyrmulo
2014-03-02 17:39 - 2014-03-02 21:24 - 00000000 ____D () C:\AdwCleaner
2014-03-02 17:35 - 2014-03-02 17:35 - 01244192 _____ () C:\Users\Tonya\Desktop\adwcleaner.exe
2014-03-02 16:29 - 2014-03-02 22:00 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 4062085556.job
2014-03-02 16:29 - 2014-03-02 16:30 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Duyznuyg
2014-03-02 16:29 - 2014-03-02 16:29 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 4062085556
2014-03-02 03:54 - 2014-03-02 03:54 - 00652144 _____ (www.file.net) C:\Users\Tonya\Downloads\top100files.exe
2014-03-02 02:43 - 2014-03-02 02:46 - 00051003 _____ () C:\Users\Tonya\Desktop\Addition.txt
2014-03-02 02:16 - 2014-03-02 22:30 - 00000000 ____D () C:\FRST
2014-03-02 02:13 - 2014-03-02 02:13 - 02156544 _____ (Farbar) C:\Users\Tonya\Downloads\FRST64 (1).exe
2014-03-02 02:12 - 2014-03-02 02:12 - 02156544 _____ (Farbar) C:\Users\Tonya\Desktop\FRST64.exe
2014-03-01 05:09 - 2014-03-01 05:09 - 00000000 ____D () C:\ProgramData\AVG
2014-03-01 05:05 - 2014-03-01 05:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-01 04:56 - 2014-03-01 05:03 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28(1).exe
2014-03-01 04:56 - 2014-03-01 05:01 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-03-01 02:57 - 2014-03-02 21:50 - 00146176 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 02:51 - 2014-03-02 21:51 - 00000672 _____ () C:\Windows\setupact.log
2014-03-01 02:51 - 2014-03-01 02:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 02:50 - 2014-03-02 18:26 - 00012510 _____ () C:\Windows\PFRO.log
2014-02-28 21:51 - 2014-02-28 21:51 - 00015508 _____ () C:\Users\Tonya\Desktop\cc_20140228_215122.reg
2014-02-28 21:40 - 2014-02-28 21:40 - 00016483 _____ () C:\Users\Tonya\Desktop\hijackthis.log
2014-02-28 21:32 - 2014-03-01 00:52 - 00021376 _____ () C:\Users\Tonya\Desktop\avgrep.txt
2014-02-28 21:21 - 2014-02-28 21:54 - 00000000 ____D () C:\Windows\pss
2014-02-27 15:26 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Tonya\Desktop\TDSSKiller.exe
2014-02-26 03:09 - 2014-02-26 03:09 - 00077275 _____ () C:\Users\Tonya\Documents\EDU 403 CM.pptx
2014-02-26 01:56 - 2014-02-26 01:56 - 00000000 _____ () C:\Users\Tonya\AppData\Roaming\SharedSettings.ccs
2014-02-26 01:53 - 2014-02-26 01:53 - 00089000 _____ () C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip
2014-02-23 23:25 - 2014-02-23 23:25 - 00001120 _____ () C:\Users\Tonya\Desktop\Continue Zip Opener Installation.lnk
2014-02-23 23:24 - 2014-02-23 23:25 - 00655544 _____ () C:\Users\Tonya\Downloads\ZipOpenerSetup.exe
2014-02-15 21:22 - 2014-02-15 21:22 - 00020875 _____ () C:\Users\Tonya\Downloads\chapter overview.zip
2014-02-15 01:22 - 2014-02-15 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 06:50 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 06:50 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 06:46 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 06:46 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 06:46 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 06:46 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 06:46 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 06:46 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 06:46 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 06:46 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 06:46 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 06:46 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 06:46 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 06:46 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 06:46 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 06:46 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 06:46 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 06:46 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 06:46 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 06:46 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 06:46 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 06:46 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 06:46 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 06:46 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 06:46 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 06:46 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 06:46 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 06:46 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 06:46 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 06:46 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 06:46 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 06:46 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 06:46 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 06:46 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 06:46 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 06:46 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 06:46 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 06:46 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 06:46 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 06:46 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 06:46 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 20:45 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 20:45 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 20:45 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 20:45 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 20:45 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 20:45 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 20:45 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 20:45 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 20:45 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 20:45 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 20:45 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 20:44 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 20:44 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 20:44 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 20:44 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:49 - 2014-02-11 22:49 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-09 22:17 - 2014-03-02 22:29 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 22:17 - 2014-03-02 22:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-09 22:17 - 2014-03-02 21:52 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-09 22:17 - 2014-02-13 20:24 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-09 22:17 - 2014-02-13 20:24 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 22:16 - 2014-02-09 22:16 - 00847312 _____ (Google Inc.) C:\Users\Tonya\Downloads\GoogleEarthSetup.exe
2014-02-01 05:20 - 2014-02-01 05:20 - 00107738 _____ () C:\Users\Tonya\Downloads\Extras.Txt
2014-02-01 05:18 - 2014-02-01 05:18 - 00089614 _____ () C:\Users\Tonya\Downloads\OTL.Txt
2014-02-01 04:59 - 2014-02-01 04:59 - 00602112 _____ (OldTimer Tools) C:\Users\Tonya\Downloads\OTL.exe
2014-02-01 04:47 - 2014-02-01 04:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-01 04:46 - 2014-02-01 04:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 04:41 - 2014-02-01 04:42 - 00474382 _____ () C:\Users\Tonya\Documents\cc_20140201_044133.reg
2014-02-01 04:36 - 2014-02-01 04:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-01 04:36 - 2014-02-01 04:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 04:35 - 2014-02-01 04:36 - 04721920 _____ (Piriform Ltd) C:\Users\Tonya\Downloads\ccsetup410.exe
2014-02-01 04:11 - 2014-03-01 03:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-01 04:11 - 2014-02-05 00:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 04:11 - 2014-02-01 04:11 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-01 04:11 - 2014-02-01 04:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-01 04:11 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-02-01 04:08 - 2014-02-01 04:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Tonya\Downloads\spybot-2.2.exe
2014-01-31 15:52 - 2014-01-31 15:52 - 00018003 _____ () C:\Users\Tonya\Documents\hijackthis.log
2014-01-31 15:49 - 2014-02-28 21:29 - 00000000 ____D () C:\Program Files\HijackThis
2014-01-31 15:48 - 2014-01-31 15:48 - 00251392 _____ () C:\Users\Tonya\Downloads\hijackthis_sfx.exe

==================== One Month Modified Files and Folders =======

2014-03-02 22:42 - 2014-03-02 22:42 - 00020483 _____ () C:\Users\Tonya\Desktop\FRST.txt
2014-03-02 22:30 - 2014-03-02 02:16 - 00000000 ____D () C:\FRST
2014-03-02 22:29 - 2014-03-01 02:57 - 00146176 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 22:29 - 2014-02-09 22:17 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 22:27 - 2014-02-09 22:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-02 22:26 - 2012-07-22 21:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 22:00 - 2014-03-02 17:43 - 00000806 _____ () C:\Windows\Tasks\Security Center Update - 1686658791.job
2014-03-02 22:00 - 2014-03-02 16:29 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 4062085556.job
2014-03-02 22:00 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 22:00 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 21:52 - 2014-02-09 22:17 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 21:52 - 2013-06-07 14:17 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-03-02 21:52 - 2013-06-02 16:24 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-03-02 21:51 - 2014-03-01 02:51 - 00000672 _____ () C:\Windows\setupact.log
2014-03-02 21:51 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 21:50 - 2010-11-27 03:41 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA.job
2014-03-02 21:49 - 2014-03-02 21:49 - 04110135 _____ () C:\Users\Tonya\Downloads\tdsskiller.zip
2014-03-02 21:49 - 2014-03-02 21:49 - 00000000 ____D () C:\Users\Tonya\Downloads\tdsskiller
2014-03-02 21:27 - 2014-03-02 21:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 21:24 - 2014-03-02 17:39 - 00000000 ____D () C:\AdwCleaner
2014-03-02 20:33 - 2014-03-02 20:33 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-03-02 18:40 - 2014-03-02 18:39 - 01037734 _____ (Thisisu) C:\Users\Tonya\Desktop\JRT.exe
2014-03-02 18:30 - 2010-11-28 04:40 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-02 18:26 - 2014-03-01 02:50 - 00012510 _____ () C:\Windows\PFRO.log
2014-03-02 17:43 - 2014-03-02 17:43 - 00003814 _____ () C:\Windows\System32\Tasks\Security Center Update - 1686658791
2014-03-02 17:43 - 2014-03-02 17:43 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Foyrmulo
2014-03-02 17:35 - 2014-03-02 17:35 - 01244192 _____ () C:\Users\Tonya\Desktop\adwcleaner.exe
2014-03-02 16:37 - 2010-11-27 03:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-02 16:30 - 2014-03-02 16:29 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Duyznuyg
2014-03-02 16:29 - 2014-03-02 16:29 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 4062085556
2014-03-02 04:04 - 2013-06-19 13:15 - 00062464 ___SH () C:\Users\Tonya\Desktop\Thumbs.db
2014-03-02 03:54 - 2014-03-02 03:54 - 00652144 _____ (www.file.net) C:\Users\Tonya\Downloads\top100files.exe
2014-03-02 02:46 - 2014-03-02 02:43 - 00051003 _____ () C:\Users\Tonya\Desktop\Addition.txt
2014-03-02 02:13 - 2014-03-02 02:13 - 02156544 _____ (Farbar) C:\Users\Tonya\Downloads\FRST64 (1).exe
2014-03-02 02:12 - 2014-03-02 02:12 - 02156544 _____ (Farbar) C:\Users\Tonya\Desktop\FRST64.exe
2014-03-02 02:04 - 2009-07-13 23:45 - 01004896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-01 05:09 - 2014-03-01 05:09 - 00000000 ____D () C:\ProgramData\AVG
2014-03-01 05:05 - 2014-03-01 05:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-01 05:03 - 2014-03-01 04:56 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28(1).exe
2014-03-01 05:01 - 2014-03-01 04:56 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-03-01 03:39 - 2014-02-01 04:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-01 02:51 - 2014-03-01 02:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 00:52 - 2014-02-28 21:32 - 00021376 _____ () C:\Users\Tonya\Desktop\avgrep.txt
2014-02-28 21:54 - 2014-02-28 21:21 - 00000000 ____D () C:\Windows\pss
2014-02-28 21:51 - 2014-02-28 21:51 - 00015508 _____ () C:\Users\Tonya\Desktop\cc_20140228_215122.reg
2014-02-28 21:40 - 2014-02-28 21:40 - 00016483 _____ () C:\Users\Tonya\Desktop\hijackthis.log
2014-02-28 21:39 - 2010-07-08 03:42 - 00000000 ____D () C:\ProgramData\Norton
2014-02-28 21:32 - 2012-10-08 12:36 - 00000000 ____D () C:\Users\Tonya\AppData\Local\Avg2013
2014-02-28 21:29 - 2014-01-31 15:49 - 00000000 ____D () C:\Program Files\HijackThis
2014-02-28 20:18 - 2014-01-01 17:52 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTonya
2014-02-28 20:18 - 2014-01-01 17:52 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTonya.job
2014-02-27 23:44 - 2010-11-27 03:41 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core.job
2014-02-27 17:22 - 2010-12-09 00:59 - 00788408 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 17:22 - 2009-07-14 00:13 - 00788408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 15:26 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Tonya\Desktop\TDSSKiller.exe
2014-02-26 03:09 - 2014-02-26 03:09 - 00077275 _____ () C:\Users\Tonya\Documents\EDU 403 CM.pptx
2014-02-26 01:56 - 2014-02-26 01:56 - 00000000 _____ () C:\Users\Tonya\AppData\Roaming\SharedSettings.ccs
2014-02-26 01:53 - 2014-02-26 01:53 - 00089000 _____ () C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip
2014-02-24 13:23 - 2010-11-27 05:20 - 00333080 _____ () C:\Users\Tonya\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-24 02:28 - 2012-08-28 21:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-23 23:25 - 2014-02-23 23:25 - 00001120 _____ () C:\Users\Tonya\Desktop\Continue Zip Opener Installation.lnk
2014-02-23 23:25 - 2014-02-23 23:24 - 00655544 _____ () C:\Users\Tonya\Downloads\ZipOpenerSetup.exe
2014-02-23 16:41 - 2011-01-09 20:09 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-21 11:12 - 2010-11-27 03:41 - 00002364 _____ () C:\Users\Tonya\Desktop\Google Chrome.lnk
2014-02-20 21:26 - 2012-07-22 21:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 21:26 - 2012-07-22 21:48 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 21:26 - 2011-06-28 13:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 13:56 - 2010-07-10 22:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-18 20:01 - 2014-01-06 18:23 - 00003610 _____ () C:\Windows\System32\Tasks\Norton Security Scan for Tonya
2014-02-16 03:04 - 2013-08-14 12:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 03:00 - 2010-11-28 04:46 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 02:02 - 2012-05-04 01:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 21:22 - 2014-02-15 21:22 - 00020875 _____ () C:\Users\Tonya\Downloads\chapter overview.zip
2014-02-15 16:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 01:22 - 2014-02-15 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 20:24 - 2014-02-09 22:17 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 20:24 - 2014-02-09 22:17 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 22:49 - 2014-02-11 22:49 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-11 22:45 - 2010-11-27 03:41 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA
2014-02-11 22:45 - 2010-11-27 03:41 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core
2014-02-09 22:18 - 2010-11-27 03:41 - 00000000 ____D () C:\Users\Tonya\AppData\Local\Google
2014-02-09 22:16 - 2014-02-09 22:16 - 00847312 _____ (Google Inc.) C:\Users\Tonya\Downloads\GoogleEarthSetup.exe
2014-02-06 07:16 - 2014-02-13 06:46 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-13 06:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-13 06:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-13 06:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-13 06:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-13 06:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-13 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-13 06:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-13 06:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-13 06:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-13 06:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-13 06:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-13 06:46 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-13 06:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-13 06:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-13 06:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-13 06:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-13 06:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-13 06:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-13 06:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-13 06:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-13 06:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-13 06:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-13 06:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-13 06:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-13 06:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-13 06:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-13 06:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-13 06:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-13 06:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-13 06:46 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-13 06:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-13 06:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-13 06:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-13 06:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-13 06:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-13 06:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-13 06:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-13 06:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 00:58 - 2014-02-01 04:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 05:20 - 2014-02-01 05:20 - 00107738 _____ () C:\Users\Tonya\Downloads\Extras.Txt
2014-02-01 05:18 - 2014-02-01 05:18 - 00089614 _____ () C:\Users\Tonya\Downloads\OTL.Txt
2014-02-01 04:59 - 2014-02-01 04:59 - 00602112 _____ (OldTimer Tools) C:\Users\Tonya\Downloads\OTL.exe
2014-02-01 04:47 - 2014-02-01 04:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-01 04:46 - 2014-02-01 04:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 04:42 - 2014-02-01 04:41 - 00474382 _____ () C:\Users\Tonya\Documents\cc_20140201_044133.reg
2014-02-01 04:38 - 2009-09-06 20:57 - 00000000 ____D () C:\Windows\Panther
2014-02-01 04:36 - 2014-02-01 04:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-01 04:36 - 2014-02-01 04:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 04:36 - 2014-02-01 04:35 - 04721920 _____ (Piriform Ltd) C:\Users\Tonya\Downloads\ccsetup410.exe
2014-02-01 04:11 - 2014-02-01 04:11 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-01 04:11 - 2014-02-01 04:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-01 04:08 - 2014-02-01 04:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Tonya\Downloads\spybot-2.2.exe
2014-01-31 15:52 - 2014-01-31 15:52 - 00018003 _____ () C:\Users\Tonya\Documents\hijackthis.log
2014-01-31 15:48 - 2014-01-31 15:48 - 00251392 _____ () C:\Users\Tonya\Downloads\hijackthis_sfx.exe
2014-01-31 15:48 - 2010-11-27 05:21 - 00000000 ____D () C:\Users\Tonya\AppData\Local\VirtualStore

Some content of TEMP:
====================
C:\Users\Tonya\AppData\Local\Temp\Quarantine.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_315a7564.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_544e4621.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_95d2cf08.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_971dd8da.exe
C:\Users\Tonya\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS_25639.exe
C:\Users\Tonya\AppData\Local\Temp\{BAA1EB89-04E9-472F-A900-10930E5B50A7}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 14:09

==================== End Of Log ============================

Edited by gmcube, 02 March 2014 - 09:50 PM.

  • 0

#12
pystryker
Posted 02 March 2014 - 10:17 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hi :)

Ok, let's run a fix to get rid of that bad process, and run TFC to clear out the temp files. Let me know how the machine is running after this fix.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: FRST Fix

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
C:\Users\Tonya\AppData\Roaming\Foyrmulo
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Ewkemygayflyra] - C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe [276992 2011-07-19] (Cloud Company)
2014-03-02 16:29 - 2014-03-02 16:30 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Duyznuyg
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: TFC


Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Things I need to see in your next post:

FRST Log

Question: How is the machine running now?
  • 0

#13
gmcube
Posted 02 March 2014 - 10:50 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
I dont think old timer is working correctly, is it normal for the progress bar to just recycle repeadedly?


Heres the other log.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Tonya (administrator) on TONYA-PC on 02-03-2014 22:42:19
Running from C:\Users\Tonya\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-25] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CaddieSyncConduit] - C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2379160 2012-10-22] (SkyHawke)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Google Update] - C:\Users\Tonya\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-11-27] (Google Inc.)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [EPSON Stylus Photo R220 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAIA.EXE [211456 2006-12-25] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Ewkemygayflyra] - C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe [276992 2011-07-19] (Cloud Company)
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\MountPoints2: {8f918ca0-64b3-11e2-ad90-60eb692c3b3a} - G:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {0781AD49-04B2-40C3-882C-BD396CAB1B2A} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKCU - {F4E8AB23-E333-43F2-BDAA-55F4184B1EFF} URL = http://en.wikipedia....h={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://xfinity.comcast.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: No Name - C:\Users\Tonya\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2012-09-01]
FF Extension: Adblock Plus - C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-05]
FF Extension: Greasemonkey - C:\Users\Tonya\AppData\Roaming\Mozilla\Firefox\Profiles\f6d0vu46.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-23]

Chrome:
=======
CHR HomePage: hxxp://comcast.net/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Users\Tonya\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Google Update) - C:\Users\Tonya\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Entanglement Web App) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-03-26]
CHR Extension: (Poppit) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-03-26]
CHR Extension: (Google Wallet) - C:\Users\Tonya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-02 22:42 - 2014-03-02 22:42 - 00020483 _____ () C:\Users\Tonya\Desktop\FRST.txt
2014-03-02 21:49 - 2014-03-02 21:49 - 04110135 _____ () C:\Users\Tonya\Downloads\tdsskiller.zip
2014-03-02 21:49 - 2014-03-02 21:49 - 00000000 ____D () C:\Users\Tonya\Downloads\tdsskiller
2014-03-02 21:27 - 2014-03-02 21:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 20:33 - 2014-03-02 20:33 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-03-02 18:39 - 2014-03-02 18:40 - 01037734 _____ (Thisisu) C:\Users\Tonya\Desktop\JRT.exe
2014-03-02 17:43 - 2014-03-02 22:00 - 00000806 _____ () C:\Windows\Tasks\Security Center Update - 1686658791.job
2014-03-02 17:43 - 2014-03-02 17:43 - 00003814 _____ () C:\Windows\System32\Tasks\Security Center Update - 1686658791
2014-03-02 17:43 - 2014-03-02 17:43 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Foyrmulo
2014-03-02 17:39 - 2014-03-02 21:24 - 00000000 ____D () C:\AdwCleaner
2014-03-02 17:35 - 2014-03-02 17:35 - 01244192 _____ () C:\Users\Tonya\Desktop\adwcleaner.exe
2014-03-02 16:29 - 2014-03-02 22:00 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 4062085556.job
2014-03-02 16:29 - 2014-03-02 16:30 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Duyznuyg
2014-03-02 16:29 - 2014-03-02 16:29 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 4062085556
2014-03-02 03:54 - 2014-03-02 03:54 - 00652144 _____ (www.file.net) C:\Users\Tonya\Downloads\top100files.exe
2014-03-02 02:43 - 2014-03-02 02:46 - 00051003 _____ () C:\Users\Tonya\Desktop\Addition.txt
2014-03-02 02:16 - 2014-03-02 22:30 - 00000000 ____D () C:\FRST
2014-03-02 02:13 - 2014-03-02 02:13 - 02156544 _____ (Farbar) C:\Users\Tonya\Downloads\FRST64 (1).exe
2014-03-02 02:12 - 2014-03-02 02:12 - 02156544 _____ (Farbar) C:\Users\Tonya\Desktop\FRST64.exe
2014-03-01 05:09 - 2014-03-01 05:09 - 00000000 ____D () C:\ProgramData\AVG
2014-03-01 05:05 - 2014-03-01 05:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-01 04:56 - 2014-03-01 05:03 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28(1).exe
2014-03-01 04:56 - 2014-03-01 05:01 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-03-01 02:57 - 2014-03-02 21:50 - 00146176 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 02:51 - 2014-03-02 21:51 - 00000672 _____ () C:\Windows\setupact.log
2014-03-01 02:51 - 2014-03-01 02:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 02:50 - 2014-03-02 18:26 - 00012510 _____ () C:\Windows\PFRO.log
2014-02-28 21:51 - 2014-02-28 21:51 - 00015508 _____ () C:\Users\Tonya\Desktop\cc_20140228_215122.reg
2014-02-28 21:40 - 2014-02-28 21:40 - 00016483 _____ () C:\Users\Tonya\Desktop\hijackthis.log
2014-02-28 21:32 - 2014-03-01 00:52 - 00021376 _____ () C:\Users\Tonya\Desktop\avgrep.txt
2014-02-28 21:21 - 2014-02-28 21:54 - 00000000 ____D () C:\Windows\pss
2014-02-27 15:26 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Tonya\Desktop\TDSSKiller.exe
2014-02-26 03:09 - 2014-02-26 03:09 - 00077275 _____ () C:\Users\Tonya\Documents\EDU 403 CM.pptx
2014-02-26 01:56 - 2014-02-26 01:56 - 00000000 _____ () C:\Users\Tonya\AppData\Roaming\SharedSettings.ccs
2014-02-26 01:53 - 2014-02-26 01:53 - 00089000 _____ () C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip
2014-02-23 23:25 - 2014-02-23 23:25 - 00001120 _____ () C:\Users\Tonya\Desktop\Continue Zip Opener Installation.lnk
2014-02-23 23:24 - 2014-02-23 23:25 - 00655544 _____ () C:\Users\Tonya\Downloads\ZipOpenerSetup.exe
2014-02-15 21:22 - 2014-02-15 21:22 - 00020875 _____ () C:\Users\Tonya\Downloads\chapter overview.zip
2014-02-15 01:22 - 2014-02-15 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 06:50 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 06:50 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 06:46 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 06:46 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 06:46 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 06:46 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 06:46 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 06:46 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 06:46 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 06:46 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 06:46 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 06:46 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 06:46 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 06:46 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 06:46 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 06:46 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 06:46 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 06:46 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 06:46 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 06:46 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 06:46 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 06:46 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 06:46 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 06:46 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 06:46 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 06:46 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 06:46 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 06:46 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 06:46 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 06:46 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 06:46 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 06:46 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 06:46 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 06:46 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 06:46 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 06:46 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 06:46 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 06:46 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 06:46 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 06:46 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 06:46 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 20:45 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 20:45 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 20:45 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 20:45 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 20:45 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 20:45 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 20:45 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 20:45 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 20:45 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 20:45 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 20:45 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 20:45 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 20:45 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 20:45 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 20:45 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 20:44 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 20:44 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 20:44 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 20:44 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:49 - 2014-02-11 22:49 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-09 22:17 - 2014-03-02 22:29 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 22:17 - 2014-03-02 22:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-09 22:17 - 2014-03-02 21:52 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-09 22:17 - 2014-02-13 20:24 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-09 22:17 - 2014-02-13 20:24 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 22:16 - 2014-02-09 22:16 - 00847312 _____ (Google Inc.) C:\Users\Tonya\Downloads\GoogleEarthSetup.exe
2014-02-01 05:20 - 2014-02-01 05:20 - 00107738 _____ () C:\Users\Tonya\Downloads\Extras.Txt
2014-02-01 05:18 - 2014-02-01 05:18 - 00089614 _____ () C:\Users\Tonya\Downloads\OTL.Txt
2014-02-01 04:59 - 2014-02-01 04:59 - 00602112 _____ (OldTimer Tools) C:\Users\Tonya\Downloads\OTL.exe
2014-02-01 04:47 - 2014-02-01 04:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-01 04:46 - 2014-02-01 04:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 04:41 - 2014-02-01 04:42 - 00474382 _____ () C:\Users\Tonya\Documents\cc_20140201_044133.reg
2014-02-01 04:36 - 2014-02-01 04:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-01 04:36 - 2014-02-01 04:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 04:35 - 2014-02-01 04:36 - 04721920 _____ (Piriform Ltd) C:\Users\Tonya\Downloads\ccsetup410.exe
2014-02-01 04:11 - 2014-03-01 03:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-01 04:11 - 2014-02-05 00:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 04:11 - 2014-02-01 04:11 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-01 04:11 - 2014-02-01 04:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-01 04:11 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-02-01 04:08 - 2014-02-01 04:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Tonya\Downloads\spybot-2.2.exe
2014-01-31 15:52 - 2014-01-31 15:52 - 00018003 _____ () C:\Users\Tonya\Documents\hijackthis.log
2014-01-31 15:49 - 2014-02-28 21:29 - 00000000 ____D () C:\Program Files\HijackThis
2014-01-31 15:48 - 2014-01-31 15:48 - 00251392 _____ () C:\Users\Tonya\Downloads\hijackthis_sfx.exe

==================== One Month Modified Files and Folders =======

2014-03-02 22:42 - 2014-03-02 22:42 - 00020483 _____ () C:\Users\Tonya\Desktop\FRST.txt
2014-03-02 22:30 - 2014-03-02 02:16 - 00000000 ____D () C:\FRST
2014-03-02 22:29 - 2014-03-01 02:57 - 00146176 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 22:29 - 2014-02-09 22:17 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 22:27 - 2014-02-09 22:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-02 22:26 - 2012-07-22 21:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 22:00 - 2014-03-02 17:43 - 00000806 _____ () C:\Windows\Tasks\Security Center Update - 1686658791.job
2014-03-02 22:00 - 2014-03-02 16:29 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 4062085556.job
2014-03-02 22:00 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 22:00 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 21:52 - 2014-02-09 22:17 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 21:52 - 2013-06-07 14:17 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-03-02 21:52 - 2013-06-02 16:24 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-03-02 21:51 - 2014-03-01 02:51 - 00000672 _____ () C:\Windows\setupact.log
2014-03-02 21:51 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 21:50 - 2010-11-27 03:41 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA.job
2014-03-02 21:49 - 2014-03-02 21:49 - 04110135 _____ () C:\Users\Tonya\Downloads\tdsskiller.zip
2014-03-02 21:49 - 2014-03-02 21:49 - 00000000 ____D () C:\Users\Tonya\Downloads\tdsskiller
2014-03-02 21:27 - 2014-03-02 21:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 21:24 - 2014-03-02 17:39 - 00000000 ____D () C:\AdwCleaner
2014-03-02 20:33 - 2014-03-02 20:33 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-03-02 18:40 - 2014-03-02 18:39 - 01037734 _____ (Thisisu) C:\Users\Tonya\Desktop\JRT.exe
2014-03-02 18:30 - 2010-11-28 04:40 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-02 18:26 - 2014-03-01 02:50 - 00012510 _____ () C:\Windows\PFRO.log
2014-03-02 17:43 - 2014-03-02 17:43 - 00003814 _____ () C:\Windows\System32\Tasks\Security Center Update - 1686658791
2014-03-02 17:43 - 2014-03-02 17:43 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Foyrmulo
2014-03-02 17:35 - 2014-03-02 17:35 - 01244192 _____ () C:\Users\Tonya\Desktop\adwcleaner.exe
2014-03-02 16:37 - 2010-11-27 03:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-02 16:30 - 2014-03-02 16:29 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Duyznuyg
2014-03-02 16:29 - 2014-03-02 16:29 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 4062085556
2014-03-02 04:04 - 2013-06-19 13:15 - 00062464 ___SH () C:\Users\Tonya\Desktop\Thumbs.db
2014-03-02 03:54 - 2014-03-02 03:54 - 00652144 _____ (www.file.net) C:\Users\Tonya\Downloads\top100files.exe
2014-03-02 02:46 - 2014-03-02 02:43 - 00051003 _____ () C:\Users\Tonya\Desktop\Addition.txt
2014-03-02 02:13 - 2014-03-02 02:13 - 02156544 _____ (Farbar) C:\Users\Tonya\Downloads\FRST64 (1).exe
2014-03-02 02:12 - 2014-03-02 02:12 - 02156544 _____ (Farbar) C:\Users\Tonya\Desktop\FRST64.exe
2014-03-02 02:04 - 2009-07-13 23:45 - 01004896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-01 05:09 - 2014-03-01 05:09 - 00000000 ____D () C:\ProgramData\AVG
2014-03-01 05:05 - 2014-03-01 05:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-01 05:03 - 2014-03-01 04:56 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28(1).exe
2014-03-01 05:01 - 2014-03-01 04:56 - 78353832 _____ (AVG) C:\Users\Tonya\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-03-01 03:39 - 2014-02-01 04:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-01 02:51 - 2014-03-01 02:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 00:52 - 2014-02-28 21:32 - 00021376 _____ () C:\Users\Tonya\Desktop\avgrep.txt
2014-02-28 21:54 - 2014-02-28 21:21 - 00000000 ____D () C:\Windows\pss
2014-02-28 21:51 - 2014-02-28 21:51 - 00015508 _____ () C:\Users\Tonya\Desktop\cc_20140228_215122.reg
2014-02-28 21:40 - 2014-02-28 21:40 - 00016483 _____ () C:\Users\Tonya\Desktop\hijackthis.log
2014-02-28 21:39 - 2010-07-08 03:42 - 00000000 ____D () C:\ProgramData\Norton
2014-02-28 21:32 - 2012-10-08 12:36 - 00000000 ____D () C:\Users\Tonya\AppData\Local\Avg2013
2014-02-28 21:29 - 2014-01-31 15:49 - 00000000 ____D () C:\Program Files\HijackThis
2014-02-28 20:18 - 2014-01-01 17:52 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTonya
2014-02-28 20:18 - 2014-01-01 17:52 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTonya.job
2014-02-27 23:44 - 2010-11-27 03:41 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core.job
2014-02-27 17:22 - 2010-12-09 00:59 - 00788408 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 17:22 - 2009-07-14 00:13 - 00788408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 15:26 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Tonya\Desktop\TDSSKiller.exe
2014-02-26 03:09 - 2014-02-26 03:09 - 00077275 _____ () C:\Users\Tonya\Documents\EDU 403 CM.pptx
2014-02-26 01:56 - 2014-02-26 01:56 - 00000000 _____ () C:\Users\Tonya\AppData\Roaming\SharedSettings.ccs
2014-02-26 01:53 - 2014-02-26 01:53 - 00089000 _____ () C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip
2014-02-24 13:23 - 2010-11-27 05:20 - 00333080 _____ () C:\Users\Tonya\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-24 02:28 - 2012-08-28 21:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-23 23:25 - 2014-02-23 23:25 - 00001120 _____ () C:\Users\Tonya\Desktop\Continue Zip Opener Installation.lnk
2014-02-23 23:25 - 2014-02-23 23:24 - 00655544 _____ () C:\Users\Tonya\Downloads\ZipOpenerSetup.exe
2014-02-23 16:41 - 2011-01-09 20:09 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-21 11:12 - 2010-11-27 03:41 - 00002364 _____ () C:\Users\Tonya\Desktop\Google Chrome.lnk
2014-02-20 21:26 - 2012-07-22 21:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 21:26 - 2012-07-22 21:48 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 21:26 - 2011-06-28 13:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 13:56 - 2010-07-10 22:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-18 20:01 - 2014-01-06 18:23 - 00003610 _____ () C:\Windows\System32\Tasks\Norton Security Scan for Tonya
2014-02-16 03:04 - 2013-08-14 12:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 03:00 - 2010-11-28 04:46 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 02:02 - 2012-05-04 01:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 21:22 - 2014-02-15 21:22 - 00020875 _____ () C:\Users\Tonya\Downloads\chapter overview.zip
2014-02-15 16:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 01:22 - 2014-02-15 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 20:24 - 2014-02-09 22:17 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 20:24 - 2014-02-09 22:17 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 22:49 - 2014-02-11 22:49 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-11 22:45 - 2010-11-27 03:41 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000UA
2014-02-11 22:45 - 2010-11-27 03:41 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3790915449-1485846204-445597675-1000Core
2014-02-09 22:18 - 2010-11-27 03:41 - 00000000 ____D () C:\Users\Tonya\AppData\Local\Google
2014-02-09 22:16 - 2014-02-09 22:16 - 00847312 _____ (Google Inc.) C:\Users\Tonya\Downloads\GoogleEarthSetup.exe
2014-02-06 07:16 - 2014-02-13 06:46 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-13 06:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-13 06:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-13 06:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-13 06:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-13 06:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-13 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-13 06:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-13 06:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-13 06:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-13 06:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-13 06:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-13 06:46 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-13 06:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-13 06:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-13 06:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-13 06:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-13 06:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-13 06:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-13 06:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-13 06:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-13 06:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-13 06:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-13 06:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-13 06:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-13 06:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-13 06:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-13 06:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-13 06:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-13 06:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-13 06:46 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-13 06:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-13 06:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-13 06:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-13 06:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-13 06:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-13 06:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-13 06:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-13 06:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 00:58 - 2014-02-01 04:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 05:20 - 2014-02-01 05:20 - 00107738 _____ () C:\Users\Tonya\Downloads\Extras.Txt
2014-02-01 05:18 - 2014-02-01 05:18 - 00089614 _____ () C:\Users\Tonya\Downloads\OTL.Txt
2014-02-01 04:59 - 2014-02-01 04:59 - 00602112 _____ (OldTimer Tools) C:\Users\Tonya\Downloads\OTL.exe
2014-02-01 04:47 - 2014-02-01 04:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-01 04:46 - 2014-02-01 04:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tonya\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 04:42 - 2014-02-01 04:41 - 00474382 _____ () C:\Users\Tonya\Documents\cc_20140201_044133.reg
2014-02-01 04:38 - 2009-09-06 20:57 - 00000000 ____D () C:\Windows\Panther
2014-02-01 04:36 - 2014-02-01 04:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-01 04:36 - 2014-02-01 04:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 04:36 - 2014-02-01 04:35 - 04721920 _____ (Piriform Ltd) C:\Users\Tonya\Downloads\ccsetup410.exe
2014-02-01 04:11 - 2014-02-01 04:11 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-01 04:11 - 2014-02-01 04:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-01 04:08 - 2014-02-01 04:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Tonya\Downloads\spybot-2.2.exe
2014-01-31 15:52 - 2014-01-31 15:52 - 00018003 _____ () C:\Users\Tonya\Documents\hijackthis.log
2014-01-31 15:48 - 2014-01-31 15:48 - 00251392 _____ () C:\Users\Tonya\Downloads\hijackthis_sfx.exe
2014-01-31 15:48 - 2010-11-27 05:21 - 00000000 ____D () C:\Users\Tonya\AppData\Local\VirtualStore

Some content of TEMP:
====================
C:\Users\Tonya\AppData\Local\Temp\Quarantine.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_315a7564.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_544e4621.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_95d2cf08.exe
C:\Users\Tonya\AppData\Local\Temp\UpdateFlashPlayer_971dd8da.exe
C:\Users\Tonya\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS_25639.exe
C:\Users\Tonya\AppData\Local\Temp\{BAA1EB89-04E9-472F-A900-10930E5B50A7}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 14:09

==================== End Of Log ============================




The fixlist seem to do anything, there still several of those processes going.
  • 0

#14
pystryker
Posted 02 March 2014 - 10:54 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
It depends on TFC, as there may be a lot of files it's trying to get rid of. But some times it can hang after it clears them out. But the FRST log you posted is a scan log, not a fixlog.

Please re-run Step 1, and that should kill that xihepo.exe process. Please post the fixlog.txt when the fix is complete. :thumbsup:
  • 0

#15
gmcube
Posted 02 March 2014 - 11:02 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
Whoops. Still no change though.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2014 01
Ran by Tonya at 2014-03-02 23:56:54 Run:3
Running from C:\Users\Tonya\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\Tonya\AppData\Roaming\Foyrmulo
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\...\Run: [Ewkemygayflyra] - C:\Users\Tonya\AppData\Roaming\Foyrmulo\xihepo.exe [276992 2011-07-19] (Cloud Company)
2014-03-02 16:29 - 2014-03-02 16:30 - 00000000 ____D () C:\Users\Tonya\AppData\Roaming\Duyznuyg
End
*****************

C:\Users\Tonya\AppData\Roaming\Foyrmulo => Moved successfully.
HKU\S-1-5-21-3790915449-1485846204-445597675-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ewkemygayflyra => Value deleted successfully.
"C:\Users\Tonya\AppData\Roaming\Duyznuyg" => File/Directory not found.

==== End of Fixlog ====
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP