Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zeroaccess.t


  • This topic is locked This topic is locked
32 replies to this topic

#1 Kewbla

Kewbla

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 01 September 2012 - 09:51 AM

Hello,

avg detected zeroaccess.t trojan horse and white listed it. I tried to remove it with nortons removal tool. AVG can't delete it on its own

DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Jillian at 1:08:43 on 2012-09-01
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.2814.1497 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\System32\rundll32.exe
C:\Users\Jillian\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [WeatherEye] c:\users\jillian\appdata\local\theweathernetwork\weathereye\WeatherEye.exe
uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
uRun: [CompleteTimeTrackingStd3] "c:\program files\complete time tracking std 3\CompleteTimeTrackingStd.exe"
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [ongso] "c:\windows\system32\rundll32.exe" "c:\users\jillian\appdata\roaming\ongso.dll",SetInterrupt
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [Brdefprn] c:\program files\brother\brhl2170\Brdefprn.exe -d
mRun: [ConnectionManager] c:\program files\winsim\connectionmanager\Simply.SystemTrayIcon.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [HF_G_Jul] "c:\program files\avg secure search\HF_G_Jul.exe" /DoAction
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
StartupFolder: c:\users\jillian\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\jillian\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\jillian\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{00C21FEC-3E8E-4E6D-96DC-9BB9819A9B96} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8743C60E-4FE4-4249-B00E-4A26E3B4F33F} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8743C60E-4FE4-4249-B00E-4A26E3B4F33F}\1333241646 : DhcpNameServer = 64.71.255.198
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jillian\appdata\roaming\mozilla\firefox\profiles\ewpbzpk5.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid={3B3E73B8-F625-436F-8EE6-486C40B6EF00}&mid=3198f955f77b47d0ac09d16a1cd40018-677d6bd6145487d7add33b2fb2857814f9a2aa51&lang=en&ds=AVG&pr=fr&d=2012-06-28 17:34:25&v=12.2.5.32&sap=ku&q=
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\12.2.6\npsitesafety.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-30 27496]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe [2009-3-2 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-4-5 217600]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-4-5 291840]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-3-5 45184]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-5-15 21992]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2010-7-16 26168]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\common files\avg secure search\vtoolbarupdater\12.2.6\ToolbarUpdater.exe [2012-8-30 722528]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-9-26 37944]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-4-6 9334784]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-4-5 275968]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-2-23 86544]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-5-14 245760]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-7-29 116064]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2011-9-20 8192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-27 253600]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [2011-6-20 23608]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-5 114144]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-11-19 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-11-19 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-11-19 136808]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
.
=============== Created Last 30 ================
.
2012-09-01 04:39:20 -------- d-----w- c:\users\jillian\appdata\roaming\FixZeroAccess
2012-08-31 04:12:00 -------- d-----w- c:\users\jillian\appdata\local\{026DB2D9-F322-11E1-8270-B8AC6F996F26}
2012-08-31 04:11:58 695808 ----a-w- c:\users\jillian\appdata\roaming\ongso.dll
2012-08-30 16:53:46 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-29 03:22:21 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2012-08-25 16:12:07 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-25 16:11:45 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-24 02:43:02 -------- d-----w- c:\users\jillian\appdata\local\DirectDownloader
2012-08-24 02:39:47 -------- d-----w- c:\users\jillian\appdata\roaming\YourFileDownloader
2012-08-23 03:21:19 -------- d-----w- c:\users\jillian\appdata\roaming\ExpressFiles
2012-08-23 03:21:19 -------- d-----w- c:\program files\ExpressFiles
2012-08-15 22:07:19 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 22:07:16 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 22:07:15 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 22:07:15 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 22:07:12 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 22:07:12 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 22:07:10 769024 ----a-w- c:\windows\system32\localspl.dll
.
==================== Find3M ====================
.
2012-08-25 16:11:24 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-07 00:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
.
============= FINISH: 1:09:41.49 ===============

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:54 PM

Posted 01 September 2012 - 12:55 PM

Hello Kewbla ,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  • I will be analyzing your log. I will get back to you with instructions.



Do you have a USB Flash Drive you can use?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 01 September 2012 - 03:30 PM

Hello Fireman4it,

i do have a usb thumb drive i can use. and seperate computer to download to if need be.

Thank you for your time

Kewbla

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:54 PM

Posted 01 September 2012 - 07:04 PM

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list][/quote]

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 02 September 2012 - 02:10 PM

Fireman4it here is the log as requested:

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 02-09-2012
Ran by SYSTEM at 02-09-2012 14:50:19
Running from F:\
Windows 7 Enterprise Service Pack 1 (X86) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [Brdefprn] C:\Program Files\Brother\BRHL2170\Brdefprn.exe -d [x]
HKLM\...\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [x]
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM\...\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" [346 2012-08-31] ()
HKLM\...\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM\...\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [641664 2012-04-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml [10752 2012-02-20] ()
HKLM\...\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" [2587008 2012-04-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" [947808 2012-08-30] ()
HKLM\...\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction [36960 2012-07-18] ()
HKLM\...\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 [1022048 2012-08-30] ()
HKU\Jillian\...\Run: [WeatherEye] C:\Users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe [309104 2010-09-21] (Pelmorex Media Inc.)
HKU\Jillian\...\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s [x]
HKU\Jillian\...\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [x]
HKU\Jillian\...\Run: [CompleteTimeTrackingStd3] "C:\Program Files\Complete Time Tracking Std 3\CompleteTimeTrackingStd.exe" [x]
HKU\Jillian\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation)
HKU\Jillian\...\Run: [ongso] "C:\Windows\System32\rundll32.exe" "C:\Users\Jillian\AppData\Roaming\ongso.dll",SetInterrupt [695808 2012-08-30] ()
HKU\Joel\...\Run: [Google Update] "C:\Users\Joel\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-09-29] (Google Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Startup: C:\Users\Jillian\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Jillian\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) ========================

2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)
2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [291840 2012-04-05] (Advanced Micro Devices, Inc.)
2 AVGIDSAgent; "C:\Program Files\AVG\AVG2012\avgidsagent.exe" [5160568 2012-07-04] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
3 BrYNSvc; "C:\Program Files\Browny02\BrYNSvc.exe" [245760 2010-01-25] (Brother Industries, Ltd.)
2 KMService; C:\Windows\system32\srvany.exe [8192 2011-09-20] ()
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
2 vToolbarUpdater12.2.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [722528 2012-08-30] ()

==================== Drivers (Whitelisted) ===================

2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [139856 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [235216 2012-02-22] (AVG Technologies CZ, s.r.o.)
1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [301248 2012-03-19] (AVG Technologies CZ, s.r.o.)
1 avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [27496 2012-08-30] (AVG Technologies)
2 cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [21992 2011-09-21] (CPUID)
3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [23608 2011-03-21] (Windows ® Codename Longhorn DDK provider)
2 npf; C:\Windows\System32\drivers\npf.sys [35088 2010-07-15] (CACE Technologies, Inc.)
3 .dfsc; \? [x]
3 getbus; \??\C:\Users\Jillian\AppData\Local\Temp\getbus.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) =================


============ One Month Created Files and Folders ==============

2012-09-02 14:50 - 2012-09-02 14:50 - 00000000 ____D C:\FRST
2012-09-01 06:46 - 2012-09-01 06:46 - 00018772 ____A C:\Users\Jillian\Desktop\ark.txt
2012-08-31 21:17 - 2012-08-31 21:17 - 00302592 ____A C:\Users\Jillian\Desktop\lyp14tdr.exe
2012-08-31 21:14 - 2012-08-31 21:14 - 00017703 ____A C:\Users\Jillian\Desktop\DDS.txt
2012-08-31 21:14 - 2012-08-31 21:14 - 00009806 ____A C:\Users\Jillian\Desktop\Attach.txt
2012-08-31 21:07 - 2012-08-31 21:07 - 00607260 ____R (Swearware) C:\Users\Jillian\Desktop\dds.com
2012-08-31 21:03 - 2012-08-31 21:04 - 02193345 ____A C:\Users\Jillian\Downloads\tdsskiller.zip
2012-08-31 20:39 - 2012-08-31 20:39 - 00000000 ____D C:\Users\Jillian\AppData\Roaming\FixZeroAccess
2012-08-30 20:12 - 2012-09-02 10:42 - 00000000 ____A C:\Users\Jillian\AppData\Local\
2012-08-30 20:12 - 2012-08-30 20:12 - 00000000 ____D C:\Users\Jillian\AppData\Local\{026DB2D9-F322-11E1-8270-B8AC6F996F26}
2012-08-30 20:11 - 2012-08-30 20:12 - 00695808 ____A C:\Users\Jillian\AppData\Roaming\ongso.dll
2012-08-30 19:57 - 2012-08-30 20:47 - 304047104 ____A C:\Users\Jillian\Downloads\big.brother.us.s14e22.pdtv.x264-2hd.mp4
2012-08-30 10:03 - 2012-08-30 10:41 - 00000000 ____D C:\Users\Jillian\Downloads\Private Practice
2012-08-30 08:53 - 2012-08-30 08:53 - 00027496 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2012-08-29 17:48 - 2012-08-29 18:30 - 259410194 ____A C:\Users\Jillian\Downloads\Big.Brother.US.S14E21.PDTV.x264-BAJSKORV.mp4
2012-08-29 08:28 - 2012-08-29 08:29 - 00000000 ____D C:\Users\Jillian\Downloads\Private Practice_Season 1 {aaa}
2012-08-28 19:50 - 2012-06-27 22:03 - 162964602 ____A C:\Users\Jillian\Downloads\Baby Daddy S01E02.mp4
2012-08-28 19:44 - 2012-08-28 19:45 - 00000000 ____D C:\Users\Jillian\Downloads\aaaJOELS CRAP TO DELETE OFF MY ORGANIZED COMPUTER ASAP
2012-08-28 19:13 - 2012-08-28 20:06 - 00000000 ____D C:\Users\Jillian\Downloads\MasterChef.US.S03E18.HDTV.x264-LOL
2012-08-27 20:22 - 2012-08-27 20:31 - 00000000 ____D C:\Users\Jillian\Downloads\Hotel.Hell.S01E04.HDTV.x264-LOL
2012-08-26 19:20 - 2012-08-28 21:39 - 00000000 ____D C:\Users\Jillian\Downloads\Baby.Daddy.S01E03.The.Nurse.and.the.Curse.HDTV.x264-FQM
2012-08-26 19:19 - 2012-08-26 19:43 - 00000000 ____D C:\Users\Jillian\Downloads\Breaking.Bad.S05E07.HDTV.x264-COMPULSiON
2012-08-25 08:12 - 2012-08-25 08:11 - 00821736 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-25 08:12 - 2012-08-25 08:11 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-08-25 08:11 - 2012-08-25 08:11 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-08-25 08:11 - 2012-08-25 08:11 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-08-25 08:11 - 2012-08-25 08:11 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2012-08-23 18:46 - 2012-08-23 18:46 - 00027520 ____A C:\Users\Jillian\AppData\Local\dt.dat
2012-08-23 18:43 - 2012-08-23 19:02 - 00000000 ____D C:\Users\Jillian\AppData\Local\DirectDownloader
2012-08-23 18:43 - 2012-08-23 18:43 - 00000216 ____A C:\Users\Jillian\Desktop\SweetPcFix.url
2012-08-23 18:39 - 2012-08-23 18:39 - 00000000 ____D C:\Users\Jillian\AppData\Roaming\YourFileDownloader
2012-08-22 19:23 - 2012-08-22 20:00 - 00000000 ____D C:\Users\Jillian\Desktop\[ www.TorrentDay.com ] - Big.Brother.US.S14E18.PDTV.x264-BAJSKORV
2012-08-22 19:21 - 2012-08-22 19:21 - 00001899 ____A C:\Users\Public\Desktop\Express Files.lnk
2012-08-22 19:21 - 2012-08-22 19:21 - 00000000 ____D C:\Users\Jillian\AppData\Roaming\ExpressFiles
2012-08-22 19:21 - 2012-08-22 19:21 - 00000000 ____D C:\Program Files\ExpressFiles
2012-08-22 18:46 - 2012-08-22 22:42 - 186982262 ____A C:\Users\Jillian\Downloads\Baby Daddy S01E01.avi
2012-08-22 10:46 - 2012-08-22 11:01 - 00000000 ____D C:\Users\Jillian\Downloads\The Real Housewives of New York City Season 2
2012-08-22 10:45 - 2012-08-29 19:46 - 00000000 ____D C:\Users\Jillian\Downloads\Delete after watching
2012-08-20 20:04 - 2012-08-20 20:18 - 00000000 ____D C:\Users\Jillian\Downloads\Hells.Kitchen.US.S10E17.PDTV.x264-LOL
2012-08-19 19:36 - 2012-08-20 00:05 - 319997086 ____A C:\Users\Jillian\Downloads\Breaking Bad S05E06.mp4
2012-08-18 16:48 - 2012-08-18 17:19 - 1859317760 ____A C:\Users\Jillian\Downloads\Safe House (2012).avi
2012-08-18 14:12 - 2012-08-18 14:17 - 00000000 ____D C:\Users\Jillian\Downloads\Savages.2012.TS.XViD.AC3.SeeN-CM8
2012-08-17 23:43 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-17 23:43 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-17 23:43 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-17 23:43 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-17 23:43 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-17 23:43 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-17 23:43 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-17 23:43 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-17 23:43 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-17 23:43 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-17 23:43 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-17 23:43 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-17 23:43 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-17 23:43 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-15 14:07 - 2012-07-18 09:47 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 14:07 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 14:07 - 2012-07-04 13:14 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 14:07 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 14:07 - 2012-05-13 20:33 - 00769024 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 14:07 - 2012-05-04 23:46 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 14:07 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 14:07 - 2012-02-10 21:37 - 00317440 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-09 17:40 - 2012-08-09 18:16 - 734568448 ____A C:\Users\Jillian\Downloads\Leslie Sanson - 4 Miles.avi

============ 3 Months Modified Files ========================

2012-09-02 10:45 - 2011-03-23 20:02 - 01181313 ____A C:\Windows\WindowsUpdate.log
2012-09-02 10:42 - 2012-08-30 20:12 - 00000000 ____A C:\Users\Jillian\AppData\Local\
2012-09-02 10:22 - 2011-09-29 03:51 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828635570-2652799238-2693074031-1004UA.job
2012-09-02 09:59 - 2012-03-27 16:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-09-02 09:08 - 2010-11-20 13:01 - 00730448 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-02 07:22 - 2011-09-29 03:51 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828635570-2652799238-2693074031-1004Core.job
2012-09-01 06:46 - 2012-09-01 06:46 - 00018772 ____A C:\Users\Jillian\Desktop\ark.txt
2012-08-31 21:17 - 2012-08-31 21:17 - 00302592 ____A C:\Users\Jillian\Desktop\lyp14tdr.exe
2012-08-31 21:16 - 2009-07-13 20:34 - 00023632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-31 21:16 - 2009-07-13 20:34 - 00023632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-31 21:14 - 2012-08-31 21:14 - 00017703 ____A C:\Users\Jillian\Desktop\DDS.txt
2012-08-31 21:14 - 2012-08-31 21:14 - 00009806 ____A C:\Users\Jillian\Desktop\Attach.txt
2012-08-31 21:07 - 2012-08-31 21:07 - 00607260 ____R (Swearware) C:\Users\Jillian\Desktop\dds.com
2012-08-31 21:04 - 2012-08-31 21:03 - 02193345 ____A C:\Users\Jillian\Downloads\tdsskiller.zip
2012-08-31 20:41 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-31 20:41 - 2009-07-13 20:39 - 00111667 ____A C:\Windows\setupact.log
2012-08-30 20:47 - 2012-08-30 19:57 - 304047104 ____A C:\Users\Jillian\Downloads\big.brother.us.s14e22.pdtv.x264-2hd.mp4
2012-08-30 20:12 - 2012-08-30 20:11 - 00695808 ____A C:\Users\Jillian\AppData\Roaming\ongso.dll
2012-08-30 08:53 - 2012-08-30 08:53 - 00027496 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2012-08-29 18:30 - 2012-08-29 17:48 - 259410194 ____A C:\Users\Jillian\Downloads\Big.Brother.US.S14E21.PDTV.x264-BAJSKORV.mp4
2012-08-26 08:19 - 2010-11-20 13:48 - 00077700 ____A C:\Windows\PFRO.log
2012-08-25 08:11 - 2012-08-25 08:12 - 00821736 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-25 08:11 - 2012-08-25 08:12 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-08-25 08:11 - 2012-08-25 08:11 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-08-25 08:11 - 2012-08-25 08:11 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-08-25 08:11 - 2012-08-25 08:11 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2012-08-25 08:11 - 2011-08-04 16:29 - 00746984 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-08-23 19:21 - 2011-08-27 13:41 - 00010834 ____A C:\Users\Jillian\Documents\Meal Planner.xlsx
2012-08-23 18:46 - 2012-08-23 18:46 - 00027520 ____A C:\Users\Jillian\AppData\Local\dt.dat
2012-08-23 18:43 - 2012-08-23 18:43 - 00000216 ____A C:\Users\Jillian\Desktop\SweetPcFix.url
2012-08-22 22:42 - 2012-08-22 18:46 - 186982262 ____A C:\Users\Jillian\Downloads\Baby Daddy S01E01.avi
2012-08-22 19:21 - 2012-08-22 19:21 - 00001899 ____A C:\Users\Public\Desktop\Express Files.lnk
2012-08-22 10:35 - 2011-10-14 15:33 - 00124416 __ASH C:\Users\Jillian\Documents\Thumbs.db
2012-08-20 08:58 - 2011-03-23 18:32 - 00109680 ____A C:\Users\Jillian\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-20 08:07 - 2009-07-13 20:33 - 03765976 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-20 08:04 - 2011-08-30 14:02 - 00000090 ____A C:\Windows\QBChanUtil_Trigger.ini
2012-08-20 00:05 - 2012-08-19 19:36 - 319997086 ____A C:\Users\Jillian\Downloads\Breaking Bad S05E06.mp4
2012-08-18 17:19 - 2012-08-18 16:48 - 1859317760 ____A C:\Users\Jillian\Downloads\Safe House (2012).avi
2012-08-17 23:45 - 2011-03-23 18:17 - 59884088 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-09 18:16 - 2012-08-09 17:40 - 734568448 ____A C:\Users\Jillian\Downloads\Leslie Sanson - 4 Miles.avi
2012-07-23 09:44 - 2012-07-23 09:44 - 00317478 ____A C:\Users\Jillian\Downloads\deWitt, Patrick - The Sisters Brothers.epub
2012-07-18 09:47 - 2012-08-15 14:07 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-17 10:46 - 2012-07-17 10:46 - 00000975 ____A C:\Users\Public\Desktop\Kobo.lnk
2012-07-17 10:46 - 2011-06-20 07:23 - 00009136 ____A C:\Windows\DPINST.LOG
2012-07-17 05:27 - 2012-06-28 13:34 - 00000935 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-07-12 19:25 - 2009-07-13 18:04 - 00000513 ____A C:\Windows\win.ini
2012-07-10 16:51 - 2012-05-14 14:44 - 00000419 ____A C:\Windows\BRWMARK.INI
2012-07-04 13:16 - 2012-08-15 14:07 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 13:14 - 2012-08-15 14:07 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 13:14 - 2012-08-15 14:07 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-06-28 16:52 - 2012-08-17 23:43 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 16:27 - 2012-08-17 23:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 16:16 - 2012-08-17 23:43 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 16:09 - 2012-08-17 23:43 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 16:09 - 2012-08-17 23:43 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 16:08 - 2012-08-17 23:43 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 16:07 - 2012-08-17 23:43 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 16:06 - 2012-08-17 23:43 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 16:04 - 2012-08-17 23:43 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 16:04 - 2012-08-17 23:43 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 16:01 - 2012-08-17 23:43 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 16:01 - 2012-08-17 23:43 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 16:00 - 2012-08-17 23:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 15:57 - 2012-08-17 23:43 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 12:45 - 2012-02-13 19:05 - 00000064 ____A C:\Windows\System32\rp_stats.dat
2012-06-28 12:45 - 2012-02-13 19:05 - 00000044 ____A C:\Windows\System32\rp_rules.dat
2012-06-27 22:03 - 2012-08-28 19:50 - 162964602 ____A C:\Users\Jillian\Downloads\Baby Daddy S01E02.mp4
2012-06-26 18:56 - 2012-06-25 16:15 - 359808958 ____A C:\Users\Jillian\Downloads\Sister Wives S04E11.avi
2012-06-26 18:07 - 2012-06-26 18:07 - 00000000 ____A C:\Users\Jillian\Documents\Nuance Image Printer Writer Port
2012-06-26 09:57 - 2012-03-25 16:35 - 00023418 ____A C:\aaw7boot.log
2012-06-14 15:13 - 2012-06-14 15:12 - 00011406 ____A C:\Users\Jillian\Documents\Exercise plan.xlsx
2012-06-08 20:41 - 2012-07-11 09:20 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-06 16:59 - 2012-06-06 16:59 - 01070152 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCTL.OCX
2012-06-05 21:05 - 2012-07-11 09:20 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 21:05 - 2012-07-11 09:20 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 21:03 - 2012-07-11 09:20 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-08-31 05:21:12

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 2813.83 MB
Available physical RAM: 2358.49 MB
Total Pagefile: 2812.12 MB
Available Pagefile: 2360.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.47 MB

==================== Partitions ============================

1 Drive c: () (Fixed) (Total:232.79 GB) (Free:140.2 GB) NTFS
3 Drive f: (THISTLE) (Removable) (Total:7.44 GB) (Free:4.73 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 7639 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 232 GB 101 MB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 232 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7638 MB 31 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F THISTLE FAT32 Removable 7638 MB Healthy

==================================================================================

Last Boot: 2012-08-27 17:33

==================== End Of Log =============================

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:54 PM

Posted 02 September 2012 - 10:40 PM

1.
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

HKU\Jillian\...\Run: [ongso] "C:\Windows\System32\rundll32.exe" "C:\Users\Jillian\AppData\Roaming\ongso.dll",SetInterrupt [695808 2012-08-30] ()
C:\Users\Jillian\AppData\Local\
C:\Users\Jillian\AppData\Roaming\ongso.dll

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.


2.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


3.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.



Things to include in your next reply::
Fix.txt
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 12:24 PM

Fireman

Just an update combofix is running as we speak hopefully get logs up soon

#8 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 01:27 PM

tdsskiller log:

12:33:42.0524 3620 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:33:42.0836 3620 ============================================================
12:33:42.0836 3620 Current date / time: 2012/09/03 12:33:42.0836
12:33:42.0836 3620 SystemInfo:
12:33:42.0836 3620
12:33:42.0836 3620 OS Version: 6.1.7601 ServicePack: 1.0
12:33:42.0836 3620 Product type: Workstation
12:33:42.0836 3620 ComputerName: JILLIAN-PC
12:33:42.0836 3620 UserName: Jillian
12:33:42.0836 3620 Windows directory: C:\Windows
12:33:42.0836 3620 System windows directory: C:\Windows
12:33:42.0836 3620 Processor architecture: Intel x86
12:33:42.0836 3620 Number of processors: 2
12:33:42.0836 3620 Page size: 0x1000
12:33:42.0836 3620 Boot type: Normal boot
12:33:42.0836 3620 ============================================================
12:33:47.0378 3620 BG loaded
12:33:49.0328 3620 Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
12:33:49.0359 3620 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:33:49.0453 3620 Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:33:49.0453 3620 Drive \Device\Harddisk2\DR2 - Size: 0x1DD71E000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:33:49.0453 3620 ============================================================
12:33:49.0453 3620 \Device\Harddisk1\DR1:
12:33:49.0453 3620 MBR partitions:
12:33:49.0453 3620 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x5F, BlocksNum 0x79FA1
12:33:49.0453 3620 \Device\Harddisk0\DR0:
12:33:49.0453 3620 MBR partitions:
12:33:49.0453 3620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:33:49.0453 3620 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
12:33:49.0453 3620 \Device\Harddisk1\DR1:
12:33:49.0453 3620 MBR partitions:
12:33:49.0453 3620 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x5F, BlocksNum 0x79FA1
12:33:49.0453 3620 \Device\Harddisk2\DR2:
12:33:49.0453 3620 MBR partitions:
12:33:49.0453 3620 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEEB5C1
12:33:49.0453 3620 ============================================================
12:33:49.0547 3620 C: <-> \Device\Harddisk0\DR0\Partition2
12:33:49.0562 3620 ============================================================
12:33:49.0562 3620 Initialize success
12:33:49.0562 3620 ============================================================
12:34:30.0213 5004 ============================================================
12:34:30.0213 5004 Scan started
12:34:30.0213 5004 Mode: Manual; SigCheck; TDLFS;
12:34:30.0213 5004 ============================================================
12:34:35.0300 5004 ================ Scan system memory ========================
12:34:35.0300 5004 System memory - ok
12:34:35.0300 5004 ================ Scan services =============================
12:34:35.0378 5004 .dfsc - ok
12:34:40.0417 5004 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:34:40.0791 5004 1394ohci - ok
12:34:40.0885 5004 [ 465B6BAABA53A628F7252846D0E900EE ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
12:34:40.0901 5004 Accelerometer - ok
12:34:41.0057 5004 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:34:41.0088 5004 ACPI - ok
12:34:41.0275 5004 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:34:41.0743 5004 AcpiPmi - ok
12:34:41.0899 5004 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:34:42.0008 5004 AdobeFlashPlayerUpdateSvc - ok
12:34:42.0211 5004 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:34:42.0289 5004 adp94xx - ok
12:34:42.0445 5004 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:34:42.0523 5004 adpahci - ok
12:34:42.0663 5004 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:34:42.0710 5004 adpu320 - ok
12:34:42.0788 5004 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:34:42.0866 5004 AeLookupSvc - ok
12:34:44.0364 5004 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
12:34:44.0411 5004 AESTFilters - ok
12:34:44.0551 5004 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
12:34:44.0613 5004 AFD - ok
12:34:44.0801 5004 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:34:44.0910 5004 AgereSoftModem - ok
12:34:44.0957 5004 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:34:44.0988 5004 agp440 - ok
12:34:45.0066 5004 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:34:45.0097 5004 aic78xx - ok
12:34:45.0222 5004 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:34:45.0284 5004 ALG - ok
12:34:45.0331 5004 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:34:45.0378 5004 aliide - ok
12:34:45.0534 5004 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:34:45.0581 5004 AMD External Events Utility - ok
12:34:46.0002 5004 AMD FUEL Service - ok
12:34:46.0049 5004 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:34:46.0080 5004 amdagp - ok
12:34:46.0111 5004 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:34:46.0158 5004 amdide - ok
12:34:46.0298 5004 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys
12:34:46.0673 5004 amdiox86 - ok
12:34:46.0719 5004 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:34:46.0766 5004 AmdK8 - ok
12:34:48.0123 5004 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:34:48.0295 5004 amdkmdag - ok
12:34:48.0389 5004 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:34:48.0435 5004 amdkmdap - ok
12:34:48.0482 5004 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:34:48.0529 5004 AmdPPM - ok
12:34:48.0654 5004 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:34:48.0669 5004 amdsata - ok
12:34:48.0732 5004 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:34:48.0747 5004 amdsbs - ok
12:34:48.0779 5004 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:34:48.0794 5004 amdxata - ok
12:34:48.0903 5004 [ 40C15CE1B832B78CC2A2F61807058763 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
12:34:48.0919 5004 AODDriver4.1 - ok
12:34:48.0981 5004 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:34:49.0075 5004 AppID - ok
12:34:49.0153 5004 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:34:49.0184 5004 AppIDSvc - ok
12:34:49.0231 5004 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
12:34:49.0293 5004 Appinfo - ok
12:34:49.0543 5004 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:34:49.0574 5004 Apple Mobile Device - ok
12:34:49.0715 5004 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
12:34:49.0855 5004 AppMgmt - ok
12:34:49.0917 5004 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
12:34:49.0964 5004 arc - ok
12:34:50.0011 5004 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:34:50.0073 5004 arcsas - ok
12:34:50.0151 5004 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:34:50.0730 5004 AsyncMac - ok
12:34:50.0761 5004 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:34:50.0776 5004 atapi - ok
12:34:50.0932 5004 [ 6ADC42CF4A6AB84975CA63DCCFAAF5D8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
12:34:50.0948 5004 AtiHDAudioService - ok
12:34:51.0682 5004 [ 70EB74785AB7FC603FEF19D87B7A7946 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:34:51.0838 5004 atikmdag - ok
12:34:51.0979 5004 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:34:52.0010 5004 AudioEndpointBuilder - ok
12:34:52.0057 5004 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:34:52.0103 5004 Audiosrv - ok
12:34:52.0713 5004 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe
12:34:52.0822 5004 AVGIDSAgent - ok
12:34:52.0884 5004 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
12:34:52.0900 5004 AVGIDSDriver - ok
12:34:52.0916 5004 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
12:34:52.0931 5004 AVGIDSFilter - ok
12:34:52.0947 5004 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
12:34:52.0978 5004 AVGIDSHX - ok
12:34:53.0040 5004 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
12:34:53.0056 5004 AVGIDSShim - ok
12:34:53.0103 5004 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
12:34:53.0134 5004 Avgldx86 - ok
12:34:53.0338 5004 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
12:34:53.0353 5004 Avgmfx86 - ok
12:34:53.0494 5004 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
12:34:53.0509 5004 Avgrkx86 - ok
12:34:53.0572 5004 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
12:34:53.0603 5004 Avgtdix - ok
12:34:53.0728 5004 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
12:34:53.0759 5004 avgtp - ok
12:34:53.0821 5004 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:34:53.0837 5004 avgwd - ok
12:34:53.0915 5004 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:34:54.0258 5004 AxInstSV - ok
12:34:54.0384 5004 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
12:34:54.0493 5004 b06bdrv - ok
12:34:54.0602 5004 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:34:54.0696 5004 b57nd60x - ok
12:34:55.0148 5004 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
12:34:55.0226 5004 BCM43XX - ok
12:34:55.0273 5004 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:34:55.0368 5004 BDESVC - ok
12:34:55.0415 5004 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:34:55.0461 5004 Beep - ok
12:34:55.0524 5004 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
12:34:55.0602 5004 BITS - ok
12:34:55.0617 5004 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:34:55.0649 5004 blbdrive - ok
12:34:55.0773 5004 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:34:55.0789 5004 Bonjour Service - ok
12:34:55.0883 5004 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:34:55.0914 5004 bowser - ok
12:34:55.0976 5004 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:34:56.0023 5004 BrFiltLo - ok
12:34:56.0085 5004 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:34:56.0132 5004 BrFiltUp - ok
12:34:56.0210 5004 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:34:56.0257 5004 Browser - ok
12:34:56.0288 5004 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:34:56.0335 5004 Brserid - ok
12:34:56.0351 5004 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:34:56.0383 5004 BrSerWdm - ok
12:34:56.0414 5004 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:34:56.0461 5004 BrUsbMdm - ok
12:34:56.0476 5004 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:34:56.0523 5004 BrUsbSer - ok
12:34:56.0617 5004 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
12:34:56.0664 5004 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
12:34:56.0664 5004 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
12:34:56.0679 5004 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:34:56.0742 5004 BTHMODEM - ok
12:34:56.0788 5004 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:34:56.0851 5004 bthserv - ok
12:34:56.0882 5004 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:34:56.0960 5004 cdfs - ok
12:34:57.0038 5004 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:34:57.0069 5004 cdrom - ok
12:34:57.0116 5004 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:34:57.0163 5004 CertPropSvc - ok
12:34:57.0225 5004 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
12:34:57.0256 5004 circlass - ok
12:34:57.0288 5004 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:34:57.0303 5004 CLFS - ok
12:34:57.0475 5004 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:34:57.0522 5004 clr_optimization_v2.0.50727_32 - ok
12:34:57.0646 5004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:34:57.0756 5004 clr_optimization_v4.0.30319_32 - ok
12:34:57.0771 5004 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:34:57.0802 5004 CmBatt - ok
12:34:57.0834 5004 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:34:57.0849 5004 cmdide - ok
12:34:57.0943 5004 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
12:34:57.0974 5004 CNG - ok
12:34:58.0052 5004 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:34:58.0099 5004 Compbatt - ok
12:34:58.0114 5004 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:34:58.0146 5004 CompositeBus - ok
12:34:58.0161 5004 COMSysApp - ok
12:34:58.0255 5004 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x32.sys
12:34:58.0302 5004 cpuz135 - ok
12:34:58.0333 5004 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:34:58.0395 5004 crcdisk - ok
12:34:58.0426 5004 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:34:58.0489 5004 CryptSvc - ok
12:34:58.0536 5004 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
12:34:58.0598 5004 CSC - ok
12:34:58.0738 5004 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
12:34:58.0785 5004 CscService - ok
12:34:58.0894 5004 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:34:58.0972 5004 DcomLaunch - ok
12:34:59.0066 5004 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:34:59.0160 5004 defragsvc - ok
12:34:59.0238 5004 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:34:59.0331 5004 Dhcp - ok
12:34:59.0362 5004 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:34:59.0425 5004 discache - ok
12:34:59.0456 5004 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
12:34:59.0472 5004 Disk - ok
12:34:59.0518 5004 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:34:59.0596 5004 dmvsc - ok
12:34:59.0659 5004 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:34:59.0690 5004 Dnscache - ok
12:34:59.0752 5004 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:34:59.0862 5004 dot3svc - ok
12:34:59.0924 5004 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:34:59.0955 5004 Dot4 - ok
12:34:59.0986 5004 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:35:00.0002 5004 Dot4Print - ok
12:35:00.0018 5004 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:35:00.0049 5004 dot4usb - ok
12:35:00.0127 5004 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:35:00.0189 5004 DPS - ok
12:35:00.0205 5004 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:35:00.0236 5004 drmkaud - ok
12:35:00.0267 5004 [ 95E2480DC60ABE97B4D1069097072AF9 ] DrmRAudio C:\Windows\system32\drivers\DrmRAudio.sys
12:35:00.0283 5004 DrmRAudio - ok
12:35:00.0439 5004 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:35:00.0470 5004 DXGKrnl - ok
12:35:00.0532 5004 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:35:00.0595 5004 EapHost - ok
12:35:00.0766 5004 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
12:35:00.0938 5004 ebdrv - ok
12:35:00.0985 5004 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
12:35:01.0000 5004 EFS - ok
12:35:01.0188 5004 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:35:01.0328 5004 ehRecvr - ok
12:35:01.0344 5004 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:35:01.0375 5004 ehSched - ok
12:35:01.0422 5004 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:35:01.0515 5004 elxstor - ok
12:35:01.0531 5004 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:35:01.0578 5004 ErrDev - ok
12:35:01.0624 5004 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:35:01.0702 5004 EventSystem - ok
12:35:01.0780 5004 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:35:01.0858 5004 exfat - ok
12:35:01.0921 5004 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:35:01.0983 5004 fastfat - ok
12:35:02.0061 5004 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:35:02.0108 5004 Fax - ok
12:35:02.0155 5004 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
12:35:02.0202 5004 fdc - ok
12:35:02.0233 5004 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:35:02.0295 5004 fdPHost - ok
12:35:02.0311 5004 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:35:02.0342 5004 FDResPub - ok
12:35:02.0389 5004 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:35:02.0404 5004 FileInfo - ok
12:35:02.0436 5004 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:35:02.0560 5004 Filetrace - ok
12:35:02.0623 5004 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:35:02.0685 5004 flpydisk - ok
12:35:02.0716 5004 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:35:02.0748 5004 FltMgr - ok
12:35:02.0904 5004 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
12:35:02.0966 5004 FontCache - ok
12:35:03.0091 5004 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:35:03.0153 5004 FontCache3.0.0.0 - ok
12:35:03.0216 5004 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:35:03.0294 5004 FsDepends - ok
12:35:03.0340 5004 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:35:03.0372 5004 Fs_Rec - ok
12:35:03.0418 5004 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:35:03.0434 5004 fvevol - ok
12:35:03.0465 5004 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:35:03.0481 5004 gagp30kx - ok
12:35:03.0512 5004 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:35:03.0543 5004 GEARAspiWDM - ok
12:35:03.0949 5004 getbus - ok
12:35:04.0058 5004 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:35:04.0105 5004 gpsvc - ok
12:35:04.0136 5004 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:35:04.0167 5004 hcw85cir - ok
12:35:04.0214 5004 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:35:04.0245 5004 HdAudAddService - ok
12:35:04.0276 5004 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:35:04.0308 5004 HDAudBus - ok
12:35:04.0370 5004 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:35:04.0448 5004 HidBatt - ok
12:35:04.0479 5004 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:35:04.0542 5004 HidBth - ok
12:35:04.0588 5004 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:35:04.0620 5004 HidIr - ok
12:35:04.0651 5004 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
12:35:04.0713 5004 hidserv - ok
12:35:04.0760 5004 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:35:04.0807 5004 HidUsb - ok
12:35:04.0854 5004 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:35:04.0916 5004 hkmsvc - ok
12:35:04.0932 5004 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:35:04.0963 5004 HomeGroupListener - ok
12:35:05.0025 5004 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:35:05.0072 5004 HomeGroupProvider - ok
12:35:05.0119 5004 [ D5C35E6416A379C445CDA826B9FE452F ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
12:35:05.0134 5004 hpdskflt - ok
12:35:05.0166 5004 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:35:05.0197 5004 HpSAMD - ok
12:35:05.0197 5004 [ 00DC55481FAD2841284ED09E7D69CD11 ] hpsrv C:\Windows\system32\Hpservice.exe
12:35:05.0212 5004 hpsrv - ok
12:35:05.0290 5004 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:35:05.0368 5004 HTTP - ok
12:35:05.0384 5004 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:35:05.0400 5004 hwpolicy - ok
12:35:05.0462 5004 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:35:05.0509 5004 i8042prt - ok
12:35:05.0571 5004 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:35:05.0649 5004 iaStorV - ok
12:35:05.0852 5004 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:35:05.0930 5004 idsvc - ok
12:35:05.0977 5004 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:35:06.0024 5004 iirsp - ok
12:35:06.0070 5004 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
12:35:06.0180 5004 IKEEXT - ok
12:35:06.0226 5004 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:35:06.0242 5004 intelide - ok
12:35:06.0258 5004 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
12:35:06.0289 5004 intelppm - ok
12:35:06.0304 5004 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:35:06.0351 5004 IPBusEnum - ok
12:35:06.0351 5004 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:35:06.0398 5004 IpFilterDriver - ok
12:35:06.0429 5004 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:35:06.0445 5004 IPMIDRV - ok
12:35:06.0460 5004 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:35:06.0507 5004 IPNAT - ok
12:35:06.0679 5004 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:35:06.0710 5004 iPod Service - ok
12:35:06.0741 5004 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:35:06.0772 5004 IRENUM - ok
12:35:06.0804 5004 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:35:06.0819 5004 isapnp - ok
12:35:06.0850 5004 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:35:06.0882 5004 iScsiPrt - ok
12:35:06.0928 5004 [ 8C17DEB1995E593853373C30485E7368 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
12:35:06.0944 5004 JMCR - ok
12:35:07.0006 5004 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:35:07.0022 5004 kbdclass - ok
12:35:07.0038 5004 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:35:07.0069 5004 kbdhid - ok
12:35:07.0084 5004 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
12:35:07.0100 5004 KeyIso - ok
12:35:07.0147 5004 [ 4635935FC972C582632BF45C26BFCB0E ] KMService C:\Windows\system32\srvany.exe
12:35:07.0162 5004 KMService ( UnsignedFile.Multi.Generic ) - warning
12:35:07.0162 5004 KMService - detected UnsignedFile.Multi.Generic (1)
12:35:07.0240 5004 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:35:07.0256 5004 KSecDD - ok
12:35:07.0303 5004 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:35:07.0318 5004 KSecPkg - ok
12:35:07.0412 5004 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:35:07.0506 5004 KtmRm - ok
12:35:07.0568 5004 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
12:35:07.0615 5004 LanmanServer - ok
12:35:07.0646 5004 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:35:07.0677 5004 LanmanWorkstation - ok
12:35:07.0755 5004 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:35:07.0833 5004 lltdio - ok
12:35:08.0020 5004 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:35:08.0114 5004 lltdsvc - ok
12:35:08.0130 5004 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:35:08.0192 5004 lmhosts - ok
12:35:08.0208 5004 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:35:08.0223 5004 LSI_FC - ok
12:35:08.0270 5004 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:35:08.0317 5004 LSI_SAS - ok
12:35:08.0348 5004 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:35:08.0364 5004 LSI_SAS2 - ok
12:35:08.0395 5004 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:35:08.0426 5004 LSI_SCSI - ok
12:35:08.0442 5004 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:35:08.0504 5004 luafv - ok
12:35:08.0520 5004 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:35:08.0566 5004 Mcx2Svc - ok
12:35:08.0598 5004 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
12:35:08.0644 5004 megasas - ok
12:35:08.0722 5004 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:35:08.0769 5004 MegaSR - ok
12:35:08.0816 5004 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:35:08.0894 5004 MMCSS - ok
12:35:08.0925 5004 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:35:09.0003 5004 Modem - ok
12:35:09.0034 5004 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:35:09.0097 5004 monitor - ok
12:35:09.0128 5004 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:35:09.0159 5004 mouclass - ok
12:35:09.0222 5004 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:35:09.0268 5004 mouhid - ok
12:35:09.0284 5004 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:35:09.0300 5004 mountmgr - ok
12:35:09.0424 5004 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:35:09.0487 5004 MozillaMaintenance - ok
12:35:09.0534 5004 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:35:09.0549 5004 mpio - ok
12:35:09.0565 5004 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:35:09.0627 5004 mpsdrv - ok
12:35:09.0658 5004 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:35:09.0721 5004 MRxDAV - ok
12:35:09.0799 5004 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:35:09.0846 5004 mrxsmb - ok
12:35:09.0924 5004 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:35:09.0939 5004 mrxsmb10 - ok
12:35:10.0048 5004 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:35:10.0189 5004 mrxsmb20 - ok
12:35:10.0236 5004 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:35:10.0251 5004 msahci - ok
12:35:10.0298 5004 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:35:10.0345 5004 msdsm - ok
12:35:10.0407 5004 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:35:10.0470 5004 MSDTC - ok
12:35:10.0532 5004 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:35:10.0579 5004 Msfs - ok
12:35:10.0610 5004 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:35:10.0688 5004 mshidkmdf - ok
12:35:10.0735 5004 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:35:10.0782 5004 msisadrv - ok
12:35:10.0906 5004 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:35:11.0062 5004 MSiSCSI - ok
12:35:11.0078 5004 msiserver - ok
12:35:11.0125 5004 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:35:11.0250 5004 MSKSSRV - ok
12:35:11.0281 5004 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:35:11.0343 5004 MSPCLOCK - ok
12:35:11.0374 5004 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:35:11.0437 5004 MSPQM - ok
12:35:11.0452 5004 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:35:11.0484 5004 MsRPC - ok
12:35:11.0530 5004 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:35:11.0562 5004 mssmbios - ok
12:35:11.0577 5004 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:35:11.0655 5004 MSTEE - ok
12:35:11.0733 5004 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:35:11.0796 5004 MTConfig - ok
12:35:11.0827 5004 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:35:11.0842 5004 Mup - ok
12:35:11.0936 5004 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:35:11.0983 5004 napagent - ok
12:35:12.0045 5004 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:35:12.0061 5004 NativeWifiP - ok
12:35:12.0123 5004 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:35:12.0154 5004 NDIS - ok
12:35:12.0264 5004 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:35:12.0342 5004 NdisCap - ok
12:35:12.0451 5004 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:35:12.0513 5004 NdisTapi - ok
12:35:12.0607 5004 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:35:12.0638 5004 Ndisuio - ok
12:35:12.0654 5004 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:35:12.0716 5004 NdisWan - ok
12:35:12.0778 5004 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:35:12.0919 5004 NDProxy - ok
12:35:12.0981 5004 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:35:13.0012 5004 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:35:13.0012 5004 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:35:13.0028 5004 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:35:13.0075 5004 NetBIOS - ok
12:35:13.0137 5004 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:35:13.0168 5004 NetBT - ok
12:35:13.0200 5004 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
12:35:13.0215 5004 Netlogon - ok
12:35:13.0324 5004 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:35:13.0387 5004 Netman - ok
12:35:13.0480 5004 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:35:13.0527 5004 netprofm - ok
12:35:13.0621 5004 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:13.0668 5004 NetTcpPortSharing - ok
12:35:13.0699 5004 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:35:13.0714 5004 nfrd960 - ok
12:35:13.0777 5004 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:35:13.0855 5004 NlaSvc - ok
12:35:13.0902 5004 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] npf C:\Windows\system32\drivers\npf.sys
12:35:13.0917 5004 npf - ok
12:35:13.0948 5004 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:35:13.0995 5004 Npfs - ok
12:35:14.0011 5004 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:35:14.0058 5004 nsi - ok
12:35:14.0089 5004 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:35:14.0120 5004 nsiproxy - ok
12:35:14.0260 5004 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:35:14.0307 5004 Ntfs - ok
12:35:14.0338 5004 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:35:14.0385 5004 Null - ok
12:35:14.0432 5004 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:35:14.0479 5004 nvraid - ok
12:35:14.0510 5004 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:35:14.0526 5004 nvstor - ok
12:35:14.0557 5004 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:35:14.0588 5004 nv_agp - ok
12:35:14.0791 5004 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:35:14.0838 5004 odserv - ok
12:35:14.0869 5004 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:35:14.0884 5004 ohci1394 - ok
12:35:14.0916 5004 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:35:14.0947 5004 ose - ok
12:35:14.0994 5004 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:35:15.0009 5004 p2pimsvc - ok
12:35:15.0103 5004 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:35:15.0181 5004 p2psvc - ok
12:35:15.0228 5004 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
12:35:15.0259 5004 Parport - ok
12:35:15.0306 5004 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:35:15.0321 5004 partmgr - ok
12:35:15.0368 5004 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:35:15.0430 5004 Parvdm - ok
12:35:15.0477 5004 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:35:15.0524 5004 PcaSvc - ok
12:35:15.0586 5004 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:35:15.0633 5004 pci - ok
12:35:15.0680 5004 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:35:15.0696 5004 pciide - ok
12:35:15.0774 5004 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:35:15.0820 5004 pcmcia - ok
12:35:15.0836 5004 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:35:15.0852 5004 pcw - ok
12:35:15.0930 5004 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:35:16.0070 5004 PEAUTH - ok
12:35:16.0304 5004 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:35:16.0398 5004 PeerDistSvc - ok
12:35:16.0742 5004 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:35:16.0882 5004 pla - ok
12:35:16.0945 5004 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:35:16.0991 5004 PlugPlay - ok
12:35:17.0023 5004 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:35:17.0038 5004 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:35:17.0038 5004 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:35:17.0069 5004 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:35:17.0101 5004 PNRPAutoReg - ok
12:35:17.0132 5004 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:35:17.0147 5004 PNRPsvc - ok
12:35:17.0210 5004 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
12:35:17.0225 5004 Point32 - ok
12:35:17.0257 5004 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:35:17.0335 5004 PolicyAgent - ok
12:35:17.0381 5004 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:35:17.0428 5004 Power - ok
12:35:17.0459 5004 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:35:17.0506 5004 PptpMiniport - ok
12:35:17.0522 5004 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
12:35:17.0553 5004 Processor - ok
12:35:17.0600 5004 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
12:35:17.0679 5004 ProfSvc - ok
12:35:17.0726 5004 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:35:17.0741 5004 ProtectedStorage - ok
12:35:17.0757 5004 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:35:17.0804 5004 Psched - ok
12:35:18.0006 5004 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:35:18.0084 5004 ql2300 - ok
12:35:18.0116 5004 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:35:18.0147 5004 ql40xx - ok
12:35:18.0194 5004 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:35:18.0240 5004 QWAVE - ok
12:35:18.0287 5004 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:35:18.0318 5004 QWAVEdrv - ok
12:35:18.0334 5004 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:35:18.0396 5004 RasAcd - ok
12:35:18.0443 5004 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:35:18.0506 5004 RasAgileVpn - ok
12:35:18.0537 5004 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:35:18.0630 5004 RasAuto - ok
12:35:18.0662 5004 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:35:18.0756 5004 Rasl2tp - ok
12:35:18.0787 5004 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:35:18.0834 5004 RasMan - ok
12:35:18.0850 5004 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:35:18.0897 5004 RasPppoe - ok
12:35:18.0928 5004 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:35:18.0975 5004 RasSstp - ok
12:35:19.0006 5004 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:35:19.0053 5004 rdbss - ok
12:35:19.0099 5004 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:35:19.0131 5004 rdpbus - ok
12:35:19.0177 5004 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:35:19.0224 5004 RDPCDD - ok
12:35:19.0255 5004 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:35:19.0302 5004 RDPDR - ok
12:35:19.0333 5004 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:35:19.0380 5004 RDPENCDD - ok
12:35:19.0396 5004 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:35:19.0443 5004 RDPREFMP - ok
12:35:19.0489 5004 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:35:19.0521 5004 RdpVideoMiniport - ok
12:35:19.0630 5004 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:35:19.0709 5004 RDPWD - ok
12:35:19.0756 5004 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:35:19.0771 5004 rdyboost - ok
12:35:19.0818 5004 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:35:19.0849 5004 RemoteAccess - ok
12:35:19.0896 5004 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:35:19.0974 5004 RemoteRegistry - ok
12:35:20.0036 5004 [ 616EAC1B0E48B236A5A9B8AE07FDB81C ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
12:35:20.0114 5004 RimUsb - ok
12:35:20.0146 5004 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
12:35:20.0161 5004 RimVSerPort - ok
12:35:20.0177 5004 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:35:20.0224 5004 ROOTMODEM - ok
12:35:20.0255 5004 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:35:20.0302 5004 RpcEptMapper - ok
12:35:20.0348 5004 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:35:20.0380 5004 RpcLocator - ok
12:35:20.0489 5004 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:35:20.0582 5004 RpcSs - ok
12:35:20.0614 5004 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:35:20.0660 5004 rspndr - ok
12:35:20.0707 5004 [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
12:35:20.0755 5004 RTL8167 - ok
12:35:20.0817 5004 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:35:20.0880 5004 s3cap - ok
12:35:20.0880 5004 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
12:35:20.0911 5004 SamSs - ok
12:35:20.0942 5004 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:35:20.0958 5004 sbp2port - ok
12:35:21.0005 5004 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:35:21.0051 5004 SCardSvr - ok
12:35:21.0083 5004 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:35:21.0176 5004 scfilter - ok
12:35:21.0317 5004 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:35:21.0410 5004 Schedule - ok
12:35:21.0457 5004 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:35:21.0504 5004 SCPolicySvc - ok
12:35:21.0551 5004 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:35:21.0582 5004 sdbus - ok
12:35:21.0613 5004 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:35:21.0629 5004 SDRSVC - ok
12:35:21.0691 5004 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:35:21.0723 5004 secdrv - ok
12:35:21.0754 5004 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:35:21.0817 5004 seclogon - ok
12:35:21.0848 5004 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
12:35:21.0910 5004 SENS - ok
12:35:21.0942 5004 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:35:21.0988 5004 SensrSvc - ok
12:35:22.0004 5004 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:35:22.0020 5004 Serenum - ok
12:35:22.0051 5004 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
12:35:22.0082 5004 Serial - ok
12:35:22.0113 5004 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:35:22.0129 5004 sermouse - ok
12:35:22.0176 5004 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:35:22.0269 5004 SessionEnv - ok
12:35:22.0316 5004 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:35:22.0378 5004 sffdisk - ok
12:35:22.0394 5004 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:35:22.0425 5004 sffp_mmc - ok
12:35:22.0441 5004 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:35:22.0472 5004 sffp_sd - ok
12:35:22.0488 5004 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:35:22.0534 5004 sfloppy - ok
12:35:22.0581 5004 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:35:22.0722 5004 SharedAccess - ok
12:35:22.0847 5004 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:35:22.0925 5004 ShellHWDetection - ok
12:35:22.0957 5004 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:35:22.0988 5004 sisagp - ok
12:35:23.0019 5004 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:35:23.0035 5004 SiSRaid2 - ok
12:35:23.0050 5004 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:35:23.0081 5004 SiSRaid4 - ok
12:35:23.0097 5004 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:35:23.0144 5004 Smb - ok
12:35:23.0175 5004 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:35:23.0206 5004 SNMPTRAP - ok
12:35:23.0222 5004 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:35:23.0237 5004 spldr - ok
12:35:23.0347 5004 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
12:35:23.0393 5004 Spooler - ok
12:35:23.0878 5004 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:35:23.0956 5004 sppsvc - ok
12:35:23.0987 5004 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:35:24.0034 5004 sppuinotify - ok
12:35:24.0112 5004 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:35:24.0174 5004 srv - ok
12:35:24.0221 5004 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:35:24.0237 5004 srv2 - ok
12:35:24.0299 5004 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:35:24.0315 5004 srvnet - ok
12:35:24.0362 5004 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
12:35:24.0393 5004 ssadbus - ok
12:35:24.0440 5004 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:35:24.0486 5004 ssadmdfl - ok
12:35:24.0533 5004 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
12:35:24.0549 5004 ssadmdm - ok
12:35:24.0611 5004 [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
12:35:24.0674 5004 sscdbus - ok
12:35:24.0720 5004 [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
12:35:24.0736 5004 sscdmdfl - ok
12:35:24.0752 5004 [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
12:35:24.0767 5004 sscdmdm - ok
12:35:24.0798 5004 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:35:24.0830 5004 SSDPSRV - ok
12:35:24.0861 5004 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:35:25.0001 5004 SstpSvc - ok
12:35:25.0157 5004 [ FE7F776F2590C8331123BDA3A3A21DE6 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
12:35:25.0188 5004 STacSV - ok
12:35:25.0251 5004 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:35:25.0298 5004 stexstor - ok
12:35:25.0344 5004 [ DADB74BF26766757DBBA9C5912969EBF ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
12:35:25.0391 5004 STHDA - ok
12:35:25.0407 5004 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:35:25.0454 5004 StillCam - ok
12:35:25.0485 5004 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:35:25.0547 5004 StiSvc - ok
12:35:25.0578 5004 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:35:25.0594 5004 storflt - ok
12:35:25.0641 5004 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
12:35:25.0688 5004 StorSvc - ok
12:35:25.0719 5004 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:35:25.0734 5004 storvsc - ok
12:35:25.0750 5004 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:35:25.0766 5004 swenum - ok
12:35:26.0015 5004 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:35:26.0078 5004 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:35:26.0078 5004 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:35:26.0109 5004 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:35:26.0171 5004 swprv - ok
12:35:26.0265 5004 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
12:35:26.0312 5004 Synth3dVsc - ok
12:35:26.0390 5004 [ 6DD49E1A5FA0F01824652F1A0A8866FB ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:35:26.0421 5004 SynTP - ok
12:35:26.0639 5004 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:35:26.0686 5004 SysMain - ok
12:35:26.0733 5004 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:35:26.0811 5004 TabletInputService - ok
12:35:26.0889 5004 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:35:26.0936 5004 TapiSrv - ok
12:35:26.0998 5004 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:35:27.0045 5004 TBS - ok
12:35:27.0248 5004 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:35:27.0294 5004 Tcpip - ok
12:35:27.0357 5004 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:35:27.0388 5004 TCPIP6 - ok
12:35:27.0435 5004 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:35:27.0482 5004 tcpipreg - ok
12:35:27.0513 5004 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:35:27.0544 5004 TDPIPE - ok
12:35:27.0575 5004 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:35:27.0591 5004 TDTCP - ok
12:35:27.0622 5004 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:35:27.0669 5004 tdx - ok
12:35:27.0684 5004 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:35:27.0700 5004 TermDD - ok
12:35:27.0762 5004 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
12:35:27.0840 5004 terminpt - ok
12:35:27.0887 5004 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:35:27.0996 5004 TermService - ok
12:35:28.0043 5004 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:35:28.0090 5004 Themes - ok
12:35:28.0121 5004 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:35:28.0152 5004 THREADORDER - ok
12:35:28.0215 5004 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:35:28.0262 5004 TrkWks - ok
12:35:28.0293 5004 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:35:28.0355 5004 TrustedInstaller - ok
12:35:28.0386 5004 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:35:28.0433 5004 tssecsrv - ok
12:35:28.0464 5004 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:35:28.0511 5004 TsUsbFlt - ok
12:35:28.0527 5004 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:35:28.0574 5004 TsUsbGD - ok
12:35:28.0589 5004 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
12:35:28.0605 5004 tsusbhub - ok
12:35:28.0652 5004 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:35:28.0683 5004 tunnel - ok
12:35:28.0714 5004 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:35:28.0730 5004 uagp35 - ok
12:35:28.0745 5004 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:35:28.0792 5004 udfs - ok
12:35:28.0839 5004 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:35:28.0870 5004 UI0Detect - ok
12:35:28.0917 5004 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:35:28.0932 5004 uliagpkx - ok
12:35:28.0964 5004 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:35:28.0979 5004 umbus - ok
12:35:28.0995 5004 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
12:35:29.0010 5004 UmPass - ok
12:35:29.0026 5004 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
12:35:29.0057 5004 UmRdpService - ok
12:35:29.0104 5004 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:35:29.0151 5004 upnphost - ok
12:35:29.0198 5004 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:35:29.0260 5004 USBAAPL - ok
12:35:29.0322 5004 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:35:29.0354 5004 usbccgp - ok
12:35:29.0416 5004 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:35:29.0463 5004 usbcir - ok
12:35:29.0478 5004 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:35:29.0494 5004 usbehci - ok
12:35:29.0572 5004 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:35:29.0619 5004 usbhub - ok
12:35:29.0619 5004 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:35:29.0650 5004 usbohci - ok
12:35:29.0681 5004 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:35:29.0744 5004 usbprint - ok
12:35:29.0775 5004 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:35:29.0806 5004 usbscan - ok
12:35:29.0837 5004 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:35:29.0884 5004 USBSTOR - ok
12:35:29.0915 5004 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:35:29.0931 5004 usbuhci - ok
12:35:29.0993 5004 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:35:30.0009 5004 usbvideo - ok
12:35:30.0056 5004 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:35:30.0102 5004 UxSms - ok
12:35:30.0134 5004 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
12:35:30.0149 5004 VaultSvc - ok
12:35:30.0196 5004 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
12:35:30.0212 5004 VClone - ok
12:35:30.0243 5004 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:35:30.0274 5004 vdrvroot - ok
12:35:30.0383 5004 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:35:30.0492 5004 vds - ok
12:35:30.0524 5004 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:35:30.0555 5004 vga - ok
12:35:30.0555 5004 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:35:30.0602 5004 VgaSave - ok
12:35:30.0602 5004 VGPU - ok
12:35:30.0633 5004 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:35:30.0648 5004 vhdmp - ok
12:35:30.0695 5004 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:35:30.0711 5004 viaagp - ok
12:35:30.0742 5004 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:35:30.0820 5004 ViaC7 - ok
12:35:30.0851 5004 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:35:30.0882 5004 viaide - ok
12:35:30.0914 5004 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:35:30.0976 5004 vmbus - ok
12:35:31.0007 5004 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:35:31.0023 5004 VMBusHID - ok
12:35:31.0054 5004 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:35:31.0070 5004 volmgr - ok
12:35:31.0132 5004 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:35:31.0194 5004 volmgrx - ok
12:35:31.0241 5004 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:35:31.0257 5004 volsnap - ok
12:35:31.0335 5004 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:35:31.0366 5004 vsmraid - ok
12:35:31.0428 5004 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:35:31.0522 5004 VSS - ok
12:35:31.0772 5004 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
12:35:31.0818 5004 vToolbarUpdater12.2.6 - ok
12:35:31.0834 5004 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:35:31.0881 5004 vwifibus - ok
12:35:31.0928 5004 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:35:31.0959 5004 vwififlt - ok
12:35:31.0990 5004 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:35:32.0021 5004 vwifimp - ok
12:35:32.0052 5004 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:35:32.0130 5004 W32Time - ok
12:35:32.0162 5004 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:35:32.0193 5004 WacomPen - ok
12:35:32.0240 5004 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:35:32.0271 5004 WANARP - ok
12:35:32.0286 5004 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:35:32.0333 5004 Wanarpv6 - ok
12:35:32.0645 5004 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:35:32.0786 5004 wbengine - ok
12:35:32.0817 5004 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:35:32.0848 5004 WbioSrvc - ok
12:35:32.0879 5004 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:35:32.0910 5004 wcncsvc - ok
12:35:32.0942 5004 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:35:33.0004 5004 WcsPlugInService - ok
12:35:33.0051 5004 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
12:35:33.0098 5004 Wd - ok
12:35:33.0207 5004 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:35:33.0254 5004 Wdf01000 - ok
12:35:33.0316 5004 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:35:33.0410 5004 WdiServiceHost - ok
12:35:33.0425 5004 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:35:33.0456 5004 WdiSystemHost - ok
12:35:33.0472 5004 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
12:35:33.0503 5004 WebClient - ok
12:35:33.0519 5004 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:35:33.0566 5004 Wecsvc - ok
12:35:33.0597 5004 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:35:33.0628 5004 wercplsupport - ok
12:35:33.0690 5004 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:35:33.0737 5004 WerSvc - ok
12:35:33.0784 5004 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:35:33.0815 5004 WfpLwf - ok
12:35:33.0846 5004 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:35:33.0862 5004 WIMMount - ok
12:35:33.0879 5004 WinHttpAutoProxySvc - ok
12:35:33.0925 5004 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:35:33.0957 5004 Winmgmt - ok
12:35:34.0206 5004 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:35:34.0362 5004 WinRM - ok
12:35:34.0425 5004 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:35:34.0456 5004 WinUsb - ok
12:35:34.0612 5004 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:35:34.0659 5004 Wlansvc - ok
12:35:34.0705 5004 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:35:34.0737 5004 WmiAcpi - ok
12:35:34.0815 5004 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:35:34.0893 5004 wmiApSrv - ok
12:35:34.0986 5004 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:35:35.0017 5004 WMPNetworkSvc - ok
12:35:35.0080 5004 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:35:35.0127 5004 WPCSvc - ok
12:35:35.0142 5004 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:35:35.0189 5004 WPDBusEnum - ok
12:35:35.0236 5004 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:35:35.0298 5004 ws2ifsl - ok
12:35:35.0345 5004 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:35:35.0361 5004 WSDPrintDevice - ok
12:35:35.0376 5004 WSearch - ok
12:35:35.0563 5004 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:35:35.0610 5004 wuauserv - ok
12:35:35.0657 5004 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:35:35.0704 5004 WudfPf - ok
12:35:35.0766 5004 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:35:35.0875 5004 WUDFRd - ok
12:35:35.0908 5004 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:35:35.0939 5004 wudfsvc - ok
12:35:35.0986 5004 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:35:36.0032 5004 WwanSvc - ok
12:35:36.0079 5004 ================ Scan global ===============================
12:35:36.0110 5004 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:35:36.0173 5004 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
12:35:36.0188 5004 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
12:35:36.0251 5004 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:35:36.0313 5004 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:35:36.0329 5004 [Global] - ok
12:35:36.0344 5004 ================ Scan MBR ==================================
12:35:36.0344 5004 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:35:36.0438 5004 \Device\Harddisk1\DR1 - ok
12:35:36.0485 5004 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:35:38.0031 5004 \Device\Harddisk0\DR0 - ok
12:35:38.0031 5004 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:35:38.0094 5004 \Device\Harddisk1\DR1 - ok
12:35:38.0109 5004 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
12:35:44.0074 5004 \Device\Harddisk2\DR2 - ok
12:35:44.0090 5004 ================ Scan VBR ==================================
12:35:44.0090 5004 [ A6D3F58B72C4F0103E415E3DE835C38F ] \Device\Harddisk1\DR1\Partition1
12:35:44.0090 5004 \Device\Harddisk1\DR1\Partition1 - ok
12:35:44.0121 5004 [ 82C8CDC4ABA5DD6D783CDE4D5B5D7763 ] \Device\Harddisk0\DR0\Partition1
12:35:44.0137 5004 \Device\Harddisk0\DR0\Partition1 - ok
12:35:44.0152 5004 [ F0CACB902F03471F9559BB879E51A095 ] \Device\Harddisk0\DR0\Partition2
12:35:44.0168 5004 \Device\Harddisk0\DR0\Partition2 - ok
12:35:44.0168 5004 [ A6D3F58B72C4F0103E415E3DE835C38F ] \Device\Harddisk1\DR1\Partition1
12:35:44.0168 5004 \Device\Harddisk1\DR1\Partition1 - ok
12:35:44.0184 5004 [ 1F611D0B3E9DC4DE1568926248B13D25 ] \Device\Harddisk2\DR2\Partition1
12:35:44.0184 5004 \Device\Harddisk2\DR2\Partition1 - ok
12:35:44.0199 5004 ================ Scan active images ========================
12:35:44.0199 5004 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
12:35:44.0199 5004 C:\Windows\System32\drivers\crashdmp.sys - ok
12:35:44.0215 5004 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
12:35:44.0215 5004 C:\Windows\System32\drivers\Dumpata.sys - ok
12:35:44.0215 5004 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
12:35:44.0215 5004 C:\Windows\System32\drivers\dumpfve.sys - ok
12:35:44.0230 5004 [ 012C5F4E9349E711E11E0F19A8589F0A ] C:\Windows\System32\drivers\msahci.sys
12:35:44.0230 5004 C:\Windows\System32\drivers\msahci.sys - ok
12:35:44.0230 5004 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
12:35:44.0230 5004 C:\Windows\System32\drivers\cdrom.sys - ok
12:35:44.0246 5004 [ CCDD61545AAEA265977E4B1EFDC74E8C ] C:\Windows\System32\drivers\avgmfx86.sys
12:35:44.0246 5004 C:\Windows\System32\drivers\avgmfx86.sys - ok
12:35:44.0262 5004 [ 6F76908F065C3C151C4BFCA7DFD86979 ] C:\Windows\System32\drivers\avgtpx86.sys
12:35:44.0262 5004 C:\Windows\System32\drivers\avgtpx86.sys - ok
12:35:44.0277 5004 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
12:35:44.0277 5004 C:\Windows\System32\drivers\beep.sys - ok
12:35:44.0277 5004 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
12:35:44.0277 5004 C:\Windows\System32\drivers\null.sys - ok
12:35:44.0293 5004 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
12:35:44.0293 5004 C:\Windows\System32\drivers\vga.sys - ok
12:35:44.0308 5004 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
12:35:44.0308 5004 C:\Windows\System32\drivers\videoprt.sys - ok
12:35:44.0308 5004 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
12:35:44.0308 5004 C:\Windows\System32\drivers\watchdog.sys - ok
12:35:44.0324 5004 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
12:35:44.0324 5004 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:35:44.0340 5004 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
12:35:44.0340 5004 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:35:44.0340 5004 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
12:35:44.0340 5004 C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:35:44.0355 5004 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
12:35:44.0355 5004 C:\Windows\System32\drivers\msfs.sys - ok
12:35:44.0371 5004 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
12:35:44.0371 5004 C:\Windows\System32\drivers\npfs.sys - ok
12:35:44.0371 5004 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
12:35:44.0371 5004 C:\Windows\System32\drivers\tdi.sys - ok
12:35:44.0386 5004 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
12:35:44.0386 5004 C:\Windows\System32\drivers\tdx.sys - ok
12:35:44.0402 5004 [ 1263F2554ACE925C237A40B4C568D815 ] C:\Windows\System32\drivers\avgtdix.sys
12:35:44.0402 5004 C:\Windows\System32\drivers\avgtdix.sys - ok
12:35:44.0402 5004 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
12:35:44.0402 5004 C:\Windows\System32\drivers\netbt.sys - ok
12:35:44.0418 5004 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
12:35:44.0418 5004 C:\Windows\System32\drivers\afd.sys - ok
12:35:44.0433 5004 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
12:35:44.0433 5004 C:\Windows\System32\drivers\pacer.sys - ok
12:35:44.0433 5004 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
12:35:44.0433 5004 C:\Windows\System32\drivers\wfplwf.sys - ok
12:35:44.0449 5004 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
12:35:44.0449 5004 C:\Windows\System32\drivers\vwififlt.sys - ok
12:35:44.0449 5004 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
12:35:44.0449 5004 C:\Windows\System32\drivers\netbios.sys - ok
12:35:44.0464 5004 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
12:35:44.0464 5004 C:\Windows\System32\drivers\termdd.sys - ok
12:35:44.0480 5004 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
12:35:44.0480 5004 C:\Windows\System32\drivers\wanarp.sys - ok
12:35:44.0480 5004 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
12:35:44.0480 5004 C:\Windows\System32\drivers\rdbss.sys - ok
12:35:44.0496 5004 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
12:35:44.0496 5004 C:\Windows\System32\drivers\csc.sys - ok
12:35:44.0511 5004 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
12:35:44.0511 5004 C:\Windows\System32\drivers\discache.sys - ok
12:35:44.0511 5004 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
12:35:44.0511 5004 C:\Windows\System32\drivers\mssmbios.sys - ok
12:35:44.0527 5004 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
12:35:44.0527 5004 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:35:44.0542 5004 [ DDA6A2A18841E4C9172BB85958B8D948 ] C:\Windows\System32\drivers\avgldx86.sys
12:35:44.0542 5004 C:\Windows\System32\drivers\avgldx86.sys - ok
12:35:44.0558 5004 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
12:35:44.0558 5004 C:\Windows\System32\drivers\blbdrive.sys - ok
12:35:44.0558 5004 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
12:35:44.0558 5004 C:\Windows\System32\drivers\tunnel.sys - ok
12:35:44.0574 5004 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] C:\Windows\System32\drivers\amdppm.sys
12:35:44.0574 5004 C:\Windows\System32\drivers\amdppm.sys - ok
12:35:44.0589 5004 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
12:35:44.0589 5004 C:\Windows\System32\ntdll.dll - ok
12:35:44.0589 5004 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
12:35:44.0589 5004 C:\Windows\System32\smss.exe - ok
12:35:44.0605 5004 [ BA99833BBDE9C4FF389FC8114FB14843 ] C:\Windows\System32\drivers\atikmpag.sys
12:35:44.0605 5004 C:\Windows\System32\drivers\atikmpag.sys - ok
12:35:44.0605 5004 [ 70EB74785AB7FC603FEF19D87B7A7946 ] C:\Windows\System32\drivers\atikmdag.sys
12:35:44.0605 5004 C:\Windows\System32\drivers\atikmdag.sys - ok
12:35:44.0620 5004 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
12:35:44.0620 5004 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:35:44.0636 5004 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
12:35:44.0636 5004 C:\Windows\System32\drivers\dxgmms1.sys - ok
12:35:44.0636 5004 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
12:35:44.0636 5004 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:35:44.0652 5004 [ 8C17DEB1995E593853373C30485E7368 ] C:\Windows\System32\drivers\jmcr.sys
12:35:44.0652 5004 C:\Windows\System32\drivers\jmcr.sys - ok
12:35:44.0667 5004 [ 099972E1FAF4950D3994FBAB9DD21253 ] C:\Windows\System32\drivers\scsiport.sys
12:35:44.0667 5004 C:\Windows\System32\drivers\scsiport.sys - ok
12:35:44.0667 5004 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] C:\Windows\System32\drivers\BCMWL6.SYS
12:35:44.0667 5004 C:\Windows\System32\drivers\BCMWL6.SYS - ok
12:35:44.0683 5004 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
12:35:44.0683 5004 C:\Windows\System32\drivers\vwifibus.sys - ok
12:35:44.0698 5004 [ 3983CEA05BB855351D75F5482B6C42CE ] C:\Windows\System32\drivers\Rt86win7.sys
12:35:44.0698 5004 C:\Windows\System32\drivers\Rt86win7.sys - ok
12:35:44.0698 5004 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\Windows\System32\drivers\GEARAspiWDM.sys
12:35:44.0698 5004 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
12:35:44.0714 5004 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys
12:35:44.0714 5004 C:\Windows\System32\drivers\usbohci.sys - ok
12:35:44.0730 5004 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
12:35:44.0730 5004 C:\Windows\System32\drivers\usbport.sys - ok
12:35:44.0730 5004 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
12:35:44.0730 5004 C:\Windows\System32\drivers\i8042prt.sys - ok
12:35:44.0745 5004 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
12:35:44.0745 5004 C:\Windows\System32\drivers\usbehci.sys - ok
12:35:44.0745 5004 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
12:35:44.0745 5004 C:\Windows\System32\drivers\kbdclass.sys - ok
12:35:44.0761 5004 [ 6DD49E1A5FA0F01824652F1A0A8866FB ] C:\Windows\System32\drivers\SynTP.sys
12:35:44.0761 5004 C:\Windows\System32\drivers\SynTP.sys - ok
12:35:44.0776 5004 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
12:35:44.0776 5004 C:\Windows\System32\drivers\usbd.sys - ok
12:35:44.0776 5004 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
12:35:44.0776 5004 C:\Windows\System32\drivers\mouclass.sys - ok
12:35:44.0792 5004 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
12:35:44.0792 5004 C:\Windows\System32\drivers\CmBatt.sys - ok
12:35:44.0808 5004 [ 465B6BAABA53A628F7252846D0E900EE ] C:\Windows\System32\drivers\Accelerometer.sys
12:35:44.0808 5004 C:\Windows\System32\drivers\Accelerometer.sys - ok
12:35:44.0823 5004 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
12:35:44.0823 5004 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:35:44.0823 5004 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
12:35:44.0823 5004 C:\Windows\System32\drivers\wmiacpi.sys - ok
12:35:44.0839 5004 [ EDB05BD63148796F23EA78506404A538 ] C:\Windows\System32\drivers\serscan.sys
12:35:44.0839 5004 C:\Windows\System32\drivers\serscan.sys - ok
12:35:44.0854 5004 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
12:35:44.0854 5004 C:\Windows\System32\drivers\agilevpn.sys - ok
12:35:44.0854 5004 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
12:35:44.0854 5004 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:35:44.0870 5004 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
12:35:44.0870 5004 C:\Windows\System32\drivers\ndistapi.sys - ok
12:35:44.0886 5004 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
12:35:44.0886 5004 C:\Windows\System32\drivers\ndiswan.sys - ok
12:35:44.0886 5004 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
12:35:44.0886 5004 C:\Windows\System32\drivers\raspppoe.sys - ok
12:35:44.0901 5004 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
12:35:44.0901 5004 C:\Windows\System32\drivers\raspptp.sys - ok
12:35:44.0901 5004 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
12:35:44.0901 5004 C:\Windows\System32\drivers\rassstp.sys - ok
12:35:44.0917 5004 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
12:35:44.0917 5004 C:\Windows\System32\drivers\rdpbus.sys - ok
12:35:44.0932 5004 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
12:35:44.0932 5004 C:\Windows\System32\drivers\ks.sys - ok
12:35:44.0932 5004 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
12:35:44.0932 5004 C:\Windows\System32\drivers\swenum.sys - ok
12:35:44.0948 5004 [ FF258424F0B2EF25EB98F04EE386E6E3 ] C:\Windows\System32\drivers\amdiox86.sys
12:35:44.0948 5004 C:\Windows\System32\drivers\amdiox86.sys - ok
12:35:44.0964 5004 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
12:35:44.0964 5004 C:\Windows\System32\drivers\umbus.sys - ok
12:35:44.0964 5004 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
12:35:44.0964 5004 C:\Windows\System32\drivers\usbhub.sys - ok
12:35:44.0979 5004 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
12:35:44.0979 5004 C:\Windows\System32\drivers\ndproxy.sys - ok
12:35:44.0995 5004 [ 6ADC42CF4A6AB84975CA63DCCFAAF5D8 ] C:\Windows\System32\drivers\AtihdW73.sys
12:35:44.0995 5004 C:\Windows\System32\drivers\AtihdW73.sys - ok
12:35:44.0995 5004 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
12:35:44.0995 5004 C:\Windows\System32\drivers\drmk.sys - ok

#9 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 01:29 PM

12:35:45.0010 5004 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
12:35:45.0010 5004 C:\Windows\System32\drivers\portcls.sys - ok
12:35:45.0026 5004 [ DADB74BF26766757DBBA9C5912969EBF ] C:\Windows\System32\drivers\stwrt.sys
12:35:45.0026 5004 C:\Windows\System32\drivers\stwrt.sys - ok
12:35:45.0026 5004 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] C:\Windows\System32\drivers\AGRSM.sys
12:35:45.0026 5004 C:\Windows\System32\drivers\AGRSM.sys - ok
12:35:45.0042 5004 [ F001861E5700EE84E2D4E52C712F4964 ] C:\Windows\System32\drivers\modem.sys
12:35:45.0042 5004 C:\Windows\System32\drivers\modem.sys - ok
12:35:45.0057 5004 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
12:35:45.0057 5004 C:\Windows\System32\autochk.exe - ok
12:35:45.0057 5004 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
12:35:45.0057 5004 C:\Windows\System32\drivers\usbccgp.sys - ok
12:35:45.0073 5004 [ F991AB9CC6B908DB552166768176896A ] C:\Windows\System32\drivers\USBSTOR.SYS
12:35:45.0073 5004 C:\Windows\System32\drivers\USBSTOR.SYS - ok
12:35:45.0088 5004 [ 7E0AB74553476622FB6AE36F73D97D35 ] C:\Windows\System32\drivers\fastfat.sys
12:35:45.0088 5004 C:\Windows\System32\drivers\fastfat.sys - ok
12:35:45.0088 5004 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
12:35:45.0088 5004 C:\Windows\System32\drivers\hidparse.sys - ok
12:35:45.0104 5004 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
12:35:45.0104 5004 C:\Windows\System32\drivers\hidclass.sys - ok
12:35:45.0120 5004 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
12:35:45.0120 5004 C:\Windows\System32\drivers\hidusb.sys - ok
12:35:45.0120 5004 [ AE679416B37D9712E14D895CA35E8681 ] C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
12:35:45.0120 5004 C:\PROGRA~1\AVG\AVG2012\avgrsx.exe - ok
12:35:45.0135 5004 [ 93312F83FD4D5C38CEE8AA1265C061EE ] C:\Program Files\AVG\AVG2012\avgsysx.dll
12:35:45.0135 5004 C:\Program Files\AVG\AVG2012\avgsysx.dll - ok
12:35:45.0151 5004 [ 91DC97F9DA3E2B59049D410870935C78 ] C:\Program Files\AVG\AVG2012\avgntopensslx.dll
12:35:45.0151 5004 C:\Program Files\AVG\AVG2012\avgntopensslx.dll - ok
12:35:45.0151 5004 [ 25CD97F030AE70AF458FF6AB0B7E9B2E ] C:\Program Files\AVG\AVG2012\avglogx.dll
12:35:45.0151 5004 C:\Program Files\AVG\AVG2012\avglogx.dll - ok
12:35:45.0166 5004 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
12:35:45.0166 5004 C:\Windows\System32\drivers\mouhid.sys - ok
12:35:45.0182 5004 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] C:\Windows\System32\drivers\usbvideo.sys
12:35:45.0182 5004 C:\Windows\System32\drivers\usbvideo.sys - ok
12:35:45.0182 5004 [ D14719188E4E94265C159E318A30EA72 ] C:\PROGRA~1\AVG\AVG2012\avgchjwx.dll
12:35:45.0182 5004 C:\PROGRA~1\AVG\AVG2012\avgchjwx.dll - ok
12:35:45.0198 5004 [ 60732ECEC8AEF0A05FE36E661AA1C99C ] C:\PROGRA~1\AVG\AVG2012\avgclitx.dll
12:35:45.0198 5004 C:\PROGRA~1\AVG\AVG2012\avgclitx.dll - ok
12:35:45.0198 5004 [ 11790A73767FBC981BA961D2231907E2 ] C:\PROGRA~1\AVG\AVG2012\avgcclix.dll
12:35:45.0198 5004 C:\PROGRA~1\AVG\AVG2012\avgcclix.dll - ok
12:35:45.0213 5004 [ ECC96985954185DFCF455FBBB8037A1B ] C:\Program Files\AVG\AVG2012\avgcsrvx.exe
12:35:45.0213 5004 C:\Program Files\AVG\AVG2012\avgcsrvx.exe - ok
12:35:45.0229 5004 [ B09C638B3AD925CDFBFCD411BAAB223A ] C:\Program Files\AVG\AVG2012\avgcorex.dll
12:35:45.0229 5004 C:\Program Files\AVG\AVG2012\avgcorex.dll - ok
12:35:45.0229 5004 [ 8D01FA11124811ED06E876E5DDE70039 ] C:\Program Files\AVG\AVG2012\avgcertx.dll
12:35:45.0229 5004 C:\Program Files\AVG\AVG2012\avgcertx.dll - ok
12:35:45.0244 5004 [ 3466855DE825F86C484A3454AD090967 ] C:\Program Files\AVG\AVG2012\avgchclx.dll
12:35:45.0244 5004 C:\Program Files\AVG\AVG2012\avgchclx.dll - ok
12:35:45.0260 5004 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
12:35:45.0260 5004 C:\Windows\System32\psapi.dll - ok
12:35:45.0260 5004 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
12:35:45.0260 5004 C:\Windows\System32\clbcatq.dll - ok
12:35:45.0276 5004 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
12:35:45.0276 5004 C:\Windows\System32\comdlg32.dll - ok
12:35:45.0291 5004 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\System32\wininet.dll
12:35:45.0291 5004 C:\Windows\System32\wininet.dll - ok
12:35:45.0291 5004 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
12:35:45.0291 5004 C:\Windows\System32\advapi32.dll - ok
12:35:45.0307 5004 [ E570CBD732848438EAC574EB3442A2A8 ] C:\Windows\System32\kernel32.dll
12:35:45.0307 5004 C:\Windows\System32\kernel32.dll - ok
12:35:45.0322 5004 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
12:35:45.0322 5004 C:\Windows\System32\msvcrt.dll - ok
12:35:45.0338 5004 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
12:35:45.0338 5004 C:\Windows\System32\Wldap32.dll - ok
12:35:45.0338 5004 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
12:35:45.0338 5004 C:\Windows\System32\imagehlp.dll - ok
12:35:45.0354 5004 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
12:35:45.0354 5004 C:\Windows\System32\lpk.dll - ok
12:35:45.0354 5004 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
12:35:45.0354 5004 C:\Windows\System32\nsi.dll - ok
12:35:45.0369 5004 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
12:35:45.0369 5004 C:\Windows\System32\sechost.dll - ok
12:35:45.0385 5004 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
12:35:45.0385 5004 C:\Windows\System32\shlwapi.dll - ok
12:35:45.0385 5004 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
12:35:45.0385 5004 C:\Windows\System32\gdi32.dll - ok
12:35:45.0400 5004 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
12:35:45.0400 5004 C:\Windows\System32\usp10.dll - ok
12:35:45.0416 5004 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
12:35:45.0416 5004 C:\Windows\System32\setupapi.dll - ok
12:35:45.0416 5004 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
12:35:45.0416 5004 C:\Windows\System32\shell32.dll - ok
12:35:45.0432 5004 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
12:35:45.0432 5004 C:\Windows\System32\ws2_32.dll - ok
12:35:45.0447 5004 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
12:35:45.0447 5004 C:\Windows\System32\rpcrt4.dll - ok
12:35:45.0447 5004 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\System32\urlmon.dll
12:35:45.0447 5004 C:\Windows\System32\urlmon.dll - ok
12:35:45.0463 5004 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\System32\iertutil.dll
12:35:45.0463 5004 C:\Windows\System32\iertutil.dll - ok
12:35:45.0463 5004 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
12:35:45.0463 5004 C:\Windows\System32\normaliz.dll - ok
12:35:45.0478 5004 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
12:35:45.0478 5004 C:\Windows\System32\user32.dll - ok
12:35:45.0494 5004 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
12:35:45.0494 5004 C:\Windows\System32\msctf.dll - ok
12:35:45.0494 5004 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
12:35:45.0494 5004 C:\Windows\System32\ole32.dll - ok
12:35:45.0510 5004 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
12:35:45.0510 5004 C:\Windows\System32\oleaut32.dll - ok
12:35:45.0525 5004 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
12:35:45.0525 5004 C:\Windows\System32\devobj.dll - ok
12:35:45.0525 5004 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
12:35:45.0525 5004 C:\Windows\System32\difxapi.dll - ok
12:35:45.0541 5004 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
12:35:45.0541 5004 C:\Windows\System32\imm32.dll - ok
12:35:45.0556 5004 [ A9F8E23C1FC00190376B11FFAD9DE6C6 ] C:\Windows\System32\KernelBase.dll
12:35:45.0556 5004 C:\Windows\System32\KernelBase.dll - ok
12:35:45.0556 5004 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\System32\wintrust.dll
12:35:45.0556 5004 C:\Windows\System32\wintrust.dll - ok
12:35:45.0572 5004 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
12:35:45.0572 5004 C:\Windows\System32\cfgmgr32.dll - ok
12:35:45.0588 5004 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\System32\crypt32.dll
12:35:45.0588 5004 C:\Windows\System32\crypt32.dll - ok
12:35:45.0603 5004 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
12:35:45.0603 5004 C:\Windows\System32\comctl32.dll - ok
12:35:45.0603 5004 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
12:35:45.0603 5004 C:\Windows\System32\msasn1.dll - ok
12:35:45.0619 5004 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
12:35:45.0619 5004 C:\Windows\System32\drivers\dxapi.sys - ok
12:35:45.0619 5004 [ A36F22FB7A78A0591DA3A6E0783825E7 ] C:\Windows\System32\win32k.sys
12:35:45.0619 5004 C:\Windows\System32\win32k.sys - ok
12:35:45.0634 5004 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
12:35:45.0634 5004 C:\Windows\System32\basesrv.dll - ok
12:35:45.0650 5004 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
12:35:45.0650 5004 C:\Windows\System32\csrsrv.dll - ok
12:35:45.0650 5004 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
12:35:45.0650 5004 C:\Windows\System32\csrss.exe - ok
12:35:45.0666 5004 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\System32\winsrv.dll
12:35:45.0666 5004 C:\Windows\System32\winsrv.dll - ok
12:35:45.0681 5004 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
12:35:45.0681 5004 C:\Windows\System32\drivers\monitor.sys - ok
12:35:45.0681 5004 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
12:35:45.0681 5004 C:\Windows\System32\tsddd.dll - ok
12:35:45.0697 5004 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
12:35:45.0697 5004 C:\Windows\System32\sxssrv.dll - ok
12:35:45.0712 5004 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
12:35:45.0712 5004 C:\Windows\System32\profapi.dll - ok
12:35:45.0712 5004 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
12:35:45.0712 5004 C:\Windows\System32\wininit.exe - ok
12:35:45.0728 5004 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
12:35:45.0728 5004 C:\Windows\System32\cdd.dll - ok
12:35:45.0744 5004 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
12:35:45.0744 5004 C:\Windows\System32\KBDUS.DLL - ok
12:35:45.0744 5004 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
12:35:45.0744 5004 C:\Windows\System32\RpcRtRemote.dll - ok
12:35:45.0759 5004 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
12:35:45.0759 5004 C:\Windows\System32\sxs.dll - ok
12:35:45.0759 5004 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
12:35:45.0759 5004 C:\Windows\System32\WlS0WndH.dll - ok
12:35:45.0775 5004 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
12:35:45.0775 5004 C:\Windows\System32\cryptbase.dll - ok
12:35:45.0790 5004 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
12:35:45.0790 5004 C:\Windows\System32\apphelp.dll - ok
12:35:45.0790 5004 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
12:35:45.0790 5004 C:\Windows\System32\lsass.exe - ok
12:35:45.0806 5004 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
12:35:45.0806 5004 C:\Windows\System32\scext.dll - ok
12:35:45.0822 5004 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
12:35:45.0822 5004 C:\Windows\System32\services.exe - ok
12:35:45.0822 5004 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
12:35:45.0822 5004 C:\Windows\System32\sspicli.dll - ok
12:35:45.0837 5004 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
12:35:45.0837 5004 C:\Windows\System32\scesrv.dll - ok
12:35:45.0837 5004 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
12:35:45.0837 5004 C:\Windows\System32\secur32.dll - ok
12:35:45.0868 5004 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
12:35:45.0868 5004 C:\Windows\System32\srvcli.dll - ok
12:35:45.0868 5004 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
12:35:45.0868 5004 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
12:35:45.0884 5004 [ 045ACB987C650D8186C6B4A692223860 ] C:\Windows\System32\drivers\tsusbhub.sys
12:35:45.0884 5004 C:\Windows\System32\drivers\tsusbhub.sys - ok
12:35:45.0900 5004 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
12:35:45.0900 5004 C:\Windows\System32\lsm.exe - ok
12:35:45.0900 5004 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
12:35:45.0900 5004 C:\Windows\System32\sspisrv.dll - ok
12:35:45.0915 5004 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
12:35:45.0915 5004 C:\Windows\System32\sysntfy.dll - ok
12:35:45.0915 5004 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
12:35:45.0915 5004 C:\Windows\System32\wmsgapi.dll - ok
12:35:45.0931 5004 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
12:35:45.0931 5004 C:\Windows\System32\cryptdll.dll - ok
12:35:45.0946 5004 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
12:35:45.0946 5004 C:\Windows\System32\lsasrv.dll - ok
12:35:45.0946 5004 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
12:35:45.0946 5004 C:\Windows\System32\samsrv.dll - ok
12:35:45.0962 5004 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
12:35:45.0962 5004 C:\Windows\System32\authz.dll - ok
12:35:45.0978 5004 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
12:35:45.0978 5004 C:\Windows\System32\cngaudit.dll - ok
12:35:45.0978 5004 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll
12:35:45.0978 5004 C:\Windows\System32\ncrypt.dll - ok
12:35:45.0993 5004 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
12:35:45.0993 5004 C:\Windows\System32\wevtapi.dll - ok
12:35:46.0009 5004 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
12:35:46.0009 5004 C:\Windows\System32\bcrypt.dll - ok
12:35:46.0009 5004 [ ED4649A28AFE0B3DB93C3198BA48E34E ] C:\Windows\System32\atmfd.dll
12:35:46.0009 5004 C:\Windows\System32\atmfd.dll - ok
12:35:46.0024 5004 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
12:35:46.0024 5004 C:\Windows\System32\msprivs.dll - ok
12:35:46.0024 5004 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
12:35:46.0024 5004 C:\Windows\System32\negoexts.dll - ok
12:35:46.0040 5004 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
12:35:46.0040 5004 C:\Windows\System32\netjoin.dll - ok
12:35:46.0056 5004 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
12:35:46.0056 5004 C:\Windows\System32\cryptsp.dll - ok
12:35:46.0056 5004 [ 2F4348DC0D06A0EBA5F5C4CB435790C1 ] C:\Windows\System32\kerberos.dll
12:35:46.0056 5004 C:\Windows\System32\kerberos.dll - ok
12:35:46.0071 5004 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
12:35:46.0071 5004 C:\Windows\System32\dnsapi.dll - ok
12:35:46.0087 5004 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
12:35:46.0087 5004 C:\Windows\System32\msv1_0.dll - ok
12:35:46.0087 5004 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
12:35:46.0087 5004 C:\Windows\System32\mswsock.dll - ok
12:35:46.0102 5004 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
12:35:46.0102 5004 C:\Windows\System32\netlogon.dll - ok
12:35:46.0118 5004 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
12:35:46.0118 5004 C:\Windows\System32\wship6.dll - ok
12:35:46.0134 5004 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
12:35:46.0134 5004 C:\Windows\System32\logoncli.dll - ok
12:35:46.0134 5004 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
12:35:46.0134 5004 C:\Windows\System32\schannel.dll - ok
12:35:46.0149 5004 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
12:35:46.0149 5004 C:\Windows\System32\wdigest.dll - ok
12:35:46.0165 5004 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
12:35:46.0165 5004 C:\Windows\System32\pku2u.dll - ok
12:35:46.0165 5004 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
12:35:46.0165 5004 C:\Windows\System32\rsaenh.dll - ok
12:35:46.0180 5004 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
12:35:46.0180 5004 C:\Windows\System32\TSpkg.dll - ok
12:35:46.0180 5004 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
12:35:46.0180 5004 C:\Windows\System32\bcryptprimitives.dll - ok
12:35:46.0196 5004 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
12:35:46.0196 5004 C:\Windows\System32\efslsaext.dll - ok
12:35:46.0212 5004 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
12:35:46.0212 5004 C:\Windows\System32\credssp.dll - ok
12:35:46.0212 5004 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
12:35:46.0212 5004 C:\Windows\System32\ubpm.dll - ok
12:35:46.0227 5004 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
12:35:46.0227 5004 C:\Windows\System32\scecli.dll - ok
12:35:46.0243 5004 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
12:35:46.0243 5004 C:\Windows\System32\winsta.dll - ok
12:35:46.0243 5004 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
12:35:46.0243 5004 C:\Windows\System32\svchost.exe - ok
12:35:46.0258 5004 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
12:35:46.0258 5004 C:\Windows\System32\winlogon.exe - ok
12:35:46.0274 5004 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
12:35:46.0274 5004 C:\Windows\System32\umpnpmgr.dll - ok
12:35:46.0274 5004 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
12:35:46.0274 5004 C:\Windows\System32\SPInf.dll - ok
12:35:46.0290 5004 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
12:35:46.0290 5004 C:\Windows\System32\devrtl.dll - ok
12:35:46.0290 5004 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
12:35:46.0290 5004 C:\Windows\System32\gpapi.dll - ok
12:35:46.0305 5004 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
12:35:46.0305 5004 C:\Windows\System32\userenv.dll - ok
12:35:46.0321 5004 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
12:35:46.0321 5004 C:\Windows\System32\umpo.dll - ok
12:35:46.0321 5004 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
12:35:46.0321 5004 C:\Windows\System32\pcwum.dll - ok
12:35:46.0336 5004 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
12:35:46.0336 5004 C:\Windows\System32\powrprof.dll - ok
12:35:46.0352 5004 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
12:35:46.0352 5004 C:\Windows\System32\drivers\luafv.sys - ok
12:35:46.0352 5004 [ E714A1C0354636837E20CCBF00888EE7 ] C:\Windows\System32\drivers\WUDFPf.sys
12:35:46.0352 5004 C:\Windows\System32\drivers\WUDFPf.sys - ok
12:35:46.0368 5004 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
12:35:46.0368 5004 C:\Windows\System32\rpcss.dll - ok
12:35:46.0383 5004 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
12:35:46.0383 5004 C:\Windows\System32\RpcEpMap.dll - ok
12:35:46.0399 5004 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
12:35:46.0399 5004 C:\Windows\System32\WSHTCPIP.DLL - ok
12:35:46.0399 5004 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
12:35:46.0399 5004 C:\Windows\System32\wshqos.dll - ok
12:35:46.0414 5004 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] C:\Windows\System32\atiesrxx.exe
12:35:46.0414 5004 C:\Windows\System32\atiesrxx.exe - ok
12:35:46.0430 5004 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
12:35:46.0430 5004 C:\Windows\System32\FirewallAPI.dll - ok
12:35:46.0430 5004 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
12:35:46.0430 5004 C:\Windows\System32\version.dll - ok
12:35:46.0446 5004 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
12:35:46.0446 5004 C:\Windows\System32\wtsapi32.dll - ok
12:35:46.0446 5004 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
12:35:46.0446 5004 C:\Windows\System32\LogonUI.exe - ok
12:35:46.0461 5004 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
12:35:46.0461 5004 C:\Windows\System32\authui.dll - ok
12:35:46.0477 5004 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
12:35:46.0477 5004 C:\Windows\System32\cryptui.dll - ok
12:35:46.0477 5004 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:35:46.0477 5004 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:35:46.0492 5004 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
12:35:46.0492 5004 C:\Windows\System32\samlib.dll - ok
12:35:46.0508 5004 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
12:35:46.0508 5004 C:\Windows\System32\shacct.dll - ok
12:35:46.0508 5004 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
12:35:46.0508 5004 C:\Windows\System32\propsys.dll - ok
12:35:46.0524 5004 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
12:35:46.0524 5004 C:\Windows\System32\uxtheme.dll - ok
12:35:46.0539 5004 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
12:35:46.0539 5004 C:\Windows\System32\dui70.dll - ok
12:35:46.0539 5004 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
12:35:46.0539 5004 C:\Windows\System32\wevtsvc.dll - ok
12:35:46.0555 5004 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
12:35:46.0555 5004 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
12:35:46.0555 5004 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
12:35:46.0555 5004 C:\Windows\System32\duser.dll - ok
12:35:46.0570 5004 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
12:35:46.0570 5004 C:\Windows\System32\hid.dll - ok
12:35:46.0570 5004 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
12:35:46.0570 5004 C:\Windows\System32\MMDevAPI.dll - ok
12:35:46.0586 5004 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
12:35:46.0586 5004 C:\Windows\System32\SndVolSSO.dll - ok
12:35:46.0602 5004 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
12:35:46.0602 5004 C:\Windows\System32\dwmapi.dll - ok
12:35:46.0602 5004 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
12:35:46.0602 5004 C:\Windows\System32\xmllite.dll - ok
12:35:46.0617 5004 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
12:35:46.0617 5004 C:\Windows\System32\WindowsCodecs.dll - ok
12:35:46.0617 5004 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
12:35:46.0617 5004 C:\Windows\System32\audiosrv.dll - ok
12:35:46.0633 5004 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
12:35:46.0633 5004 C:\Windows\System32\profsvc.dll - ok
12:35:46.0633 5004 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
12:35:46.0633 5004 C:\Windows\System32\avrt.dll - ok
12:35:46.0648 5004 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
12:35:46.0648 5004 C:\Windows\System32\adtschema.dll - ok
12:35:46.0648 5004 [ FE7F776F2590C8331123BDA3A3A21DE6 ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
12:35:46.0648 5004 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe - ok
12:35:46.0664 5004 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
12:35:46.0664 5004 C:\Windows\System32\dsound.dll - ok
12:35:46.0680 5004 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
12:35:46.0680 5004 C:\Windows\System32\mmcss.dll - ok
12:35:46.0680 5004 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
12:35:46.0680 5004 C:\Windows\System32\winbrand.dll - ok
12:35:46.0695 5004 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
12:35:46.0695 5004 C:\Windows\System32\VaultCredProvider.dll - ok
12:35:46.0695 5004 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
12:35:46.0695 5004 C:\Windows\System32\winmm.dll - ok
12:35:46.0711 5004 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
12:35:46.0711 5004 C:\Windows\System32\BioCredProv.dll - ok
12:35:46.0711 5004 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:35:46.0711 5004 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:35:46.0726 5004 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
12:35:46.0726 5004 C:\Windows\System32\credui.dll - ok
12:35:46.0742 5004 [ 0BDB1CDA17FB4290934D45CA7E5AE6ED ] C:\Windows\System32\stapi32.dll
12:35:46.0742 5004 C:\Windows\System32\stapi32.dll - ok
12:35:46.0742 5004 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
12:35:46.0742 5004 C:\Windows\System32\vaultcli.dll - ok
12:35:46.0758 5004 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
12:35:46.0758 5004 C:\Windows\System32\winbio.dll - ok
12:35:46.0758 5004 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
12:35:46.0758 5004 C:\Windows\System32\netapi32.dll - ok
12:35:46.0773 5004 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
12:35:46.0773 5004 C:\Windows\System32\netutils.dll - ok
12:35:46.0773 5004 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
12:35:46.0773 5004 C:\Windows\System32\samcli.dll - ok
12:35:46.0789 5004 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
12:35:46.0789 5004 C:\Windows\System32\wkscli.dll - ok
12:35:46.0804 5004 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
12:35:46.0804 5004 C:\Windows\System32\certCredProvider.dll - ok
12:35:46.0804 5004 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
12:35:46.0804 5004 C:\Windows\System32\rasapi32.dll - ok
12:35:46.0820 5004 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
12:35:46.0820 5004 C:\Windows\System32\rasplap.dll - ok
12:35:46.0820 5004 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
12:35:46.0820 5004 C:\Windows\System32\rasman.dll - ok
12:35:46.0836 5004 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
12:35:46.0836 5004 C:\Windows\System32\rtutils.dll - ok
12:35:46.0836 5004 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
12:35:46.0836 5004 C:\Windows\System32\oleacc.dll - ok
12:35:46.0851 5004 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
12:35:46.0851 5004 C:\Windows\System32\UIAutomationCore.dll - ok
12:35:46.0867 5004 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
12:35:46.0867 5004 C:\Windows\System32\netprofm.dll - ok
12:35:46.0867 5004 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
12:35:46.0867 5004 C:\Windows\System32\wlansvc.dll - ok
12:35:46.0882 5004 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:35:46.0882 5004 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:35:46.0882 5004 [ 9FBCFD7E88A7ACE0E94456504895DD7F ] C:\Windows\System32\WUDFPlatform.dll
12:35:46.0882 5004 C:\Windows\System32\WUDFPlatform.dll - ok
12:35:46.0898 5004 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
12:35:46.0898 5004 C:\Windows\System32\AudioSes.dll - ok
12:35:46.0914 5004 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
12:35:46.0914 5004 C:\Windows\System32\drivers\fltMgr.sys - ok
12:35:46.0914 5004 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
12:35:46.0914 5004 C:\Windows\System32\PSHED.DLL - ok
12:35:46.0914 5004 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:35:46.0914 5004 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:35:46.0929 5004 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
12:35:46.0929 5004 C:\Windows\System32\audiodg.exe - ok
12:35:46.0945 5004 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
12:35:46.0945 5004 C:\Windows\System32\ntmarta.dll - ok
12:35:46.0945 5004 [ 15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll
12:35:46.0945 5004 C:\Windows\System32\cscsvc.dll - ok
12:35:46.0960 5004 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
12:35:46.0960 5004 C:\Windows\System32\gpsvc.dll - ok
12:35:46.0960 5004 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
12:35:46.0960 5004 C:\Windows\System32\wdmaud.drv - ok
12:35:46.0976 5004 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
12:35:46.0976 5004 C:\Windows\System32\dsrole.dll - ok
12:35:46.0976 5004 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll
12:35:46.0976 5004 C:\Windows\System32\nlaapi.dll - ok
12:35:46.0992 5004 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll
12:35:46.0992 5004 C:\Windows\System32\PeerDist.dll - ok
12:35:47.0007 5004 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
12:35:47.0007 5004 C:\Windows\System32\themeservice.dll - ok
12:35:47.0007 5004 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
12:35:47.0007 5004 C:\Windows\System32\atl.dll - ok
12:35:47.0023 5004 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
12:35:47.0023 5004 C:\Windows\System32\ksuser.dll - ok
12:35:47.0023 5004 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
12:35:47.0023 5004 C:\Windows\System32\slc.dll - ok
12:35:47.0038 5004 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
12:35:47.0038 5004 C:\Windows\System32\taskschd.dll - ok
12:35:47.0038 5004 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
12:35:47.0038 5004 C:\Windows\System32\mstask.dll - ok
12:35:47.0054 5004 [ F3F9EC157D66487678885AE651A5AA3B ] C:\Windows\System32\atieclxx.exe
12:35:47.0054 5004 C:\Windows\System32\atieclxx.exe - ok
12:35:47.0070 5004 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
12:35:47.0070 5004 C:\Windows\System32\UXInit.dll - ok
12:35:47.0070 5004 [ 37C4514E33546E9AB84AAEA7DD347165 ] C:\Windows\System32\atiadlxx.dll
12:35:47.0070 5004 C:\Windows\System32\atiadlxx.dll - ok
12:35:47.0085 5004 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
12:35:47.0085 5004 C:\Windows\System32\es.dll - ok
12:35:47.0085 5004 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
12:35:47.0085 5004 C:\Windows\System32\midimap.dll - ok
12:35:47.0101 5004 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
12:35:47.0101 5004 C:\Windows\System32\msacm32.dll - ok
12:35:47.0101 5004 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
12:35:47.0101 5004 C:\Windows\System32\msacm32.drv - ok
12:35:47.0116 5004 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
12:35:47.0116 5004 C:\Windows\System32\Sens.dll - ok
12:35:47.0132 5004 [ 59C8DE6B96B46518E4AC9BFCF531FC71 ] C:\Windows\System32\atimuixx.dll
12:35:47.0132 5004 C:\Windows\System32\atimuixx.dll - ok
12:35:47.0132 5004 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
12:35:47.0132 5004 C:\Windows\System32\comres.dll - ok
12:35:47.0148 5004 [ 00DC55481FAD2841284ED09E7D69CD11 ] C:\Windows\System32\hpservice.exe
12:35:47.0148 5004 C:\Windows\System32\hpservice.exe - ok
12:35:47.0148 5004 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\System32\mfc42u.dll
12:35:47.0148 5004 C:\Windows\System32\mfc42u.dll - ok
12:35:47.0163 5004 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
12:35:47.0163 5004 C:\Windows\System32\AudioEng.dll - ok
12:35:47.0163 5004 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
12:35:47.0163 5004 C:\Windows\System32\AUDIOKSE.dll - ok
12:35:47.0179 5004 [ 2D54D2729F370DF23C0EFC204843678C ] C:\Windows\System32\stapo.dll
12:35:47.0179 5004 C:\Windows\System32\stapo.dll - ok
12:35:47.0179 5004 [ E5E75681CBE23FFAE3486BEF01F144F9 ] C:\Windows\System32\accelerometerdll.DLL
12:35:47.0179 5004 C:\Windows\System32\accelerometerdll.DLL - ok
12:35:47.0194 5004 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
12:35:47.0194 5004 C:\Windows\System32\odbc32.dll - ok
12:35:47.0210 5004 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
12:35:47.0210 5004 C:\Windows\System32\odbcint.dll - ok
12:35:47.0210 5004 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
12:35:47.0210 5004 C:\Windows\System32\uxsms.dll - ok
12:35:47.0226 5004 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] C:\Windows\System32\WUDFSvc.dll
12:35:47.0226 5004 C:\Windows\System32\WUDFSvc.dll - ok
12:35:47.0226 5004 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
12:35:47.0226 5004 C:\Windows\System32\imageres.dll - ok
12:35:47.0241 5004 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
12:35:47.0241 5004 C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:35:47.0241 5004 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
12:35:47.0241 5004 C:\Windows\System32\mfplat.dll - ok
12:35:47.0257 5004 [ 5E30266A29B643AA33CC95DC922C0FE4 ] C:\Windows\System32\aestaren.dll
12:35:47.0257 5004 C:\Windows\System32\aestaren.dll - ok
12:35:47.0272 5004 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
12:35:47.0272 5004 C:\Windows\System32\drivers\lltdio.sys - ok
12:35:47.0288 5004 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
12:35:47.0288 5004 C:\Windows\System32\drivers\nwifi.sys - ok
12:35:47.0288 5004 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
12:35:47.0288 5004 C:\Windows\System32\drivers\ndisuio.sys - ok
12:35:47.0304 5004 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
12:35:47.0304 5004 C:\Windows\System32\drivers\rspndr.sys - ok
12:35:47.0319 5004 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
12:35:47.0319 5004 C:\Windows\System32\IPHLPAPI.DLL - ok
12:35:47.0335 5004 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
12:35:47.0335 5004 C:\Windows\System32\lmhsvc.dll - ok
12:35:47.0335 5004 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
12:35:47.0335 5004 C:\Windows\System32\nsisvc.dll - ok
12:35:47.0350 5004 [ A081EDD1F4E43A4DB84F1B4DC345731A ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll
12:35:47.0350 5004 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll - ok
12:35:47.0366 5004 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
12:35:47.0366 5004 C:\Windows\System32\nrpsrv.dll - ok
12:35:47.0366 5004 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
12:35:47.0366 5004 C:\Windows\System32\winnsi.dll - ok
12:35:47.0382 5004 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
12:35:47.0382 5004 C:\Windows\System32\dhcpcore.dll - ok
12:35:47.0382 5004 [ A5B18C5B956C13CF0A25000F40B1B522 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp32.dll
12:35:47.0382 5004 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp32.dll - ok
12:35:47.0397 5004 [ 55A8708184A757E96D73C373F780E562 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36032.dll
12:35:47.0397 5004 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36032.dll - ok
12:35:47.0413 5004 [ 94D4BA5B48116BE757EE1E84DC5881E9 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd32.dll
12:35:47.0413 5004 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd32.dll - ok
12:35:47.0428 5004 [ 990A58A0B01720E419B55EFC5FF387F8 ] C:\Windows\System32\dhcpcore6.dll
12:35:47.0428 5004 C:\Windows\System32\dhcpcore6.dll - ok
12:35:47.0428 5004 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
12:35:47.0428 5004 C:\Windows\System32\dnsrslvr.dll - ok
12:35:47.0444 5004 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
12:35:47.0444 5004 C:\Windows\System32\FWPUCLNT.DLL - ok
12:35:47.0444 5004 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
12:35:47.0444 5004 C:\Windows\System32\keyiso.dll - ok
12:35:47.0460 5004 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
12:35:47.0460 5004 C:\Windows\System32\eapphost.dll - ok
12:35:47.0475 5004 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
12:35:47.0475 5004 C:\Windows\System32\eapsvc.dll - ok
12:35:47.0475 5004 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
12:35:47.0475 5004 C:\Windows\System32\dnsext.dll - ok
12:35:47.0491 5004 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
12:35:47.0491 5004 C:\Windows\System32\umb.dll - ok
12:35:47.0491 5004 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
12:35:47.0491 5004 C:\Windows\System32\dhcpcsvc.dll - ok
12:35:47.0506 5004 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\System32\dhcpcsvc6.dll
12:35:47.0506 5004 C:\Windows\System32\dhcpcsvc6.dll - ok
12:35:47.0522 5004 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
12:35:47.0522 5004 C:\Windows\System32\wlanmsm.dll - ok
12:35:47.0522 5004 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
12:35:47.0522 5004 C:\Windows\System32\wlansec.dll - ok
12:35:47.0538 5004 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
12:35:47.0538 5004 C:\Windows\System32\onex.dll - ok
12:35:47.0553 5004 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
12:35:47.0553 5004 C:\Windows\System32\eappcfg.dll - ok
12:35:47.0553 5004 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
12:35:47.0553 5004 C:\Windows\System32\eappprxy.dll - ok
12:35:47.0569 5004 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
12:35:47.0569 5004 C:\Windows\System32\l2gpstore.dll - ok
12:35:47.0584 5004 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
12:35:47.0584 5004 C:\Windows\System32\WinSCard.dll - ok
12:35:47.0600 5004 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
12:35:47.0600 5004 C:\Windows\System32\wlanutil.dll - ok
12:35:47.0600 5004 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
12:35:47.0600 5004 C:\Windows\System32\wlgpclnt.dll - ok
12:35:47.0616 5004 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll
12:35:47.0616 5004 C:\Windows\System32\msxml6.dll - ok
12:35:47.0616 5004 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
12:35:47.0616 5004 C:\Windows\System32\shsvcs.dll - ok
12:35:47.0631 5004 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
12:35:47.0631 5004 C:\Windows\System32\schedsvc.dll - ok
12:35:47.0647 5004 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
12:35:47.0647 5004 C:\Windows\System32\ktmw32.dll - ok
12:35:47.0647 5004 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
12:35:47.0647 5004 C:\Windows\System32\taskcomp.dll - ok
12:35:47.0662 5004 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
12:35:47.0662 5004 C:\Windows\System32\fveapi.dll - ok
12:35:47.0678 5004 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
12:35:47.0678 5004 C:\Windows\System32\fvecerts.dll - ok
12:35:47.0678 5004 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
12:35:47.0678 5004 C:\Windows\System32\tbs.dll - ok
12:35:47.0694 5004 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
12:35:47.0694 5004 C:\Windows\System32\wiarpc.dll - ok
12:35:47.0709 5004 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
12:35:47.0709 5004 C:\Windows\System32\netcfgx.dll - ok
12:35:47.0709 5004 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] C:\Windows\System32\drivers\vwifimp.sys
12:35:47.0709 5004 C:\Windows\System32\drivers\vwifimp.sys - ok
12:35:47.0725 5004 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
12:35:47.0725 5004 C:\Windows\System32\drivers\http.sys - ok
12:35:47.0725 5004 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
12:35:47.0725 5004 C:\Windows\System32\spoolsv.exe - ok
12:35:47.0740 5004 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
12:35:47.0740 5004 C:\Windows\System32\drivers\srvnet.sys - ok
12:35:47.0756 5004 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
12:35:47.0756 5004 C:\Windows\System32\drivers\bowser.sys - ok
12:35:47.0756 5004 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
12:35:47.0756 5004 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:35:47.0772 5004 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
12:35:47.0772 5004 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:35:47.0787 5004 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
12:35:47.0787 5004 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:35:47.0787 5004 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
12:35:47.0787 5004 C:\Windows\System32\drivers\srv2.sys - ok
12:35:47.0803 5004 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
12:35:47.0803 5004 C:\Windows\System32\wkssvc.dll - ok
12:35:47.0818 5004 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
12:35:47.0818 5004 C:\Windows\System32\drivers\srv.sys - ok
12:35:47.0834 5004 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
12:35:47.0834 5004 C:\Windows\System32\browser.dll - ok
12:35:47.0834 5004 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
12:35:47.0834 5004 C:\Windows\System32\srvsvc.dll - ok
12:35:47.0850 5004 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
12:35:47.0850 5004 C:\Windows\System32\clusapi.dll - ok
12:35:47.0850 5004 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
12:35:47.0850 5004 C:\Windows\System32\netmsg.dll - ok
12:35:47.0865 5004 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
12:35:47.0865 5004 C:\Windows\System32\sscore.dll - ok
12:35:47.0881 5004 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
12:35:47.0881 5004 C:\Windows\System32\resutils.dll - ok
12:35:47.0881 5004 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
12:35:47.0881 5004 C:\Program Files\Bonjour\mdnsNSP.dll - ok
12:35:47.0896 5004 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
12:35:47.0896 5004 C:\Windows\System32\drivers\parport.sys - ok
12:35:47.0896 5004 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
12:35:47.0896 5004 C:\Windows\System32\rasadhlp.dll - ok
12:35:47.0912 5004 [ 827DBC22C96EECF6D36A13162FABAFD3 ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
12:35:47.0912 5004 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe - ok
12:35:47.0928 5004 [ C8C90B44F2BEEC0AB40E7A4F41903FA5 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
12:35:47.0928 5004 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
12:35:47.0928 5004 [ EA009C246109A0EEC4E4ED7D3EB3BF5C ] C:\Windows\System32\msvcp100.dll
12:35:47.0928 5004 C:\Windows\System32\msvcp100.dll - ok
12:35:47.0943 5004 [ 397FC81BD0FB460508A680C5F825FF9B ] C:\Windows\System32\msvcr100.dll
12:35:47.0943 5004 C:\Windows\System32\msvcr100.dll - ok
12:35:47.0943 5004 [ 1A95611B59F002B5536171A70B066B66 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
12:35:47.0943 5004 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
12:35:47.0959 5004 [ 40C15CE1B832B78CC2A2F61807058763 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys
12:35:47.0959 5004 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys - ok
12:35:47.0959 5004 [ 0F5B9CB923744881111392D22EE922D5 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
12:35:47.0959 5004 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
12:35:47.0974 5004 [ C97F63CE10E518CA9619E7F255DF5253 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
12:35:47.0974 5004 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
12:35:47.0974 5004 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
12:35:47.0974 5004 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
12:35:47.0990 5004 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
12:35:47.0990 5004 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
12:35:48.0006 5004 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:35:48.0006 5004 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
12:35:48.0006 5004 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
12:35:48.0006 5004 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
12:35:48.0021 5004 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
12:35:48.0021 5004 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
12:35:48.0037 5004 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
12:35:48.0037 5004 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
12:35:48.0037 5004 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
12:35:48.0037 5004 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
12:35:48.0052 5004 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
12:35:48.0052 5004 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
12:35:48.0052 5004 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
12:35:48.0052 5004 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
12:35:48.0068 5004 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
12:35:48.0068 5004 C:\Windows\System32\wsock32.dll - ok
12:35:48.0084 5004 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
12:35:48.0084 5004 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
12:35:48.0084 5004 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
12:35:48.0084 5004 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
12:35:48.0099 5004 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
12:35:48.0099 5004 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
12:35:48.0115 5004 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
12:35:48.0115 5004 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
12:35:48.0115 5004 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
12:35:48.0115 5004 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
12:35:48.0130 5004 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
12:35:48.0130 5004 C:\Windows\System32\dnssd.dll - ok
12:35:48.0130 5004 [ BAF975B72062F53D327788E99D64197E ] C:\Windows\System32\drivers\avgidsshimx.sys
12:35:48.0130 5004 C:\Windows\System32\drivers\avgidsshimx.sys - ok
12:35:48.0146 5004 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
12:35:48.0146 5004 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
12:35:48.0162 5004 [ EA1145DEBCD508FD25BD1E95C4346929 ] C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:35:48.0162 5004 C:\Program Files\AVG\AVG2012\avgwdsvc.exe - ok
12:35:48.0162 5004 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
12:35:48.0162 5004 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
12:35:48.0177 5004 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
12:35:48.0177 5004 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
12:35:48.0177 5004 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
12:35:48.0177 5004 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
12:35:48.0193 5004 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
12:35:48.0193 5004 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
12:35:48.0208 5004 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
12:35:48.0208 5004 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
12:35:48.0208 5004 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
12:35:48.0208 5004 C:\Program Files\Bonjour\mDNSResponder.exe - ok
12:35:48.0224 5004 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] C:\Windows\System32\drivers\cpuz135_x32.sys
12:35:48.0224 5004 C:\Windows\System32\drivers\cpuz135_x32.sys - ok
12:35:48.0224 5004 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\System32\cryptnet.dll
12:35:48.0224 5004 C:\Windows\System32\cryptnet.dll - ok
12:35:48.0240 5004 [ 06E771AA596B8761107AB57E99F128D7 ] C:\Windows\System32\cryptsvc.dll
12:35:48.0240 5004 C:\Windows\System32\cryptsvc.dll - ok
12:35:48.0240 5004 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
12:35:48.0240 5004 C:\Windows\System32\vssapi.dll - ok
12:35:48.0255 5004 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
12:35:48.0255 5004 C:\Windows\System32\vsstrace.dll - ok
12:35:48.0271 5004 [ 00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll
12:35:48.0271 5004 C:\Windows\System32\efssvc.dll - ok
12:35:48.0271 5004 [ 3F6D9269E7B3A754B1C2F8533DC7F318 ] C:\Windows\System32\efscore.dll
12:35:48.0271 5004 C:\Windows\System32\efscore.dll - ok
12:35:48.0286 5004 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
12:35:48.0286 5004 C:\Windows\System32\dps.dll - ok
12:35:48.0286 5004 [ 359C3AC547AA1D24EED35BE3AB3759DC ] C:\Windows\System32\efsutil.dll
12:35:48.0286 5004 C:\Windows\System32\efsutil.dll - ok
12:35:48.0302 5004 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
12:35:48.0302 5004 C:\Windows\System32\FDResPub.dll - ok
12:35:48.0302 5004 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
12:35:48.0302 5004 C:\Windows\System32\WSDApi.dll - ok
12:35:48.0318 5004 [ 4635935FC972C582632BF45C26BFCB0E ] C:\Windows\System32\srvany.exe
12:35:48.0318 5004 C:\Windows\System32\srvany.exe - ok
12:35:48.0333 5004 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
12:35:48.0333 5004 C:\Windows\System32\webservices.dll - ok
12:35:48.0333 5004 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
12:35:48.0333 5004 C:\Windows\System32\fundisc.dll - ok
12:35:48.0349 5004 [ 80B7A96F908DA13617E7E6832C5C6A64 ] C:\Windows\System32\HPZinw12.dll
12:35:48.0349 5004 C:\Windows\System32\HPZinw12.dll - ok
12:35:48.0349 5004 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] C:\Windows\System32\drivers\npf.sys
12:35:48.0349 5004 C:\Windows\System32\drivers\npf.sys - ok
12:35:48.0364 5004 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
12:35:48.0364 5004 C:\Windows\System32\drivers\PEAuth.sys - ok
12:35:48.0364 5004 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll
12:35:48.0364 5004 C:\Windows\System32\ncsi.dll - ok
12:35:48.0380 5004 [ 912084381D30D8B89EC4E293053F4710 ] C:\Windows\System32\nlasvc.dll
12:35:48.0380 5004 C:\Windows\System32\nlasvc.dll - ok
12:35:48.0396 5004 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
12:35:48.0396 5004 C:\Windows\System32\webio.dll - ok
12:35:48.0396 5004 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
12:35:48.0396 5004 C:\Windows\System32\winhttp.dll - ok
12:35:48.0411 5004 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
12:35:48.0411 5004 C:\Windows\System32\ssdpapi.dll - ok
12:35:48.0411 5004 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
12:35:48.0411 5004 C:\Windows\System32\drivers\secdrv.sys - ok
12:35:48.0427 5004 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] C:\Windows\System32\HPZipm12.dll
12:35:48.0427 5004 C:\Windows\System32\HPZipm12.dll - ok
12:35:48.0442 5004 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
12:35:48.0442 5004 C:\Windows\System32\httpapi.dll - ok
12:35:48.0442 5004 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
12:35:48.0442 5004 C:\Windows\System32\wiaservc.dll - ok
12:35:48.0458 5004 [ CCA24162E055C3714CE5A88B100C64ED ] C:\Windows\System32\drivers\tcpipreg.sys
12:35:48.0458 5004 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:35:48.0474 5004 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
12:35:48.0474 5004 C:\Windows\System32\sysmain.dll - ok
12:35:48.0474 5004 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
12:35:48.0474 5004 C:\Windows\System32\wiatrace.dll - ok
12:35:48.0489 5004 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
12:35:48.0489 5004 C:\Windows\System32\trkwks.dll - ok
12:35:48.0505 5004 [ CBA3F6EF1E70167DB376B4013F71A62B ] C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
12:35:48.0505 5004 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe - ok
12:35:48.0505 5004 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
12:35:48.0505 5004 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:35:48.0520 5004 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] C:\Windows\System32\drivers\avgidsfilterx.sys
12:35:48.0520 5004 C:\Windows\System32\drivers\avgidsfilterx.sys - ok
12:35:48.0536 5004 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
12:35:48.0536 5004 C:\Windows\System32\wbemcomn.dll - ok
12:35:48.0536 5004 [ 1074F787080068C71303B61FAE7E7CA4 ] C:\Windows\System32\drivers\avgidsdriverx.sys
12:35:48.0536 5004 C:\Windows\System32\drivers\avgidsdriverx.sys - ok
12:35:48.0552 5004 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:35:48.0552 5004 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:35:48.0552 5004 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
12:35:48.0552 5004 C:\Windows\System32\wbem\fastprox.dll - ok
12:35:48.0567 5004 [ D67719BCFDE5798F5C30D14EFED3BCAF ] C:\Program Files\AVG\AVG2012\avgidsagent.exe
12:35:48.0567 5004 C:\Program Files\AVG\AVG2012\avgidsagent.exe - ok
12:35:48.0583 5004 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:35:48.0583 5004 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:35:48.0583 5004 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
12:35:48.0583 5004 C:\Windows\System32\ntdsapi.dll - ok
12:35:48.0598 5004 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
12:35:48.0598 5004 C:\Windows\System32\wbem\wbemprox.dll - ok
12:35:48.0598 5004 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
12:35:48.0598 5004 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
12:35:48.0614 5004 [ AAF7BEB63E2CC499834B608A85A55E4E ] C:\Windows\System32\wsdchngr.dll
12:35:48.0614 5004 C:\Windows\System32\wsdchngr.dll - ok
12:35:48.0630 5004 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
12:35:48.0630 5004 C:\Windows\System32\fdPnp.dll - ok
12:35:48.0630 5004 [ AFF2E23E4E867140F07ABADC9E29ACDC ] C:\Program Files\AVG\AVG2012\avgopensslx.dll
12:35:48.0630 5004 C:\Program Files\AVG\AVG2012\avgopensslx.dll - ok
12:35:48.0645 5004 [ BE6AABAA17CCBE67CDF13673D8D67E14 ] C:\Windows\System32\BrWi209c.dll
12:35:48.0645 5004 C:\Windows\System32\BrWi209c.dll - ok
12:35:48.0645 5004 [ B11F7DB91E12BBCA71BE88BFB2120FAF ] C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
12:35:48.0645 5004 C:\Program Files\Brother\BrUtilities\BrLogAPI.dll - ok
12:35:48.0661 5004 [ 30C9BAAFAED900D0AEF812D6AA72A5B4 ] C:\Windows\System32\BrNetSti.dll
12:35:48.0661 5004 C:\Windows\System32\BrNetSti.dll - ok
12:35:48.0661 5004 [ 9CC228C7AFD7E535819662D2F952C482 ] C:\Windows\System32\BrMuSNMP.dll
12:35:48.0661 5004 C:\Windows\System32\BrMuSNMP.dll - ok
12:35:48.0676 5004 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
12:35:48.0676 5004 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
12:35:48.0692 5004 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
12:35:48.0692 5004 C:\Windows\System32\winspool.drv - ok
12:35:48.0692 5004 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
12:35:48.0692 5004 C:\Windows\System32\wbem\wbemcore.dll - ok
12:35:48.0708 5004 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
12:35:48.0708 5004 C:\Windows\System32\wbem\esscli.dll - ok
12:35:48.0708 5004 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
12:35:48.0708 5004 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:35:48.0723 5004 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
12:35:48.0723 5004 C:\Windows\System32\wbem\wmiutils.dll - ok
12:35:48.0739 5004 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
12:35:48.0739 5004 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:35:48.0739 5004 [ E2C78D19572AACC2062A00F01503807E ] C:\Program Files\AVG\AVG2012\avgcfgx.dll
12:35:48.0739 5004 C:\Program Files\AVG\AVG2012\avgcfgx.dll - ok
12:35:48.0754 5004 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
12:35:48.0754 5004 C:\Windows\System32\NapiNSP.dll - ok
12:35:48.0754 5004 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
12:35:48.0754 5004 C:\Windows\System32\pnrpnsp.dll - ok
12:35:48.0770 5004 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
12:35:48.0770 5004 C:\Windows\System32\winrnr.dll - ok
12:35:48.0770 5004 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
12:35:48.0770 5004 C:\Windows\System32\sfc.dll - ok
12:35:48.0786 5004 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
12:35:48.0786 5004 C:\Windows\System32\sfc_os.dll - ok
12:35:48.0786 5004 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:35:48.0786 5004 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:35:48.0801 5004 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
12:35:48.0801 5004 C:\Windows\System32\ncobjapi.dll - ok
12:35:48.0801 5004 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
12:35:48.0801 5004 C:\Windows\System32\wbem\wbemess.dll - ok
12:35:48.0817 5004 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
12:35:48.0817 5004 C:\Windows\System32\esent.dll - ok
12:35:48.0832 5004 [ 44F5C1CF70AC8F7239F3B3667E58697A ] C:\Windows\System32\CertPolEng.dll
12:35:48.0832 5004 C:\Windows\System32\CertPolEng.dll - ok
12:35:48.0832 5004 [ AC633C7D40C63A197649955A512AD7BD ] C:\Program Files\AVG\AVG2012\avgwd.dll
12:35:48.0832 5004 C:\Program Files\AVG\AVG2012\avgwd.dll - ok
12:35:48.0848 5004 [ C77ACC3B8ACFEC421D9EB8240E7FF0B3 ] C:\Program Files\AVG\AVG2012\avgidpsdkx.dll
12:35:48.0848 5004 C:\Program Files\AVG\AVG2012\avgidpsdkx.dll - ok
12:35:48.0848 5004 [ B642E645D7A790E0FA41E16C6C4234E6 ] C:\Program Files\AVG\AVG2012\avgwdwsc.dll
12:35:48.0848 5004 C:\Program Files\AVG\AVG2012\avgwdwsc.dll - ok
12:35:48.0864 5004 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
12:35:48.0864 5004 C:\Windows\System32\wdi.dll - ok
12:35:48.0879 5004 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
12:35:48.0879 5004 C:\Windows\System32\wpdbusenum.dll - ok
12:35:48.0879 5004 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
12:35:48.0879 5004 C:\Windows\System32\diagperf.dll - ok
12:35:48.0895 5004 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
12:35:48.0895 5004 C:\Windows\System32\PortableDeviceApi.dll - ok
12:35:48.0895 5004 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
12:35:48.0895 5004 C:\Windows\System32\wscapi.dll - ok
12:35:48.0910 5004 [ DB72DBCED1483A638515EA1FBE36F1C1 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
12:35:48.0910 5004 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
12:35:48.0910 5004 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
12:35:48.0910 5004 C:\Windows\System32\wlanapi.dll - ok
12:35:48.0926 5004 [ FAB5650F32677320A5056A9A540F36C9 ] C:\Program Files\AVG\AVG2012\avgnsx.exe
12:35:48.0926 5004 C:\Program Files\AVG\AVG2012\avgnsx.exe - ok
12:35:48.0942 5004 [ 9CE7E61E07EBD3CCF05055CC3FBC0C19 ] C:\Program Files\AVG\AVG2012\avgemcx.exe
12:35:48.0942 5004 C:\Program Files\AVG\AVG2012\avgemcx.exe - ok
12:35:48.0942 5004 [ A5675206B80C4127BC687DCCA9A57212 ] C:\Program Files\AVG\AVG2012\avgntsqlitex.dll
12:35:48.0942 5004 C:\Program Files\AVG\AVG2012\avgntsqlitex.dll - ok
12:35:48.0957 5004 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
12:35:48.0957 5004 C:\Windows\System32\pnpts.dll - ok
12:35:48.0957 5004 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:35:48.0957 5004 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:35:48.0973 5004 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
12:35:48.0973 5004 C:\Windows\System32\perftrack.dll - ok
12:35:48.0988 5004 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
12:35:48.0988 5004 C:\Windows\System32\wdiasqmmodule.dll - ok
12:35:48.0988 5004 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
12:35:48.0988 5004 C:\Windows\System32\Apphlpdm.dll - ok
12:35:49.0004 5004 [ EB4A30EAC3B3C304EAC8A10970E3402E ] C:\Program Files\AVG\AVG2012\avgsched.dll
12:35:49.0004 5004 C:\Program Files\AVG\AVG2012\avgsched.dll - ok
12:35:49.0004 5004 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
12:35:49.0004 5004 C:\Windows\System32\wer.dll - ok
12:35:49.0020 5004 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
12:35:49.0020 5004 C:\Windows\System32\aepic.dll - ok
12:35:49.0020 5004 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
12:35:49.0020 5004 C:\Windows\System32\SensApi.dll - ok
12:35:49.0035 5004 [ 1023EE888C9B47178C5293ED5336AB69 ] C:\Windows\System32\drivers\WUDFRd.sys
12:35:49.0035 5004 C:\Windows\System32\drivers\WUDFRd.sys - ok
12:35:49.0035 5004 [ 311A281F5199EC39711017530DC06B64 ] C:\Windows\System32\WUDFHost.exe
12:35:49.0035 5004 C:\Windows\System32\WUDFHost.exe - ok
12:35:49.0051 5004 [ 8549E6ABF8B270CC10C31B480239E116 ] C:\Windows\System32\WUDFx.dll
12:35:49.0051 5004 C:\Windows\System32\WUDFx.dll - ok
12:35:49.0066 5004 [ 7ABBDC3B08950992D218FA1E52D52A96 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
12:35:49.0066 5004 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
12:35:49.0066 5004 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL
12:35:49.0066 5004 C:\Windows\System32\WMVCORE.DLL - ok
12:35:49.0082 5004 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL
12:35:49.0082 5004 C:\Windows\System32\WMASF.DLL - ok
12:35:49.0098 5004 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\System32\PortableDeviceClassExtension.dll
12:35:49.0098 5004 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
12:35:49.0098 5004 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
12:35:49.0098 5004 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:35:49.0113 5004 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe
12:35:49.0113 5004 C:\Windows\System32\taskhost.exe - ok
12:35:49.0113 5004 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
12:35:49.0113 5004 C:\Windows\System32\dimsjob.dll - ok
12:35:49.0129 5004 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
12:35:49.0129 5004 C:\Windows\System32\npmproxy.dll - ok
12:35:49.0129 5004 [ 615DEE3AC438468536B004678F3BA72E ] C:\Program Files\AVG\AVG2012\avgxpl.dll
12:35:49.0129 5004 C:\Program Files\AVG\AVG2012\avgxpl.dll - ok
12:35:49.0144 5004 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
12:35:49.0144 5004 C:\Windows\System32\dllhost.exe - ok
12:35:49.0160 5004 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
12:35:49.0160 5004 C:\Windows\System32\IDStore.dll - ok
12:35:49.0160 5004 [ BCB88EED0CD8632A6167427D8032C39C ] C:\Windows\System32\efsui.exe
12:35:49.0160 5004 C:\Windows\System32\efsui.exe - ok
12:35:49.0176 5004 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
12:35:49.0176 5004 C:\Windows\System32\mpr.dll - ok
12:35:49.0176 5004 [ 52A58DC1BFAF31BB2022F0DE2E656D41 ] C:\Windows\System32\efsadu.dll
12:35:49.0176 5004 C:\Windows\System32\efsadu.dll - ok
12:35:49.0191 5004 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
12:35:49.0191 5004 C:\Windows\System32\userinit.exe - ok
12:35:49.0207 5004 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
12:35:49.0207 5004 C:\Windows\System32\dwm.exe - ok
12:35:49.0207 5004 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
12:35:49.0207 5004 C:\Windows\System32\dwmcore.dll - ok
12:35:49.0222 5004 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
12:35:49.0222 5004 C:\Windows\System32\dwmredir.dll - ok
12:35:49.0238 5004 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
12:35:49.0238 5004 C:\Windows\System32\HotStartUserAgent.dll - ok
12:35:49.0238 5004 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
12:35:49.0238 5004 C:\Windows\System32\d3d10_1.dll - ok
12:35:49.0254 5004 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
12:35:49.0254 5004 C:\Windows\System32\PlaySndSrv.dll - ok
12:35:49.0254 5004 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
12:35:49.0254 5004 C:\Windows\System32\d3d10_1core.dll - ok
12:35:49.0269 5004 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
12:35:49.0269 5004 C:\Windows\System32\dxgi.dll - ok
12:35:49.0285 5004 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
12:35:49.0285 5004 C:\Windows\System32\MsCtfMonitor.dll - ok
12:35:49.0285 5004 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
12:35:49.0285 5004 C:\Windows\System32\taskeng.exe - ok
12:35:49.0300 5004 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
12:35:49.0300 5004 C:\Windows\System32\msutb.dll - ok
12:35:49.0300 5004 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
12:35:49.0300 5004 C:\Windows\explorer.exe - ok
12:35:49.0316 5004 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
12:35:49.0316 5004 C:\Windows\System32\ExplorerFrame.dll - ok
12:35:49.0316 5004 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
12:35:49.0316 5004 C:\Windows\System32\localspl.dll - ok
12:35:49.0332 5004 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
12:35:49.0332 5004 C:\Windows\System32\spoolss.dll - ok
12:35:49.0332 5004 [ 8FA382B5A54DC35875A067C84FBD6240 ] C:\Windows\System32\hpf3l101.dll
12:35:49.0332 5004 C:\Windows\System32\hpf3l101.dll - ok
12:35:49.0347 5004 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
12:35:49.0347 5004 C:\Windows\System32\PrintIsolationProxy.dll - ok
12:35:49.0363 5004 [ 9BD682DE4EC56C61550A1DE8DC18DFBE ] C:\Windows\System32\aticfx32.dll
12:35:49.0363 5004 C:\Windows\System32\aticfx32.dll - ok
12:35:49.0363 5004 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
12:35:49.0363 5004 C:\Windows\System32\FXSMON.dll - ok
12:35:49.0378 5004 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
12:35:49.0378 5004 C:\Windows\System32\msonpmon.dll - ok
12:35:49.0378 5004 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
12:35:49.0378 5004 C:\Windows\System32\msi.dll - ok
12:35:49.0394 5004 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
12:35:49.0394 5004 C:\Windows\System32\TSChannel.dll - ok
12:35:49.0410 5004 [ 3CFFE856D6C054B04DA4C0A84D95BF6E ] C:\Program Files\ExpressFiles\EFUpdater.exe
12:35:49.0410 5004 C:\Program Files\ExpressFiles\EFUpdater.exe - ok
12:35:49.0410 5004 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
12:35:49.0410 5004 C:\Windows\System32\pautoenr.dll - ok
12:35:49.0425 5004 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
12:35:49.0425 5004 C:\Windows\System32\certcli.dll - ok
12:35:49.0425 5004 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Jillian\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
12:35:49.0425 5004 C:\Users\Jillian\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
12:35:49.0441 5004 [ A55B82103A202C20717F45C201EC4553 ] C:\Program Files\ExpressFiles\htmlayout.dll
12:35:49.0441 5004 C:\Program Files\ExpressFiles\htmlayout.dll - ok
12:35:49.0456 5004 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
12:35:49.0456 5004 C:\Windows\System32\dbghelp.dll - ok
12:35:49.0456 5004 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
12:35:49.0456 5004 C:\Windows\System32\CertEnroll.dll - ok
12:35:49.0472 5004 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
12:35:49.0472 5004 C:\Windows\System32\radardt.dll - ok
12:35:49.0472 5004 [ 0C470E904F321A548378682B48367DCF ] C:\Windows\System32\atidxx32.dll
12:35:49.0472 5004 C:\Windows\System32\atidxx32.dll - ok
12:35:49.0488 5004 [ 551451BA49F18553BD0DF179A654BA95 ] C:\Windows\System32\atiuxpag.dll
12:35:49.0488 5004 C:\Windows\System32\atiuxpag.dll - ok
12:35:49.0503 5004 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Jillian\AppData\Roaming\Dropbox\bin\msvcp71.dll
12:35:49.0503 5004 C:\Users\Jillian\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
12:35:49.0503 5004 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Jillian\AppData\Roaming\Dropbox\bin\msvcr71.dll
12:35:49.0503 5004 C:\Users\Jillian\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
12:35:49.0519 5004 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
12:35:49.0519 5004 C:\Windows\System32\EhStorShell.dll - ok
12:35:49.0519 5004 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll
12:35:49.0519 5004 C:\Windows\System32\cscui.dll - ok
12:35:49.0534 5004 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll
12:35:49.0534 5004 C:\Windows\System32\cscdll.dll - ok
12:35:49.0550 5004 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
12:35:49.0550 5004 C:\Windows\System32\snmpapi.dll - ok
12:35:49.0550 5004 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
12:35:49.0550 5004 C:\Windows\System32\tcpmon.dll - ok
12:35:49.0566 5004 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
12:35:49.0566 5004 C:\Windows\System32\cscapi.dll - ok
12:35:49.0566 5004 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
12:35:49.0566 5004 C:\Windows\System32\ntshrui.dll - ok
12:35:49.0581 5004 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
12:35:49.0581 5004 C:\Windows\System32\wsnmp32.dll - ok
12:35:49.0597 5004 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
12:35:49.0597 5004 C:\Windows\System32\usbmon.dll - ok
12:35:49.0597 5004 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
12:35:49.0597 5004 C:\Windows\System32\WSDMon.dll - ok
12:35:49.0612 5004 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
12:35:49.0612 5004 C:\Windows\System32\uDWM.dll - ok
12:35:49.0612 5004 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
12:35:49.0612 5004 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
12:35:49.0628 5004 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
12:35:49.0628 5004 C:\Windows\System32\IconCodecService.dll - ok
12:35:49.0628 5004 [ 549443507E0A4D38EA7160927FA8AE5E ] C:\Windows\System32\spool\prtprocs\w32x86\hpfpp101.dll
12:35:49.0628 5004 C:\Windows\System32\spool\prtprocs\w32x86\hpfpp101.dll - ok
12:35:49.0644 5004 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
12:35:49.0644 5004 C:\Windows\System32\appinfo.dll - ok
12:35:49.0659 5004 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
12:35:49.0659 5004 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
12:35:49.0659 5004 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll
12:35:49.0659 5004 C:\Windows\System32\win32spl.dll - ok
12:35:49.0675 5004 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
12:35:49.0675 5004 C:\Windows\System32\inetpp.dll - ok
12:35:49.0690 5004 [ 8E2C47AA42020F595032D4EBAD665EFF ] C:\Windows\System32\spool\drivers\w32x86\3\BRUFX05B.DLL
12:35:49.0690 5004 C:\Windows\System32\spool\drivers\w32x86\3\BRUFX05B.DLL - ok
12:35:49.0690 5004 [ BA54A966F873B043FDFCDA0B77937855 ] C:\Windows\System32\mgmtapi.dll
12:35:49.0690 5004 C:\Windows\System32\mgmtapi.dll - ok
12:35:49.0706 5004 [ DC3118FBBC06172E96666FBB27143BC6 ] C:\Windows\System32\spool\drivers\w32x86\3\Brlfx05B.dll
12:35:49.0706 5004 C:\Windows\System32\spool\drivers\w32x86\3\Brlfx05B.dll - ok
12:35:49.0706 5004 [ 03F364F70669D6CCDFBB648C735A1CC1 ] C:\Windows\System32\tcpmib.dll
12:35:49.0706 5004 C:\Windows\System32\tcpmib.dll - ok
12:35:49.0722 5004 [ 640A476C8867AEAAD8FF9F59A61AFE2F ] C:\Windows\System32\PrintIsolationHost.exe
12:35:49.0722 5004 C:\Windows\System32\PrintIsolationHost.exe - ok
12:35:49.0737 5004 [ E363634F89DA4561DCC71525DB0577DE ] C:\Windows\System32\spool\drivers\w32x86\3\brio10a.dll
12:35:49.0737 5004 C:\Windows\System32\spool\drivers\w32x86\3\brio10a.dll - ok
12:35:49.0737 5004 [ 9D5CFEE7F56DB974BF227BC464B5F46E ] C:\Windows\System32\spool\drivers\w32x86\3\briu10a.dll
12:35:49.0737 5004 C:\Windows\System32\spool\drivers\w32x86\3\briu10a.dll - ok
12:35:49.0753 5004 [ BFF0373A9892D74871F836EE6E87400E ] C:\Windows\System32\spool\drivers\w32x86\3\bril10a.dll
12:35:49.0753 5004 C:\Windows\System32\spool\drivers\w32x86\3\bril10a.dll - ok
12:35:49.0768 5004 [ B904FC22908FC7629007179C9C3B0F85 ] C:\Windows\System32\spool\drivers\w32x86\3\BROFX05B.DLL
12:35:49.0768 5004 C:\Windows\System32\spool\drivers\w32x86\3\BROFX05B.DLL - ok
12:35:49.0768 5004 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
12:35:49.0768 5004 C:\Windows\System32\runonce.exe - ok
12:35:49.0784 5004 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
12:35:49.0784 5004 C:\Windows\System32\cmd.exe - ok
12:35:49.0784 5004 [ 7B162F044B225FE0CF25CACB5F05B07E ] C:\Windows\System32\conhost.exe
12:35:49.0784 5004 C:\Windows\System32\conhost.exe - ok
12:35:49.0800 5004 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\System32\ieframe.dll
12:35:49.0800 5004 C:\Windows\System32\ieframe.dll - ok
12:35:49.0800 5004 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
12:35:49.0800 5004 C:\Windows\System32\shdocvw.dll - ok
12:35:49.0815 5004 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\Users\Jillian\AppData\Local\Temp\7889AE4D-CB89-441C-B21A-9F12C1BFAC4D.exe
12:35:49.0815 5004 C:\Users\Jillian\AppData\Local\Temp\7889AE4D-CB89-441C-B21A-9F12C1BFAC4D.exe - ok
12:35:49.0831 5004 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
12:35:49.0831 5004 C:\Windows\System32\pcasvc.dll - ok
12:35:49.0831 5004 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
12:35:49.0831 5004 C:\Windows\System32\ie4uinit.exe - ok
12:35:49.0846 5004 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
12:35:49.0846 5004 C:\Windows\System32\iedkcs32.dll - ok
12:35:49.0846 5004 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
12:35:49.0846 5004 C:\Windows\System32\timedate.cpl - ok
12:35:49.0862 5004 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
12:35:49.0862 5004 C:\Windows\System32\actxprxy.dll - ok
12:35:49.0862 5004 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
12:35:49.0862 5004 C:\Windows\System32\linkinfo.dll - ok
12:35:49.0878 5004 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
12:35:49.0878 5004 C:\Windows\System32\msftedit.dll - ok
12:35:49.0893 5004 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
12:35:49.0893 5004 C:\Windows\System32\msls31.dll - ok
12:35:49.0893 5004 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
12:35:49.0893 5004 C:\Windows\System32\gameux.dll - ok
12:35:49.0909 5004 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
12:35:49.0909 5004 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
12:35:49.0909 5004 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
12:35:49.0909 5004 C:\Windows\System32\msiltcfg.dll - ok
12:35:49.0924 5004 [ 94444693EA13A72F6820DFF844A1122E ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
12:35:49.0924 5004 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
12:35:49.0940 5004 [ 031E0AC7341FBF5699011D71D4157D60 ] C:\Program Files\IDT\WDM\sttray.exe
12:35:49.0940 5004 C:\Program Files\IDT\WDM\sttray.exe - ok
12:35:49.0940 5004 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
12:35:49.0940 5004 C:\Windows\System32\DeviceCenter.dll - ok
12:35:49.0956 5004 [ 3382E7CECC5062A9F5B150F40A153D85 ] C:\Program Files\IDT\WDM\stlang.dll
12:35:49.0956 5004 C:\Program Files\IDT\WDM\stlang.dll - ok
12:35:49.0956 5004 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
12:35:49.0956 5004 C:\Windows\System32\aeevts.dll - ok
12:35:49.0971 5004 [ 03FF6130F4385221ABFC392B67815EC4 ] C:\Windows\System32\SynCOM.dll
12:35:49.0971 5004 C:\Windows\System32\SynCOM.dll - ok
12:35:49.0987 5004 [ 393F021E2A9FA19AC94BA4482E32FC6C ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
12:35:49.0987 5004 C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
12:35:49.0987 5004 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
12:35:49.0987 5004 C:\Windows\System32\networkexplorer.dll - ok
12:35:50.0002 5004 [ 7E5166B8098A378B9DD91B35CE75AADC ] C:\Windows\System32\SynTPAPI.dll
12:35:50.0002 5004 C:\Windows\System32\SynTPAPI.dll - ok
12:35:50.0018 5004 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
12:35:50.0018 5004 C:\Windows\System32\drprov.dll - ok
12:35:50.0018 5004 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:35:50.0018 5004 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
12:35:50.0034 5004 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
12:35:50.0034 5004 C:\Windows\System32\ntlanman.dll - ok
12:35:50.0034 5004 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
12:35:50.0034 5004 C:\Windows\System32\thumbcache.dll - ok
12:35:50.0049 5004 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
12:35:50.0049 5004 C:\Windows\System32\davclnt.dll - ok
12:35:50.0065 5004 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
12:35:50.0065 5004 C:\Windows\System32\davhlpr.dll - ok
12:35:50.0065 5004 [ E1636F57581CAB5D995FD54D2991EF57 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
12:35:50.0065 5004 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe - ok
12:35:50.0080 5004 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll
12:35:50.0080 5004 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll - ok
12:35:50.0080 5004 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll
12:35:50.0080 5004 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll - ok
12:35:50.0096 5004 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:35:50.0096 5004 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
12:35:50.0096 5004 [ E774F875819DEE4A312A921A88F779FE ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
12:35:50.0096 5004 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
12:35:50.0112 5004 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll
12:35:50.0112 5004 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll - ok
12:35:50.0112 5004 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll
12:35:50.0112 5004 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll - ok
12:35:50.0127 5004 [ 3E802CE450D0E7A234978E9A2EA4772A ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
12:35:50.0127 5004 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
12:35:50.0143 5004 [ 98A078F838A70F84E1BD490D7C7675F4 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:35:50.0143 5004 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
12:35:50.0143 5004 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
12:35:50.0143 5004 C:\Windows\System32\msxml3.dll - ok
12:35:50.0158 5004 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
12:35:50.0158 5004 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
12:35:50.0158 5004 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe
12:35:50.0158 5004 C:\Windows\System32\consent.exe - ok
12:35:50.0174 5004 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
12:35:50.0174 5004 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
12:35:50.0190 5004 [ 6619FBECBF8AD8148AD0B9EAA6B939B2 ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
12:35:50.0190 5004 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
12:35:50.0190 5004 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
12:35:50.0190 5004 C:\Windows\System32\msimg32.dll - ok
12:35:50.0205 5004 [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files\QuickTime\QTTask.exe
12:35:50.0205 5004 C:\Program Files\QuickTime\QTTask.exe - ok
12:35:50.0205 5004 [ E97BC7718923E0B9EF6C10984D4E759A ] C:\Program Files\Microsoft IntelliPoint\ipres.dll
12:35:50.0205 5004 C:\Program Files\Microsoft IntelliPoint\ipres.dll - ok
12:35:50.0221 5004 [ D9D79F547AE2A70C650DFCFC27AEC0F7 ] C:\Program Files\iTunes\iTunesHelper.exe
12:35:50.0221 5004 C:\Program Files\iTunes\iTunesHelper.exe - ok
12:35:50.0236 5004 [ 23754E13C135B321D39A6F66A4032D11 ] C:\Program Files\Microsoft IntelliPoint\srres.dll
12:35:50.0236 5004 C:\Program Files\Microsoft IntelliPoint\srres.dll - ok
12:35:50.0236 5004 [ 846965AE55A2662B1576C0F392DD1D6E ] C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
12:35:50.0236 5004 C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe - ok
12:35:50.0252 5004 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
12:35:50.0252 5004 C:\Windows\System32\shfolder.dll - ok
12:35:50.0252 5004 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
12:35:50.0252 5004 C:\Windows\System32\oledlg.dll - ok
12:35:50.0268 5004 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\30980727.sys
12:35:50.0268 5004 C:\Windows\System32\drivers\30980727.sys - ok
12:35:50.0283 5004 [ 27249F2A900032F3C2DFAB8DE8F16399 ] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
12:35:50.0283 5004 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe - ok
12:35:50.0283 5004 [ FF72056739C31E4CC920FBDFF4F9A8E5 ] C:\Users\Jillian\Desktop\lyp14tdr.exe
12:35:50.0283 5004 C:\Users\Jillian\Desktop\lyp14tdr.exe - ok
12:35:50.0299 5004 [ B64F80B64EE7DE4FB68A0FEDA192EE52 ] C:\Program Files\iTunes\iTunesHelper.dll
12:35:50.0299 5004 C:\Program Files\iTunes\iTunesHelper.dll - ok
12:35:50.0299 5004 [ 57C13C4390D5A294EC0B1FFFFDD23C3D ] C:\Program Files\ScanSoft\PaperPort\PPRecDiag.dll
12:35:50.0299 5004 C:\Program Files\ScanSoft\PaperPort\PPRecDiag.dll - ok
12:35:50.0314 5004 [ 1A3009363AF0066B28FA144EAA3A2634 ] C:\Program Files\ScanSoft\PaperPort\XMaxUtil.dll
12:35:50.0314 5004 C:\Program Files\ScanSoft\PaperPort\XMaxUtil.dll - ok
12:35:50.0330 5004 [ E2BF206E5164569500742637B5459402 ] C:\Program Files\ScanSoft\PaperPort\BliceCtr.dll
12:35:50.0330 5004 C:\Program Files\ScanSoft\PaperPort\BliceCtr.dll - ok
12:35:50.0330 5004 [ BE72C212B14FC8F872A70C6C311D0529 ] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
12:35:50.0330 5004 C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe - ok
12:35:50.0346 5004 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
12:35:50.0346 5004 C:\Windows\System32\stobject.dll - ok
12:35:50.0346 5004 [ DA9DC15A4F6705DF7ACF45E387C610FF ] C:\Program Files\ScanSoft\PaperPort\MaxRes.dll
12:35:50.0346 5004 C:\Program Files\ScanSoft\PaperPort\MaxRes.dll - ok
12:35:50.0361 5004 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
12:35:50.0361 5004 C:\Windows\System32\batmeter.dll - ok
12:35:50.0361 5004 [ BF8650D4FEFB972A4A6A5FFC1F41C38C ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
12:35:50.0361 5004 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok
12:35:50.0377 5004 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
12:35:50.0377 5004 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok
12:35:50.0377 5004 [ A0F110AB73271DA15E6BC314A8C1512A ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
12:35:50.0377 5004 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
12:35:50.0392 5004 [ A4A66195EB0ECD574A32AAA92DC0A7BD ] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
12:35:50.0392 5004 C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe - ok
12:35:50.0408 5004 [ 4DE3EF07E0854547309C6B40235A9D44 ] C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe
12:35:50.0408 5004 C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe - ok
12:35:50.0408 5004 [ 521DF626A1247DF167CF061D02AF30DC ] C:\Program Files\ScanSoft\PaperPort\BindRes.dll
12:35:50.0408 5004 C:\Program Files\ScanSoft\PaperPort\BindRes.dll - ok
12:35:50.0424 5004 [ F047AC8029004B2FB94E2429F54617A9 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
12:35:50.0424 5004 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
12:35:50.0424 5004 [ 640609646D2E6F805E89238F0ADD3A1A ] C:\Program Files\Browny02\Brother\BrStMonW.exe
12:35:50.0424 5004 C:\Program Files\Browny02\Brother\BrStMonW.exe - ok
12:35:50.0439 5004 [ 38D8776F8EC474667A939B2309F9C75F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:35:50.0439 5004 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
12:35:50.0439 5004 [ 9C2D78167B281231DCDDE9B30F56DD46 ] C:\Program Files\ScanSoft\PaperPort\Ereg\EregRes_eng.dll
12:35:50.0439 5004 C:\Program Files\ScanSoft\PaperPort\Ereg\EregRes_eng.dll - ok
12:35:50.0455 5004 [ 80956486306D1F546EDC1DD7FAE87F62 ] C:\Program Files\AVG\AVG2012\avgtray.exe
12:35:50.0455 5004 C:\Program Files\AVG\AVG2012\avgtray.exe - ok
12:35:50.0470 5004 [ 569CDDD12656B793732A573D192472F5 ] C:\Program Files\AVG Secure Search\HF_G_Jul.exe
12:35:50.0470 5004 C:\Program Files\AVG Secure Search\HF_G_Jul.exe - ok
12:35:50.0470 5004 [ BF7D2685941DAE388496880C2B4E8E15 ] C:\Program Files\ScanSoft\PaperPort\PPMetaDataServer.dll
12:35:50.0470 5004 C:\Program Files\ScanSoft\PaperPort\PPMetaDataServer.dll - ok
12:35:50.0486 5004 [ 70CF4129C12FC061F0D4F9AEAE7DCAAE ] C:\Program Files\AVG Secure Search\vprot.exe
12:35:50.0486 5004 C:\Program Files\AVG Secure Search\vprot.exe - ok
12:35:50.0486 5004 [ 7E72B82A67212BC07E23CC96D966B1CF ] C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe
12:35:50.0486 5004 C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe - ok
12:35:50.0502 5004 [ 36E5CA5DCE72A831A3F7C7ED8AEA83AE ] C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
12:35:50.0502 5004 C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe - ok
12:35:50.0517 5004 [ F7E9D8DE72862C885465D7BB17AEE908 ] C:\Users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
12:35:50.0517 5004 C:\Users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe - ok
12:35:50.0517 5004 [ 38A6DF08D1B7EB190B34B1DD9D00E43F ] C:\Program Files\ScanSoft\PaperPort\maxkernl.dll
12:35:50.0517 5004 C:\Program Files\ScanSoft\PaperPort\maxkernl.dll - ok
12:35:50.0533 5004 [ 63C90BD9785092A9F394D4A5E5CE5D88 ] C:\Program Files\ScanSoft\PaperPort\maxcodec.dll
12:35:50.0533 5004 C:\Program Files\ScanSoft\PaperPort\maxcodec.dll - ok
12:35:50.0533 5004 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
12:35:50.0533 5004 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
12:35:50.0548 5004 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
12:35:50.0548 5004 C:\Windows\System32\prnfldr.dll - ok
12:35:50.0548 5004 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5 ] C:\Windows\System32\StikyNot.exe
12:35:50.0548 5004 C:\Windows\System32\StikyNot.exe - ok
12:35:50.0564 5004 [ 7E932B501E9035AF1985369829EE6215 ] C:\Program Files\ScanSoft\PaperPort\maxrast.dll
12:35:50.0564 5004 C:\Program Files\ScanSoft\PaperPort\maxrast.dll - ok
12:35:50.0580 5004 [ 23ADB429A6A60FEA6573F7AAA63EA468 ] C:\Program Files\ScanSoft\PaperPort\PDFUtil.dll
12:35:50.0580 5004 C:\Program Files\ScanSoft\PaperPort\PDFUtil.dll - ok
12:35:50.0580 5004 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
12:35:50.0580 5004 C:\Windows\System32\msvfw32.dll - ok
12:35:50.0596 5004 [ 51464B6C373CD07E7D4A6CC9294ED67C ] C:\Users\Jillian\AppData\Roaming\Dropbox\bin\Dropbox.exe
12:35:50.0596 5004 C:\Users\Jillian\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
12:35:50.0596 5004 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\System32\olepro32.dll
12:35:50.0596 5004 C:\Windows\System32\olepro32.dll - ok
12:35:50.0612 5004 [ AF1DFF1BC882AD682F59C9E3B198A9BC ] C:\Program Files\Browny02\Brother\BrStMonWRes.dll
12:35:50.0612 5004 C:\Program Files\Browny02\Brother\BrStMonWRes.dll - ok
12:35:50.0612 5004 [ F6F65DDBC41632BDA10D635E124CC5B7 ] C:\Program Files\ScanSoft\PaperPort\FeatureSwitch.dll
12:35:50.0612 5004 C:\Program Files\ScanSoft\PaperPort\FeatureSwitch.dll - ok
12:35:50.0627 5004 [ 32C26797AB646074A2BB562F9D10ADB5 ] C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
12:35:50.0627 5004 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - ok
12:35:50.0627 5004 [ 0DE3CD644BC003F4B2E6E81F784C2AC4 ] C:\Users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\weathereye.dll
12:35:50.0643 5004 C:\Users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\weathereye.dll - ok
12:35:50.0643 5004 [ 8C73D4D67F9179EC38774C28622896CB ] C:\Program Files\ScanSoft\PaperPort\PasswDB.dll
12:35:50.0643 5004 C:\Program Files\ScanSoft\PaperPort\PasswDB.dll - ok
12:35:50.0659 5004 [ 0A527DA865EA7E91CABFACE9A9279022 ] C:\Program Files\AVG\AVG2012\avgui.exe
12:35:50.0659 5004 C:\Program Files\AVG\AVG2012\avgui.exe - ok
12:35:50.0659 5004 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\System32\msvcp60.dll
12:35:50.0659 5004 C:\Windows\System32\msvcp60.dll - ok
12:35:50.0674 5004 [ 99F7C16BA2198332F19F2703D3D695C3 ] C:\Program Files\AMD AVT\bin\kdbsync.exe
12:35:50.0674 5004 C:\Program Files\AMD AVT\bin\kdbsync.exe - ok
12:35:50.0690 5004 [ 1843E81FA7ACFFF4344A7DD4328D7DA0 ] C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL
12:35:50.0690 5004 C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL - ok
12:35:50.0690 5004 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
12:35:50.0690 5004 C:\Windows\System32\riched20.dll - ok
12:35:50.0705 5004 [ ED186F0E942D7F56F5055C6903C8FCFE ] C:\Program Files\ScanSoft\PaperPort\xdocparse.dll
12:35:50.0705 5004 C:\Program Files\ScanSoft\PaperPort\xdocparse.dll - ok
12:35:50.0705 5004 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
12:35:50.0705 5004 C:\Windows\System32\UIAnimation.dll - ok
12:35:50.0721 5004 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
12:35:50.0721 5004 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
12:35:50.0721 5004 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
12:35:50.0721 5004 C:\Windows\System32\mfc42.dll - ok
12:35:50.0737 5004 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
12:35:50.0737 5004 C:\Windows\System32\netman.dll - ok
12:35:50.0752 5004 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
12:35:50.0752 5004 C:\Windows\System32\netshell.dll - ok
12:35:50.0752 5004 [ 1A2610DF3618F7B7D692675CFF2FB9E1 ] C:\Program Files\Calibre2\calibre-parallel.exe
12:35:50.0752 5004 C:\Program Files\Calibre2\calibre-parallel.exe - ok
12:35:50.0768 5004 [ 4778CFCC920BF5CAB4B0C26316A103F4 ] C:\Program Files\Common Files\microsoft shared\ink\InkObj.dll
12:35:50.0768 5004 C:\Program Files\Common Files\microsoft shared\ink\InkObj.dll - ok
12:35:50.0768 5004 [ 005C4F99548633EC9BCCAD986D078E2C ] C:\Program Files\Calibre2\calibre.exe
12:35:50.0768 5004 C:\Program Files\Calibre2\calibre.exe - ok
12:35:50.0783 5004 [ 09EAD9CB2346B671F8F079D3472134D8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
12:35:50.0783 5004 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
12:35:50.0799 5004 [ 8B9D6D070113CFD8E20793768AFA26FC ] C:\Program Files\AVG\AVG2012\avglngx.dll
12:35:50.0799 5004 C:\Program Files\AVG\AVG2012\avglngx.dll - ok
12:35:50.0799 5004 [ DB0387FE5668433D3A5DDBAEEA2B05D9 ] C:\Program Files\Brother\ControlCenter3\brccDCtl.dll
12:35:50.0799 5004 C:\Program Files\Brother\ControlCenter3\brccDCtl.dll - ok
12:35:50.0815 5004 [ A9950F1C63BA70151803C6F24CEE23F3 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
12:35:50.0815 5004 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
12:35:50.0815 5004 [ 8A2F2D19DE0D3401B5AD523CBA7E73B1 ] C:\Program Files\Brother\ControlCenter3\brccusa.dll
12:35:50.0815 5004 C:\Program Files\Brother\ControlCenter3\brccusa.dll - ok
12:35:50.0830 5004 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
12:35:50.0830 5004 C:\Windows\System32\security.dll - ok
12:35:50.0846 5004 [ FEA3797C92EA69ECF39C5BB4249E331D ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
12:35:50.0846 5004 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok
12:35:50.0846 5004 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
12:35:50.0846 5004 C:\Windows\System32\fdProxy.dll - ok
12:35:50.0861 5004 [ 502C60D7746BEFFB46C3B0334D26A26D ] C:\Windows\System32\OpenCL.dll
12:35:50.0861 5004 C:\Windows\System32\OpenCL.dll - ok
12:35:50.0861 5004 [ A3800DDB103BA33BB960905A37F12C5B ] C:\Windows\System32\kdbsdk32.dll
12:35:50.0861 5004 C:\Windows\System32\kdbsdk32.dll - ok
12:35:50.0877 5004 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
12:35:50.0877 5004 C:\Windows\System32\provsvc.dll - ok
12:35:50.0877 5004 [ 9CBC05B2044AF8F85D7CA39F3588DB06 ] C:\Program Files\Brother\ControlCenter3\brccimg.dll
12:35:50.0877 5004 C:\Program Files\Brother\ControlCenter3\brccimg.dll - ok
12:35:50.0893 5004 [ 5F5CFC3E15B8750B447E4CCEF37FC2F9 ] C:\Windows\System32\amdocl.dll
12:35:50.0893 5004 C:\Windows\System32\amdocl.dll - ok
12:35:50.0893 5004 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] C:\Program Files\Browny02\BrYNSvc.exe
12:35:50.0893 5004 C:\Program Files\Browny02\BrYNSvc.exe - ok
12:35:50.0908 5004 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
12:35:50.0908 5004 C:\Windows\System32\DXP.dll - ok
12:35:50.0924 5004 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
12:35:50.0924 5004 C:\Windows\System32\Syncreg.dll - ok
12:35:50.0924 5004 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
12:35:50.0924 5004 C:\Windows\ehome\ehSSO.dll - ok
12:35:50.0939 5004 [ 59976670B8E8402EDCE18896A02145BB ] C:\Program Files\AVG\AVG2012\avgabout.dll
12:35:50.0939 5004 C:\Program Files\AVG\AVG2012\avgabout.dll - ok
12:35:50.0939 5004 [ 60B2FAC030061A09FB0B80371BFE7161 ] C:\Program Files\Browny02\BrMonitor.dll
12:35:50.0939 5004 C:\Program Files\Browny02\BrMonitor.dll - ok
12:35:50.0955 5004 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] C:\Program Files\iPod\bin\iPodService.exe
12:35:50.0955 5004 C:\Program Files\iPod\bin\iPodService.exe - ok
12:35:50.0971 5004 [ 693C7694D451C51BEAE530F75A18E0DF ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
12:35:50.0971 5004 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
12:35:50.0971 5004 [ 5E8E869E1342308752A37A2C90CCA79D ] C:\Windows\System32\mshtml.dll
12:35:50.0971 5004 C:\Windows\System32\mshtml.dll - ok
12:35:50.0986 5004 [ E2AE392170BDD664739BB09552D833DC ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
12:35:50.0986 5004 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
12:35:50.0986 5004 [ A054D2CD9FB1DC4E5904E3B88B55B2E2 ] C:\Program Files\AVG\AVG2012\avguires.dll
12:35:50.0986 5004 C:\Program Files\AVG\AVG2012\avguires.dll - ok
12:35:51.0002 5004 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
12:35:51.0002 5004 C:\Windows\System32\SearchIndexer.exe - ok
12:35:51.0002 5004 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\System32\hhctrl.ocx
12:35:51.0002 5004 C:\Windows\System32\hhctrl.ocx - ok
12:35:51.0017 5004 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
12:35:51.0017 5004 C:\Windows\System32\AltTab.dll - ok
12:35:51.0033 5004 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
12:35:51.0033 5004 C:\Windows\System32\rasdlg.dll - ok
12:35:51.0033 5004 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
12:35:51.0033 5004 C:\Windows\System32\WPDShServiceObj.dll - ok
12:35:51.0049 5004 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
12:35:51.0049 5004 C:\Windows\System32\pnidui.dll - ok
12:35:51.0049 5004 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
12:35:51.0049 5004 C:\Windows\System32\tquery.dll - ok
12:35:51.0064 5004 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
12:35:51.0064 5004 C:\Windows\System32\mprapi.dll - ok
12:35:51.0064 5004 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
12:35:51.0064 5004 C:\Windows\System32\mssrch.dll - ok
12:35:51.0080 5004 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
12:35:51.0080 5004 C:\Windows\System32\QUTIL.DLL - ok
12:35:51.0095 5004 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll
12:35:51.0095 5004 C:\Windows\System32\cscobj.dll - ok
12:35:51.0095 5004 [ B907641B954B7C8C7F81EA8679314BFD ] C:\Program Files\Browny02\Brother\BrFirmUpdateCheck.dll
12:35:51.0095 5004 C:\Program Files\Browny02\Brother\BrFirmUpdateCheck.dll - ok
12:35:51.0111 5004 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
12:35:51.0111 5004 C:\Windows\System32\msidle.dll - ok
12:35:51.0111 5004 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
12:35:51.0111 5004 C:\Windows\System32\srchadmin.dll - ok
12:35:51.0127 5004 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
12:35:51.0127 5004 C:\Windows\System32\mssprxy.dll - ok
12:35:51.0127 5004 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
12:35:51.0127 5004 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:35:51.0142 5004 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
12:35:51.0142 5004 C:\Windows\System32\dot3api.dll - ok
12:35:51.0142 5004 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
12:35:51.0142 5004 C:\Windows\System32\wlanhlp.dll - ok
12:35:51.0158 5004 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
12:35:51.0158 5004 C:\Windows\System32\hnetcfg.dll - ok
12:35:51.0173 5004 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:35:51.0173 5004 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:35:51.0173 5004 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
12:35:51.0173 5004 C:\Windows\System32\WWanAPI.dll - ok
12:35:51.0189 5004 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:35:51.0189 5004 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:35:51.0189 5004 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
12:35:51.0189 5004 C:\Windows\System32\wwapi.dll - ok
12:35:51.0205 5004 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
12:35:51.0205 5004 C:\Windows\System32\FXSST.dll - ok
12:35:51.0205 5004 [ B2E9DB5E5F4091FCDA0C9249C1E3F974 ] C:\Program Files\AVG\AVG2012\avgidpmx.dll
12:35:51.0205 5004 C:\Program Files\AVG\AVG2012\avgidpmx.dll - ok
12:35:51.0220 5004 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:35:51.0220 5004 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:35:51.0236 5004 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
12:35:51.0236 5004 C:\Windows\System32\FXSAPI.dll - ok
12:35:51.0236 5004 [ 989FA7EB30624BA0D856CF0EAB6E9035 ] C:\Program Files\Adobe\Adobe Digital Editions\digitaleditions.exe
12:35:51.0236 5004 C:\Program Files\Adobe\Adobe Digital Editions\digitaleditions.exe - ok
12:35:51.0251 5004 [ 38E5E24BEDE6F59AFC648CB7EF897D69 ] C:\Program Files\Browny02\BroSNMP.dll
12:35:51.0251 5004 C:\Program Files\Browny02\BroSNMP.dll - ok
12:35:51.0251 5004 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
12:35:51.0251 5004 C:\Windows\System32\FXSRESM.dll - ok
12:35:51.0267 5004 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
12:35:51.0267 5004 C:\Windows\System32\mlang.dll - ok
12:35:51.0283 5004 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
12:35:51.0283 5004 C:\Windows\System32\QAGENT.DLL - ok
12:35:51.0283 5004 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
12:35:51.0283 5004 C:\Windows\System32\FXSSVC.exe - ok
12:35:51.0298 5004 [ 53FC73B80989AEE09C402D3352913B0D ] C:\Windows\System32\aticaldd.dll
12:35:51.0298 5004 C:\Windows\System32\aticaldd.dll - ok
12:35:51.0298 5004 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
12:35:51.0298 5004 C:\Windows\System32\wmdrmdev.dll - ok
12:35:51.0314 5004 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
12:35:51.0314 5004 C:\Windows\System32\drmv2clt.dll - ok
12:35:51.0314 5004 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\System32\blackbox.dll
12:35:51.0314 5004 C:\Windows\System32\blackbox.dll - ok
12:35:51.0329 5004 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
12:35:51.0329 5004 C:\Windows\System32\bthprops.cpl - ok
12:35:51.0345 5004 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
12:35:51.0345 5004 C:\Windows\System32\upnp.dll - ok
12:35:51.0345 5004 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
12:35:51.0345 5004 C:\Windows\System32\ssdpsrv.dll - ok
12:35:51.0361 5004 [ 7A0F277411AFF00427A9AA3A5E3BE2D2 ] C:\Users\Jillian\AppData\Local\DirectDownloader\directdownloader.exe
12:35:51.0361 5004 C:\Users\Jillian\AppData\Local\DirectDownloader\directdownloader.exe - ok
12:35:51.0361 5004 [ 9F179DA6BF972F2B8B7F90978D02D719 ] C:\Windows\System32\jscript9.dll
12:35:51.0361 5004 C:\Windows\System32\jscript9.dll - ok
12:35:51.0376 5004 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
12:35:51.0376 5004 C:\Windows\System32\wmp.dll - ok
12:35:51.0392 5004 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
12:35:51.0392 5004 C:\Windows\System32\msimtf.dll - ok
12:35:51.0392 5004 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll
12:35:51.0392 5004 C:\Windows\System32\d2d1.dll - ok
12:35:51.0407 5004 [ 8F01B9DA1D372D1C80B92F725E736B54 ] C:\Windows\System32\atigktxx.dll
12:35:51.0407 5004 C:\Windows\System32\atigktxx.dll - ok
12:35:51.0407 5004 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
12:35:51.0407 5004 C:\Windows\System32\DWrite.dll - ok
12:35:51.0423 5004 [ 577187449F287E0E818456244C8251C9 ] C:\Program Files\Dropbox Folder Sync\Dropbox Folder Sync.exe
12:35:51.0423 5004 C:\Program Files\Dropbox Folder Sync\Dropbox Folder Sync.exe - ok
12:35:51.0423 5004 [ 75A08148812AE3C68EFFF719E357CB85 ] C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
12:35:51.0423 5004 C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll - ok
12:35:51.0439 5004 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
12:35:51.0439 5004 C:\Windows\System32\FntCache.dll - ok
12:35:51.0439 5004 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
12:35:51.0439 5004 C:\Windows\System32\wmploc.DLL - ok
12:35:51.0454 5004 [ 726EBFAFF3B8056B2E0CF6E3C52A9099 ] C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
12:35:51.0454 5004 C:\Program Files\Microsoft Office\Office12\EXCEL.EXE - ok
12:35:51.0470 5004 [ 20AA5135C856C44B08333365EBFA8087 ] C:\Program Files\Internet Explorer\ieproxy.dll
12:35:51.0470 5004 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:35:51.0470 5004 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll
12:35:51.0470 5004 C:\Windows\System32\d3d10warp.dll - ok
12:35:51.0485 5004 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
12:35:51.0485 5004 C:\Windows\System32\webcheck.dll - ok
12:35:51.0485 5004 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll
12:35:51.0485 5004 C:\Windows\System32\wersvc.dll - ok
12:35:51.0501 5004 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
12:35:51.0501 5004 C:\Windows\System32\SearchProtocolHost.exe - ok
12:35:51.0501 5004 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
12:35:51.0501 5004 C:\Windows\System32\SyncCenter.dll - ok
12:35:51.0517 5004 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
12:35:51.0517 5004 C:\Windows\System32\msshooks.dll - ok
12:35:51.0532 5004 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
12:35:51.0532 5004 C:\Windows\System32\SearchFilterHost.exe - ok
12:35:51.0532 5004 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll
12:35:51.0532 5004 C:\Windows\System32\d3d10.dll - ok
12:35:51.0548 5004 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
12:35:51.0548 5004 C:\Windows\System32\mscoree.dll - ok
12:35:51.0548 5004 [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:35:51.0548 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:35:51.0563 5004 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
12:35:51.0563 5004 C:\Windows\System32\wbem\NCProv.dll - ok
12:35:51.0563 5004 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
12:35:51.0563 5004 C:\Windows\System32\wmpps.dll - ok
12:35:51.0579 5004 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll
12:35:51.0579 5004 C:\Windows\System32\mssph.dll - ok
12:35:51.0595 5004 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll
12:35:51.0595 5004 C:\Windows\System32\wmpmde.dll - ok
12:35:51.0595 5004 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll
12:35:51.0595 5004 C:\Windows\System32\d3d10core.dll - ok
12:35:51.0611 5004 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
12:35:51.0611 5004 C:\Windows\System32\mapi32.dll - ok
12:35:51.0611 5004 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
12:35:51.0611 5004 C:\Windows\System32\imapi2.dll - ok
12:35:51.0627 5004 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
12:35:51.0627 5004 C:\Windows\System32\cabinet.dll - ok
12:35:51.0642 5004 [ EE13D0A327CD79998D25824F0EAE2C54 ] C:\Program Files\ExpressFiles\expressdl.exe
12:35:51.0642 5004 C:\Program Files\ExpressFiles\expressdl.exe - ok
12:35:51.0642 5004 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
12:35:51.0642 5004 C:\Windows\System32\WinSATAPI.dll - ok
12:35:51.0658 5004 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
12:35:51.0658 5004 C:\Windows\System32\p2pcollab.dll - ok
12:35:51.0658 5004 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
12:35:51.0658 5004 C:\Windows\System32\hgcpl.dll - ok
12:35:51.0674 5004 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
12:35:51.0674 5004 C:\Windows\System32\QAGENTRT.DLL - ok
12:35:51.0674 5004 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL
12:35:51.0674 5004 C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:35:51.0689 5004 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
12:35:51.0689 5004 C:\Windows\System32\fdPHost.dll - ok
12:35:51.0689 5004 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll
12:35:51.0689 5004 C:\Windows\System32\fdWSD.dll - ok
12:35:51.0705 5004 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
12:35:51.0705 5004 C:\Windows\System32\fveui.dll - ok
12:35:51.0705 5004 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll
12:35:51.0705 5004 C:\Windows\System32\fdSSDP.dll - ok
12:35:51.0720 5004 [ 72B44F416067C80EF35B5C0ACB6DF11E ] C:\Program Files\ExpressFiles\ExpressFiles.exe
12:35:51.0720 5004 C:\Program Files\ExpressFiles\ExpressFiles.exe - ok
12:35:51.0736 5004 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
12:35:51.0736 5004 C:\Windows\System32\devenum.dll - ok
12:35:51.0736 5004 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\System32\WindowsCodecsExt.dll
12:35:51.0736 5004 C:\Windows\System32\WindowsCodecsExt.dll - ok
12:35:51.0752 5004 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
12:35:51.0752 5004 C:\Windows\System32\msdmo.dll - ok
12:35:51.0752 5004 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
12:35:51.0752 5004 C:\Windows\System32\ListSvc.dll - ok
12:35:51.0767 5004 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
12:35:51.0767 5004 C:\Windows\System32\upnphost.dll - ok
12:35:51.0783 5004 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\System32\P2P.dll
12:35:51.0783 5004 C:\Windows\System32\P2P.dll - ok
12:35:51.0783 5004 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:35:51.0783 5004 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:35:51.0798 5004 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
12:35:51.0798 5004 C:\Windows\System32\pnrpsvc.dll - ok
12:35:51.0798 5004 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
12:35:51.0798 5004 C:\Windows\System32\sqmapi.dll - ok
12:35:51.0814 5004 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
12:35:51.0814 5004 C:\Windows\System32\wbem\wmiprov.dll - ok
12:35:51.0814 5004 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
12:35:51.0814 5004 C:\Windows\System32\p2psvc.dll - ok
12:35:51.0830 5004 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\System32\P2PGraph.dll
12:35:51.0830 5004 C:\Windows\System32\P2PGraph.dll - ok
12:35:51.0845 5004 [ D8B924F925FA4A8839C144F79CA5FCD4 ] C:\Program Files\Adobe\Adobe Photoshop CS5.1\Photoshop.exe
12:35:51.0845 5004 C:\Program Files\Adobe\Adobe Photoshop CS5.1\Photoshop.exe - ok
12:35:51.0845 5004 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll
12:35:51.0845 5004 C:\Windows\System32\udhisapi.dll - ok
12:35:51.0861 5004 ============================================================
12:35:51.0861 5004 Scan finished
12:35:51.0861 5004 ============================================================
12:35:51.0876 4996 Detected object count: 5
12:35:51.0876 4996 Actual detected object count: 5
12:36:32.0913 4996 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:32.0913 4996 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:32.0913 4996 KMService ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:32.0929 4996 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:32.0929 4996 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:32.0929 4996 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:32.0929 4996 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:32.0929 4996 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:32.0929 4996 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:32.0929 4996 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

#10 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 01:32 PM

Sorry about multiple posts. forums said it was to long so i broke up the tdsskiller log

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 02-09-2012
Ran by SYSTEM at 2012-09-03 00:52:03 Run:1
Running from F:\

==============================================

HKEY_USERS\Jillian\Software\Microsoft\Windows\CurrentVersion\Run\\ongso Value deleted successfully.
C:\Users\Jillian\AppData\Local\ moved successfully.
C:\Users\Jillian\AppData\Roaming\ongso.dll moved successfully.

==== End of Fixlog ====


Combofix seems to be currently hung on

Deleting folders:

C:\Windows|$NtUninstsllKB46281$

I'll leave it as is until you further instruct me

#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:54 PM

Posted 03 September 2012 - 05:20 PM

If it is still stuck there go ahead and restart your computer and see if it produces a log.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 05:24 PM

ok rebooting now. will reply asap with log

#13 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 05:28 PM

It appears that it did not produce a log in c:\

Edited by Kewbla, 03 September 2012 - 09:59 PM.


#14 Kewbla

Kewbla
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 03 September 2012 - 09:59 PM

I reran Combofix and everything went well and created a log

ComboFix 12-09-03.07 - Jillian 09/03/12 21:07:50.3.2 - x86
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.2814.1785 [GMT -4:00]
Running from: c:\users\Jillian\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-04 to 2012-09-04 )))))))))))))))))))))))))))))))
.
.
2012-09-04 01:17 . 2012-09-04 01:19 -------- d-----w- c:\users\Jillian\AppData\Local\temp
2012-09-02 22:50 . 2012-09-02 22:50 -------- d-----w- C:\FRST
2012-09-01 04:39 . 2012-09-01 04:39 -------- d-----w- c:\users\Jillian\AppData\Roaming\FixZeroAccess
2012-08-31 04:12 . 2012-08-31 04:12 -------- d-----w- c:\users\Jillian\AppData\Local\{026DB2D9-F322-11E1-8270-B8AC6F996F26}
2012-08-30 16:53 . 2012-08-30 16:53 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-29 03:22 . 2012-08-29 03:22 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-25 16:12 . 2012-08-25 16:11 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-25 16:11 . 2012-08-25 16:11 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-24 02:43 . 2012-08-24 03:02 -------- d-----w- c:\users\Jillian\AppData\Local\DirectDownloader
2012-08-24 02:39 . 2012-08-24 02:39 -------- d-----w- c:\users\Jillian\AppData\Roaming\YourFileDownloader
2012-08-23 03:21 . 2012-08-23 03:21 -------- d-----w- c:\users\Jillian\AppData\Roaming\ExpressFiles
2012-08-23 03:21 . 2012-08-23 03:21 -------- d-----w- c:\program files\ExpressFiles
2012-08-15 22:07 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 22:07 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 22:07 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 22:07 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 22:07 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 22:07 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 22:07 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-25 16:11 . 2011-08-05 00:29 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-07 00:59 . 2012-06-07 00:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05 . 2012-07-11 17:20 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05 . 2012-07-11 17:20 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03 . 2012-07-11 17:20 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-08-29 03:22 . 2011-03-24 01:14 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-30 16:53 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-08-30 1734240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Jillian\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Jillian\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Jillian\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-08-30 947808]
"HF_G_Jul"="c:\program files\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
"ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-08-30 1022048]
.
c:\users\Jillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jillian\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
R3 getbus;getbus;c:\users\Jillian\AppData\Local\Temp\getbus.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x]
R4 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
R4 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 00:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
FF - ProfilePath - c:\users\Jillian\AppData\Roaming\Mozilla\Firefox\Profiles\ewpbzpk5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid={3B3E73B8-F625-436F-8EE6-486C40B6EF00}&mid=3198f955f77b47d0ac09d16a1cd40018-677d6bd6145487d7add33b2fb2857814f9a2aa51&lang=en&ds=AVG&pr=fr&d=2012-06-28 17:34&v=12.2.5.32&sap=ku&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKCU-Run-WeatherEye - c:\users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
HKCU-Run-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
HKCU-Run-KiesTrayAgent - c:\program files\Samsung\Kies\KiesTrayAgent.exe
HKCU-Run-CompleteTimeTrackingStd3 - c:\program files\Complete Time Tracking Std 3\CompleteTimeTrackingStd.exe
HKLM-Run-Brdefprn - c:\program files\Brother\BRHL2170\Brdefprn.exe
HKLM-Run-ConnectionManager - c:\program files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
SafeBoot-70925195.sys
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-WeatherEye - c:\users\Jillian\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.dfsc]
"ImagePath"="\?"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1688)
c:\users\Jillian\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-09-03 21:23:18 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-04 01:23
.
Pre-Run: 151,269,347,328 bytes free
Post-Run: 151,166,586,880 bytes free
.
- - End Of File - - C4159706559FF7814BB100D1A42A2F82

#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:54 PM

Posted 03 September 2012 - 10:08 PM

Hows your machine running?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users