Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown virus


  • This topic is locked This topic is locked
17 replies to this topic

#1 arkali

arkali

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 18 December 2012 - 02:19 PM

Hi,

I've got a virus on my computer that won't let me run mbam-setup and also puts in hover ads (I'm not sure what they're called but they look like this when you put your cursor over the underlined blue text http://imgur.com/yGd5A ) on various different internet pages (I got ads on the preview of this post). I scanned with AVG free anti-virus but it didn't detect any malware/adware.

I tried to install malwarebytes but had an "access denied" message at the end of mbam-setup. I tried Rkill but it didn't stop any processes so then I ran mbam from a usb but it simply encountered a problem at initiation of a scan and closed.

DDS:

DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by Matthew at 19:04:37 on 2012-12-18
.
============== Running Processes ================
.
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Users\Matthew\Desktop\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://startsear.ch/?aff=1&cf=9791fc3c-1853-11e1-a31e-f07bcbeee95c
uProxyServer = hxxp=127.0.0.1:25515
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Vaudix Class: {24DCEBB6-DF54-77B6-D53F-C189949014AF} - C:\ProgramData\Vaudix\50886c2ae831e.ocx
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: CescrtHlpr Object: {2EECD738-5844-4a99-B4B6-146BF802613B} -
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} -
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Facebook Update] "C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRunOnce: [1] C:\Users\Matthew\Favorites\Downloads\mbam-chameleon\mbam-chameleon.exe /r /p
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\244584F6D656845726D254534334 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\24F696E676F60284F6473707F647 : DHCPNameServer = 10.5.0.1
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\849605F62747 : DHCPNameServer = 151.9.60.68 151.9.61.74
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\97D63616 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\C63756261637963677966696 : DHCPNameServer = 158.143.96.212 158.143.40.47
TCP: Interfaces\{56C164A0-D36D-438F-B0AA-CF6BAB52291C} : DHCPNameServer = 149.254.230.7 149.254.192.126
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R? ALSysIO;ALSysIO
R? btwl2cap;Bluetooth L2CAP Service
R? BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? cpuz135;cpuz135
R? fssfltr;fssfltr
R? fsssvc;Windows Live Family Safety Service
R? Impcd;Impcd
R? IntcDAud;Intel® Display Audio
R? MSSQLServerADHelper100;SQL Active Directory Helper Service
R? Netaapl;Apple Mobile Device Ethernet Service
R? SkypeUpdate;Skype Updater
R? SOHCImp;VAIO Media plus Content Importer
R? SOHDms;VAIO Media plus Digital Media Server
R? SOHDs;VAIO Media plus Device Searcher
R? SpfService;VAIO Entertainment Common Service
R? SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ)
R? TsUsbFlt;TsUsbFlt
R? USBAAPL64;Apple Mobile USB Driver
R? VCFw;VAIO Content Folder Watcher
R? VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager
R? VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager
R? VcmXmlIfHelper;VAIO Content Metadata XML Interface
R? WatAdminSvc;Windows Activation Technologies Service
R? wlcrasvc;Windows Live Mesh remote connections service
S? AMD External Events Utility;AMD External Events Utility
S? ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHA;AVGIDSHA
S? Avgldx64;AVG AVI Loader Driver
S? Avgloga;AVG Logging Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? btusbflt;Bluetooth USB Filter
S? dtsoftbus01;DAEMON Tools Virtual Bus Driver
S? HECIx64;Intel® Management Engine Interface
S? IAStorDataMgrSvc;Intel® Rapid Storage Technology
S? Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service
S? Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service
S? PxHlpa64;PxHlpa64
S? regi;regi
S? rimspci;rimspci
S? risdsnpe;risdsnpe
S? SampleCollector;VAIO Care Performance Service
S? SFEP;Sony Firmware Extension Parser
S? uCamMonitor;CamMonitor
S? UNS;Intel® Management & Security Application User Notification Service
S? VAIO Power Management;VAIO Power Management
S? VCService;VCService
S? VSNService;VSNService
S? VUAgent;VUAgent
S? yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller
.
=============== Created Last 30 ================
.
2012-12-18 18:59:57 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-18 17:24:33 98816 ----a-w- C:\Windows\sed.exe
2012-12-18 17:24:33 256000 ----a-w- C:\Windows\PEV.exe
2012-12-18 17:24:33 208896 ----a-w- C:\Windows\MBR.exe
2012-12-12 20:46:34 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-12 20:42:44 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-12 20:12:43 -------- d-----w- C:\VMWAD2
2012-12-12 19:56:40 35840 ----a-w- C:\Windows\System32\drivers\BVRPMPR5a64.SYS
2012-12-12 17:25:26 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-12 17:25:26 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-12 17:25:26 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-12 17:25:26 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-12 15:08:52 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-12 15:08:51 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
==================== Find3M ====================
.
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-22 13:02:44 154464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-15 03:48:50 63328 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-05 03:32:50 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-02 02:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-09-29 19:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-29 14:48:36 1793536 ----a-w- C:\Windows\System32\EKAiO2MON.dll
2012-09-29 14:48:24 183808 ----a-w- C:\Windows\System32\EKAiO2COI10.dll
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-24 14:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-09-24 14:32:20 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-21 02:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-09-21 02:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys
.
============= FINISH: 19:04:49.98 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 18 December 2012 - 04:16 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 arkali

arkali
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 19 December 2012 - 06:43 AM

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 37
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


# AdwCleaner v2.101 - Logfile created 12/19/2012 at 11:29:09
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Matthew - MATTHEW-VAIO
# Boot Mode : Normal
# Running from : C:\Users\Matthew\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Matthew\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Matthew\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1&cf=9791fc3c-1853-11e1-a31e-f07bcbeee95c --> hxxp://www.google.com

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ixkntzg6.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.61.1250.0

File : C:\Users\Matthew\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9338 octets] - [19/12/2012 11:29:09]

########## EOF - C:\AdwCleaner[S1].txt - [9398 octets] ##########


For the RK, I wasn't sure whether you wanted the [1]report or the [2] report so I'll paste both.

RKreport[1]:
RogueKiller V8.4.0 [Dec 18 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matthew [Admin rights]
Mode : Scan -- Date : 12/19/2012 11:36:23

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ISUSPM.exe -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ISUSPM ("C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-4160811034-853049981-1848083985-1000[...]\Run : ISUSPM ("C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:25515) -> FOUND
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-26A0RT0 +++++
--- User ---
[MBR] 3ef4f284a4ba7f727893871e7ebdd6da
[BSP] 9c2b054625bcd1bb6ca77acf4f466ba8 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 11249 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 23040000 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 23244800 | Size: 465589 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_12192012_02d1136.txt >>
RKreport[1]_S_12192012_02d1136.txt



RKreport[2]:
RogueKiller V8.4.0 [Dec 18 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matthew [Admin rights]
Mode : Remove -- Date : 12/19/2012 11:36:47

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ISUSPM.exe -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ISUSPM ("C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler) -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:25515) -> NOT REMOVED, USE PROXYFIX
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-26A0RT0 +++++
--- User ---
[MBR] 3ef4f284a4ba7f727893871e7ebdd6da
[BSP] 9c2b054625bcd1bb6ca77acf4f466ba8 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 11249 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 23040000 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 23244800 | Size: 465589 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12192012_02d1136.txt >>
RKreport[1]_S_12192012_02d1136.txt ; RKreport[2]_D_12192012_02d1136.txt



I've still got some of those ads and I still cannot run mbam-setup.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 19 December 2012 - 04:09 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 arkali

arkali
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 20 December 2012 - 08:14 AM

1: Log from ComboFix

ComboFix 12-12-20.02 - Matthew 20/12/2012 12:51:52.2.4 - x64
Running from: c:\users\Matthew\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-20 to 2012-12-20 )))))))))))))))))))))))))))))))
.
.
2012-12-20 13:01 . 2012-12-20 13:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 20:46 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-12 20:42 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 20:12 . 2012-12-12 20:12 -------- d-----w- C:\VMWAD2
2012-12-12 19:56 . 2010-07-08 14:31 35840 ----a-w- c:\windows\system32\drivers\BVRPMPR5a64.SYS
2012-12-12 17:25 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 17:25 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 17:25 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-12 17:25 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-12 15:08 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 15:08 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 00:15 . 2010-08-24 18:38 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-06 18:32 . 2012-11-06 18:32 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF45F310-8A70-4B20-A410-642BF1CD8108}\offreg.dll
2012-10-22 13:02 . 2012-10-22 13:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-17 02:31 . 2012-11-06 16:57 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF45F310-8A70-4B20-A410-642BF1CD8108}\mpengine.dll
2012-10-16 08:38 . 2012-11-28 18:15 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 18:15 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 18:15 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 03:48 . 2012-10-15 03:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-10-09 18:17 . 2012-11-15 20:44 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 20:44 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 20:44 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 20:44 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-05 03:32 . 2012-10-05 03:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 16:40 . 2012-12-12 20:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 20:44 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 20:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 20:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 20:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 20:44 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 20:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 20:44 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 20:44 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 20:44 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 20:44 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 20:44 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-29 19:54 . 2010-09-30 14:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 14:48 . 2012-09-29 14:48 1793536 ----a-w- c:\windows\system32\EKAiO2MON.dll
2012-09-29 14:48 . 2012-09-29 14:48 183808 ----a-w- c:\windows\system32\EKAiO2COI10.dll
2012-09-25 22:47 . 2012-11-15 20:43 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-15 20:43 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-24 14:32 . 2012-06-30 10:56 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 14:32 . 2010-08-26 16:56 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{24DCEBB6-DF54-77B6-D53F-C189949014AF}]
2012-10-24 22:31 129024 ----a-w- c:\programdata\Vaudix\50886c2ae831e.ocx
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-05 1354736]
"Facebook Update"="c:\users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-13 138096]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-05-22 26624]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"Conime"="c:\windows\system32\conime.exe" [BU]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 ALSysIO;ALSysIO;c:\users\Matthew\AppData\Local\Temp\ALSysIO64.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-07-08 35840]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-11-13 151936]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-25 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-17 254528]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000Core.job
- c:\users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-07 00:40]
.
2012-12-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000UA.job
- c:\users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-07 00:40]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000Core.job
- c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-09 03:02]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000UA.job
- c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-09 03:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-22 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:25515
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.1.254
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-20 13:03:45
ComboFix-quarantined-files.txt 2012-12-20 13:03
ComboFix2.txt 2012-12-18 17:38
.
Pre-Run: 246,087,200,768 bytes free
Post-Run: 246,020,886,528 bytes free
.
- - End Of File - - 243AEBAC60E0BDD07E367908413BBEB5


2: I had no problems with the running of combofix.

3: I still get those hover ads mainly marketing the iphone5 to me, and also I still cannot install malwarebytes; I get an access denied at the end of installation then it rolls back changes.

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 20 December 2012 - 02:52 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 arkali

arkali
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 21 December 2012 - 07:03 AM

TDSSKiller log:

10:44:03.0530 4820 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:44:03.0905 4820 ============================================================
10:44:03.0905 4820 Current date / time: 2012/12/21 10:44:03.0905
10:44:03.0905 4820 SystemInfo:
10:44:03.0905 4820
10:44:03.0905 4820 OS Version: 6.1.7601 ServicePack: 1.0
10:44:03.0905 4820 Product type: Workstation
10:44:03.0905 4820 ComputerName: MATTHEW-VAIO
10:44:03.0905 4820 UserName: Matthew
10:44:03.0905 4820 Windows directory: C:\Windows
10:44:03.0905 4820 System windows directory: C:\Windows
10:44:03.0905 4820 Running under WOW64
10:44:03.0905 4820 Processor architecture: Intel x64
10:44:03.0905 4820 Number of processors: 4
10:44:03.0905 4820 Page size: 0x1000
10:44:03.0905 4820 Boot type: Normal boot
10:44:03.0905 4820 ============================================================
10:44:06.0388 4820 BG loaded
10:44:08.0307 4820 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:44:08.0307 4820 ============================================================
10:44:08.0307 4820 \Device\Harddisk0\DR0:
10:44:08.0307 4820 MBR partitions:
10:44:08.0307 4820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x15F9000, BlocksNum 0x32000
10:44:08.0307 4820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x162B000, BlocksNum 0x38D5A830
10:44:08.0307 4820 ============================================================
10:44:08.0369 4820 C: <-> \Device\Harddisk0\DR0\Partition2
10:44:08.0369 4820 ============================================================
10:44:08.0369 4820 Initialize success
10:44:08.0369 4820 ============================================================
10:44:25.0576 2236 ============================================================
10:44:25.0576 2236 Scan started
10:44:25.0576 2236 Mode: Manual; SigCheck; TDLFS;
10:44:25.0576 2236 ============================================================
10:44:26.0496 2236 ================ Scan system memory ========================
10:44:26.0496 2236 System memory - ok
10:44:26.0496 2236 ================ Scan services =============================
10:44:26.0886 2236 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:44:27.0011 2236 1394ohci - ok
10:44:27.0089 2236 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:44:27.0120 2236 ACDaemon - ok
10:44:27.0183 2236 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:44:27.0198 2236 ACPI - ok
10:44:27.0261 2236 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:44:27.0354 2236 AcpiPmi - ok
10:44:27.0417 2236 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:44:27.0432 2236 adp94xx - ok
10:44:27.0479 2236 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:44:27.0495 2236 adpahci - ok
10:44:27.0542 2236 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:44:27.0557 2236 adpu320 - ok
10:44:27.0604 2236 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:44:27.0776 2236 AeLookupSvc - ok
10:44:27.0838 2236 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:44:27.0900 2236 AFD - ok
10:44:27.0963 2236 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:44:27.0978 2236 agp440 - ok
10:44:28.0010 2236 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:44:28.0088 2236 ALG - ok
10:44:28.0134 2236 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:44:28.0150 2236 aliide - ok
10:44:28.0290 2236 ALSysIO - ok
10:44:28.0322 2236 [ 5EC60409BD50953BD4F892B18840039E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:44:28.0415 2236 AMD External Events Utility - ok
10:44:28.0478 2236 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:44:28.0493 2236 amdide - ok
10:44:28.0540 2236 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:44:28.0634 2236 AmdK8 - ok
10:44:28.0852 2236 [ 322E5C178990F116F00E3D923F4E6B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:44:29.0008 2236 amdkmdag - ok
10:44:29.0086 2236 [ 961A81A84FDD700E361E8294528A37BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:44:29.0133 2236 amdkmdap - ok
10:44:29.0180 2236 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:44:29.0226 2236 AmdPPM - ok
10:44:29.0273 2236 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:44:29.0289 2236 amdsata - ok
10:44:29.0336 2236 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:44:29.0351 2236 amdsbs - ok
10:44:29.0382 2236 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:44:29.0398 2236 amdxata - ok
10:44:29.0445 2236 [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
10:44:29.0460 2236 ApfiltrService - ok
10:44:29.0507 2236 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:44:29.0710 2236 AppID - ok
10:44:29.0757 2236 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:44:29.0835 2236 AppIDSvc - ok
10:44:29.0944 2236 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:44:30.0006 2236 Appinfo - ok
10:44:30.0084 2236 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:44:30.0100 2236 Apple Mobile Device - ok
10:44:30.0162 2236 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:44:30.0178 2236 arc - ok
10:44:30.0225 2236 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:44:30.0240 2236 arcsas - ok
10:44:30.0287 2236 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:44:30.0303 2236 ArcSoftKsUFilter - ok
10:44:30.0365 2236 aspnet_state - ok
10:44:30.0396 2236 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:44:30.0474 2236 AsyncMac - ok
10:44:30.0537 2236 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:44:30.0552 2236 atapi - ok
10:44:30.0615 2236 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:44:30.0724 2236 athr - ok
10:44:30.0911 2236 [ 322E5C178990F116F00E3D923F4E6B1C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:44:31.0052 2236 atikmdag - ok
10:44:31.0114 2236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:44:31.0192 2236 AudioEndpointBuilder - ok
10:44:31.0223 2236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:44:31.0270 2236 AudioSrv - ok
10:44:31.0473 2236 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
10:44:31.0582 2236 AVGIDSAgent - ok
10:44:31.0613 2236 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:44:31.0629 2236 AVGIDSDriver - ok
10:44:31.0644 2236 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
10:44:31.0660 2236 AVGIDSHA - ok
10:44:31.0707 2236 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
10:44:31.0722 2236 Avgldx64 - ok
10:44:31.0785 2236 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
10:44:31.0800 2236 Avgloga - ok
10:44:31.0816 2236 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
10:44:31.0832 2236 Avgmfx64 - ok
10:44:31.0894 2236 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
10:44:31.0910 2236 Avgrkx64 - ok
10:44:31.0941 2236 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
10:44:31.0956 2236 Avgtdia - ok
10:44:31.0972 2236 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
10:44:31.0988 2236 avgwd - ok
10:44:32.0034 2236 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:44:32.0112 2236 AxInstSV - ok
10:44:32.0206 2236 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:44:32.0268 2236 b06bdrv - ok
10:44:32.0315 2236 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:44:32.0346 2236 b57nd60a - ok
10:44:32.0393 2236 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:44:32.0456 2236 BDESVC - ok
10:44:32.0471 2236 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:44:32.0549 2236 Beep - ok
10:44:32.0627 2236 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:44:32.0690 2236 BFE - ok
10:44:32.0721 2236 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:44:32.0783 2236 BITS - ok
10:44:32.0830 2236 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:44:32.0846 2236 blbdrive - ok
10:44:32.0955 2236 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:44:32.0970 2236 Bonjour Service - ok
10:44:33.0033 2236 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:44:33.0080 2236 bowser - ok
10:44:33.0126 2236 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:44:33.0204 2236 BrFiltLo - ok
10:44:33.0220 2236 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:44:33.0236 2236 BrFiltUp - ok
10:44:33.0282 2236 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:44:33.0345 2236 BridgeMP - ok
10:44:33.0392 2236 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:44:33.0423 2236 Browser - ok
10:44:33.0454 2236 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:44:33.0501 2236 Brserid - ok
10:44:33.0532 2236 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:44:33.0563 2236 BrSerWdm - ok
10:44:33.0579 2236 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:44:33.0594 2236 BrUsbMdm - ok
10:44:33.0626 2236 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:44:33.0657 2236 BrUsbSer - ok
10:44:33.0688 2236 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:44:33.0782 2236 BthEnum - ok
10:44:33.0813 2236 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:44:33.0844 2236 BTHMODEM - ok
10:44:33.0891 2236 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:44:33.0922 2236 BthPan - ok
10:44:33.0953 2236 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:44:34.0016 2236 BTHPORT - ok
10:44:34.0062 2236 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:44:34.0109 2236 bthserv - ok
10:44:34.0172 2236 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:44:34.0203 2236 BTHUSB - ok
10:44:34.0250 2236 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
10:44:34.0250 2236 btusbflt - ok
10:44:34.0281 2236 btwaudio - ok
10:44:34.0296 2236 btwavdt - ok
10:44:34.0296 2236 btwl2cap - ok
10:44:34.0312 2236 btwrchid - ok
10:44:34.0359 2236 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
10:44:34.0374 2236 BVRPMPR5a64 - ok
10:44:34.0421 2236 catchme - ok
10:44:34.0437 2236 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:44:34.0515 2236 cdfs - ok
10:44:34.0562 2236 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:44:34.0593 2236 cdrom - ok
10:44:34.0655 2236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:44:34.0733 2236 CertPropSvc - ok
10:44:34.0765 2236 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:44:34.0811 2236 circlass - ok
10:44:34.0874 2236 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:44:34.0889 2236 CLFS - ok
10:44:34.0905 2236 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:44:34.0921 2236 clr_optimization_v2.0.50727_32 - ok
10:44:34.0967 2236 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:44:34.0983 2236 clr_optimization_v2.0.50727_64 - ok
10:44:35.0061 2236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:44:35.0123 2236 clr_optimization_v4.0.30319_32 - ok
10:44:35.0170 2236 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:44:35.0170 2236 clr_optimization_v4.0.30319_64 - ok
10:44:35.0217 2236 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:44:35.0264 2236 CmBatt - ok
10:44:35.0295 2236 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:44:35.0311 2236 cmdide - ok
10:44:35.0357 2236 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:44:35.0389 2236 CNG - ok
10:44:35.0404 2236 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:44:35.0420 2236 Compbatt - ok
10:44:35.0451 2236 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:44:35.0482 2236 CompositeBus - ok
10:44:35.0513 2236 COMSysApp - ok
10:44:35.0545 2236 cpuz135 - ok
10:44:35.0560 2236 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:44:35.0576 2236 crcdisk - ok
10:44:35.0623 2236 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:44:35.0701 2236 CryptSvc - ok
10:44:35.0747 2236 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
10:44:35.0794 2236 dc3d - ok
10:44:35.0841 2236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:44:35.0903 2236 DcomLaunch - ok
10:44:35.0935 2236 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:44:35.0997 2236 defragsvc - ok
10:44:36.0044 2236 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:44:36.0091 2236 DfsC - ok
10:44:36.0153 2236 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:44:36.0231 2236 Dhcp - ok
10:44:36.0262 2236 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:44:36.0340 2236 discache - ok
10:44:36.0371 2236 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:44:36.0387 2236 Disk - ok
10:44:36.0418 2236 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:44:36.0449 2236 Dnscache - ok
10:44:36.0496 2236 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:44:36.0543 2236 dot3svc - ok
10:44:36.0574 2236 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:44:36.0621 2236 DPS - ok
10:44:36.0652 2236 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:44:36.0668 2236 drmkaud - ok
10:44:36.0730 2236 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:44:36.0746 2236 dtsoftbus01 - ok
10:44:36.0793 2236 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:44:36.0824 2236 DXGKrnl - ok
10:44:36.0855 2236 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:44:36.0917 2236 EapHost - ok
10:44:37.0011 2236 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:44:37.0136 2236 ebdrv - ok
10:44:37.0183 2236 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:44:37.0229 2236 EFS - ok
10:44:37.0307 2236 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:44:37.0385 2236 ehRecvr - ok
10:44:37.0417 2236 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:44:37.0463 2236 ehSched - ok
10:44:37.0495 2236 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:44:37.0510 2236 elxstor - ok
10:44:37.0557 2236 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:44:37.0588 2236 ErrDev - ok
10:44:37.0619 2236 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:44:37.0682 2236 EventSystem - ok
10:44:37.0713 2236 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:44:37.0775 2236 exfat - ok
10:44:37.0807 2236 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:44:37.0853 2236 fastfat - ok
10:44:37.0900 2236 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:44:37.0963 2236 Fax - ok
10:44:37.0978 2236 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:44:38.0009 2236 fdc - ok
10:44:38.0056 2236 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:44:38.0087 2236 fdPHost - ok
10:44:38.0103 2236 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:44:38.0165 2236 FDResPub - ok
10:44:38.0212 2236 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:44:38.0212 2236 FileInfo - ok
10:44:38.0228 2236 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:44:38.0290 2236 Filetrace - ok
10:44:38.0321 2236 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:44:38.0337 2236 flpydisk - ok
10:44:38.0384 2236 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:44:38.0399 2236 FltMgr - ok
10:44:38.0446 2236 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:44:38.0493 2236 FontCache - ok
10:44:38.0540 2236 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:44:38.0555 2236 FontCache3.0.0.0 - ok
10:44:38.0587 2236 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:44:38.0602 2236 FsDepends - ok
10:44:38.0633 2236 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
10:44:38.0649 2236 fssfltr - ok
10:44:38.0743 2236 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:44:38.0805 2236 fsssvc - ok
10:44:38.0883 2236 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:44:38.0899 2236 Fs_Rec - ok
10:44:38.0961 2236 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:44:38.0977 2236 fvevol - ok
10:44:39.0086 2236 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:44:39.0086 2236 gagp30kx - ok
10:44:39.0148 2236 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:44:39.0164 2236 GEARAspiWDM - ok
10:44:39.0211 2236 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:44:39.0289 2236 gpsvc - ok
10:44:39.0335 2236 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:44:39.0398 2236 hcw85cir - ok
10:44:39.0460 2236 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:44:39.0523 2236 HdAudAddService - ok
10:44:39.0569 2236 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:44:39.0601 2236 HDAudBus - ok
10:44:39.0663 2236 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:44:39.0679 2236 HECIx64 - ok
10:44:39.0694 2236 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:44:39.0694 2236 HidBatt - ok
10:44:39.0741 2236 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:44:39.0788 2236 HidBth - ok
10:44:39.0819 2236 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:44:39.0850 2236 HidIr - ok
10:44:39.0897 2236 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:44:39.0944 2236 hidserv - ok
10:44:39.0991 2236 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:44:40.0006 2236 HidUsb - ok
10:44:40.0053 2236 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:44:40.0115 2236 hkmsvc - ok
10:44:40.0162 2236 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:44:40.0209 2236 HomeGroupListener - ok
10:44:40.0303 2236 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:44:40.0349 2236 HomeGroupProvider - ok
10:44:40.0396 2236 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:44:40.0412 2236 HpSAMD - ok
10:44:40.0490 2236 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:44:40.0552 2236 HTTP - ok
10:44:40.0599 2236 [ 1A5DA10E18FC2643E94C5DC7FA965868 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:44:40.0646 2236 hwdatacard - ok
10:44:40.0693 2236 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:44:40.0708 2236 hwpolicy - ok
10:44:40.0802 2236 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:44:40.0817 2236 i8042prt - ok
10:44:40.0895 2236 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:44:40.0911 2236 iaStor - ok
10:44:41.0083 2236 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:44:41.0098 2236 IAStorDataMgrSvc - ok
10:44:41.0894 2236 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:44:42.0003 2236 iaStorV - ok
10:44:42.0455 2236 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:44:42.0627 2236 idsvc - ok
10:44:44.0281 2236 [ 31D1AFF484D8A0906CF8D44251EC390F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:44:44.0499 2236 igfx ( UnsignedFile.Multi.Generic ) - warning
10:44:44.0499 2236 igfx - detected UnsignedFile.Multi.Generic (1)
10:44:44.0577 2236 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:44:44.0593 2236 iirsp - ok
10:44:44.0905 2236 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:44:44.0983 2236 IKEEXT - ok
10:44:45.0170 2236 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:44:45.0232 2236 Impcd - ok
10:44:45.0326 2236 [ 0F144E5F46CB9043004B5E84AA4BCA6A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:44:45.0404 2236 IntcAzAudAddService - ok
10:44:45.0451 2236 [ 408B401CD7CDB075C7470B0FF7BA8D0B ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:44:45.0482 2236 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
10:44:45.0482 2236 IntcDAud - detected UnsignedFile.Multi.Generic (1)
10:44:45.0513 2236 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:44:45.0529 2236 intelide - ok
10:44:45.0560 2236 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:44:45.0591 2236 intelppm - ok
10:44:45.0607 2236 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:44:45.0669 2236 IPBusEnum - ok
10:44:45.0731 2236 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:44:45.0778 2236 IpFilterDriver - ok
10:44:45.0825 2236 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:44:45.0872 2236 iphlpsvc - ok
10:44:45.0903 2236 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:44:45.0934 2236 IPMIDRV - ok
10:44:45.0950 2236 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:44:46.0012 2236 IPNAT - ok
10:44:46.0090 2236 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:44:46.0106 2236 iPod Service - ok
10:44:46.0137 2236 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:44:46.0184 2236 IRENUM - ok
10:44:46.0231 2236 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:44:46.0246 2236 isapnp - ok
10:44:46.0293 2236 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:44:46.0309 2236 iScsiPrt - ok
10:44:46.0340 2236 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:44:46.0355 2236 kbdclass - ok
10:44:46.0402 2236 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:44:46.0418 2236 kbdhid - ok
10:44:46.0449 2236 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:44:46.0449 2236 KeyIso - ok
10:44:46.0558 2236 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
10:44:46.0574 2236 Kodak AiO Network Discovery Service - ok
10:44:46.0636 2236 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
10:44:46.0652 2236 Kodak AiO Status Monitor Service - ok
10:44:46.0683 2236 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:44:46.0699 2236 KSecDD - ok
10:44:46.0745 2236 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:44:46.0761 2236 KSecPkg - ok
10:44:46.0792 2236 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:44:46.0839 2236 ksthunk - ok
10:44:46.0886 2236 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:44:46.0948 2236 KtmRm - ok
10:44:47.0026 2236 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:44:47.0073 2236 LanmanServer - ok
10:44:47.0120 2236 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:44:47.0167 2236 LanmanWorkstation - ok
10:44:47.0198 2236 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:44:47.0245 2236 lltdio - ok
10:44:47.0276 2236 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:44:47.0354 2236 lltdsvc - ok
10:44:47.0385 2236 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:44:47.0416 2236 lmhosts - ok
10:44:47.0494 2236 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:44:47.0510 2236 LMS - ok
10:44:47.0541 2236 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:44:47.0557 2236 LSI_FC - ok
10:44:47.0588 2236 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:44:47.0603 2236 LSI_SAS - ok
10:44:47.0635 2236 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:44:47.0650 2236 LSI_SAS2 - ok
10:44:47.0666 2236 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:44:47.0681 2236 LSI_SCSI - ok
10:44:47.0728 2236 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:44:47.0775 2236 luafv - ok
10:44:47.0822 2236 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:44:47.0837 2236 Mcx2Svc - ok
10:44:47.0884 2236 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:44:47.0884 2236 megasas - ok
10:44:47.0931 2236 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:44:47.0947 2236 MegaSR - ok
10:44:48.0040 2236 Microsoft SharePoint Workspace Audit Service - ok
10:44:48.0056 2236 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:44:48.0103 2236 MMCSS - ok
10:44:48.0134 2236 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:44:48.0181 2236 Modem - ok
10:44:48.0212 2236 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:44:48.0243 2236 monitor - ok
10:44:48.0274 2236 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:44:48.0290 2236 mouclass - ok
10:44:48.0321 2236 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:44:48.0352 2236 mouhid - ok
10:44:48.0383 2236 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:44:48.0399 2236 mountmgr - ok
10:44:48.0415 2236 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:44:48.0430 2236 mpio - ok
10:44:48.0477 2236 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:44:48.0508 2236 mpsdrv - ok
10:44:48.0571 2236 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:44:48.0617 2236 MpsSvc - ok
10:44:48.0664 2236 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:44:48.0711 2236 MRxDAV - ok
10:44:48.0758 2236 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:44:48.0789 2236 mrxsmb - ok
10:44:48.0836 2236 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:44:48.0867 2236 mrxsmb10 - ok
10:44:48.0898 2236 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:44:48.0914 2236 mrxsmb20 - ok
10:44:48.0961 2236 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:44:48.0976 2236 msahci - ok
10:44:49.0023 2236 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:44:49.0039 2236 msdsm - ok
10:44:49.0054 2236 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:44:49.0070 2236 MSDTC - ok
10:44:49.0117 2236 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:44:49.0148 2236 Msfs - ok
10:44:49.0163 2236 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:44:49.0226 2236 mshidkmdf - ok
10:44:49.0273 2236 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:44:49.0288 2236 msisadrv - ok
10:44:49.0304 2236 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:44:49.0366 2236 MSiSCSI - ok
10:44:49.0366 2236 msiserver - ok
10:44:49.0413 2236 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:44:49.0460 2236 MSKSSRV - ok
10:44:49.0475 2236 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:44:49.0538 2236 MSPCLOCK - ok
10:44:49.0553 2236 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:44:49.0600 2236 MSPQM - ok
10:44:49.0647 2236 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:44:49.0663 2236 MsRPC - ok
10:44:49.0694 2236 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:44:49.0709 2236 mssmbios - ok
10:44:49.0803 2236 MSSQL$MSSMLBIZ - ok
10:44:49.0881 2236 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:44:49.0897 2236 MSSQLServerADHelper100 - ok
10:44:49.0928 2236 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:44:49.0975 2236 MSTEE - ok
10:44:50.0021 2236 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:44:50.0037 2236 MTConfig - ok
10:44:50.0053 2236 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:44:50.0068 2236 Mup - ok
10:44:50.0099 2236 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:44:50.0177 2236 napagent - ok
10:44:50.0209 2236 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:44:50.0240 2236 NativeWifiP - ok
10:44:50.0302 2236 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:44:50.0333 2236 NDIS - ok
10:44:50.0365 2236 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:44:50.0411 2236 NdisCap - ok
10:44:50.0443 2236 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:44:50.0474 2236 NdisTapi - ok
10:44:50.0505 2236 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:44:50.0567 2236 Ndisuio - ok
10:44:50.0614 2236 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:44:50.0661 2236 NdisWan - ok
10:44:50.0692 2236 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:44:50.0739 2236 NDProxy - ok
10:44:50.0817 2236 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
10:44:50.0848 2236 Netaapl - ok
10:44:50.0879 2236 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:44:50.0942 2236 NetBIOS - ok
10:44:50.0973 2236 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:44:51.0035 2236 NetBT - ok
10:44:51.0051 2236 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:44:51.0067 2236 Netlogon - ok
10:44:51.0113 2236 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:44:51.0160 2236 Netman - ok
10:44:51.0191 2236 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:44:51.0238 2236 netprofm - ok
10:44:51.0269 2236 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:44:51.0285 2236 NetTcpPortSharing - ok
10:44:51.0316 2236 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:44:51.0332 2236 nfrd960 - ok
10:44:51.0363 2236 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:44:51.0394 2236 NlaSvc - ok
10:44:51.0410 2236 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:44:51.0457 2236 Npfs - ok
10:44:51.0472 2236 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:44:51.0519 2236 nsi - ok
10:44:51.0519 2236 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:44:51.0581 2236 nsiproxy - ok
10:44:51.0644 2236 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:44:51.0706 2236 Ntfs - ok
10:44:51.0737 2236 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:44:51.0784 2236 Null - ok
10:44:51.0847 2236 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:44:51.0862 2236 nvraid - ok
10:44:51.0878 2236 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:44:51.0893 2236 nvstor - ok
10:44:51.0940 2236 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:44:51.0956 2236 nv_agp - ok
10:44:52.0018 2236 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:44:52.0018 2236 ohci1394 - ok
10:44:52.0127 2236 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:44:52.0143 2236 ose - ok
10:44:52.0283 2236 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:44:52.0455 2236 osppsvc - ok
10:44:52.0486 2236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:44:52.0517 2236 p2pimsvc - ok
10:44:52.0549 2236 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:44:52.0580 2236 p2psvc - ok
10:44:52.0595 2236 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:44:52.0611 2236 Parport - ok
10:44:52.0642 2236 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:44:52.0658 2236 partmgr - ok
10:44:52.0673 2236 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:44:52.0689 2236 PcaSvc - ok
10:44:52.0736 2236 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:44:52.0751 2236 pci - ok
10:44:52.0783 2236 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:44:52.0798 2236 pciide - ok
10:44:52.0845 2236 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:44:52.0861 2236 pcmcia - ok
10:44:52.0892 2236 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:44:52.0907 2236 pcw - ok
10:44:52.0939 2236 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:44:53.0001 2236 PEAUTH - ok
10:44:53.0095 2236 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:44:53.0126 2236 PerfHost - ok
10:44:53.0173 2236 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:44:53.0266 2236 pla - ok
10:44:53.0329 2236 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:44:53.0375 2236 PlugPlay - ok
10:44:53.0407 2236 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:44:53.0453 2236 PNRPAutoReg - ok
10:44:53.0485 2236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:44:53.0500 2236 PNRPsvc - ok
10:44:53.0516 2236 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:44:53.0531 2236 Point64 - ok
10:44:53.0578 2236 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:44:53.0625 2236 PolicyAgent - ok
10:44:53.0672 2236 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:44:53.0719 2236 Power - ok
10:44:53.0781 2236 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:44:53.0843 2236 PptpMiniport - ok
10:44:53.0875 2236 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:44:53.0906 2236 Processor - ok
10:44:53.0953 2236 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:44:53.0999 2236 ProfSvc - ok
10:44:54.0015 2236 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:44:54.0031 2236 ProtectedStorage - ok
10:44:54.0077 2236 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:44:54.0124 2236 Psched - ok
10:44:54.0155 2236 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:44:54.0171 2236 PxHlpa64 - ok
10:44:54.0218 2236 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:44:54.0280 2236 ql2300 - ok
10:44:54.0296 2236 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:44:54.0311 2236 ql40xx - ok
10:44:54.0358 2236 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:44:54.0389 2236 QWAVE - ok
10:44:54.0421 2236 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:44:54.0452 2236 QWAVEdrv - ok
10:44:54.0467 2236 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:44:54.0530 2236 RasAcd - ok
10:44:54.0608 2236 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:44:54.0655 2236 RasAgileVpn - ok
10:44:54.0701 2236 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:44:54.0779 2236 RasAuto - ok
10:44:54.0873 2236 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:44:55.0060 2236 Rasl2tp - ok
10:44:55.0622 2236 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:44:55.0684 2236 RasMan - ok
10:44:55.0747 2236 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:44:55.0809 2236 RasPppoe - ok
10:44:55.0840 2236 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:44:55.0903 2236 RasSstp - ok
10:44:55.0949 2236 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:44:56.0012 2236 rdbss - ok
10:44:56.0043 2236 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:44:56.0090 2236 rdpbus - ok
10:44:56.0121 2236 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:44:56.0183 2236 RDPCDD - ok
10:44:56.0215 2236 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:44:56.0277 2236 RDPENCDD - ok
10:44:56.0293 2236 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:44:56.0339 2236 RDPREFMP - ok
10:44:56.0433 2236 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:44:56.0495 2236 RDPWD - ok
10:44:56.0636 2236 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:44:56.0651 2236 rdyboost - ok
10:44:56.0698 2236 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
10:44:56.0714 2236 regi - ok
10:44:56.0745 2236 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:44:56.0792 2236 RemoteAccess - ok
10:44:56.0823 2236 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:44:56.0885 2236 RemoteRegistry - ok
10:44:56.0932 2236 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:44:56.0948 2236 RFCOMM - ok
10:44:56.0995 2236 [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
10:44:57.0057 2236 rimspci - ok
10:44:57.0135 2236 [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
10:44:57.0197 2236 risdsnpe - ok
10:44:57.0229 2236 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:44:57.0322 2236 RpcEptMapper - ok
10:44:57.0369 2236 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:44:57.0416 2236 RpcLocator - ok
10:44:57.0494 2236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:44:57.0541 2236 RpcSs - ok
10:44:57.0603 2236 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:44:57.0650 2236 rspndr - ok
10:44:57.0728 2236 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:44:57.0743 2236 RTHDMIAzAudService - ok
10:44:57.0790 2236 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:44:57.0806 2236 SamSs - ok
10:44:57.0837 2236 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:44:57.0853 2236 sbp2port - ok
10:44:57.0899 2236 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:44:57.0946 2236 SCardSvr - ok
10:44:57.0977 2236 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:44:58.0009 2236 scfilter - ok
10:44:58.0071 2236 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:44:58.0133 2236 Schedule - ok
10:44:58.0180 2236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:44:58.0211 2236 SCPolicySvc - ok
10:44:58.0274 2236 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:44:58.0305 2236 sdbus - ok
10:44:58.0352 2236 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:44:58.0399 2236 SDRSVC - ok
10:44:58.0430 2236 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:44:58.0492 2236 secdrv - ok
10:44:58.0539 2236 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:44:58.0601 2236 seclogon - ok
10:44:58.0648 2236 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:44:58.0711 2236 SENS - ok
10:44:58.0742 2236 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:44:58.0789 2236 SensrSvc - ok
10:44:58.0820 2236 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:44:58.0835 2236 Serenum - ok
10:44:58.0867 2236 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:44:58.0882 2236 Serial - ok
10:44:58.0929 2236 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:44:58.0960 2236 sermouse - ok
10:44:59.0007 2236 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:44:59.0069 2236 SessionEnv - ok
10:44:59.0116 2236 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\drivers\SFEP.sys
10:44:59.0132 2236 SFEP - ok
10:44:59.0163 2236 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:44:59.0194 2236 sffdisk - ok
10:44:59.0210 2236 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:44:59.0225 2236 sffp_mmc - ok
10:44:59.0257 2236 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:44:59.0272 2236 sffp_sd - ok
10:44:59.0303 2236 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:44:59.0319 2236 sfloppy - ok
10:44:59.0366 2236 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:44:59.0428 2236 SharedAccess - ok
10:44:59.0491 2236 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:44:59.0537 2236 ShellHWDetection - ok
10:44:59.0615 2236 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:44:59.0631 2236 SiSRaid2 - ok
10:44:59.0647 2236 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:44:59.0662 2236 SiSRaid4 - ok
10:44:59.0725 2236 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:44:59.0740 2236 SkypeUpdate - ok
10:44:59.0756 2236 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:44:59.0818 2236 Smb - ok
10:44:59.0865 2236 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:44:59.0896 2236 SNMPTRAP - ok
10:44:59.0974 2236 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:44:59.0990 2236 SOHCImp - ok
10:45:00.0037 2236 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
10:45:00.0068 2236 SOHDms - ok
10:45:00.0083 2236 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:45:00.0099 2236 SOHDs - ok
10:45:00.0239 2236 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:45:00.0255 2236 SpfService - ok
10:45:00.0317 2236 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:45:00.0333 2236 spldr - ok
10:45:00.0411 2236 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:45:00.0520 2236 Spooler - ok
10:45:00.0645 2236 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:45:00.0770 2236 sppsvc - ok
10:45:00.0801 2236 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:45:00.0848 2236 sppuinotify - ok
10:45:01.0207 2236 [ A892134C28777978ECDE8283DC57AC0F ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
10:45:01.0222 2236 SQLAgent$MSSMLBIZ - ok
10:45:01.0363 2236 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:45:01.0378 2236 SQLBrowser - ok
10:45:01.0597 2236 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:45:01.0612 2236 SQLWriter - ok
10:45:01.0659 2236 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:45:01.0706 2236 srv - ok
10:45:01.0753 2236 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:45:01.0768 2236 srv2 - ok
10:45:01.0799 2236 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:45:01.0815 2236 srvnet - ok
10:45:01.0846 2236 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:45:01.0909 2236 SSDPSRV - ok
10:45:01.0940 2236 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:45:01.0987 2236 SstpSvc - ok
10:45:02.0018 2236 Steam Client Service - ok
10:45:02.0033 2236 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:45:02.0049 2236 stexstor - ok
10:45:02.0080 2236 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:45:02.0111 2236 StillCam - ok
10:45:02.0158 2236 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:45:02.0221 2236 stisvc - ok
10:45:02.0252 2236 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:45:02.0267 2236 swenum - ok
10:45:02.0299 2236 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:45:02.0361 2236 swprv - ok
10:45:02.0423 2236 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:45:02.0470 2236 SysMain - ok
10:45:02.0501 2236 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:45:02.0517 2236 TabletInputService - ok
10:45:02.0564 2236 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
10:45:02.0579 2236 taphss - ok
10:45:02.0611 2236 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:45:02.0673 2236 TapiSrv - ok
10:45:02.0704 2236 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:45:02.0751 2236 TBS - ok
10:45:02.0798 2236 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:45:02.0876 2236 Tcpip - ok
10:45:02.0938 2236 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:45:02.0969 2236 TCPIP6 - ok
10:45:03.0001 2236 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:45:03.0001 2236 tcpipreg - ok
10:45:03.0032 2236 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:45:03.0063 2236 TDPIPE - ok
10:45:03.0094 2236 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:45:03.0125 2236 TDTCP - ok
10:45:03.0157 2236 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:45:03.0188 2236 tdx - ok
10:45:03.0235 2236 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:45:03.0250 2236 TermDD - ok
10:45:03.0281 2236 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:45:03.0359 2236 TermService - ok
10:45:03.0406 2236 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:45:03.0422 2236 Themes - ok
10:45:03.0469 2236 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:45:03.0500 2236 THREADORDER - ok
10:45:03.0515 2236 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:45:03.0593 2236 TrkWks - ok
10:45:03.0671 2236 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:45:03.0734 2236 TrustedInstaller - ok
10:45:03.0765 2236 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:45:03.0812 2236 tssecsrv - ok
10:45:03.0874 2236 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:45:03.0921 2236 TsUsbFlt - ok
10:45:03.0968 2236 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:45:03.0999 2236 tunnel - ok
10:45:04.0030 2236 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:45:04.0046 2236 uagp35 - ok
10:45:04.0093 2236 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:45:04.0093 2236 uCamMonitor - ok
10:45:04.0124 2236 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:45:04.0202 2236 udfs - ok
10:45:04.0233 2236 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:45:04.0249 2236 UI0Detect - ok
10:45:04.0295 2236 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:45:04.0311 2236 uliagpkx - ok
10:45:04.0358 2236 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:45:04.0373 2236 umbus - ok
10:45:04.0420 2236 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:45:04.0451 2236 UmPass - ok
10:45:04.0561 2236 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:45:04.0623 2236 UNS - ok
10:45:04.0654 2236 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:45:04.0717 2236 upnphost - ok
10:45:04.0779 2236 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:45:04.0826 2236 USBAAPL64 - ok
10:45:04.0873 2236 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:45:04.0904 2236 usbaudio - ok
10:45:04.0951 2236 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:45:04.0997 2236 usbccgp - ok
10:45:05.0044 2236 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:45:05.0060 2236 usbcir - ok
10:45:05.0122 2236 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:45:05.0153 2236 usbehci - ok
10:45:05.0185 2236 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:45:05.0231 2236 usbhub - ok
10:45:05.0263 2236 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:45:05.0294 2236 usbohci - ok
10:45:05.0341 2236 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:45:05.0372 2236 usbprint - ok
10:45:05.0403 2236 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:45:05.0465 2236 usbscan - ok
10:45:05.0497 2236 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:45:05.0559 2236 USBSTOR - ok
10:45:05.0575 2236 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:45:05.0606 2236 usbuhci - ok
10:45:05.0637 2236 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:45:05.0653 2236 usbvideo - ok
10:45:05.0668 2236 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:45:05.0731 2236 UxSms - ok
10:45:05.0777 2236 [ 8E68E4AA2D7ABBF7C9159D9D2A38AE0F ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
10:45:05.0793 2236 VAIO Entertainment TV Device Arbitration Service - ok
10:45:05.0871 2236 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
10:45:05.0887 2236 VAIO Event Service - ok
10:45:05.0949 2236 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:45:05.0965 2236 VAIO Power Management - ok
10:45:05.0980 2236 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:45:05.0996 2236 VaultSvc - ok
10:45:06.0074 2236 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:45:06.0121 2236 VCFw - ok
10:45:06.0183 2236 [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:45:06.0214 2236 VcmIAlzMgr - ok
10:45:06.0261 2236 [ CBB9F0D1017E0BED4CB5BBC0EBF26DC1 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
10:45:06.0277 2236 VcmINSMgr - ok
10:45:06.0339 2236 [ C8E3BA694CC5EACEC4C01660ACE40D56 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:45:06.0355 2236 VcmXmlIfHelper - ok
10:45:06.0433 2236 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
10:45:06.0448 2236 VCService - ok
10:45:06.0495 2236 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:45:06.0511 2236 vdrvroot - ok
10:45:06.0557 2236 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:45:06.0604 2236 vds - ok
10:45:06.0635 2236 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:45:06.0667 2236 vga - ok
10:45:06.0682 2236 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:45:06.0729 2236 VgaSave - ok
10:45:06.0745 2236 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:45:06.0760 2236 vhdmp - ok
10:45:06.0791 2236 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:45:06.0807 2236 viaide - ok
10:45:06.0854 2236 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:45:06.0869 2236 volmgr - ok
10:45:06.0916 2236 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:45:06.0932 2236 volmgrx - ok
10:45:06.0994 2236 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:45:07.0025 2236 volsnap - ok
10:45:07.0057 2236 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:45:07.0072 2236 vsmraid - ok
10:45:07.0135 2236 [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:45:07.0150 2236 VSNService ( UnsignedFile.Multi.Generic ) - warning
10:45:07.0150 2236 VSNService - detected UnsignedFile.Multi.Generic (1)
10:45:07.0213 2236 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:45:07.0306 2236 VSS - ok
10:45:07.0462 2236 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
10:45:07.0540 2236 VUAgent - ok
10:45:07.0571 2236 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:45:07.0603 2236 vwifibus - ok
10:45:07.0618 2236 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:45:07.0665 2236 vwififlt - ok
10:45:07.0696 2236 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:45:07.0743 2236 W32Time - ok
10:45:07.0790 2236 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:45:07.0821 2236 WacomPen - ok
10:45:07.0883 2236 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:45:07.0946 2236 WANARP - ok
10:45:07.0946 2236 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:45:07.0993 2236 Wanarpv6 - ok
10:45:08.0273 2236 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:45:08.0320 2236 WatAdminSvc - ok
10:45:08.0398 2236 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:45:08.0492 2236 wbengine - ok
10:45:08.0539 2236 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:45:08.0570 2236 WbioSrvc - ok
10:45:08.0663 2236 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:45:08.0710 2236 wcncsvc - ok
10:45:08.0741 2236 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:45:08.0773 2236 WcsPlugInService - ok
10:45:08.0882 2236 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:45:08.0897 2236 Wd - ok
10:45:08.0929 2236 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:45:08.0960 2236 Wdf01000 - ok
10:45:08.0975 2236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:45:09.0116 2236 WdiServiceHost - ok
10:45:09.0131 2236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:45:09.0147 2236 WdiSystemHost - ok
10:45:09.0209 2236 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:45:09.0256 2236 WebClient - ok
10:45:09.0272 2236 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:45:09.0350 2236 Wecsvc - ok
10:45:09.0365 2236 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:45:09.0428 2236 wercplsupport - ok
10:45:09.0475 2236 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:45:09.0537 2236 WerSvc - ok
10:45:09.0568 2236 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:45:09.0615 2236 WfpLwf - ok
10:45:09.0631 2236 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:45:09.0646 2236 WIMMount - ok
10:45:09.0677 2236 WinDefend - ok
10:45:09.0677 2236 WinHttpAutoProxySvc - ok
10:45:09.0740 2236 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:45:09.0802 2236 Winmgmt - ok
10:45:09.0880 2236 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:45:10.0005 2236 WinRM - ok
10:45:10.0083 2236 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:45:10.0114 2236 WinUsb - ok
10:45:10.0161 2236 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:45:10.0208 2236 Wlansvc - ok
10:45:10.0333 2236 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:45:10.0348 2236 wlcrasvc - ok
10:45:10.0457 2236 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:45:10.0504 2236 wlidsvc - ok
10:45:10.0567 2236 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:45:10.0598 2236 WmiAcpi - ok
10:45:10.0645 2236 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:45:10.0660 2236 wmiApSrv - ok
10:45:10.0691 2236 WMPNetworkSvc - ok
10:45:10.0707 2236 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:45:10.0723 2236 WPCSvc - ok
10:45:10.0769 2236 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:45:10.0785 2236 WPDBusEnum - ok
10:45:10.0847 2236 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:45:10.0894 2236 ws2ifsl - ok
10:45:10.0941 2236 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:45:10.0972 2236 wscsvc - ok
10:45:10.0988 2236 WSearch - ok
10:45:11.0081 2236 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:45:11.0128 2236 wuauserv - ok
10:45:11.0159 2236 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:45:11.0191 2236 WudfPf - ok
10:45:11.0222 2236 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:45:11.0253 2236 WUDFRd - ok
10:45:11.0284 2236 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:45:11.0315 2236 wudfsvc - ok
10:45:11.0331 2236 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:45:11.0362 2236 WwanSvc - ok
10:45:11.0393 2236 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
10:45:11.0440 2236 yukonw7 - ok
10:45:11.0456 2236 ================ Scan global ===============================
10:45:11.0487 2236 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:45:11.0518 2236 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
10:45:11.0518 2236 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
10:45:11.0549 2236 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:45:11.0581 2236 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:45:11.0581 2236 [Global] - ok
10:45:11.0581 2236 ================ Scan MBR ==================================
10:45:11.0596 2236 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:45:12.0064 2236 \Device\Harddisk0\DR0 - ok
10:45:12.0064 2236 ================ Scan VBR ==================================
10:45:12.0064 2236 [ 1032235D7BB4B11E533E1BE8FEEA3097 ] \Device\Harddisk0\DR0\Partition1
10:45:12.0064 2236 \Device\Harddisk0\DR0\Partition1 - ok
10:45:12.0095 2236 [ 4584A85AE6357348D731074694C8B14C ] \Device\Harddisk0\DR0\Partition2
10:45:12.0095 2236 \Device\Harddisk0\DR0\Partition2 - ok
10:45:12.0095 2236 ================ Scan active images ========================
10:45:12.0095 2236 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
10:45:12.0095 2236 C:\Windows\System32\drivers\crashdmp.sys - ok
10:45:12.0111 2236 [ 073A606333B6F7BBF20AA856DF7F0997 ] C:\Windows\System32\drivers\iaStor.sys
10:45:12.0111 2236 C:\Windows\System32\drivers\iaStor.sys - ok
10:45:12.0111 2236 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
10:45:12.0111 2236 C:\Windows\System32\drivers\dumpfve.sys - ok
10:45:12.0111 2236 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
10:45:12.0111 2236 C:\Windows\System32\drivers\beep.sys - ok
10:45:12.0127 2236 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
10:45:12.0127 2236 C:\Windows\System32\drivers\cdrom.sys - ok
10:45:12.0127 2236 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
10:45:12.0127 2236 C:\Windows\System32\drivers\null.sys - ok
10:45:12.0127 2236 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
10:45:12.0127 2236 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:45:12.0127 2236 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
10:45:12.0127 2236 C:\Windows\System32\drivers\vga.sys - ok
10:45:12.0142 2236 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
10:45:12.0142 2236 C:\Windows\System32\drivers\videoprt.sys - ok
10:45:12.0142 2236 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
10:45:12.0142 2236 C:\Windows\System32\drivers\watchdog.sys - ok
10:45:12.0142 2236 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
10:45:12.0142 2236 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:45:12.0142 2236 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
10:45:12.0142 2236 C:\Windows\System32\drivers\RDPREFMP.sys - ok
10:45:12.0158 2236 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
10:45:12.0158 2236 C:\Windows\System32\drivers\msfs.sys - ok
10:45:12.0158 2236 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
10:45:12.0158 2236 C:\Windows\System32\drivers\npfs.sys - ok
10:45:12.0158 2236 [ 6E634525613D48A1D1657FB21F21F3B2 ] C:\Windows\System32\drivers\avgtdia.sys
10:45:12.0158 2236 C:\Windows\System32\drivers\avgtdia.sys - ok
10:45:12.0158 2236 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
10:45:12.0158 2236 C:\Windows\System32\drivers\netbt.sys - ok
10:45:12.0173 2236 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
10:45:12.0173 2236 C:\Windows\System32\drivers\tdi.sys - ok
10:45:12.0173 2236 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
10:45:12.0173 2236 C:\Windows\System32\drivers\tdx.sys - ok
10:45:12.0173 2236 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
10:45:12.0173 2236 C:\Windows\System32\drivers\afd.sys - ok
10:45:12.0173 2236 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
10:45:12.0173 2236 C:\Windows\System32\drivers\ws2ifsl.sys - ok
10:45:12.0189 2236 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
10:45:12.0189 2236 C:\Windows\System32\drivers\wfplwf.sys - ok
10:45:12.0189 2236 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
10:45:12.0189 2236 C:\Windows\System32\drivers\netbios.sys - ok
10:45:12.0189 2236 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
10:45:12.0189 2236 C:\Windows\System32\drivers\pacer.sys - ok
10:45:12.0189 2236 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
10:45:12.0189 2236 C:\Windows\System32\drivers\vwififlt.sys - ok
10:45:12.0205 2236 [ FB9BEF3401EE5ECC2603311B9C64F44A ] C:\Windows\System32\drivers\dtsoftbus01.sys
10:45:12.0205 2236 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
10:45:12.0205 2236 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
10:45:12.0205 2236 C:\Windows\System32\drivers\wanarp.sys - ok
10:45:12.0205 2236 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
10:45:12.0205 2236 C:\Windows\System32\drivers\blbdrive.sys - ok
10:45:12.0205 2236 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
10:45:12.0205 2236 C:\Windows\System32\drivers\dfsc.sys - ok
10:45:12.0205 2236 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
10:45:12.0220 2236 C:\Windows\System32\drivers\discache.sys - ok
10:45:12.0220 2236 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
10:45:12.0220 2236 C:\Windows\System32\drivers\mssmbios.sys - ok
10:45:12.0220 2236 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
10:45:12.0220 2236 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:45:12.0220 2236 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
10:45:12.0220 2236 C:\Windows\System32\drivers\rdbss.sys - ok
10:45:12.0220 2236 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
10:45:12.0220 2236 C:\Windows\System32\drivers\termdd.sys - ok
10:45:12.0236 2236 [ 5989592A91A17587799792A81E1541D4 ] C:\Windows\System32\drivers\avgldx64.sys
10:45:12.0236 2236 C:\Windows\System32\drivers\avgldx64.sys - ok
10:45:12.0236 2236 [ 388056EBD5FE6718FE669078DBE37897 ] C:\Windows\System32\drivers\avgidsdrivera.sys
10:45:12.0236 2236 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
10:45:12.0236 2236 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
10:45:12.0236 2236 C:\Windows\System32\drivers\tunnel.sys - ok
10:45:12.0236 2236 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
10:45:12.0236 2236 C:\Windows\System32\ntdll.dll - ok
10:45:12.0251 2236 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
10:45:12.0251 2236 C:\Windows\System32\smss.exe - ok
10:45:12.0251 2236 [ 961A81A84FDD700E361E8294528A37BA ] C:\Windows\System32\drivers\atikmpag.sys
10:45:12.0251 2236 C:\Windows\System32\drivers\atikmpag.sys - ok
10:45:12.0251 2236 [ 322E5C178990F116F00E3D923F4E6B1C ] C:\Windows\System32\drivers\atikmdag.sys
10:45:12.0251 2236 C:\Windows\System32\drivers\atikmdag.sys - ok
10:45:12.0251 2236 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
10:45:12.0251 2236 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:45:12.0267 2236 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
10:45:12.0267 2236 C:\Windows\System32\drivers\dxgmms1.sys - ok
10:45:12.0267 2236 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
10:45:12.0267 2236 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:45:12.0267 2236 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
10:45:12.0267 2236 C:\Windows\System32\drivers\HECIx64.sys - ok
10:45:12.0267 2236 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
10:45:12.0267 2236 C:\Windows\System32\drivers\usbport.sys - ok
10:45:12.0283 2236 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
10:45:12.0283 2236 C:\Windows\System32\drivers\usbehci.sys - ok
10:45:12.0283 2236 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] C:\Windows\System32\drivers\athrx.sys
10:45:12.0283 2236 C:\Windows\System32\drivers\athrx.sys - ok
10:45:12.0283 2236 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
10:45:12.0283 2236 C:\Windows\System32\drivers\vwifibus.sys - ok
10:45:12.0283 2236 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] C:\Windows\System32\drivers\sdbus.sys
10:45:12.0283 2236 C:\Windows\System32\drivers\sdbus.sys - ok
10:45:12.0298 2236 [ 5CA4ABD888B602551B59BAA26941C167 ] C:\Windows\System32\drivers\rimssne64.sys
10:45:12.0298 2236 C:\Windows\System32\drivers\rimssne64.sys - ok
10:45:12.0298 2236 [ BB6E138AEB351728959DA5E2731D8140 ] C:\Windows\System32\drivers\risdsne64.sys
10:45:12.0298 2236 C:\Windows\System32\drivers\risdsne64.sys - ok
10:45:12.0298 2236 [ 64F88AF327AA74E03658AE32B48CCB8B ] C:\Windows\System32\drivers\yk62x64.sys
10:45:12.0298 2236 C:\Windows\System32\drivers\yk62x64.sys - ok
10:45:12.0298 2236 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
10:45:12.0298 2236 C:\Windows\System32\drivers\i8042prt.sys - ok
10:45:12.0314 2236 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
10:45:12.0314 2236 C:\Windows\System32\drivers\kbdclass.sys - ok
10:45:12.0314 2236 [ 1661F9C9E4B0049FA0A5E30264375A87 ] C:\Windows\System32\drivers\Apfiltr.sys
10:45:12.0314 2236 C:\Windows\System32\drivers\Apfiltr.sys - ok
10:45:12.0314 2236 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
10:45:12.0314 2236 C:\Windows\System32\drivers\mouclass.sys - ok
10:45:12.0314 2236 [ 70F9C476B62DE4F2823E918A6C181ADE ] C:\Windows\System32\drivers\SFEP.sys
10:45:12.0314 2236 C:\Windows\System32\drivers\SFEP.sys - ok
10:45:12.0329 2236 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
10:45:12.0329 2236 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
10:45:12.0329 2236 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
10:45:12.0329 2236 C:\Windows\System32\drivers\CmBatt.sys - ok
10:45:12.0329 2236 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
10:45:12.0329 2236 C:\Windows\System32\drivers\intelppm.sys - ok
10:45:12.0329 2236 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
10:45:12.0329 2236 C:\Windows\System32\drivers\CompositeBus.sys - ok
10:45:12.0345 2236 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
10:45:12.0345 2236 C:\Windows\System32\drivers\agilevpn.sys - ok
10:45:12.0345 2236 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
10:45:12.0345 2236 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:45:12.0345 2236 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
10:45:12.0345 2236 C:\Windows\System32\drivers\ndistapi.sys - ok
10:45:12.0345 2236 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
10:45:12.0345 2236 C:\Windows\System32\drivers\ndiswan.sys - ok
10:45:12.0361 2236 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
10:45:12.0361 2236 C:\Windows\System32\drivers\raspppoe.sys - ok
10:45:12.0361 2236 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
10:45:12.0361 2236 C:\Windows\System32\drivers\raspptp.sys - ok
10:45:12.0361 2236 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
10:45:12.0361 2236 C:\Windows\System32\drivers\rassstp.sys - ok
10:45:12.0361 2236 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
10:45:12.0361 2236 C:\Windows\System32\drivers\ks.sys - ok
10:45:12.0376 2236 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
10:45:12.0376 2236 C:\Windows\System32\drivers\swenum.sys - ok
10:45:12.0376 2236 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
10:45:12.0376 2236 C:\Windows\System32\drivers\umbus.sys - ok
10:45:12.0376 2236 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
10:45:12.0376 2236 C:\Windows\System32\drivers\usbhub.sys - ok
10:45:12.0376 2236 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
10:45:12.0376 2236 C:\Windows\System32\drivers\ndproxy.sys - ok
10:45:12.0392 2236 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
10:45:12.0392 2236 C:\Windows\System32\drivers\drmk.sys - ok
10:45:12.0392 2236 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
10:45:12.0392 2236 C:\Windows\System32\drivers\portcls.sys - ok
10:45:12.0392 2236 [ 4E821C740A675F6D040BE41D59A62B1D ] C:\Windows\System32\drivers\RtHDMIVX.sys
10:45:12.0392 2236 C:\Windows\System32\drivers\RtHDMIVX.sys - ok
10:45:12.0392 2236 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
10:45:12.0392 2236 C:\Windows\System32\drivers\ksthunk.sys - ok
10:45:12.0407 2236 [ 0F144E5F46CB9043004B5E84AA4BCA6A ] C:\Windows\System32\drivers\RTKVHD64.sys
10:45:12.0407 2236 C:\Windows\System32\drivers\RTKVHD64.sys - ok
10:45:12.0407 2236 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
10:45:12.0407 2236 C:\Windows\System32\autochk.exe - ok
10:45:12.0407 2236 [ DC83C9F4130F447EAD187879708C8035 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
10:45:12.0407 2236 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
10:45:12.0407 2236 [ 19A3E3E587D4D369F6EA753DF02F33CD ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
10:45:12.0407 2236 C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
10:45:12.0423 2236 [ 70D1A44B0D05FEC737CC2C9662D6FB70 ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
10:45:12.0423 2236 C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
10:45:12.0423 2236 [ 4848422594D3B6A6BFF438AF0B6D030D ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
10:45:12.0423 2236 C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
10:45:12.0423 2236 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
10:45:12.0423 2236 C:\Windows\System32\drivers\usbccgp.sys - ok
10:45:12.0423 2236 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
10:45:12.0423 2236 C:\Windows\System32\drivers\usbd.sys - ok
10:45:12.0439 2236 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
10:45:12.0439 2236 C:\Windows\System32\drivers\usbvideo.sys - ok
10:45:12.0439 2236 [ C130BC4A51B1382B2BE8E44579EC4C0A ] C:\Windows\System32\drivers\ArcSoftKsUFilter.sys
10:45:12.0439 2236 C:\Windows\System32\drivers\ArcSoftKsUFilter.sys - ok
10:45:12.0439 2236 [ 6E04458E98DAF28826482E41A7A62DF5 ] C:\Windows\System32\drivers\btusbflt.sys
10:45:12.0439 2236 C:\Windows\System32\drivers\btusbflt.sys - ok
10:45:12.0439 2236 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
10:45:12.0439 2236 C:\Windows\System32\drivers\bthport.sys - ok
10:45:12.0454 2236 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
10:45:12.0454 2236 C:\Windows\System32\drivers\BTHUSB.SYS - ok
10:45:12.0454 2236 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] C:\Windows\System32\drivers\dc3d.sys
10:45:12.0454 2236 C:\Windows\System32\drivers\dc3d.sys - ok
10:45:12.0454 2236 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
10:45:12.0454 2236 C:\Windows\System32\drivers\hidparse.sys - ok
10:45:12.0454 2236 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
10:45:12.0454 2236 C:\Windows\System32\drivers\hidclass.sys - ok
10:45:12.0470 2236 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
10:45:12.0470 2236 C:\Windows\System32\drivers\hidusb.sys - ok
10:45:12.0470 2236 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
10:45:12.0470 2236 C:\Windows\System32\drivers\kbdhid.sys - ok
10:45:12.0470 2236 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
10:45:12.0470 2236 C:\Windows\System32\drivers\mouhid.sys - ok
10:45:12.0470 2236 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] C:\Windows\System32\drivers\point64.sys
10:45:12.0470 2236 C:\Windows\System32\drivers\point64.sys - ok
10:45:12.0485 2236 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
10:45:12.0485 2236 C:\Windows\System32\drivers\bthenum.sys - ok
10:45:12.0485 2236 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
10:45:12.0485 2236 C:\Windows\System32\drivers\rfcomm.sys - ok
10:45:12.0485 2236 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
10:45:12.0485 2236 C:\Windows\System32\drivers\bthpan.sys - ok
10:45:12.0485 2236 [ 3972FF09D00347B843B4A2300B4E90CB ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll
10:45:12.0485 2236 C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok
10:45:12.0501 2236 [ 2C19A4BC4D3C714F890A58B4C942077F ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll
10:45:12.0501 2236 C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok
10:45:12.0501 2236 [ B4CF2DAC753DD785FD92076B3CD36CED ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll
10:45:12.0501 2236 C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok
10:45:12.0501 2236 [ CF433BC29D4089D264F24A1ED371941D ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
10:45:12.0501 2236 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
10:45:12.0501 2236 [ 309CF923DE809A67AD0A4FD825430FCC ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
10:45:12.0501 2236 C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
10:45:12.0517 2236 [ C297715529E28F7283EE621CCFDB1DDB ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
10:45:12.0517 2236 C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
10:45:12.0517 2236 [ 06F3F7E9E9B29C32F8702B541E4C2156 ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
10:45:12.0517 2236 C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
10:45:12.0517 2236 [ 275061F56FC648ED884C38A93EAB6FC6 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
10:45:12.0517 2236 C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
10:45:12.0517 2236 [ AAD184F33A9A4A2AECF3CB5247651D01 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
10:45:12.0517 2236 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
10:45:12.0532 2236 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
10:45:12.0532 2236 C:\Windows\System32\difxapi.dll - ok
10:45:12.0532 2236 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
10:45:12.0532 2236 C:\Windows\System32\normaliz.dll - ok
10:45:12.0532 2236 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
10:45:12.0532 2236 C:\Windows\System32\imagehlp.dll - ok
10:45:12.0532 2236 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
10:45:12.0532 2236 C:\Windows\System32\imm32.dll - ok
10:45:12.0548 2236 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
10:45:12.0548 2236 C:\Windows\System32\psapi.dll - ok
10:45:12.0548 2236 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
10:45:12.0548 2236 C:\Windows\System32\urlmon.dll - ok
10:45:12.0548 2236 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
10:45:12.0548 2236 C:\Windows\System32\ole32.dll - ok
10:45:12.0548 2236 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
10:45:12.0548 2236 C:\Windows\System32\clbcatq.dll - ok
10:45:12.0563 2236 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
10:45:12.0563 2236 C:\Windows\System32\nsi.dll - ok
10:45:12.0563 2236 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
10:45:12.0563 2236 C:\Windows\System32\msvcrt.dll - ok
10:45:12.0563 2236 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
10:45:12.0563 2236 C:\Windows\System32\advapi32.dll - ok
10:45:12.0563 2236 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
10:45:12.0563 2236 C:\Windows\System32\user32.dll - ok
10:45:12.0579 2236 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
10:45:12.0579 2236 C:\Windows\System32\ws2_32.dll - ok
10:45:12.0579 2236 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
10:45:12.0579 2236 C:\Windows\System32\comdlg32.dll - ok
10:45:12.0579 2236 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
10:45:12.0579 2236 C:\Windows\System32\kernel32.dll - ok
10:45:12.0579 2236 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
10:45:12.0579 2236 C:\Windows\System32\setupapi.dll - ok
10:45:12.0579 2236 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
10:45:12.0579 2236 C:\Windows\System32\msctf.dll - ok
10:45:12.0595 2236 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
10:45:12.0595 2236 C:\Windows\System32\sechost.dll - ok
10:45:12.0595 2236 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
10:45:12.0595 2236 C:\Windows\System32\oleaut32.dll - ok
10:45:12.0595 2236 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
10:45:12.0595 2236 C:\Windows\System32\iertutil.dll - ok
10:45:12.0595 2236 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
10:45:12.0595 2236 C:\Windows\System32\gdi32.dll - ok
10:45:12.0610 2236 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
10:45:12.0610 2236 C:\Windows\System32\lpk.dll - ok
10:45:12.0610 2236 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
10:45:12.0610 2236 C:\Windows\System32\rpcrt4.dll - ok
10:45:12.0610 2236 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
10:45:12.0610 2236 C:\Windows\System32\shell32.dll - ok
10:45:12.0610 2236 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
10:45:12.0610 2236 C:\Windows\System32\usp10.dll - ok
10:45:12.0626 2236 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
10:45:12.0626 2236 C:\Windows\System32\crypt32.dll - ok
10:45:12.0626 2236 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
10:45:12.0626 2236 C:\Windows\System32\shlwapi.dll - ok
10:45:12.0626 2236 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
10:45:12.0626 2236 C:\Windows\System32\wininet.dll - ok
10:45:12.0626 2236 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
10:45:12.0626 2236 C:\Windows\System32\Wldap32.dll - ok
10:45:12.0641 2236 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
10:45:12.0641 2236 C:\Windows\System32\KernelBase.dll - ok
10:45:12.0641 2236 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
10:45:12.0641 2236 C:\Windows\System32\cfgmgr32.dll - ok
10:45:12.0641 2236 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
10:45:12.0641 2236 C:\Windows\System32\comctl32.dll - ok
10:45:12.0641 2236 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
10:45:12.0641 2236 C:\Windows\System32\devobj.dll - ok
10:45:12.0657 2236 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
10:45:12.0657 2236 C:\Windows\System32\msasn1.dll - ok
10:45:12.0657 2236 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
10:45:12.0657 2236 C:\Windows\System32\wintrust.dll - ok
10:45:12.0657 2236 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
10:45:12.0657 2236 C:\Windows\SysWOW64\normaliz.dll - ok
10:45:12.0657 2236 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
10:45:12.0657 2236 C:\Windows\System32\drivers\dxapi.sys - ok
10:45:12.0673 2236 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
10:45:12.0673 2236 C:\Windows\System32\win32k.sys - ok
10:45:12.0673 2236 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
10:45:12.0673 2236 C:\Windows\System32\basesrv.dll - ok
10:45:12.0673 2236 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
10:45:12.0673 2236 C:\Windows\System32\csrsrv.dll - ok
10:45:12.0673 2236 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
10:45:12.0673 2236 C:\Windows\System32\csrss.exe - ok
10:45:12.0673 2236 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
10:45:12.0673 2236 C:\Windows\System32\winsrv.dll - ok
10:45:12.0688 2236 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
10:45:12.0688 2236 C:\Windows\System32\drivers\monitor.sys - ok
10:45:12.0688 2236 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
10:45:12.0688 2236 C:\Windows\System32\tsddd.dll - ok
10:45:12.0688 2236 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
10:45:12.0688 2236 C:\Windows\System32\sxssrv.dll - ok
10:45:12.0688 2236 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
10:45:12.0688 2236 C:\Windows\System32\wininit.exe - ok
10:45:12.0704 2236 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
10:45:12.0704 2236 C:\Windows\System32\profapi.dll - ok
10:45:12.0704 2236 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
10:45:12.0704 2236 C:\Windows\System32\cdd.dll - ok
10:45:12.0704 2236 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
10:45:12.0704 2236 C:\Windows\System32\RpcRtRemote.dll - ok
10:45:12.0704 2236 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
10:45:12.0704 2236 C:\Windows\System32\KBDUK.DLL - ok
10:45:12.0719 2236 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
10:45:12.0719 2236 C:\Windows\System32\winlogon.exe - ok
10:45:12.0719 2236 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
10:45:12.0719 2236 C:\Windows\System32\winsta.dll - ok
10:45:12.0719 2236 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
10:45:12.0719 2236 C:\Windows\System32\WlS0WndH.dll - ok
10:45:12.0719 2236 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
10:45:12.0719 2236 C:\Windows\System32\sxs.dll - ok
10:45:12.0735 2236 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
10:45:12.0735 2236 C:\Windows\System32\cryptbase.dll - ok
10:45:12.0735 2236 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
10:45:12.0735 2236 C:\Windows\System32\apphelp.dll - ok
10:45:12.0735 2236 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
10:45:12.0735 2236 C:\Windows\System32\services.exe - ok
10:45:12.0735 2236 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
10:45:12.0735 2236 C:\Windows\System32\lsass.exe - ok
10:45:12.0751 2236 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
10:45:12.0751 2236 C:\Windows\System32\lsm.exe - ok
10:45:12.0751 2236 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
10:45:12.0751 2236 C:\Windows\System32\lsasrv.dll - ok
10:45:12.0751 2236 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
10:45:12.0751 2236 C:\Windows\System32\sspisrv.dll - ok
10:45:12.0751 2236 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
10:45:12.0751 2236 C:\Windows\System32\sysntfy.dll - ok
10:45:12.0766 2236 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
10:45:12.0766 2236 C:\Windows\System32\wmsgapi.dll - ok
10:45:12.0766 2236 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
10:45:12.0766 2236 C:\Windows\System32\samsrv.dll - ok
10:45:12.0766 2236 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
10:45:12.0766 2236 C:\Windows\System32\scext.dll - ok
10:45:12.0766 2236 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
10:45:12.0766 2236 C:\Windows\System32\sspicli.dll - ok
10:45:12.0782 2236 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
10:45:12.0782 2236 C:\Windows\System32\cryptdll.dll - ok
10:45:12.0782 2236 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
10:45:12.0782 2236 C:\Windows\System32\scesrv.dll - ok
10:45:12.0782 2236 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
10:45:12.0782 2236 C:\Windows\System32\secur32.dll - ok
10:45:12.0782 2236 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
10:45:12.0782 2236 C:\Windows\System32\srvcli.dll - ok
10:45:12.0782 2236 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
10:45:12.0782 2236 C:\Windows\System32\wevtapi.dll - ok
10:45:12.0797 2236 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
10:45:12.0797 2236 C:\Windows\System32\authz.dll - ok
10:45:12.0797 2236 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
10:45:12.0797 2236 C:\Windows\System32\bcrypt.dll - ok
10:45:12.0797 2236 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
10:45:12.0797 2236 C:\Windows\System32\cngaudit.dll - ok
10:45:12.0797 2236 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
10:45:12.0797 2236 C:\Windows\System32\ncrypt.dll - ok
10:45:12.0813 2236 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
10:45:12.0813 2236 C:\Windows\System32\msprivs.dll - ok
10:45:12.0813 2236 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
10:45:12.0813 2236 C:\Windows\System32\netjoin.dll - ok
10:45:12.0813 2236 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
10:45:12.0813 2236 C:\Windows\System32\cryptsp.dll - ok
10:45:12.0813 2236 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
10:45:12.0813 2236 C:\Windows\System32\kerberos.dll - ok
10:45:12.0829 2236 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
10:45:12.0829 2236 C:\Windows\System32\mswsock.dll - ok
10:45:12.0829 2236 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
10:45:12.0829 2236 C:\Windows\System32\negoexts.dll - ok
10:45:12.0829 2236 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
10:45:12.0829 2236 C:\Windows\System32\dnsapi.dll - ok
10:45:12.0829 2236 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
10:45:12.0829 2236 C:\Windows\System32\logoncli.dll - ok
10:45:12.0844 2236 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
10:45:12.0844 2236 C:\Windows\System32\msv1_0.dll - ok
10:45:12.0844 2236 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
10:45:12.0844 2236 C:\Windows\System32\netlogon.dll - ok
10:45:12.0844 2236 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
10:45:12.0844 2236 C:\Windows\System32\schannel.dll - ok
10:45:12.0844 2236 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
10:45:12.0844 2236 C:\Windows\System32\wship6.dll - ok
10:45:12.0860 2236 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
10:45:12.0860 2236 C:\Windows\System32\wdigest.dll - ok
10:45:12.0860 2236 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
10:45:12.0860 2236 C:\Windows\System32\rsaenh.dll - ok
10:45:12.0860 2236 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
10:45:12.0860 2236 C:\Windows\System32\pku2u.dll - ok
10:45:12.0860 2236 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
10:45:12.0860 2236 C:\Windows\System32\TSpkg.dll - ok
10:45:12.0860 2236 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
10:45:12.0860 2236 C:\Windows\System32\LIVESSP.DLL - ok
10:45:12.0875 2236 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
10:45:12.0875 2236 C:\Windows\System32\bcryptprimitives.dll - ok
10:45:12.0875 2236 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
10:45:12.0875 2236 C:\Windows\System32\credssp.dll - ok
10:45:12.0875 2236 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
10:45:12.0875 2236 C:\Windows\System32\efslsaext.dll - ok
10:45:12.0875 2236 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
10:45:12.0875 2236 C:\Windows\System32\ubpm.dll - ok
10:45:12.0891 2236 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
10:45:12.0891 2236 C:\Windows\System32\scecli.dll - ok
10:45:12.0891 2236 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
10:45:12.0891 2236 C:\Windows\System32\devrtl.dll - ok
10:45:12.0891 2236 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
10:45:12.0891 2236 C:\Windows\System32\SPInf.dll - ok
10:45:12.0891 2236 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
10:45:12.0891 2236 C:\Windows\System32\svchost.exe - ok
10:45:12.0907 2236 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
10:45:12.0907 2236 C:\Windows\System32\umpnpmgr.dll - ok
10:45:12.0907 2236 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
10:45:12.0907 2236 C:\Windows\System32\gpapi.dll - ok
10:45:12.0907 2236 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
10:45:12.0907 2236 C:\Windows\System32\umpo.dll - ok
10:45:12.0907 2236 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
10:45:12.0907 2236 C:\Windows\System32\userenv.dll - ok
10:45:12.0922 2236 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
10:45:12.0922 2236 C:\Windows\System32\pcwum.dll - ok
10:45:12.0922 2236 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
10:45:12.0922 2236 C:\Windows\System32\powrprof.dll - ok
10:45:12.0922 2236 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
10:45:12.0922 2236 C:\Windows\System32\drivers\luafv.sys - ok
10:45:12.0922 2236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
10:45:12.0922 2236 C:\Windows\System32\rpcss.dll - ok
10:45:12.0938 2236 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
10:45:12.0938 2236 C:\Windows\System32\RpcEpMap.dll - ok
10:45:12.0938 2236 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
10:45:12.0938 2236 C:\Windows\System32\WSHTCPIP.DLL - ok
10:45:12.0938 2236 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
10:45:12.0938 2236 C:\Windows\System32\wshqos.dll - ok
10:45:12.0938 2236 [ 5EC60409BD50953BD4F892B18840039E ] C:\Windows\System32\atiesrxx.exe
10:45:12.0938 2236 C:\Windows\System32\atiesrxx.exe - ok
10:45:12.0953 2236 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
10:45:12.0953 2236 C:\Windows\System32\FirewallAPI.dll - ok
10:45:12.0953 2236 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
10:45:12.0953 2236 C:\Windows\System32\version.dll - ok
10:45:12.0953 2236 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
10:45:12.0953 2236 C:\Windows\System32\wtsapi32.dll - ok
10:45:12.0953 2236 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
10:45:12.0953 2236 C:\Windows\System32\LogonUI.exe - ok
10:45:12.0969 2236 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
10:45:12.0969 2236 C:\Windows\System32\authui.dll - ok
10:45:12.0969 2236 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
10:45:12.0969 2236 C:\Windows\System32\cryptui.dll - ok
10:45:12.0969 2236 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
10:45:12.0969 2236 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
10:45:12.0969 2236 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
10:45:12.0969 2236 C:\Windows\System32\shacct.dll - ok
10:45:12.0985 2236 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
10:45:12.0985 2236 C:\Windows\System32\propsys.dll - ok
10:45:12.0985 2236 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
10:45:12.0985 2236 C:\Windows\System32\samlib.dll - ok
10:45:12.0985 2236 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
10:45:12.0985 2236 C:\Windows\System32\uxtheme.dll - ok
10:45:12.0985 2236 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
10:45:12.0985 2236 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
10:45:13.0000 2236 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
10:45:13.0000 2236 C:\Windows\System32\dui70.dll - ok
10:45:13.0000 2236 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
10:45:13.0000 2236 C:\Windows\System32\duser.dll - ok
10:45:13.0000 2236 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
10:45:13.0000 2236 C:\Windows\System32\hid.dll - ok
10:45:13.0000 2236 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
10:45:13.0000 2236 C:\Windows\System32\MMDevAPI.dll - ok
10:45:13.0016 2236 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
10:45:13.0016 2236 C:\Windows\System32\SndVolSSO.dll - ok
10:45:13.0016 2236 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
10:45:13.0016 2236 C:\Windows\System32\dwmapi.dll - ok
10:45:13.0016 2236 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
10:45:13.0016 2236 C:\Windows\System32\xmllite.dll - ok
10:45:13.0016 2236 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
10:45:13.0016 2236 C:\Windows\System32\WindowsCodecs.dll - ok
10:45:13.0031 2236 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
10:45:13.0031 2236 C:\Windows\System32\wevtsvc.dll - ok
10:45:13.0031 2236 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
10:45:13.0031 2236 C:\Windows\System32\winbrand.dll - ok
10:45:13.0031 2236 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
10:45:13.0031 2236 C:\Windows\System32\BioCredProv.dll - ok
10:45:13.0031 2236 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:45:13.0031 2236 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:45:13.0047 2236 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
10:45:13.0047 2236 C:\Windows\System32\VaultCredProvider.dll - ok
10:45:13.0047 2236 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
10:45:13.0047 2236 C:\Windows\System32\audiosrv.dll - ok
10:45:13.0047 2236 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
10:45:13.0047 2236 C:\Windows\System32\credui.dll - ok
10:45:13.0063 2236 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
10:45:13.0063 2236 C:\Windows\System32\vaultcli.dll - ok
10:45:13.0063 2236 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
10:45:13.0063 2236 C:\Windows\System32\winbio.dll - ok
10:45:13.0063 2236 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
10:45:13.0063 2236 C:\Windows\System32\avrt.dll - ok
10:45:13.0063 2236 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
10:45:13.0063 2236 C:\Windows\System32\mmcss.dll - ok
10:45:13.0078 2236 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
10:45:13.0078 2236 C:\Windows\System32\netapi32.dll - ok
10:45:13.0078 2236 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
10:45:13.0078 2236 C:\Windows\System32\netutils.dll - ok
10:45:13.0078 2236 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
10:45:13.0078 2236 C:\Windows\System32\samcli.dll - ok
10:45:13.0078 2236 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
10:45:13.0078 2236 C:\Windows\System32\wkscli.dll - ok
10:45:13.0094 2236 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
10:45:13.0094 2236 C:\Windows\System32\audiodg.exe - ok
10:45:13.0094 2236 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
10:45:13.0094 2236 C:\Windows\System32\certCredProvider.dll - ok
10:45:13.0094 2236 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
10:45:13.0094 2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
10:45:13.0094 2236 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
10:45:13.0094 2236 C:\Windows\System32\netprofm.dll - ok
10:45:13.0109 2236 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
10:45:13.0109 2236 C:\Windows\System32\ntmarta.dll - ok
10:45:13.0109 2236 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
10:45:13.0109 2236 C:\Windows\System32\rasapi32.dll - ok
10:45:13.0109 2236 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
10:45:13.0109 2236 C:\Windows\System32\rasman.dll - ok
10:45:13.0109 2236 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
10:45:13.0109 2236 C:\Windows\System32\rasplap.dll - ok
10:45:13.0125 2236 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
10:45:13.0125 2236 C:\Windows\System32\rtutils.dll - ok
10:45:13.0125 2236 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
10:45:13.0125 2236 C:\Windows\System32\adtschema.dll - ok
10:45:13.0125 2236 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
10:45:13.0125 2236 C:\Windows\System32\wlansvc.dll - ok
10:45:13.0125 2236 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
10:45:13.0125 2236 C:\Windows\System32\gpsvc.dll - ok
10:45:13.0141 2236 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
10:45:13.0141 2236 C:\Windows\System32\nlaapi.dll - ok
10:45:13.0141 2236 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
10:45:13.0141 2236 C:\Windows\System32\themeservice.dll - ok
10:45:13.0141 2236 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
10:45:13.0141 2236 C:\Windows\System32\atl.dll - ok
10:45:13.0141 2236 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
10:45:13.0141 2236 C:\Windows\System32\profsvc.dll - ok
10:45:13.0141 2236 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
10:45:13.0141 2236 C:\Windows\System32\dsrole.dll - ok
10:45:13.0156 2236 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
10:45:13.0156 2236 C:\Windows\System32\slc.dll - ok
10:45:13.0156 2236 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
10:45:13.0156 2236 C:\Windows\System32\es.dll - ok
10:45:13.0156 2236 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
10:45:13.0156 2236 C:\Windows\System32\Sens.dll - ok
10:45:13.0156 2236 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
10:45:13.0156 2236 C:\Windows\System32\drivers\lltdio.sys - ok
10:45:13.0172 2236 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
10:45:13.0172 2236 C:\Windows\System32\drivers\nwifi.sys - ok
10:45:13.0172 2236 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
10:45:13.0172 2236 C:\Windows\System32\uxsms.dll - ok
10:45:13.0172 2236 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
10:45:13.0172 2236 C:\Windows\System32\drivers\ndisuio.sys - ok
10:45:13.0172 2236 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
10:45:13.0172 2236 C:\Windows\System32\drivers\rspndr.sys - ok
10:45:13.0187 2236 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
10:45:13.0187 2236 C:\Windows\System32\lmhsvc.dll - ok
10:45:13.0187 2236 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
10:45:13.0187 2236 C:\Windows\System32\nsisvc.dll - ok
10:45:13.0187 2236 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
10:45:13.0187 2236 C:\Windows\System32\dnsrslvr.dll - ok
10:45:13.0187 2236 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
10:45:13.0187 2236 C:\Windows\System32\keyiso.dll - ok
10:45:13.0203 2236 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
10:45:13.0203 2236 C:\Windows\System32\eapphost.dll - ok
10:45:13.0203 2236 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
10:45:13.0203 2236 C:\Windows\System32\eapsvc.dll - ok
10:45:13.0203 2236 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
10:45:13.0203 2236 C:\Windows\System32\IPHLPAPI.DLL - ok
10:45:13.0203 2236 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
10:45:13.0203 2236 C:\Windows\System32\winnsi.dll - ok
10:45:13.0219 2236 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
10:45:13.0219 2236 C:\Windows\System32\dhcpcore.dll - ok
10:45:13.0219 2236 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
10:45:13.0219 2236 C:\Windows\System32\dhcpcore6.dll - ok
10:45:13.0219 2236 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
10:45:13.0219 2236 C:\Windows\System32\dnsext.dll - ok
10:45:13.0219 2236 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
10:45:13.0219 2236 C:\Windows\System32\eappprxy.dll - ok
10:45:13.0234 2236 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
10:45:13.0234 2236 C:\Windows\System32\FWPUCLNT.DLL - ok
10:45:13.0234 2236 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
10:45:13.0234 2236 C:\Windows\System32\nrpsrv.dll - ok
10:45:13.0234 2236 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
10:45:13.0234 2236 C:\Windows\System32\onex.dll - ok
10:45:13.0234 2236 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
10:45:13.0234 2236 C:\Windows\System32\umb.dll - ok
10:45:13.0250 2236 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
10:45:13.0250 2236 C:\Windows\System32\wlanmsm.dll - ok
10:45:13.0250 2236 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
10:45:13.0250 2236 C:\Windows\System32\wlansec.dll - ok
10:45:13.0250 2236 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
10:45:13.0250 2236 C:\Windows\System32\dhcpcsvc.dll - ok
10:45:13.0250 2236 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
10:45:13.0250 2236 C:\Windows\System32\dhcpcsvc6.dll - ok
10:45:13.0265 2236 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
10:45:13.0265 2236 C:\Windows\System32\eappcfg.dll - ok
10:45:13.0265 2236 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
10:45:13.0265 2236 C:\Windows\System32\l2gpstore.dll - ok
10:45:13.0265 2236 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
10:45:13.0265 2236 C:\Windows\System32\msxml6.dll - ok
10:45:13.0265 2236 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
10:45:13.0265 2236 C:\Windows\System32\WinSCard.dll - ok
10:45:13.0281 2236 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
10:45:13.0281 2236 C:\Windows\System32\wlanutil.dll - ok
10:45:13.0281 2236 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
10:45:13.0281 2236 C:\Windows\System32\wlgpclnt.dll - ok
10:45:13.0281 2236 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
10:45:13.0281 2236 C:\Windows\System32\winmm.dll - ok
10:45:13.0281 2236 [ E543D373382C3B76D3BC27585DEF3907 ] C:\Windows\System32\atmfd.dll
10:45:13.0281 2236 C:\Windows\System32\atmfd.dll - ok
10:45:13.0297 2236 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
10:45:13.0297 2236 C:\Windows\System32\wdmaud.drv - ok
10:45:13.0297 2236 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
10:45:13.0297 2236 C:\Windows\System32\ksuser.dll - ok
10:45:13.0297 2236 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
10:45:13.0297 2236 C:\Windows\System32\shsvcs.dll - ok
10:45:13.0297 2236 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
10:45:13.0297 2236 C:\Windows\System32\AudioSes.dll - ok
10:45:13.0312 2236 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
10:45:13.0312 2236 C:\Windows\System32\ktmw32.dll - ok
10:45:13.0312 2236 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
10:45:13.0312 2236 C:\Windows\System32\msacm32.dll - ok
10:45:13.0312 2236 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
10:45:13.0312 2236 C:\Windows\System32\msacm32.drv - ok
10:45:13.0312 2236 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
10:45:13.0312 2236 C:\Windows\System32\schedsvc.dll - ok
10:45:13.0328 2236 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
10:45:13.0328 2236 C:\Windows\System32\midimap.dll - ok
10:45:13.0328 2236 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
10:45:13.0328 2236 C:\Windows\System32\AudioEng.dll - ok
10:45:13.0328 2236 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
10:45:13.0328 2236 C:\Windows\System32\AUDIOKSE.dll - ok
10:45:13.0328 2236 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
10:45:13.0328 2236 C:\Windows\System32\fveapi.dll - ok
10:45:13.0343 2236 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
10:45:13.0343 2236 C:\Windows\System32\fvecerts.dll - ok
10:45:13.0343 2236 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
10:45:13.0343 2236 C:\Windows\System32\tbs.dll - ok
10:45:13.0343 2236 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
10:45:13.0343 2236 C:\Windows\System32\wiarpc.dll - ok
10:45:13.0343 2236 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
10:45:13.0343 2236 C:\Windows\System32\taskcomp.dll - ok
10:45:13.0359 2236 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
10:45:13.0359 2236 C:\Windows\System32\drivers\http.sys - ok
10:45:13.0359 2236 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
10:45:13.0359 2236 C:\Windows\System32\spoolsv.exe - ok
10:45:13.0359 2236 [ F5B749CBD0C421643306420340631E54 ] C:\Windows\System32\RtkAPO64.dll
10:45:13.0359 2236 C:\Windows\System32\RtkAPO64.dll - ok
10:45:13.0359 2236 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
10:45:13.0359 2236 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:45:13.0375 2236 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
10:45:13.0375 2236 C:\Windows\System32\mfplat.dll - ok
10:45:13.0375 2236 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
10:45:13.0375 2236 C:\Windows\System32\rastls.dll - ok
10:45:13.0375 2236 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
10:45:13.0375 2236 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
10:45:13.0375 2236 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
10:45:13.0375 2236 C:\Windows\System32\BFE.DLL - ok
10:45:13.0390 2236 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
10:45:13.0390 2236 C:\Windows\System32\raschap.dll - ok
10:45:13.0390 2236 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
10:45:13.0390 2236 C:\Windows\System32\drivers\bowser.sys - ok
10:45:13.0390 2236 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
10:45:13.0390 2236 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:45:13.0390 2236 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
10:45:13.0390 2236 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:45:13.0406 2236 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
10:45:13.0406 2236 C:\Windows\System32\MPSSVC.dll - ok
10:45:13.0406 2236 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
10:45:13.0406 2236 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:45:13.0406 2236 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
10:45:13.0406 2236 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:45:13.0406 2236 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
10:45:13.0406 2236 C:\Windows\System32\wfapigp.dll - ok
10:45:13.0421 2236 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
10:45:13.0421 2236 C:\Windows\System32\wkssvc.dll - ok
10:45:13.0421 2236 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
10:45:13.0421 2236 C:\Windows\System32\netcfgx.dll - ok
10:45:13.0421 2236 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
10:45:13.0421 2236 C:\Windows\System32\mscms.dll - ok
10:45:13.0421 2236 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
10:45:13.0421 2236 C:\Windows\System32\pcasvc.dll - ok
10:45:13.0421 2236 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
10:45:13.0421 2236 C:\Windows\System32\snmptrap.exe - ok
10:45:13.0437 2236 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
10:45:13.0437 2236 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
10:45:13.0437 2236 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
10:45:13.0437 2236 C:\Windows\System32\provsvc.dll - ok
10:45:13.0437 2236 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:45:13.0437 2236 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
10:45:13.0453 2236 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
10:45:13.0453 2236 C:\Windows\SysWOW64\ntdll.dll - ok
10:45:13.0453 2236 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
10:45:13.0453 2236 C:\Windows\System32\wow64.dll - ok
10:45:13.0453 2236 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
10:45:13.0453 2236 C:\Windows\System32\wow64cpu.dll - ok
10:45:13.0453 2236 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
10:45:13.0453 2236 C:\Windows\System32\wow64win.dll - ok
10:45:13.0453 2236 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
10:45:13.0453 2236 C:\Windows\SysWOW64\kernel32.dll - ok
10:45:13.0468 2236 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
10:45:13.0468 2236 C:\Windows\System32\sstpsvc.dll - ok
10:45:13.0468 2236 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
10:45:13.0468 2236 C:\Windows\SysWOW64\advapi32.dll - ok
10:45:13.0468 2236 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
10:45:13.0468 2236 C:\Windows\SysWOW64\KernelBase.dll - ok
10:45:13.0468 2236 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
10:45:13.0468 2236 C:\Windows\SysWOW64\msvcrt.dll - ok
10:45:13.0484 2236 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
10:45:13.0484 2236 C:\Windows\SysWOW64\cryptbase.dll - ok
10:45:13.0484 2236 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
10:45:13.0484 2236 C:\Windows\SysWOW64\rpcrt4.dll - ok
10:45:13.0484 2236 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
10:45:13.0484 2236 C:\Windows\SysWOW64\sechost.dll - ok
10:45:13.0484 2236 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
10:45:13.0484 2236 C:\Windows\SysWOW64\sspicli.dll - ok
10:45:13.0499 2236 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:45:13.0499 2236 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:45:13.0499 2236 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:45:13.0499 2236 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:45:13.0499 2236 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
10:45:13.0499 2236 C:\Windows\SysWOW64\gdi32.dll - ok
10:45:13.0499 2236 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
10:45:13.0499 2236 C:\Windows\SysWOW64\lpk.dll - ok
10:45:13.0515 2236 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
10:45:13.0515 2236 C:\Windows\SysWOW64\shlwapi.dll - ok
10:45:13.0515 2236 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
10:45:13.0515 2236 C:\Windows\SysWOW64\user32.dll - ok
10:45:13.0515 2236 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
10:45:13.0515 2236 C:\Windows\SysWOW64\usp10.dll - ok
10:45:13.0515 2236 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
10:45:13.0515 2236 C:\Windows\SysWOW64\imm32.dll - ok
10:45:13.0531 2236 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
10:45:13.0531 2236 C:\Windows\SysWOW64\msctf.dll - ok
10:45:13.0531 2236 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
10:45:13.0531 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
10:45:13.0531 2236 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
10:45:13.0531 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
10:45:13.0531 2236 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
10:45:13.0531 2236 C:\Windows\SysWOW64\version.dll - ok
10:45:13.0546 2236 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
10:45:13.0546 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
10:45:13.0546 2236 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:45:13.0546 2236 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:45:13.0546 2236 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
10:45:13.0546 2236 C:\Windows\SysWOW64\shell32.dll - ok
10:45:13.0562 2236 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
10:45:13.0562 2236 C:\Windows\SysWOW64\nsi.dll - ok
10:45:13.0562 2236 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
10:45:13.0562 2236 C:\Windows\SysWOW64\ws2_32.dll - ok
10:45:13.0562 2236 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
10:45:13.0562 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
10:45:13.0562 2236 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
10:45:13.0562 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
10:45:13.0577 2236 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
10:45:13.0577 2236 C:\Windows\SysWOW64\wsock32.dll - ok
10:45:13.0577 2236 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
10:45:13.0577 2236 C:\Windows\System32\WUDFPlatform.dll - ok
10:45:13.0577 2236 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
10:45:13.0577 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
10:45:13.0577 2236 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
10:45:13.0577 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
10:45:13.0593 2236 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
10:45:13.0593 2236 C:\Windows\SysWOW64\winmm.dll - ok
10:45:13.0593 2236 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
10:45:13.0593 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
10:45:13.0593 2236 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
10:45:13.0593 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
10:45:13.0593 2236 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
10:45:13.0593 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
10:45:13.0609 2236 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
10:45:13.0609 2236 C:\Windows\SysWOW64\ole32.dll - ok
10:45:13.0609 2236 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
10:45:13.0609 2236 C:\Windows\SysWOW64\profapi.dll - ok
10:45:13.0609 2236 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
10:45:13.0609 2236 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
10:45:13.0609 2236 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
10:45:13.0609 2236 C:\Windows\SysWOW64\setupapi.dll - ok
10:45:13.0624 2236 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
10:45:13.0624 2236 C:\Windows\SysWOW64\cfgmgr32.dll - ok
10:45:13.0624 2236 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
10:45:13.0624 2236 C:\Windows\SysWOW64\devobj.dll - ok
10:45:13.0624 2236 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
10:45:13.0624 2236 C:\Windows\SysWOW64\oleaut32.dll - ok
10:45:13.0624 2236 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
10:45:13.0624 2236 C:\Windows\SysWOW64\userenv.dll - ok
10:45:13.0640 2236 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
10:45:13.0640 2236 C:\Windows\SysWOW64\wtsapi32.dll - ok
10:45:13.0640 2236 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
10:45:13.0640 2236 C:\Windows\System32\drivers\fltMgr.sys - ok

10:45:13.0640 2236 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
10:45:13.0640 2236 C:\Windows\System32\comres.dll - ok
10:45:13.0640 2236 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
10:45:13.0640 2236 C:\Windows\System32\PSHED.DLL - ok
10:45:13.0655 2236 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
10:45:13.0655 2236 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
10:45:13.0655 2236 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
10:45:13.0655 2236 C:\Windows\System32\taskeng.exe - ok
10:45:13.0655 2236 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
10:45:13.0655 2236 C:\Windows\System32\TSChannel.dll - ok
10:45:13.0655 2236 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
10:45:13.0655 2236 C:\Windows\SysWOW64\dnssd.dll - ok
10:45:13.0655 2236 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
10:45:13.0655 2236 C:\Windows\SysWOW64\ntmarta.dll - ok
10:45:13.0671 2236 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
10:45:13.0671 2236 C:\Windows\SysWOW64\Wldap32.dll - ok
10:45:13.0671 2236 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
10:45:13.0671 2236 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
10:45:13.0671 2236 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
10:45:13.0671 2236 C:\Windows\SysWOW64\mswsock.dll - ok
10:45:13.0671 2236 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
10:45:13.0671 2236 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
10:45:13.0687 2236 [ 56C73C5BC1656656CAC38A23B4310466 ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
10:45:13.0687 2236 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
10:45:13.0687 2236 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
10:45:13.0687 2236 C:\Windows\SysWOW64\iertutil.dll - ok
10:45:13.0687 2236 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
10:45:13.0687 2236 C:\Windows\SysWOW64\wininet.dll - ok
10:45:13.0687 2236 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
10:45:13.0687 2236 C:\Windows\SysWOW64\urlmon.dll - ok
10:45:13.0702 2236 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
10:45:13.0702 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
10:45:13.0702 2236 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
10:45:13.0702 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
10:45:13.0702 2236 [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
10:45:13.0702 2236 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
10:45:13.0718 2236 [ 40D70FDA37369916B6078EC4DF4BE49F ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
10:45:13.0718 2236 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
10:45:13.0718 2236 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
10:45:13.0718 2236 C:\Windows\SysWOW64\crypt32.dll - ok
10:45:13.0718 2236 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
10:45:13.0718 2236 C:\Windows\SysWOW64\msasn1.dll - ok
10:45:13.0718 2236 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
10:45:13.0718 2236 C:\Windows\SysWOW64\msvcp100.dll - ok
10:45:13.0718 2236 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
10:45:13.0718 2236 C:\Windows\SysWOW64\msvcr100.dll - ok
10:45:13.0733 2236 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
10:45:13.0733 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
10:45:13.0733 2236 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
10:45:13.0733 2236 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
10:45:13.0733 2236 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
10:45:13.0733 2236 C:\Windows\SysWOW64\psapi.dll - ok
10:45:13.0749 2236 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
10:45:13.0749 2236 C:\Windows\SysWOW64\winnsi.dll - ok
10:45:13.0749 2236 [ F036DB9CF05B3C21405403FF074A78D9 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
10:45:13.0749 2236 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
10:45:13.0749 2236 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
10:45:13.0749 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
10:45:13.0749 2236 [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
10:45:13.0749 2236 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
10:45:13.0765 2236 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
10:45:13.0765 2236 C:\Windows\SysWOW64\wintrust.dll - ok
10:45:13.0765 2236 [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
10:45:13.0765 2236 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
10:45:13.0765 2236 [ F59BEDB7C098DAE90DC5C9EB5296621A ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
10:45:13.0765 2236 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
10:45:13.0765 2236 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
10:45:13.0765 2236 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
10:45:13.0780 2236 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
10:45:13.0780 2236 C:\Program Files\Bonjour\mDNSResponder.exe - ok
10:45:13.0780 2236 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
10:45:13.0780 2236 C:\Windows\System32\cryptnet.dll - ok
10:45:13.0780 2236 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
10:45:13.0780 2236 C:\Windows\System32\cryptsvc.dll - ok
10:45:13.0780 2236 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
10:45:13.0780 2236 C:\Windows\System32\dps.dll - ok
10:45:13.0796 2236 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
10:45:13.0796 2236 C:\Windows\System32\UXInit.dll - ok
10:45:13.0796 2236 [ A375E101F5D90F4E217C3F668159A952 ] C:\Windows\System32\atieclxx.exe
10:45:13.0796 2236 C:\Windows\System32\atieclxx.exe - ok
10:45:13.0796 2236 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
10:45:13.0796 2236 C:\Windows\System32\taskschd.dll - ok
10:45:13.0796 2236 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
10:45:13.0796 2236 C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe - ok
10:45:13.0811 2236 [ 6B97200F1FA6427E4E3D8CC7E50FF49A ] C:\Windows\System32\atiadlxx.dll
10:45:13.0811 2236 C:\Windows\System32\atiadlxx.dll - ok
10:45:13.0811 2236 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
10:45:13.0811 2236 C:\Windows\System32\vssapi.dll - ok
10:45:13.0811 2236 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
10:45:13.0811 2236 C:\Windows\System32\vsstrace.dll - ok
10:45:13.0811 2236 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
10:45:13.0811 2236 C:\Windows\System32\IKEEXT.DLL - ok
10:45:13.0827 2236 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
10:45:13.0827 2236 C:\Windows\SysWOW64\comdlg32.dll - ok
10:45:13.0827 2236 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
10:45:13.0827 2236 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
10:45:13.0827 2236 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
10:45:13.0827 2236 C:\Windows\SysWOW64\winspool.drv - ok
10:45:13.0827 2236 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
10:45:13.0827 2236 C:\Windows\System32\vpnikeapi.dll - ok
10:45:13.0843 2236 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
10:45:13.0843 2236 C:\Windows\System32\oleacc.dll - ok
10:45:13.0843 2236 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
10:45:13.0843 2236 C:\Windows\System32\UIAutomationCore.dll - ok
10:45:13.0843 2236 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
10:45:13.0843 2236 C:\Windows\SysWOW64\NapiNSP.dll - ok
10:45:13.0843 2236 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
10:45:13.0843 2236 C:\Windows\SysWOW64\nlaapi.dll - ok
10:45:13.0843 2236 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
10:45:13.0843 2236 C:\Windows\SysWOW64\pnrpnsp.dll - ok
10:45:13.0858 2236 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
10:45:13.0858 2236 C:\Windows\SysWOW64\wshbth.dll - ok
10:45:13.0858 2236 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
10:45:13.0858 2236 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
10:45:13.0858 2236 [ 8F2AE8122F98E20549165F9D526E4430 ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
10:45:13.0858 2236 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
10:45:13.0858 2236 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
10:45:13.0858 2236 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
10:45:13.0874 2236 [ 6D2CBAE98E51066007D8990265C76AF6 ] C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe
10:45:13.0874 2236 C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe - ok
10:45:13.0874 2236 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
10:45:13.0874 2236 C:\Windows\SysWOW64\dnsapi.dll - ok
10:45:13.0874 2236 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
10:45:13.0874 2236 C:\Windows\SysWOW64\winrnr.dll - ok
10:45:13.0874 2236 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
10:45:13.0874 2236 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
10:45:13.0889 2236 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
10:45:13.0889 2236 C:\Windows\System32\imageres.dll - ok
10:45:13.0889 2236 [ 39108FC94EE1FEA6ED043CC8FD3F1BC0 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
10:45:13.0889 2236 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
10:45:13.0889 2236 [ 0BFFFDC57080F6AC4A3E92FE70176F0D ] C:\Windows\System32\atimuixx.dll
10:45:13.0889 2236 C:\Windows\System32\atimuixx.dll - ok
10:45:13.0889 2236 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
10:45:13.0889 2236 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
10:45:13.0905 2236 [ 17AFF68AB32F8671BC46612D35351099 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
10:45:13.0905 2236 C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe - ok
10:45:13.0905 2236 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
10:45:13.0905 2236 C:\Windows\SysWOW64\rasadhlp.dll - ok
10:45:13.0905 2236 [ 5460828F8951D310B42B442877603B8D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:45:13.0905 2236 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
10:45:13.0905 2236 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
10:45:13.0905 2236 C:\Windows\SysWOW64\clbcatq.dll - ok
10:45:13.0921 2236 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
10:45:13.0921 2236 C:\Windows\SysWOW64\cryptsp.dll - ok
10:45:13.0921 2236 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
10:45:13.0921 2236 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
10:45:13.0921 2236 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
10:45:13.0921 2236 C:\Windows\SysWOW64\rsaenh.dll - ok
10:45:13.0921 2236 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
10:45:13.0921 2236 C:\Windows\SysWOW64\msxml6.dll - ok
10:45:13.0936 2236 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
10:45:13.0936 2236 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
10:45:13.0936 2236 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:45:13.0936 2236 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:45:13.0936 2236 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
10:45:13.0936 2236 C:\Windows\SysWOW64\secur32.dll - ok
10:45:13.0952 2236 [ D6EA06724FB70C98C43EAB1F9A7E541A ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe
10:45:13.0952 2236 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe - ok
10:45:13.0952 2236 [ BB051435B59FAE151829B0315A22D347 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlos.dll
10:45:13.0952 2236 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlos.dll - ok
10:45:13.0952 2236 [ B88613BE5B9939BD5DD63F9E196413AD ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\opends60.dll
10:45:13.0952 2236 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\opends60.dll - ok
10:45:13.0952 2236 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
10:45:13.0952 2236 C:\Windows\SysWOW64\netapi32.dll - ok
10:45:13.0967 2236 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
10:45:13.0967 2236 C:\Windows\SysWOW64\pdh.dll - ok
10:45:13.0967 2236 [ 0FB5AA33D26F7212963D832083CD0C5C ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\batchparser.dll
10:45:13.0967 2236 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\batchparser.dll - ok
10:45:13.0967 2236 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
10:45:13.0967 2236 C:\Windows\SysWOW64\logoncli.dll - ok
10:45:13.0967 2236 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
10:45:13.0967 2236 C:\Windows\SysWOW64\netutils.dll - ok
10:45:13.0983 2236 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
10:45:13.0983 2236 C:\Windows\SysWOW64\samcli.dll - ok
10:45:13.0983 2236 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
10:45:13.0983 2236 C:\Windows\SysWOW64\srvcli.dll - ok
10:45:13.0983 2236 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
10:45:13.0983 2236 C:\Windows\SysWOW64\wkscli.dll - ok
10:45:13.0983 2236 [ 76FFA2433FEB42E78FB5421A50C8FBE3 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
10:45:13.0983 2236 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
10:45:13.0999 2236 [ E31E4E9F644FBFE79DCA532D9781F71D ] C:\Program Files (x86)\Microsoft SQL Server\100\Shared\instapi10.dll
10:45:13.0999 2236 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\instapi10.dll - ok
10:45:13.0999 2236 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
10:45:13.0999 2236 C:\Windows\System32\netman.dll - ok
10:45:13.0999 2236 [ 10D5823CD673836BC9961F3FE0D87B9F ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
10:45:13.0999 2236 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
10:45:13.0999 2236 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
10:45:13.0999 2236 C:\Windows\System32\aepic.dll - ok
10:45:14.0014 2236 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
10:45:14.0014 2236 C:\Windows\System32\nlasvc.dll - ok
10:45:14.0014 2236 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
10:45:14.0014 2236 C:\Windows\System32\sfc.dll - ok
10:45:14.0014 2236 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
10:45:14.0014 2236 C:\Windows\System32\sfc_os.dll - ok
10:45:14.0014 2236 [ AF4E7DF007D5D469BCC5C13CE1C2DEC1 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlboot.dll
10:45:14.0014 2236 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlboot.dll - ok
10:45:14.0030 2236 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
10:45:14.0030 2236 C:\Windows\SysWOW64\cscapi.dll - ok
10:45:14.0030 2236 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
10:45:14.0030 2236 C:\Windows\System32\drivers\PEAuth.sys - ok
10:45:14.0030 2236 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] C:\Windows\System32\drivers\regi.sys
10:45:14.0030 2236 C:\Windows\System32\drivers\regi.sys - ok
10:45:14.0030 2236 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
10:45:14.0030 2236 C:\Windows\System32\drivers\secdrv.sys - ok
10:45:14.0045 2236 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
10:45:14.0045 2236 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
10:45:14.0045 2236 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
10:45:14.0045 2236 C:\Windows\System32\seclogon.dll - ok
10:45:14.0045 2236 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
10:45:14.0045 2236 C:\Windows\System32\ncsi.dll - ok
10:45:14.0045 2236 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
10:45:14.0045 2236 C:\Windows\System32\winhttp.dll - ok
10:45:14.0061 2236 [ E126A008A908051FBE9671CD0806B8F0 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\Resources\1033\sqlevn70.rll
10:45:14.0061 2236 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
10:45:14.0061 2236 [ 95EFDCB44DD093EDAD447F1D21C8A3F7 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
10:45:14.0061 2236 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
10:45:14.0061 2236 [ 6F19639188F792BBB234B2A3FCB0C8C9 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
10:45:14.0061 2236 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
10:45:14.0061 2236 [ F92E5F93BE572B512DA3C016B675EDE0 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:45:14.0061 2236 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
10:45:14.0077 2236 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
10:45:14.0077 2236 C:\Windows\SysWOW64\sfc.dll - ok
10:45:14.0077 2236 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
10:45:14.0077 2236 C:\Windows\SysWOW64\sfc_os.dll - ok
10:45:14.0077 2236 [ F820B93E4ABCCABD698A175FD5FC83FE ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
10:45:14.0077 2236 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
10:45:14.0077 2236 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
10:45:14.0077 2236 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
10:45:14.0092 2236 [ A1C238B70EE4BB4A6E5F4155FFF895F3 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
10:45:14.0092 2236 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
10:45:14.0092 2236 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
10:45:14.0092 2236 C:\Windows\SysWOW64\browcli.dll - ok
10:45:14.0092 2236 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
10:45:14.0092 2236 C:\Windows\SysWOW64\authz.dll - ok
10:45:14.0092 2236 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
10:45:14.0092 2236 C:\Windows\System32\drivers\srvnet.sys - ok
10:45:14.0108 2236 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
10:45:14.0108 2236 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:45:14.0108 2236 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
10:45:14.0108 2236 C:\Windows\System32\httpapi.dll - ok
10:45:14.0108 2236 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
10:45:14.0108 2236 C:\Windows\SysWOW64\mscoree.dll - ok
10:45:14.0108 2236 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
10:45:14.0108 2236 C:\Windows\System32\wiaservc.dll - ok
10:45:14.0123 2236 [ 63F6D08C54D5B3C1B12A6172032055C7 ] C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:45:14.0123 2236 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe - ok
10:45:14.0123 2236 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
10:45:14.0123 2236 C:\Windows\System32\sysmain.dll - ok
10:45:14.0123 2236 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
10:45:14.0123 2236 C:\Windows\System32\wiatrace.dll - ok
10:45:14.0123 2236 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
10:45:14.0123 2236 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
10:45:14.0139 2236 [ C0A9D0F717484E0F0671CA97102B8776 ] C:\Windows\system\ArcSoftKsUFilter.dll
10:45:14.0139 2236 C:\Windows\system\ArcSoftKsUFilter.dll - ok
10:45:14.0139 2236 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
10:45:14.0139 2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
10:45:14.0139 2236 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
10:45:14.0139 2236 C:\Windows\System32\trkwks.dll - ok
10:45:14.0139 2236 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:45:14.0139 2236 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:45:14.0155 2236 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
10:45:14.0155 2236 C:\Windows\SysWOW64\bcrypt.dll - ok
10:45:14.0155 2236 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
10:45:14.0155 2236 C:\Windows\SysWOW64\credssp.dll - ok
10:45:14.0155 2236 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
10:45:14.0155 2236 C:\Windows\SysWOW64\msv1_0.dll - ok
10:45:14.0155 2236 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
10:45:14.0155 2236 C:\Windows\SysWOW64\cryptdll.dll - ok
10:45:14.0170 2236 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
10:45:14.0170 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe - ok
10:45:14.0170 2236 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
10:45:14.0170 2236 C:\Windows\SysWOW64\kerberos.dll - ok
10:45:14.0170 2236 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
10:45:14.0170 2236 C:\Windows\SysWOW64\schannel.dll - ok
10:45:14.0170 2236 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
10:45:14.0170 2236 C:\Windows\System32\aeevts.dll - ok
10:45:14.0170 2236 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
10:45:14.0170 2236 C:\Windows\SysWOW64\security.dll - ok
10:45:14.0186 2236 [ DDACE49B758D25408E41C44A91CDD758 ] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
10:45:14.0186 2236 C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll - ok
10:45:14.0186 2236 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
10:45:14.0186 2236 C:\Windows\System32\dssenh.dll - ok
10:45:14.0186 2236 [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:45:14.0186 2236 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe - ok
10:45:14.0201 2236 [ 7269780F3F5DECC1EDD8437F1309BD59 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESStorageProtect.dll
10:45:14.0201 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESStorageProtect.dll - ok
10:45:14.0201 2236 [ 2EA0B8689FC9765DDA4BC4AF7696AC09 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESBasePS.dll
10:45:14.0201 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESBasePS.dll - ok
10:45:14.0201 2236 [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1 ] C:\Program Files (x86)\SONY\VAIO Event Service\msvcr70.dll
10:45:14.0201 2236 C:\Program Files (x86)\SONY\VAIO Event Service\msvcr70.dll - ok
10:45:14.0201 2236 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
10:45:14.0201 2236 C:\Windows\System32\winspool.drv - ok
10:45:14.0217 2236 [ E3D58E603ECD65234FDB2E86A6326320 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESSuEvent.dll
10:45:14.0217 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESSuEvent.dll - ok
10:45:14.0217 2236 [ 2B4F289A8BE7AE70FAE5D7DD3E20B67C ] C:\Program Files (x86)\SONY\VAIO Event Service\VESUSBKeyboard.dll
10:45:14.0217 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESUSBKeyboard.dll - ok
10:45:14.0217 2236 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
10:45:14.0217 2236 C:\Windows\SysWOW64\hid.dll - ok
10:45:14.0217 2236 [ C62BF37866921904CED236AC79C402EB ] C:\Program Files (x86)\SONY\VAIO Event Service\VESWndMsg.dll
10:45:14.0217 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESWndMsg.dll - ok
10:45:14.0233 2236 [ C0218A2DFD858FBFE192AAF8F96ED201 ] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll
10:45:14.0233 2236 C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll - ok
10:45:14.0233 2236 [ D0789349B7B6E4927F29B0215755DB03 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESTransform.dll
10:45:14.0233 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESTransform.dll - ok
10:45:14.0233 2236 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
10:45:14.0233 2236 C:\Windows\SysWOW64\dllhost.exe - ok
10:45:14.0233 2236 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
10:45:14.0233 2236 C:\Windows\System32\bthprops.cpl - ok
10:45:14.0248 2236 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
10:45:14.0248 2236 C:\Windows\System32\SensApi.dll - ok
10:45:14.0248 2236 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
10:45:14.0248 2236 C:\Windows\System32\wlanapi.dll - ok
10:45:14.0248 2236 [ BECDE11A78BDF621DF2053019DE87307 ] C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
10:45:14.0248 2236 C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll - ok
10:45:14.0248 2236 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:45:14.0248 2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
10:45:14.0264 2236 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
10:45:14.0264 2236 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:45:14.0264 2236 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
10:45:14.0264 2236 C:\Windows\SysWOW64\winsta.dll - ok
10:45:14.0264 2236 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
10:45:14.0264 2236 C:\Windows\System32\wbemcomn.dll - ok
10:45:14.0264 2236 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
10:45:14.0264 2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
10:45:14.0279 2236 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
10:45:14.0279 2236 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:45:14.0279 2236 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:45:14.0279 2236 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:45:14.0279 2236 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
10:45:14.0279 2236 C:\Windows\System32\wbem\fastprox.dll - ok
10:45:14.0279 2236 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
10:45:14.0279 2236 C:\Windows\System32\ntdsapi.dll - ok
10:45:14.0295 2236 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
10:45:14.0295 2236 C:\Windows\System32\wbem\wbemprox.dll - ok
10:45:14.0295 2236 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
10:45:14.0295 2236 C:\Windows\System32\wbem\wbemcore.dll - ok
10:45:14.0295 2236 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
10:45:14.0295 2236 C:\Windows\System32\wbem\esscli.dll - ok
10:45:14.0295 2236 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
10:45:14.0295 2236 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:45:14.0311 2236 [ 8BEA0348E53222D9D09FEDB6B074C554 ] C:\Program Files (x86)\AVG\AVG2013\avgxpl.dll
10:45:14.0311 2236 C:\Program Files (x86)\AVG\AVG2013\avgxpl.dll - ok
10:45:14.0311 2236 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
10:45:14.0311 2236 C:\Windows\SysWOW64\wevtapi.dll - ok
10:45:14.0311 2236 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
10:45:14.0311 2236 C:\Windows\System32\wbem\wmiutils.dll - ok
10:45:14.0311 2236 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
10:45:14.0311 2236 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:45:14.0326 2236 [ EE4309C3BEBB9CA54E5A84E412023E0F ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
10:45:14.0326 2236 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
10:45:14.0326 2236 [ 9CE1D125707C80639A3E1E6555BB79FC ] C:\Program Files (x86)\SONY\VAIO Control Center\CommonSetting.dll
10:45:14.0326 2236 C:\Program Files (x86)\SONY\VAIO Control Center\CommonSetting.dll - ok
10:45:14.0326 2236 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
10:45:14.0326 2236 C:\Windows\SysWOW64\sxs.dll - ok
10:45:14.0326 2236 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:45:14.0326 2236 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:45:14.0342 2236 [ 2140C30BAFEA56126619CC589CAADFE8 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESPerform.dll
10:45:14.0342 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESPerform.dll - ok
10:45:14.0342 2236 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
10:45:14.0342 2236 C:\Windows\System32\ncobjapi.dll - ok
10:45:14.0342 2236 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
10:45:14.0342 2236 C:\Windows\System32\wbem\wbemess.dll - ok
10:45:14.0342 2236 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
10:45:14.0342 2236 C:\Windows\SysWOW64\powrprof.dll - ok
10:45:14.0357 2236 [ 1D15646488552230577F24ECD45A4ECF ] C:\Program Files (x86)\SONY\VAIO Event Service\VESAppMon.dll
10:45:14.0357 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESAppMon.dll - ok
10:45:14.0357 2236 [ 93499A4F13711C953215F865C2712370 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESColorMgr.dll
10:45:14.0357 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESColorMgr.dll - ok
10:45:14.0357 2236 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
10:45:14.0357 2236 C:\Windows\SysWOW64\mscms.dll - ok
10:45:14.0357 2236 [ C2179577B1848E795A3455F9FE4447E4 ] C:\Windows\SysWOW64\atipdlxx.dll
10:45:14.0357 2236 C:\Windows\SysWOW64\atipdlxx.dll - ok
10:45:14.0373 2236 [ FC6CDAD204ECF8CF666C7C1E32415E80 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESCommonUI.dll
10:45:14.0373 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESCommonUI.dll - ok
10:45:14.0373 2236 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
10:45:14.0373 2236 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
10:45:14.0373 2236 [ DB9E77CDC9864E0E494097B69B1AA591 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESRemoteKey.dll
10:45:14.0373 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESRemoteKey.dll - ok
10:45:14.0373 2236 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
10:45:14.0373 2236 C:\Windows\SysWOW64\imagehlp.dll - ok
10:45:14.0389 2236 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
10:45:14.0389 2236 C:\Windows\SysWOW64\ncrypt.dll - ok
10:45:14.0389 2236 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
10:45:14.0389 2236 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
10:45:14.0389 2236 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
10:45:14.0389 2236 C:\Windows\SysWOW64\gpapi.dll - ok
10:45:14.0389 2236 [ 7CD368DFF5D7D4BA9F8F46F31EA8877D ] C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
10:45:14.0389 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe - ok
10:45:14.0404 2236 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
10:45:14.0404 2236 C:\Windows\SysWOW64\apphelp.dll - ok
10:45:14.0404 2236 [ 9771BB81FCEDC800313762033AD18A16 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSubPS.dll
10:45:14.0404 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSubPS.dll - ok
10:45:14.0404 2236 [ 63E0296CE0E7D39949153D90C000D36E ] C:\Program Files (x86)\SONY\VAIO Event Service\VESWndMsgHook.dll
10:45:14.0404 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESWndMsgHook.dll - ok
10:45:14.0404 2236 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
10:45:14.0420 2236 C:\Windows\SysWOW64\uxtheme.dll - ok
10:45:14.0420 2236 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
10:45:14.0420 2236 C:\Windows\SysWOW64\d3d9.dll - ok
10:45:14.0420 2236 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
10:45:14.0420 2236 C:\Windows\SysWOW64\d3d8thk.dll - ok
10:45:14.0420 2236 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
10:45:14.0420 2236 C:\Windows\SysWOW64\dwmapi.dll - ok
10:45:14.0420 2236 [ CF368D8F3F585B044E35B625A5A56924 ] C:\Windows\SysWOW64\aticfx32.dll
10:45:14.0420 2236 C:\Windows\SysWOW64\aticfx32.dll - ok
10:45:14.0435 2236 [ 8BB696F633F6FEC09F8C3CBBA218736E ] C:\Windows\SysWOW64\atiu9pag.dll
10:45:14.0435 2236 C:\Windows\SysWOW64\atiu9pag.dll - ok
10:45:14.0435 2236 [ 77E3EE2BFA26052DC8273066DA77EF77 ] C:\Windows\SysWOW64\atiumdag.dll
10:45:14.0435 2236 C:\Windows\SysWOW64\atiumdag.dll - ok
10:45:14.0435 2236 [ 279A08B7F3E95EADC191402EA0A3B2A1 ] C:\Windows\SysWOW64\atiumdva.dll
10:45:14.0435 2236 C:\Windows\SysWOW64\atiumdva.dll - ok
10:45:14.0435 2236 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
10:45:14.0435 2236 C:\Windows\System32\webio.dll - ok
10:45:14.0451 2236 [ CC9DCFC702910454DA28787A24C7DA77 ] C:\Windows\SysWOW64\atimpc32.dll
10:45:14.0451 2236 C:\Windows\SysWOW64\atimpc32.dll - ok
10:45:14.0451 2236 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
10:45:14.0451 2236 C:\Windows\System32\tapisrv.dll - ok
10:45:14.0451 2236 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
10:45:14.0451 2236 C:\Windows\System32\ssdpapi.dll - ok
10:45:14.0451 2236 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
10:45:14.0451 2236 C:\Windows\System32\wer.dll - ok
10:45:14.0467 2236 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
10:45:14.0467 2236 C:\Windows\SysWOW64\dxva2.dll - ok
10:45:14.0467 2236 [ CC800D2D9FD467542BAC7C186C4774AD ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:45:14.0467 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
10:45:14.0467 2236 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
10:45:14.0467 2236 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
10:45:14.0467 2236 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
10:45:14.0467 2236 C:\Windows\System32\msxml3.dll - ok
10:45:14.0482 2236 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
10:45:14.0482 2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
10:45:14.0482 2236 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:45:14.0482 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:45:14.0482 2236 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
10:45:14.0482 2236 C:\Windows\SysWOW64\wscapi.dll - ok
10:45:14.0482 2236 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
10:45:14.0482 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
10:45:14.0498 2236 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
10:45:14.0498 2236 C:\Program Files\Bonjour\mdnsNSP.dll - ok
10:45:14.0498 2236 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
10:45:14.0498 2236 C:\Windows\System32\rasadhlp.dll - ok
10:45:14.0498 2236 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
10:45:14.0498 2236 C:\Windows\System32\localspl.dll - ok
10:45:14.0498 2236 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
10:45:14.0498 2236 C:\Windows\System32\spoolss.dll - ok
10:45:14.0513 2236 [ B6E3C336BE50532B6F08316A36667797 ] C:\Windows\System32\EKAiO2MON.dll
10:45:14.0513 2236 C:\Windows\System32\EKAiO2MON.dll - ok
10:45:14.0513 2236 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
10:45:14.0513 2236 C:\Windows\System32\PrintIsolationProxy.dll - ok
10:45:14.0513 2236 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
10:45:14.0513 2236 C:\Windows\System32\FXSMON.dll - ok
10:45:14.0513 2236 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
10:45:14.0513 2236 C:\Windows\System32\tcpmon.dll - ok
10:45:14.0529 2236 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
10:45:14.0529 2236 C:\Windows\System32\snmpapi.dll - ok
10:45:14.0529 2236 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
10:45:14.0529 2236 C:\Windows\System32\usbmon.dll - ok
10:45:14.0529 2236 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
10:45:14.0529 2236 C:\Windows\System32\wsnmp32.dll - ok
10:45:14.0529 2236 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
10:45:14.0529 2236 C:\Windows\System32\webservices.dll - ok
10:45:14.0545 2236 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
10:45:14.0545 2236 C:\Windows\System32\WSDApi.dll - ok
10:45:14.0545 2236 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
10:45:14.0545 2236 C:\Windows\System32\WSDMon.dll - ok
10:45:14.0545 2236 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
10:45:14.0545 2236 C:\Windows\System32\fdPnp.dll - ok
10:45:14.0545 2236 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
10:45:14.0545 2236 C:\Windows\System32\fundisc.dll - ok
10:45:14.0560 2236 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
10:45:14.0560 2236 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
10:45:14.0560 2236 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
10:45:14.0560 2236 C:\Windows\System32\win32spl.dll - ok
10:45:14.0560 2236 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
10:45:14.0560 2236 C:\Windows\System32\inetpp.dll - ok
10:45:14.0560 2236 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
10:45:14.0560 2236 C:\Windows\System32\cscapi.dll - ok
10:45:14.0576 2236 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:45:14.0576 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:45:14.0576 2236 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
10:45:14.0576 2236 C:\Windows\SysWOW64\msxml3.dll - ok
10:45:14.0576 2236 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
10:45:14.0576 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
10:45:14.0591 2236 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
10:45:14.0591 2236 C:\Windows\SysWOW64\FirewallAPI.dll - ok
10:45:14.0591 2236 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
10:45:14.0591 2236 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
10:45:14.0591 2236 [ 30B94A855F4C86212F98BB184A30CA96 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
10:45:14.0591 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll - ok
10:45:14.0591 2236 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
10:45:14.0591 2236 C:\Windows\System32\iphlpsvc.dll - ok
10:45:14.0607 2236 [ 645BF5E0A601CF5AEC2B5C8E68FEB5F6 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
10:45:14.0607 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
10:45:14.0607 2236 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
10:45:14.0607 2236 C:\Windows\System32\sqmapi.dll - ok
10:45:14.0607 2236 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
10:45:14.0607 2236 C:\Windows\System32\wdscore.dll - ok
10:45:14.0607 2236 [ 979D2EDD34FD3861F485A5AA8BB2FF0A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
10:45:14.0607 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
10:45:14.0623 2236 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
10:45:14.0623 2236 C:\Windows\System32\rasmans.dll - ok
10:45:14.0623 2236 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
10:45:14.0623 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
10:45:14.0623 2236 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
10:45:14.0623 2236 C:\Windows\System32\drivers\srv2.sys - ok
10:45:14.0638 2236 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
10:45:14.0638 2236 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
10:45:14.0638 2236 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
10:45:14.0638 2236 C:\Windows\System32\rastapi.dll - ok
10:45:14.0638 2236 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
10:45:14.0638 2236 C:\Windows\System32\tapi32.dll - ok
10:45:14.0638 2236 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
10:45:14.0638 2236 C:\Windows\System32\hnetcfg.dll - ok
10:45:14.0654 2236 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
10:45:14.0654 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
10:45:14.0654 2236 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
10:45:14.0654 2236 C:\Windows\System32\drivers\srv.sys - ok
10:45:14.0654 2236 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
10:45:14.0654 2236 C:\Windows\System32\unimdm.tsp - ok
10:45:14.0654 2236 [ C821D56E56CAB2AA11E494270464030C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\685f73e04393b5342bd1cebe701496ad\mscorlib.ni.dll
10:45:14.0654 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\685f73e04393b5342bd1cebe701496ad\mscorlib.ni.dll - ok
10:45:14.0669 2236 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
10:45:14.0669 2236 C:\Windows\System32\uniplat.dll - ok
10:45:14.0669 2236 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
10:45:14.0669 2236 C:\Windows\System32\kmddsp.tsp - ok
10:45:14.0669 2236 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
10:45:14.0669 2236 C:\Windows\System32\ndptsp.tsp - ok
10:45:14.0669 2236 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
10:45:14.0669 2236 C:\Windows\System32\hidphone.tsp - ok
10:45:14.0669 2236 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
10:45:14.0669 2236 C:\Windows\System32\rasppp.dll - ok
10:45:14.0685 2236 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
10:45:14.0685 2236 C:\Windows\System32\vpnike.dll - ok
10:45:14.0685 2236 [ 78B476DB024D3245E1E159E50DBB305F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
10:45:14.0685 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll - ok
10:45:14.0685 2236 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
10:45:14.0685 2236 C:\Windows\System32\browser.dll - ok
10:45:14.0685 2236 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
10:45:14.0685 2236 C:\Windows\System32\srvsvc.dll - ok
10:45:14.0701 2236 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
10:45:14.0701 2236 C:\Windows\System32\ipnathlp.dll - ok
10:45:14.0701 2236 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
10:45:14.0701 2236 C:\Windows\System32\mprapi.dll - ok
10:45:14.0701 2236 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
10:45:14.0701 2236 C:\Windows\System32\netshell.dll - ok
10:45:14.0701 2236 [ 80DA74576272657B4AB58B8614BD84CF ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
10:45:14.0701 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
10:45:14.0716 2236 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
10:45:14.0716 2236 C:\Windows\System32\netmsg.dll - ok
10:45:14.0716 2236 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
10:45:14.0716 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
10:45:14.0716 2236 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
10:45:14.0716 2236 C:\Windows\System32\sscore.dll - ok
10:45:14.0716 2236 [ D3A8A678A880CD83CF6BEC3F83DA392A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
10:45:14.0716 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
10:45:14.0732 2236 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
10:45:14.0732 2236 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
10:45:14.0732 2236 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
10:45:14.0732 2236 C:\Windows\System32\clusapi.dll - ok
10:45:14.0732 2236 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
10:45:14.0732 2236 C:\Windows\System32\resutils.dll - ok
10:45:14.0747 2236 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
10:45:14.0747 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
10:45:14.0747 2236 [ E5BC8D93CDCB957146D971647849A154 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
10:45:14.0747 2236 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
10:45:14.0747 2236 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
10:45:14.0747 2236 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
10:45:14.0747 2236 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
10:45:14.0747 2236 C:\Windows\SysWOW64\wbemcomn.dll - ok
10:45:14.0763 2236 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
10:45:14.0763 2236 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
10:45:14.0763 2236 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
10:45:14.0763 2236 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
10:45:14.0763 2236 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
10:45:14.0763 2236 C:\Windows\SysWOW64\ntdsapi.dll - ok
10:45:14.0763 2236 [ 2FC6C98A23864B2E50E53B4848939EAF ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
10:45:14.0763 2236 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
10:45:14.0779 2236 [ FF0602E28D69B977F889D435F902545E ] C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
10:45:14.0779 2236 C:\Program Files (x86)\AVG\AVG2013\avgemca.exe - ok
10:45:14.0779 2236 [ 8622AE563E2AC2F8BF9FAFEE726FC7B8 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
10:45:14.0779 2236 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
10:45:14.0779 2236 [ 36E71077E1660F81CFDB80FB7272CC00 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Automation.dll
10:45:14.0779 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Automation.dll - ok
10:45:14.0779 2236 [ B667F771DBB81845A364C7CB83754FBB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\0bc033fa805a31e31dc462cfae365478\System.ni.dll
10:45:14.0779 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\0bc033fa805a31e31dc462cfae365478\System.ni.dll - ok
10:45:14.0794 2236 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
10:45:14.0794 2236 C:\Windows\SysWOW64\SensApi.dll - ok
10:45:14.0794 2236 [ FF9AFBD2864BBEA6A9E7F90F8C94F6B7 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
10:45:14.0794 2236 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
10:45:14.0794 2236 [ 6EA9A3DDD9024B9156E8836BE281D23E ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Hardware.dll
10:45:14.0794 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Hardware.dll - ok
10:45:14.0794 2236 [ 887F5BE6B03F0B8B5842582804A9CB5B ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Statistics.dll
10:45:14.0794 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Statistics.dll - ok
10:45:14.0810 2236 [ D3E30F36EBE11C59D8A2AB066845A957 ] C:\Program Files (x86)\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll
10:45:14.0810 2236 C:\Program Files (x86)\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll - ok
10:45:14.0810 2236 [ 79F1A306B8F247261DF16444069BAC8C ] C:\Program Files (x86)\Kodak\AiO\Center\jabber-net.dll
10:45:14.0810 2236 C:\Program Files (x86)\Kodak\AiO\Center\jabber-net.dll - ok
10:45:14.0810 2236 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
10:45:14.0810 2236 C:\Windows\System32\msvcr100.dll - ok
10:45:14.0825 2236 [ 91348B1316E54677ADF12FF3E4B33522 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Configuration.dll
10:45:14.0825 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Configuration.dll - ok
10:45:14.0825 2236 [ DD2751B165C7DC4EC44E70C05D96523B ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
10:45:14.0825 2236 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
10:45:14.0825 2236 [ F4E1314516A67A8A53F73406E867A09C ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll
10:45:14.0825 2236 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll - ok
10:45:14.0825 2236 [ 05BBBBAA52C9E56338EADC9479FD0701 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Utilities.dll
10:45:14.0825 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Utilities.dll - ok
10:45:14.0841 2236 [ C3470899CC326070BF482429F3EE1DC7 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Diagnostics.dll
10:45:14.0841 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Diagnostics.dll - ok
10:45:14.0841 2236 [ FB50C8BAF2334E032DB4885A5D198151 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Localization.dll
10:45:14.0841 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Localization.dll - ok
10:45:14.0841 2236 [ F87B323F07BA4FA5ED6FBC7DABDFAF42 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.DeviceSettings.dll
10:45:14.0841 2236 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.DeviceSettings.dll - ok
10:45:14.0841 2236 [ 84A99FDCE9B5C7457E503C7C47DD5F4F ] C:\Program Files (x86)\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll
10:45:14.0857 2236 C:\Program Files (x86)\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll - ok
10:45:14.0857 2236 [ BD25ABD753533E9C025FC3E54412E849 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\553341905dec61fe36e1ff4ada263997\Inkjet.Automation.ni.dll
10:45:14.0857 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\553341905dec61fe36e1ff4ada263997\Inkjet.Automation.ni.dll - ok
10:45:14.0857 2236 [ 547AA7795F54452E5EF210E6B2EF2C97 ] C:\Program Files (x86)\Kodak\AiO\Center\Interop.WIA.dll
10:45:14.0857 2236 C:\Program Files (x86)\Kodak\AiO\Center\Interop.WIA.dll - ok
10:45:14.0857 2236 [ 7018F74AED9E00FCFFD510E47813BA40 ] C:\Program Files (x86)\Kodak\AiO\Center\ShellLib.dll
10:45:14.0857 2236 C:\Program Files (x86)\Kodak\AiO\Center\ShellLib.dll - ok
10:45:14.0872 2236 [ F10AEFAE3C8293014A41CFF05087E791 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\470ad5d88e2bd3db6aefaa142cc7e257\Inkjet.Utilities.ni.dll
10:45:14.0872 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\470ad5d88e2bd3db6aefaa142cc7e257\Inkjet.Utilities.ni.dll - ok
10:45:14.0872 2236 [ E224A602C7079571C1640C098ECD810B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\64805c1db5e7abce7a078ee337913082\Inkjet.Configuration.ni.dll
10:45:14.0872 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\64805c1db5e7abce7a078ee337913082\Inkjet.Configuration.ni.dll - ok
10:45:14.0872 2236 [ 55DAD0681C248111853051608B9B56E7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\06db722a2ddebd960d907c2de6f1cfa7\System.Xml.ni.dll
10:45:14.0872 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\06db722a2ddebd960d907c2de6f1cfa7\System.Xml.ni.dll - ok
10:45:14.0872 2236 [ B3A53B0112FC4FE8156C809C9267B2E5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\d9b856c6a2784e49c9297d41145ebe6f\Inkjet.Diagnostics.ni.dll
10:45:14.0872 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\d9b856c6a2784e49c9297d41145ebe6f\Inkjet.Diagnostics.ni.dll - ok
10:45:14.0888 2236 [ 2FB847D457106CD9F8D25B2491065ED1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\4854243045937877f36791c8413c1ad9\Inkjet.Localization.ni.dll
10:45:14.0888 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\4854243045937877f36791c8413c1ad9\Inkjet.Localization.ni.dll - ok
10:45:14.0888 2236 [ 6B0B1CE9FB2E100E62411BDBF51A3C12 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\9b134540badbdfbeba91bd4a0bffde5d\Inkjet.DeviceSettings.ni.dll
10:45:14.0888 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\9b134540badbdfbeba91bd4a0bffde5d\Inkjet.DeviceSettings.ni.dll - ok
10:45:14.0888 2236 [ 71B943291DC58214A59E1143E46DB239 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c15c94b675becb485d940f8f0068dc5d\System.Configuration.ni.dll
10:45:14.0888 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c15c94b675becb485d940f8f0068dc5d\System.Configuration.ni.dll - ok
10:45:14.0903 2236 [ 4D534921D65609114D3F66A27C2D54AA ] C:\Program Files (x86)\Kodak\AiO\Center\Logger.dll
10:45:14.0903 2236 C:\Program Files (x86)\Kodak\AiO\Center\Logger.dll - ok
10:45:14.0903 2236 [ FD435DF8C9CA7A49CCBF7CD2F7627739 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
10:45:14.0903 2236 C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
10:45:14.0903 2236 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
10:45:14.0903 2236 C:\Windows\SysWOW64\shfolder.dll - ok
10:45:14.0903 2236 [ 3E5AADD5F9242717B6B23EB586FD949D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ed7768172bbf30462bc554dee3911540\System.Drawing.ni.dll
10:45:14.0903 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ed7768172bbf30462bc554dee3911540\System.Drawing.ni.dll - ok
10:45:14.0919 2236 [ 9E0B54B88B207CE0063CCD372A36D4AC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ccf3f783590b1747a3593b889bede2fb\System.Windows.Forms.ni.dll
10:45:14.0919 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ccf3f783590b1747a3593b889bede2fb\System.Windows.Forms.ni.dll - ok
10:45:14.0919 2236 [ 2E420EA0DE469FD45DCC75961FB4DA4E ] C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll
10:45:14.0919 2236 C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll - ok
10:45:14.0919 2236 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
10:45:14.0919 2236 C:\Windows\System32\wdi.dll - ok
10:45:14.0919 2236 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
10:45:14.0919 2236 C:\Windows\System32\ndiscapCfg.dll - ok
10:45:14.0935 2236 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
10:45:14.0935 2236 C:\Windows\System32\rascfg.dll - ok
10:45:14.0935 2236 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
10:45:14.0935 2236 C:\Windows\System32\mprmsg.dll - ok
10:45:14.0935 2236 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
10:45:14.0935 2236 C:\Windows\System32\tcpipcfg.dll - ok
10:45:14.0935 2236 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
10:45:14.0935 2236 C:\Windows\System32\wshbth.dll - ok
10:45:14.0950 2236 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
10:45:14.0950 2236 C:\Windows\System32\nci.dll - ok
10:45:14.0950 2236 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
10:45:14.0950 2236 C:\Windows\System32\wlaninst.dll - ok
10:45:14.0950 2236 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
10:45:14.0950 2236 C:\Windows\System32\wwaninst.dll - ok
10:45:14.0950 2236 [ EEAC89CEE9FBB2562EEFE2A3A22691AC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8bc0ec70b1af0f4450ce4cd5e88a26ad\System.Runtime.Remoting.ni.dll
10:45:14.0950 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8bc0ec70b1af0f4450ce4cd5e88a26ad\System.Runtime.Remoting.ni.dll - ok
10:45:14.0966 2236 [ AFC0FD6F0D734D5FCDAA22452A76E387 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\0578b1216b7ed1071d6413faecc5b48a\Inkjet.Statistics.ni.dll
10:45:14.0966 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\0578b1216b7ed1071d6413faecc5b48a\Inkjet.Statistics.ni.dll - ok
10:45:14.0966 2236 [ C5B587BE9BE7AAFCDBA9B0E77B57C8F3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\f813a0e3ba8b48e51288d77ee67f7156\Inkjet.Hardware.ni.dll
10:45:14.0966 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\f813a0e3ba8b48e51288d77ee67f7156\Inkjet.Hardware.ni.dll - ok
10:45:14.0966 2236 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
10:45:14.0966 2236 C:\Windows\System32\bthserv.dll - ok
10:45:14.0966 2236 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
10:45:14.0966 2236 C:\Windows\System32\npmproxy.dll - ok
10:45:14.0981 2236 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
10:45:14.0981 2236 C:\Windows\System32\shfolder.dll - ok
10:45:14.0981 2236 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
10:45:14.0981 2236 C:\Windows\System32\wpdbusenum.dll - ok
10:45:14.0981 2236 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
10:45:14.0981 2236 C:\Windows\System32\hidserv.dll - ok
10:45:14.0981 2236 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
10:45:14.0981 2236 C:\Windows\System32\perftrack.dll - ok
10:45:14.0997 2236 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
10:45:14.0997 2236 C:\Windows\System32\diagperf.dll - ok
10:45:14.0997 2236 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
10:45:14.0997 2236 C:\Windows\System32\FXSRESM.dll - ok
10:45:14.0997 2236 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
10:45:14.0997 2236 C:\Windows\System32\PortableDeviceApi.dll - ok
10:45:14.0997 2236 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:45:14.0997 2236 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:45:15.0013 2236 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
10:45:15.0013 2236 C:\Windows\System32\drivers\WUDFRd.sys - ok
10:45:15.0013 2236 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
10:45:15.0013 2236 C:\Windows\System32\IPSECSVC.DLL - ok
10:45:15.0013 2236 [ 0D7579435675D6F76C5A1D34407677BA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\074d1edafff6e858878df27ca5cbca2f\Interop.EKAiO2SDKLib.ni.dll
10:45:15.0013 2236 C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\074d1edafff6e858878df27ca5cbca2f\Interop.EKAiO2SDKLib.ni.dll - ok
10:45:15.0013 2236 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
10:45:15.0013 2236 C:\Windows\System32\Apphlpdm.dll - ok
10:45:15.0028 2236 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
10:45:15.0028 2236 C:\Windows\System32\pnpts.dll - ok
10:45:15.0028 2236 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
10:45:15.0028 2236 C:\Windows\System32\wdiasqmmodule.dll - ok
10:45:15.0028 2236 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
10:45:15.0028 2236 C:\Windows\System32\FwRemoteSvr.dll - ok
10:45:15.0028 2236 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
10:45:15.0028 2236 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:45:15.0044 2236 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
10:45:15.0044 2236 C:\Windows\System32\WUDFSvc.dll - ok
10:45:15.0044 2236 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
10:45:15.0044 2236 C:\Windows\System32\taskhost.exe - ok
10:45:15.0044 2236 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
10:45:15.0044 2236 C:\Windows\System32\WUDFHost.exe - ok
10:45:15.0044 2236 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
10:45:15.0044 2236 C:\Windows\System32\dimsjob.dll - ok
10:45:15.0059 2236 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
10:45:15.0059 2236 C:\Windows\System32\WUDFx.dll - ok
10:45:15.0059 2236 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
10:45:15.0059 2236 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
10:45:15.0059 2236 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
10:45:15.0059 2236 C:\Windows\System32\WMVCORE.DLL - ok
10:45:15.0059 2236 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
10:45:15.0059 2236 C:\Windows\System32\WMASF.DLL - ok
10:45:15.0075 2236 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
10:45:15.0075 2236 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
10:45:15.0075 2236 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
10:45:15.0075 2236 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:45:15.0075 2236 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
10:45:15.0075 2236 C:\Windows\System32\NapiNSP.dll - ok
10:45:15.0075 2236 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
10:45:15.0075 2236 C:\Windows\System32\pnrpnsp.dll - ok
10:45:15.0091 2236 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
10:45:15.0091 2236 C:\Windows\System32\winrnr.dll - ok
10:45:15.0091 2236 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
10:45:15.0091 2236 C:\Windows\System32\spfileq.dll - ok
10:45:15.0091 2236 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
10:45:15.0091 2236 C:\Windows\SysWOW64\wship6.dll - ok
10:45:15.0091 2236 [ 51FCBAE9178BAE573026933317C95CB2 ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
10:45:15.0091 2236 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
10:45:15.0106 2236 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
10:45:15.0106 2236 C:\Windows\System32\msvcp100.dll - ok
10:45:15.0106 2236 [ 7E87637EECBACBB11BBA1124B805A747 ] C:\Program Files (x86)\AVG\AVG2013\avgopenssla.dll
10:45:15.0106 2236 C:\Program Files (x86)\AVG\AVG2013\avgopenssla.dll - ok
10:45:15.0106 2236 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
10:45:15.0106 2236 C:\Windows\System32\esent.dll - ok
10:45:15.0106 2236 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
10:45:15.0106 2236 C:\Windows\System32\wbem\NCProv.dll - ok
10:45:15.0122 2236 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
10:45:15.0122 2236 C:\Windows\System32\qmgr.dll - ok
10:45:15.0122 2236 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
10:45:15.0122 2236 C:\Windows\System32\bitsperf.dll - ok
10:45:15.0122 2236 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
10:45:15.0122 2236 C:\Windows\System32\bitsigd.dll - ok
10:45:15.0122 2236 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
10:45:15.0122 2236 C:\Windows\System32\upnp.dll - ok
10:45:15.0137 2236 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
10:45:15.0137 2236 C:\Windows\System32\ssdpsrv.dll - ok
10:45:15.0137 2236 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:45:15.0137 2236 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:45:15.0137 2236 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:45:15.0137 2236 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
10:45:15.0137 2236 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
10:45:15.0137 2236 C:\Windows\System32\msvcr100_clr0400.dll - ok
10:45:15.0153 2236 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
10:45:15.0153 2236 C:\Windows\System32\mscoree.dll - ok
10:45:15.0153 2236 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
10:45:15.0153 2236 C:\Windows\System32\FntCache.dll - ok
10:45:15.0153 2236 [ 735099A055C50FE534D4781D67FD6B83 ] C:\Program Files\Sony\VAIO Care\VCPerfService.exe
10:45:15.0153 2236 C:\Program Files\Sony\VAIO Care\VCPerfService.exe - ok
10:45:15.0153 2236 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
10:45:15.0153 2236 C:\Windows\System32\pdh.dll - ok
10:45:15.0169 2236 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
10:45:15.0169 2236 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
10:45:15.0169 2236 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
10:45:15.0169 2236 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
10:45:15.0169 2236 [ C5C3575BD6D6F9BF6BF8C1714AD18FA5 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll
10:45:15.0169 2236 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll - ok
10:45:15.0169 2236 [ 093747DAE1C1A7F6DEA8D16E26D4F648 ] C:\Windows\System32\msscntrs.dll
10:45:15.0169 2236 C:\Windows\System32\msscntrs.dll - ok
10:45:15.0169 2236 [ 40BF963CBE064A1A72C3230C22C6D352 ] C:\Windows\System32\rasctrs.dll
10:45:15.0169 2236 C:\Windows\System32\rasctrs.dll - ok
10:45:15.0184 2236 [ C6238A6D6663567576D1624463864F3C ] C:\Windows\System32\tapiperf.dll
10:45:15.0184 2236 C:\Windows\System32\tapiperf.dll - ok
10:45:15.0184 2236 [ B3BA3CB8515B27110A4791DCE9EEF402 ] C:\Windows\System32\usbperf.dll
10:45:15.0184 2236 C:\Windows\System32\usbperf.dll - ok
10:45:15.0184 2236 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
10:45:15.0184 2236 C:\Windows\System32\perfos.dll - ok
10:45:15.0184 2236 [ 8056A3E51B569C3F437A5026A0ABE66D ] C:\Windows\System32\perfctrs.dll
10:45:15.0184 2236 C:\Windows\System32\perfctrs.dll - ok
10:45:15.0200 2236 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:45:15.0200 2236 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:45:15.0200 2236 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
10:45:15.0200 2236 C:\Windows\System32\wbem\cimwin32.dll - ok
10:45:15.0200 2236 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
10:45:15.0200 2236 C:\Windows\System32\framedynos.dll - ok
10:45:15.0200 2236 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
10:45:15.0200 2236 C:\Windows\System32\security.dll - ok
10:45:15.0215 2236 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
10:45:15.0215 2236 C:\Windows\System32\browcli.dll - ok
10:45:15.0215 2236 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
10:45:15.0215 2236 C:\Windows\System32\schedcli.dll - ok
10:45:15.0215 2236 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
10:45:15.0215 2236 C:\Windows\System32\sppsvc.exe - ok
10:45:15.0215 2236 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
10:45:15.0215 2236 C:\Windows\System32\drivers\spsys.sys - ok
10:45:15.0231 2236 [ 9E89C2D6945389270DE067CE51FF7425 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:45:15.0231 2236 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
10:45:15.0231 2236 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
10:45:15.0231 2236 C:\Windows\SysWOW64\winhttp.dll - ok
10:45:15.0231 2236 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
10:45:15.0231 2236 C:\Windows\SysWOW64\webio.dll - ok
10:45:15.0231 2236 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
10:45:15.0231 2236 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
10:45:15.0247 2236 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
10:45:15.0247 2236 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
10:45:15.0247 2236 [ 1CBAD5EEE017FAFEA2BF75E82330783D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll
10:45:15.0247 2236 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll - ok
10:45:15.0247 2236 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
10:45:15.0247 2236 C:\Windows\System32\sppwinob.dll - ok
10:45:15.0262 2236 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:45:15.0262 2236 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:45:15.0262 2236 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
10:45:15.0262 2236 C:\Windows\System32\wsock32.dll - ok
10:45:15.0262 2236 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
10:45:15.0262 2236 C:\Windows\System32\drmv2clt.dll - ok
10:45:15.0262 2236 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
10:45:15.0262 2236 C:\Windows\System32\wmdrmdev.dll - ok
10:45:15.0278 2236 [ 20372F3078B78AC1426621E05C7A048E ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
10:45:15.0278 2236 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
10:45:15.0278 2236 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
10:45:15.0278 2236 C:\Windows\System32\wscsvc.dll - ok
10:45:15.0278 2236 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
10:45:15.0278 2236 C:\Windows\System32\dbghelp.dll - ok
10:45:15.0278 2236 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
10:45:15.0278 2236 C:\Windows\System32\sppobjs.dll - ok
10:45:15.0278 2236 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
10:45:15.0278 2236 C:\Windows\System32\SearchIndexer.exe - ok
10:45:15.0293 2236 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
10:45:15.0293 2236 C:\Windows\System32\wmp.dll - ok
10:45:15.0293 2236 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
10:45:15.0293 2236 C:\Windows\System32\p2pcollab.dll - ok
10:45:15.0293 2236 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
10:45:15.0293 2236 C:\Windows\System32\QAGENTRT.DLL - ok
10:45:15.0293 2236 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
10:45:15.0293 2236 C:\Windows\System32\fveui.dll - ok
10:45:15.0309 2236 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
10:45:15.0309 2236 C:\Windows\SysWOW64\wscisvif.dll - ok
10:45:15.0309 2236 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
10:45:15.0309 2236 C:\Windows\System32\tquery.dll - ok
10:45:15.0309 2236 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
10:45:15.0309 2236 C:\Windows\System32\wuapi.dll - ok
10:45:15.0325 2236 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
10:45:15.0325 2236 C:\Windows\System32\cabinet.dll - ok
10:45:15.0325 2236 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
10:45:15.0325 2236 C:\Windows\System32\mssrch.dll - ok
10:45:15.0325 2236 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
10:45:15.0325 2236 C:\Windows\System32\wups.dll - ok
10:45:15.0325 2236 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
10:45:15.0325 2236 C:\Windows\System32\msidle.dll - ok
10:45:15.0340 2236 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
10:45:15.0340 2236 C:\Windows\System32\wmploc.DLL - ok
10:45:15.0340 2236 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
10:45:15.0340 2236 C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:45:15.0340 2236 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
10:45:15.0340 2236 C:\Windows\System32\wmpps.dll - ok
10:45:15.0340 2236 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
10:45:15.0340 2236 C:\Windows\System32\wmpmde.dll - ok
10:45:15.0356 2236 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
10:45:15.0356 2236 C:\Windows\System32\WinSATAPI.dll - ok
10:45:15.0356 2236 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
10:45:15.0356 2236 C:\Windows\System32\dxgi.dll - ok
10:45:15.0356 2236 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
10:45:15.0356 2236 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
10:45:15.0356 2236 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
10:45:15.0356 2236 C:\Windows\System32\MSMPEG2ENC.DLL - ok
10:45:15.0371 2236 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
10:45:15.0371 2236 C:\Windows\System32\devenum.dll - ok
10:45:15.0371 2236 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
10:45:15.0371 2236 C:\Windows\System32\msdmo.dll - ok
10:45:15.0371 2236 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
10:45:15.0371 2236 C:\Windows\System32\upnphost.dll - ok
10:45:15.0371 2236 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
10:45:15.0371 2236 C:\Windows\System32\wbem\wmiprov.dll - ok
10:45:15.0387 2236 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
10:45:15.0387 2236 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:45:15.0387 2236 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
10:45:15.0387 2236 C:\Windows\System32\wuaueng.dll - ok
10:45:15.0387 2236 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
10:45:15.0387 2236 C:\Windows\System32\mspatcha.dll - ok
10:45:15.0387 2236 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
10:45:15.0387 2236 C:\Windows\System32\wups2.dll - ok
10:45:15.0403 2236 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
10:45:15.0403 2236 C:\Windows\System32\udhisapi.dll - ok
10:45:15.0403 2236 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
10:45:15.0403 2236 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
10:45:15.0403 2236 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
10:45:15.0403 2236 C:\Windows\System32\mf.dll - ok
10:45:15.0403 2236 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
10:45:15.0403 2236 C:\Windows\System32\linkinfo.dll - ok
10:45:15.0418 2236 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
10:45:15.0418 2236 C:\Windows\System32\ntshrui.dll - ok
10:45:15.0418 2236 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
10:45:15.0418 2236 C:\Windows\System32\PhotoMetadataHandler.dll - ok
10:45:15.0418 2236 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
10:45:15.0418 2236 C:\Windows\System32\WindowsCodecsExt.dll - ok
10:45:15.0434 2236 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
10:45:15.0434 2236 C:\Windows\System32\radardt.dll - ok
10:45:15.0434 2236 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
10:45:15.0434 2236 C:\Windows\System32\dllhost.exe - ok
10:45:15.0434 2236 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
10:45:15.0434 2236 C:\Windows\System32\IDStore.dll - ok
10:45:15.0434 2236 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
10:45:15.0434 2236 C:\Windows\System32\AtBroker.exe - ok
10:45:15.0449 2236 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
10:45:15.0449 2236 C:\Windows\System32\wbem\wmipcima.dll - ok
10:45:15.0449 2236 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
10:45:15.0449 2236 C:\Windows\System32\mpr.dll - ok
10:45:15.0449 2236 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
10:45:15.0449 2236 C:\Windows\System32\PlaySndSrv.dll - ok
10:45:15.0449 2236 [ 3E2F9D42647CDC1024511839762ABC0C ] C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
10:45:15.0449 2236 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe - ok
10:45:15.0465 2236 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
10:45:15.0465 2236 C:\Windows\System32\MsCtfMonitor.dll - ok
10:45:15.0465 2236 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
10:45:15.0465 2236 C:\Windows\System32\msutb.dll - ok
10:45:15.0465 2236 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
10:45:15.0465 2236 C:\Windows\System32\userinit.exe - ok
10:45:15.0465 2236 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
10:45:15.0465 2236 C:\Windows\System32\dwm.exe - ok
10:45:15.0481 2236 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
10:45:15.0481 2236 C:\Windows\System32\wmi.dll - ok
10:45:15.0481 2236 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
10:45:15.0481 2236 C:\Windows\System32\HotStartUserAgent.dll - ok
10:45:15.0481 2236 [ C4CE3410C807C16F8B14081B9F00045D ] C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
10:45:15.0481 2236 C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe - ok
10:45:15.0481 2236 [ 5111C2975C5FB818EF6CA7EC36BF818E ] C:\Program Files (x86)\SONY\Setting Utility Series\WBCBatteryCare.exe
10:45:15.0481 2236 C:\Program Files (x86)\SONY\Setting Utility Series\WBCBatteryCare.exe - ok
10:45:15.0496 2236 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
10:45:15.0496 2236 C:\Windows\System32\pautoenr.dll - ok
10:45:15.0496 2236 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
10:45:15.0496 2236 C:\Windows\System32\certcli.dll - ok
10:45:15.0496 2236 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
10:45:15.0496 2236 C:\Windows\System32\dwmcore.dll - ok
10:45:15.0496 2236 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
10:45:15.0496 2236 C:\Windows\System32\dwmredir.dll - ok
10:45:15.0512 2236 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
10:45:15.0512 2236 C:\Windows\explorer.exe - ok
10:45:15.0512 2236 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
10:45:15.0512 2236 C:\Windows\System32\CertEnroll.dll - ok
10:45:15.0512 2236 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
10:45:15.0512 2236 C:\Windows\System32\d3d10_1.dll - ok
10:45:15.0527 2236 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
10:45:15.0527 2236 C:\Windows\System32\d3d10_1core.dll - ok
10:45:15.0527 2236 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:45:15.0527 2236 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:45:15.0527 2236 [ D5D3E0A732985D0B969E3BD72C3575EC ] C:\Windows\System32\aticfx64.dll
10:45:15.0527 2236 C:\Windows\System32\aticfx64.dll - ok
10:45:15.0527 2236 [ DE855170C93C70921021F0C949B70CFF ] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
10:45:15.0527 2236 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe - ok
10:45:15.0543 2236 [ 97803F15CFBF63DB99AC278CB27F671B ] C:\Windows\System32\atidxx64.dll
10:45:15.0543 2236 C:\Windows\System32\atidxx64.dll - ok
10:45:15.0543 2236 [ BC83F508CF61A96A494A04DB1A0D19AA ] C:\Windows\System32\atiuxp64.dll
10:45:15.0543 2236 C:\Windows\System32\atiuxp64.dll - ok
10:45:15.0543 2236 [ C6CB7CE4CC4CE34E271A46194256D32D ] C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll
10:45:15.0543 2236 C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll - ok
10:45:15.0543 2236 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:45:15.0543 2236 C:\Program Files\Sony\VAIO Power Management\SPMService.exe - ok
10:45:15.0559 2236 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
10:45:15.0559 2236 C:\Windows\System32\d2d1.dll - ok
10:45:15.0559 2236 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
10:45:15.0559 2236 C:\Windows\System32\DWrite.dll - ok
10:45:15.0559 2236 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
10:45:15.0559 2236 C:\Windows\System32\msi.dll - ok
10:45:15.0559 2236 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
10:45:15.0559 2236 C:\Windows\System32\oledlg.dll - ok
10:45:15.0574 2236 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
10:45:15.0574 2236 C:\Windows\System32\rasdlg.dll - ok
10:45:15.0574 2236 [ BA53532D322E1364E23821CF19735CE7 ] C:\Program Files\Sony\VAIO Power Management\SPMDam.dll
10:45:15.0574 2236 C:\Program Files\Sony\VAIO Power Management\SPMDam.dll - ok
10:45:15.0574 2236 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
10:45:15.0574 2236 C:\Windows\SysWOW64\oledlg.dll - ok
10:45:15.0574 2236 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
10:45:15.0574 2236 C:\Windows\System32\uDWM.dll - ok
10:45:15.0590 2236 [ 035959D3C1605D6DB6042D4B0190B766 ] C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll
10:45:15.0590 2236 C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll - ok
10:45:15.0590 2236 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
10:45:15.0590 2236 C:\Windows\System32\ExplorerFrame.dll - ok
10:45:15.0590 2236 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
10:45:15.0590 2236 C:\Windows\System32\msimg32.dll - ok
10:45:15.0590 2236 [ 1DDA48E17B6CDB717F0D783D5B755141 ] C:\Program Files\Sony\VAIO Gate\MouseHook.dll
10:45:15.0590 2236 C:\Program Files\Sony\VAIO Gate\MouseHook.dll - ok
10:45:15.0605 2236 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
10:45:15.0605 2236 C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
10:45:15.0605 2236 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
10:45:15.0605 2236 C:\Windows\System32\msvcp60.dll - ok
10:45:15.0605 2236 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
10:45:15.0605 2236 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL - ok
10:45:15.0605 2236 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
10:45:15.0605 2236 C:\Windows\System32\EhStorShell.dll - ok
10:45:15.0621 2236 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
10:45:15.0621 2236 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF - ok
10:45:15.0621 2236 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
10:45:15.0621 2236 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
10:45:15.0621 2236 [ 66E3C667D853DF349E310568F60B9B6A ] C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
10:45:15.0621 2236 C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll - ok
10:45:15.0621 2236 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
10:45:15.0621 2236 C:\Windows\System32\aelupsvc.dll - ok
10:45:15.0637 2236 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
10:45:15.0637 2236 C:\Windows\System32\IconCodecService.dll - ok
10:45:15.0637 2236 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
10:45:15.0637 2236 C:\Windows\System32\appinfo.dll - ok
10:45:15.0637 2236 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
10:45:15.0637 2236 C:\Windows\System32\runonce.exe - ok
10:45:15.0637 2236 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
10:45:15.0637 2236 C:\Windows\SysWOW64\runonce.exe - ok
10:45:15.0652 2236 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
10:45:15.0652 2236 C:\Windows\SysWOW64\propsys.dll - ok
10:45:15.0652 2236 [ 660C8E78B94F483E44B0243A774A4746 ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
10:45:15.0652 2236 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL - ok
10:45:15.0652 2236 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:45:15.0652 2236 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:45:15.0652 2236 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
10:45:15.0652 2236 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
10:45:15.0668 2236 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
10:45:15.0668 2236 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF - ok
10:45:15.0668 2236 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
10:45:15.0668 2236 C:\Windows\SysWOW64\cmd.exe - ok
10:45:15.0668 2236 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
10:45:15.0668 2236 C:\Windows\System32\conhost.exe - ok
10:45:15.0668 2236 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
10:45:15.0668 2236 C:\Windows\SysWOW64\winbrand.dll - ok
10:45:15.0683 2236 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
10:45:15.0683 2236 C:\Windows\SysWOW64\ieframe.dll - ok
10:45:15.0683 2236 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
10:45:15.0683 2236 C:\Windows\SysWOW64\oleacc.dll - ok
10:45:15.0683 2236 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
10:45:15.0683 2236 C:\Windows\SysWOW64\shdocvw.dll - ok
10:45:15.0683 2236 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Matthew\AppData\Local\Temp\FD88741C-A5DC-49A8-8C45-FF5D95885CE4.exe
10:45:15.0699 2236 C:\Users\Matthew\AppData\Local\Temp\FD88741C-A5DC-49A8-8C45-FF5D95885CE4.exe - ok
10:45:15.0699 2236 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
10:45:15.0699 2236 C:\Windows\SysWOW64\cryptnet.dll - ok
10:45:15.0699 2236 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
10:45:15.0699 2236 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
10:45:15.0699 2236 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
10:45:15.0699 2236 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
10:45:15.0699 2236 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
10:45:15.0699 2236 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
10:45:15.0715 2236 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
10:45:15.0715 2236 C:\Windows\SysWOW64\EhStorShell.dll - ok
10:45:15.0715 2236 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
10:45:15.0715 2236 C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
10:45:15.0715 2236 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
10:45:15.0715 2236 C:\Windows\SysWOW64\ntshrui.dll - ok
10:45:15.0715 2236 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
10:45:15.0715 2236 C:\Windows\SysWOW64\slc.dll - ok
10:45:15.0730 2236 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
10:45:15.0730 2236 C:\Windows\SysWOW64\imageres.dll - ok
10:45:15.0730 2236 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
10:45:15.0730 2236 C:\Windows\System32\wuauclt.exe - ok
10:45:15.0730 2236 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
10:45:15.0730 2236 C:\Windows\System32\wucltux.dll - ok
10:45:15.0730 2236 [ 4D96F6F7508BDF46771262EEEA505F98 ] C:\Program Files\Sony\VAIO Care\listener.exe
10:45:15.0730 2236 C:\Program Files\Sony\VAIO Care\listener.exe - ok
10:45:15.0746 2236 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
10:45:15.0746 2236 C:\Windows\System32\wbem\WMIADAP.exe - ok
10:45:15.0746 2236 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
10:45:15.0746 2236 C:\Windows\System32\loadperf.dll - ok
10:45:15.0746 2236 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
10:45:15.0746 2236 C:\Windows\SysWOW64\devrtl.dll - ok
10:45:15.0746 2236 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
10:45:15.0746 2236 C:\Windows\SysWOW64\mpr.dll - ok
10:45:15.0761 2236 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
10:45:15.0761 2236 C:\Windows\System32\ie4uinit.exe - ok
10:45:15.0761 2236 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
10:45:15.0761 2236 C:\Windows\System32\timedate.cpl - ok
10:45:15.0761 2236 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
10:45:15.0761 2236 C:\Windows\System32\actxprxy.dll - ok
10:45:15.0761 2236 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
10:45:15.0761 2236 C:\Windows\System32\shdocvw.dll - ok
10:45:15.0777 2236 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
10:45:15.0777 2236 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
10:45:15.0777 2236 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
10:45:15.0777 2236 C:\Windows\System32\msftedit.dll - ok
10:45:15.0777 2236 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
10:45:15.0777 2236 C:\Windows\System32\msls31.dll - ok
10:45:15.0777 2236 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
10:45:15.0777 2236 C:\Windows\System32\gameux.dll - ok
10:45:15.0793 2236 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
10:45:15.0793 2236 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
10:45:15.0793 2236 [ 8C61888F1581C7812B4BC221F5661EBF ] C:\Program Files\Java\jre6\bin\jusched.exe
10:45:15.0793 2236 C:\Program Files\Java\jre6\bin\jusched.exe - ok
10:45:15.0793 2236 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
10:45:15.0793 2236 C:\Windows\System32\thumbcache.dll - ok
10:45:15.0793 2236 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
10:45:15.0793 2236 C:\Windows\System32\networkexplorer.dll - ok
10:45:15.0808 2236 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
10:45:15.0808 2236 C:\Windows\System32\DeviceCenter.dll - ok
10:45:15.0808 2236 [ CA0CB4C6C3EE567C1EF6F37640EE5C12 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:45:15.0808 2236 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
10:45:15.0808 2236 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
10:45:15.0808 2236 C:\Windows\System32\msiltcfg.dll - ok
10:45:15.0808 2236 [ 5B72629C8144D1A96490D4C090D28DA1 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
10:45:15.0808 2236 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
10:45:15.0824 2236 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
10:45:15.0824 2236 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
10:45:15.0824 2236 [ 043FE3C9088BEADC6A9FFC033C84F20F ] C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
10:45:15.0824 2236 C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE - ok
10:45:15.0824 2236 [ 3CDC9975457E78EE6A9D64599DBB76DD ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
10:45:15.0824 2236 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
10:45:15.0824 2236 [ 323402CA932682F8E698BE9695BCAE15 ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
10:45:15.0824 2236 C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe - ok
10:45:15.0839 2236 [ F6EA75A95BE7580273F6F4437E58A508 ] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
10:45:15.0839 2236 C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe - ok
10:45:15.0839 2236 [ 6C72E91639AA9D190CDA13D389FE7827 ] C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
10:45:15.0839 2236 C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe - ok
10:45:15.0839 2236 [ EF4BF6AB09A06867104DAC48DF35E779 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
10:45:15.0839 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
10:45:15.0839 2236 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
10:45:15.0839 2236 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
10:45:15.0855 2236 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:45:15.0855 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
10:45:15.0855 2236 [ C98FF6C440E8967251F59C7919B505A1 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
10:45:15.0855 2236 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
10:45:15.0855 2236 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:45:15.0855 2236 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:45:15.0871 2236 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
10:45:15.0871 2236 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
10:45:15.0871 2236 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
10:45:15.0871 2236 C:\Windows\System32\dsound.dll - ok
10:45:15.0871 2236 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
10:45:15.0871 2236 C:\Windows\System32\glu32.dll - ok
10:45:15.0871 2236 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
10:45:15.0871 2236 C:\Windows\System32\opengl32.dll - ok
10:45:15.0886 2236 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
10:45:15.0886 2236 C:\Windows\System32\dciman32.dll - ok
10:45:15.0886 2236 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
10:45:15.0886 2236 C:\Windows\System32\ddraw.dll - ok
10:45:15.0886 2236 [ 1B9F01B3AE42B29483D024346DB8A7DE ] C:\Windows\System32\RtkCfg64.dll
10:45:15.0886 2236 C:\Windows\System32\RtkCfg64.dll - ok
10:45:15.0886 2236 [ 9FBFE0DA99E0590AB50388018B531572 ] C:\Windows\System32\RtkHDM64.dll
10:45:15.0886 2236 C:\Windows\System32\RtkHDM64.dll - ok
10:45:15.0902 2236 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
10:45:15.0902 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
10:45:15.0902 2236 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
10:45:15.0902 2236 C:\Windows\SysWOW64\msi.dll - ok
10:45:15.0902 2236 [ 2CB36C206D5158C49366906A53BEC2FA ] C:\Program Files (x86)\SONY\Marketing Tools\HammerProgram.dll
10:45:15.0902 2236 C:\Program Files (x86)\SONY\Marketing Tools\HammerProgram.dll - ok
10:45:15.0902 2236 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
10:45:15.0902 2236 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
10:45:15.0917 2236 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
10:45:15.0917 2236 C:\Windows\System32\ieframe.dll - ok
10:45:15.0917 2236 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:45:15.0917 2236 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
10:45:15.0917 2236 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
10:45:15.0917 2236 C:\Windows\SysWOW64\cabinet.dll - ok
10:45:15.0917 2236 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
10:45:15.0917 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
10:45:15.0933 2236 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
10:45:15.0933 2236 C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
10:45:15.0933 2236 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\40954264.sys
10:45:15.0933 2236 C:\Windows\System32\drivers\40954264.sys - ok
10:45:15.0933 2236 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
10:45:15.0933 2236 C:\Windows\SysWOW64\rasapi32.dll - ok
10:45:15.0933 2236 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:45:15.0933 2236 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
10:45:15.0949 2236 [ B77081F8221968C7DAB794B0BA55C43E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:45:15.0949 2236 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
10:45:15.0949 2236 [ FC19F3D46E21EF65EEA990B8AF2076F6 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL
10:45:15.0949 2236 C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL - ok
10:45:15.0949 2236 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
10:45:15.0949 2236 C:\Windows\SysWOW64\rasman.dll - ok
10:45:15.0949 2236 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
10:45:15.0949 2236 C:\Windows\SysWOW64\rtutils.dll - ok
10:45:15.0964 2236 [ 8A4E324E2C857D7B762B62A684E03E9C ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
10:45:15.0964 2236 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
10:45:15.0964 2236 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
10:45:15.0964 2236 C:\Windows\System32\qmgrprxy.dll - ok
10:45:15.0964 2236 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
10:45:15.0964 2236 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
10:45:15.0964 2236 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
10:45:15.0964 2236 C:\Windows\SysWOW64\qmgrprxy.dll - ok
10:45:15.0980 2236 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
10:45:15.0980 2236 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
10:45:15.0980 2236 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
10:45:15.0980 2236 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
10:45:15.0980 2236 [ 68CE18072E9CDFE63DD2E083868C7433 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
10:45:15.0980 2236 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
10:45:15.0980 2236 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
10:45:15.0980 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
10:45:15.0995 2236 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
10:45:15.0995 2236 C:\Windows\System32\mssprxy.dll - ok
10:45:15.0995 2236 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
10:45:15.0995 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
10:45:15.0995 2236 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
10:45:15.0995 2236 C:\Windows\SysWOW64\mssprxy.dll - ok
10:45:15.0995 2236 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
10:45:15.0995 2236 C:\Windows\SysWOW64\riched20.dll - ok
10:45:16.0011 2236 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
10:45:16.0011 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
10:45:16.0011 2236 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
10:45:16.0011 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
10:45:16.0011 2236 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
10:45:16.0011 2236 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
10:45:16.0011 2236 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
10:45:16.0011 2236 C:\Windows\System32\batmeter.dll - ok
10:45:16.0027 2236 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
10:45:16.0027 2236 C:\Windows\System32\stobject.dll - ok
10:45:16.0027 2236 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
10:45:16.0027 2236 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
10:45:16.0027 2236 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
10:45:16.0027 2236 C:\Windows\System32\prnfldr.dll - ok
10:45:16.0027 2236 [ 7D77E1E022403F876FAEB3BA227DCF6B ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
10:45:16.0027 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
10:45:16.0042 2236 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
10:45:16.0042 2236 C:\Windows\SysWOW64\duser.dll - ok
10:45:16.0042 2236 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
10:45:16.0042 2236 C:\Windows\SysWOW64\dui70.dll - ok
10:45:16.0042 2236 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
10:45:16.0042 2236 C:\Windows\System32\DXP.dll - ok
10:45:16.0042 2236 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
10:45:16.0042 2236 C:\Windows\System32\Syncreg.dll - ok
10:45:16.0058 2236 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
10:45:16.0058 2236 C:\Windows\ehome\ehSSO.dll - ok
10:45:16.0058 2236 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
10:45:16.0058 2236 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
10:45:16.0058 2236 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
10:45:16.0058 2236 C:\Windows\System32\AltTab.dll - ok
10:45:16.0058 2236 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
10:45:16.0058 2236 C:\Windows\System32\WPDShServiceObj.dll - ok
10:45:16.0073 2236 [ 1E70071E1753E43983B1202CE98AEC6F ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
10:45:16.0073 2236 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok
10:45:16.0073 2236 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
10:45:16.0073 2236 C:\Windows\System32\pnidui.dll - ok
10:45:16.0073 2236 [ 6E50CFA46527B39015B750AAD161C5CC ] C:\Program Files\iPod\bin\iPodService.exe
10:45:16.0073 2236 C:\Program Files\iPod\bin\iPodService.exe - ok
10:45:16.0089 2236 [ 79E90A8067069F9323BA8FA4CAE56C65 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
10:45:16.0089 2236 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll - ok
10:45:16.0089 2236 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
10:45:16.0089 2236 C:\Windows\System32\QUTIL.DLL - ok
10:45:16.0089 2236 [ 8044B0D9959B03894973BBD805CA4F36 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
10:45:16.0089 2236 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
10:45:16.0105 2236 [ 9AF2D062007C2C39BFC04679E13DC0C4 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
10:45:16.0105 2236 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
10:45:16.0105 2236 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
10:45:16.0105 2236 C:\Windows\System32\srchadmin.dll - ok
10:45:16.0105 2236 [ 50075B1F5918C8F5E08A55E7658CCF09 ] C:\Program Files\Apoint\Apoint.exe
10:45:16.0105 2236 C:\Program Files\Apoint\Apoint.exe - ok
10:45:16.0120 2236 [ C2AA8CA8DD71C7311D0A2B5BEE661A3A ] C:\Program Files\Apoint\Apvfb.exe
10:45:16.0120 2236 C:\Program Files\Apoint\Apvfb.exe - ok
10:45:16.0120 2236 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
10:45:16.0120 2236 C:\Windows\System32\UIAnimation.dll - ok
10:45:16.0120 2236 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
10:45:16.0120 2236 C:\Windows\System32\ActionCenter.dll - ok
10:45:16.0120 2236 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
10:45:16.0120 2236 C:\Windows\System32\webcheck.dll - ok
10:45:16.0136 2236 [ 1D2B51E5291448DA123644A41250F6D6 ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
10:45:16.0136 2236 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
10:45:16.0136 2236 [ 07DD9DCD1CC2840751A1F8772F3C0195 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
10:45:16.0136 2236 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
10:45:16.0136 2236 [ 5C59E612AA95F10DBD29F6249EA379D3 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
10:45:16.0136 2236 C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe - ok
10:45:16.0136 2236 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
10:45:16.0136 2236 C:\Windows\SysWOW64\msimg32.dll - ok
10:45:16.0151 2236 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
10:45:16.0151 2236 C:\Windows\SysWOW64\mfc100u.dll - ok
10:45:16.0151 2236 [ 6960C8E1F38B8129D5170BF6E5FDD5C5 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.dll
10:45:16.0151 2236 C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.dll - ok
10:45:16.0151 2236 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
10:45:16.0151 2236 C:\Windows\System32\mlang.dll - ok
10:45:16.0167 2236 [ 0425946D02F38707B60914BC2EB39333 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
10:45:16.0167 2236 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
10:45:16.0167 2236 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
10:45:16.0167 2236 C:\Windows\System32\SyncCenter.dll - ok
10:45:16.0167 2236 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
10:45:16.0167 2236 C:\Windows\SysWOW64\mfc100enu.dll - ok
10:45:16.0167 2236 [ B3EE7BD189C5925D4C0D2BBFCA00FDD1 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
10:45:16.0167 2236 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
10:45:16.0183 2236 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
10:45:16.0183 2236 C:\Windows\System32\FXSST.dll - ok
10:45:16.0183 2236 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
10:45:16.0183 2236 C:\Windows\System32\FXSAPI.dll - ok
10:45:16.0183 2236 [ EC8771B7E50FEF948A57A1C065AC944B ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
10:45:16.0183 2236 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
10:45:16.0183 2236 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
10:45:16.0183 2236 C:\Windows\System32\imapi2.dll - ok
10:45:16.0198 2236 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
10:45:16.0198 2236 C:\Windows\System32\FXSSVC.exe - ok
10:45:16.0198 2236 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
10:45:16.0198 2236 C:\Windows\System32\hgcpl.dll - ok
10:45:16.0198 2236 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
10:45:16.0198 2236 C:\Windows\System32\dot3api.dll - ok
10:45:16.0198 2236 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
10:45:16.0198 2236 C:\Windows\System32\wlanhlp.dll - ok
10:45:16.0214 2236 [ 9730643AB698D3B7F19D9192E4D3E4B0 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
10:45:16.0214 2236 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
10:45:16.0214 2236 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
10:45:16.0214 2236 C:\Windows\System32\WWanAPI.dll - ok
10:45:16.0214 2236 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
10:45:16.0214 2236 C:\Windows\System32\wwapi.dll - ok
10:45:16.0214 2236 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
10:45:16.0214 2236 C:\Windows\System32\QAGENT.DLL - ok
10:45:16.0229 2236 [ DFDF919265139FF792D42DEC0899397E ] C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
10:45:16.0229 2236 C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe - ok
10:45:16.0229 2236 [ 751EEDB874FD17A6F26B9E2CC5E19170 ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
10:45:16.0229 2236 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
10:45:16.0229 2236 [ EB74C861075ECFA1B51B396615387657 ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll
10:45:16.0229 2236 C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok
10:45:16.0229 2236 [ EB596E72F63B7C31BE8DF75FA8829B3F ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
10:45:16.0229 2236 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
10:45:16.0245 2236 [ F7E915FA38C119101873AE5E0E7C8B66 ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
10:45:16.0245 2236 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
10:45:16.0245 2236 [ 9384ECD89092864B2EB6D2236155E295 ] C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
10:45:16.0245 2236 C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe - ok
10:45:16.0245 2236 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
10:45:16.0245 2236 C:\Windows\SysWOW64\linkinfo.dll - ok
10:45:16.0245 2236 [ 56E16E01620569C8BE1A2C3DF522917E ] C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
10:45:16.0245 2236 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe - ok
10:45:16.0261 2236 [ 505F3A583338F57AC4A6C826557E3FC7 ] C:\Program Files\Sony\VAIO Care\VCsystray.exe
10:45:16.0261 2236 C:\Program Files\Sony\VAIO Care\VCsystray.exe - ok
10:45:16.0261 2236 [ 73ECD9CFC683A779B95F6D760C7A0BD4 ] C:\Program Files (x86)\SONY\VAIO Event Service\VESShellExeProxy.exe
10:45:16.0261 2236 C:\Program Files (x86)\SONY\VAIO Event Service\VESShellExeProxy.exe - ok
10:45:16.0261 2236 [ 8E7C0AD4BEE9FAF972632FCB43BAA446 ] C:\Program Files\WinRAR\WinRAR.exe
10:45:16.0261 2236 C:\Program Files\WinRAR\WinRAR.exe - ok
10:45:16.0261 2236 [ F924D18569D6E32F867C80F217A185E8 ] C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll
10:45:16.0261 2236 C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll - ok
10:45:16.0276 2236 [ 0FEC5F3C533DAE4B68C57EB8432E7881 ] C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll
10:45:16.0276 2236 C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll - ok
10:45:16.0276 2236 ============================================================
10:45:16.0276 2236 Scan finished
10:45:16.0276 2236 ============================================================
10:45:16.0276 2756 Detected object count: 3
10:45:16.0276 2756 Actual detected object count: 3
10:45:44.0185 2756 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:44.0185 2756 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:44.0200 2756 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:44.0200 2756 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:44.0200 2756 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:44.0200 2756 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:46:15.0353 4780 Deinitialize success


For the aswMBR program, I started the scan but about ten minutes in my computer shut down and a blue screen with writing popped up saying something like "windows has encountered an unexpected error and had to shut down". Should I run it again?

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 21 December 2012 - 10:25 AM

Greetings arkali

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\programdata\Vaudix

DDS::
uInternet Settings,ProxyServer = http=127.0.0.1:25515

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 arkali

arkali
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 21 December 2012 - 02:33 PM

Combofix log:

ComboFix 12-12-20.02 - Matthew 21/12/2012 18:54:14.3.4 - x64
Running from: c:\users\Matthew\Desktop\ComboFix.exe
Command switches used :: c:\users\Matthew\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Vaudix
c:\programdata\Vaudix\50886c2ae831e.ocx
c:\programdata\Vaudix\50886c2ae8357.html
c:\programdata\Vaudix\50886c2ae838f.js
c:\programdata\Vaudix\gnabmgmpjedhkpgnnahnbhgfglmnkhfe.crx
c:\programdata\Vaudix\settings.ini
c:\programdata\Vaudix\uninstall.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
.
.
2012-12-21 19:08 . 2012-12-21 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 20:46 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-12 20:42 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 20:12 . 2012-12-12 20:12 -------- d-----w- C:\VMWAD2
2012-12-12 19:56 . 2010-07-08 14:31 35840 ----a-w- c:\windows\system32\drivers\BVRPMPR5a64.SYS
2012-12-12 17:25 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 17:25 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 17:25 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-12 17:25 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-12 15:08 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 15:08 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 00:15 . 2010-08-24 18:38 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-06 18:32 . 2012-11-06 18:32 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF45F310-8A70-4B20-A410-642BF1CD8108}\offreg.dll
2012-10-22 13:02 . 2012-10-22 13:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-17 02:31 . 2012-11-06 16:57 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF45F310-8A70-4B20-A410-642BF1CD8108}\mpengine.dll
2012-10-16 08:38 . 2012-11-28 18:15 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 18:15 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 18:15 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 03:48 . 2012-10-15 03:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-10-09 18:17 . 2012-11-15 20:44 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 20:44 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 20:44 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 20:44 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-05 03:32 . 2012-10-05 03:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 16:40 . 2012-12-12 20:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 20:44 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 20:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 20:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 20:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 20:44 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 20:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 20:44 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 20:44 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 20:44 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 20:44 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 20:44 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-29 19:54 . 2010-09-30 14:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 14:48 . 2012-09-29 14:48 1793536 ----a-w- c:\windows\system32\EKAiO2MON.dll
2012-09-29 14:48 . 2012-09-29 14:48 183808 ----a-w- c:\windows\system32\EKAiO2COI10.dll
2012-09-25 22:47 . 2012-11-15 20:43 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-15 20:43 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-24 14:32 . 2012-06-30 10:56 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 14:32 . 2010-08-26 16:56 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-05 1354736]
"Facebook Update"="c:\users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-13 138096]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-05-22 26624]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"Conime"="c:\windows\system32\conime.exe" [BU]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\88355744.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 ALSysIO;ALSysIO;c:\users\Matthew\AppData\Local\Temp\ALSysIO64.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-07-08 35840]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-11-13 151936]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-25 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-17 254528]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000Core.job
- c:\users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-07 00:40]
.
2012-12-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000UA.job
- c:\users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-07 00:40]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000Core.job
- c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-09 03:02]
.
2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4160811034-853049981-1848083985-1000UA.job
- c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-09 03:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-22 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{24DCEBB6-DF54-77B6-D53F-C189949014AF} - c:\programdata\Vaudix\50886c2ae831e.ocx
AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:\programdata\Vaudix\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-21 19:28:32
ComboFix-quarantined-files.txt 2012-12-21 19:28
ComboFix2.txt 2012-12-20 13:03
ComboFix3.txt 2012-12-18 17:38
.
Pre-Run: 245,671,079,936 bytes free
Post-Run: 256,955,953,152 bytes free
.
- - End Of File - - 2510F7860624ABB9E29D0EDFD5DCFCCF

I had no problems running combofix. It took some time though.

In terms of the computer, it doesn't seem there is any more of the adware/hover ads. However, I still get access denied at the end of installing malwarebytes. Is that indicative of something wrong?

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 21 December 2012 - 07:06 PM

Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld


These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

XXXX [/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 arkali

arkali
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 22 December 2012 - 11:46 AM

MBAM Log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.22.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Matthew :: MATTHEW-VAIO [administrator]

22/12/2012 16:35:40
mbam-log-2012-12-22 (16-35-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218050
Time elapsed: 3 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Hijackthis report:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:42:37, on 22/12/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matthew\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Vaudix - {24DCEBB6-DF54-77B6-D53F-C189949014AF} - C:\ProgramData\Vaudix\50886c2ae831e.ocx (file missing)
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121002204452.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16250 bytes


I had no problems at all. However, when I ran hijackthis google chrome was still running with some tabs open.

Computer seems to be fine now. Thank you very much for your help.

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 22 December 2012 - 11:00 PM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
      O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
      O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
      O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
      O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
      O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 26 December 2012 - 02:30 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 arkali

arkali
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 27 December 2012 - 10:57 AM

I've got dodgy internet at the moment so I'll run the scans in the next 48 hours and then post them.

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:26 PM

Posted 27 December 2012 - 01:28 PM

no problem and thanks for letting me know



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users