Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit that will not die - IRP Hook


  • This topic is locked This topic is locked
10 replies to this topic

#1 zoddie

zoddie

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 06 March 2013 - 04:00 PM

I've been fighting an infection for a day or two now on a Windows 7 computer.  AVG identifies it as IRP Hook.  I believe it is responsible for shutting my computer down a few times during my removal attempts.  I've run MBAM, and it detects two infections (in svchost, I believe), but even after removal and reboot they always come back.  I jumped the gun and ran Combofix, which removed a few files, but MBAM is still detecting the infection.  Lastly, I tried running aswMBR, fixed the MBR, rebooted, and saw no change.

 

I don't know how else to attack this thing.  My logs:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 1.6.0_30
Run by Owner at 15:42:21 on 2013-03-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3063.645 [GMT -5:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Windows\system32\mqsvc.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\AOL Desktop 9.6\waol.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Common Files\aol\1257817697\ee\aolsoftware.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopConnect.exe
C:\Users\Owner\AppData\Local\CrossLoop\tvnserver.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Owner\AppData\Local\CrossLoop\tvnserver.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3282146&octid=CT3282146&SearchSource=61&CUI=UN23503762801974810&UM=UM_ID&UP=SP27BD2E32-A0E4-484C-A7BB-D7C76E90F95A
uProxyOverride = <local>;*.local
uURLSearchHooks: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - <orphaned>
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
uURLSearchHooks: Produtools Manuals 2.1 B Toolbar: {6c3d3bd4-75f8-4283-bb97-1e22c4c090df} - C:\Program Files (x86)\Produtools_Manuals_2.1_B\prxtbProd.dll
mURLSearchHooks: Produtools Manuals 2.1 B Toolbar: {6c3d3bd4-75f8-4283-bb97-1e22c4c090df} - C:\Program Files (x86)\Produtools_Manuals_2.1_B\prxtbProd.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
BHO: Produtools Manuals 2.1 B Toolbar: {6c3d3bd4-75f8-4283-bb97-1e22c4c090df} - C:\Program Files (x86)\Produtools_Manuals_2.1_B\prxtbProd.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
TB: Produtools Manuals 2.1 B Toolbar: {6C3D3BD4-75F8-4283-BB97-1E22C4C090DF} - C:\Program Files (x86)\Produtools_Manuals_2.1_B\prxtbProd.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
TB: Produtools Manuals 2.1 B Toolbar: {6c3d3bd4-75f8-4283-bb97-1e22c4c090df} - C:\Program Files (x86)\Produtools_Manuals_2.1_B\prxtbProd.dll
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE" -b
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1257817697\ee\AOLSoftware.exe
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JLALPI~1.LNK - C:\Program Files (x86)\JL Alpine Advent Calendar\JL Alpine Advent Calendar.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
IE: &Save the YouTube video as MP3 - C:\Users\Owner\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2A308056-24B9-4E42-840D-E4CDBC85A2F4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4A5B0DF2-012B-4F6F-9CA1-E91A38800471} : NameServer = 205.188.146.145
Handler: linkscanner - <Clsid value has no data>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {95525BD9-6136-4A26-8263-9CEE295D442D} - <orphaned>
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection64.cab
x64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-Handler: linkscanner - <Clsid value has no data>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\rv248uho.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aolrt-chromesbox-en-us&tb_uuid=20110310160633451&tb_oid=26-03-2012&tb_mrud=09-05-2012
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?mtmhp=txtlnkusaolp00000051
FF - prefs.js: keyword.URL - hxxp://search.alot.com/web?src_id=31249&client_id=acd1f8ba03386a66957f5c9b&camp_id=5272&install_time=2012-09-07T23:48:14Z&pr=auto&tb_version=1.0.19000(G)&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-29 55280]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-29 92160]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-26 203776]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-2-20 93984]
R2 CrossLoopService;CrossLoop Service;C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe [2012-2-7 569072]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-10-29 317480]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-4-16 1025352]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-1-14 35840]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-25 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-25 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
.
=============== Created Last 30 ================
.
2013-03-05 21:07:26    20480    ----a-w-    C:\Windows\svchost.exe
2013-03-05 20:26:21    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-03-05 19:33:29    24176    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-03-05 19:33:29    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-05 19:32:17    --------    d-----w-    C:\Program Files\CCleaner
2013-03-04 07:32:32    --------    d-----w-    C:\Users\Owner\AppData\Local\{DE252F54-098D-4041-9F25-E6CF2E964B7E}
2013-03-04 05:59:59    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Roxio Log Files
2013-03-03 05:20:42    --------    d-----w-    C:\Users\Owner\AppData\Local\{B06C43E2-E8A3-4E7E-B288-00FC57286C40}
2013-03-02 07:30:46    --------    d-----w-    C:\Users\Owner\AppData\Local\{12D9CDE6-38A9-4A0D-8F25-DFEF6B05E60E}
2013-03-01 16:44:43    --------    d-----w-    C:\Program Files (x86)\Conduit
2013-03-01 16:44:26    --------    d-----w-    C:\Program Files (x86)\SearchProtect
2013-03-01 16:44:19    --------    d-----w-    C:\Users\Owner\AppData\Roaming\SearchProtect
2013-03-01 16:44:17    --------    d-----w-    C:\Users\Owner\AppData\Local\Conduit
2013-03-01 16:43:47    --------    d-----w-    C:\Program Files (x86)\Produtools_Manuals_2.1_B
2013-03-01 03:12:41    --------    d-----w-    C:\Users\Owner\AppData\Local\{92A8D862-734E-406E-83C2-2999C18C555B}
2013-02-26 20:34:29    --------    d-----w-    C:\Users\Owner\AppData\Local\{BA88E79C-A8B7-449B-B303-667F5FED80BE}
2013-02-23 00:18:00    --------    d-----w-    C:\Users\Owner\AppData\Local\{7E58E770-7DE2-4ED9-BB69-8638E285045D}
2013-02-17 23:40:32    --------    d-----w-    C:\Users\Owner\AppData\Local\{5D170085-7F3F-4CCD-961D-9339AAC06652}
2013-02-17 08:30:57    --------    d-----w-    C:\Users\Owner\AppData\Local\{47DC1ABB-5810-4801-BC51-267242203773}
2013-02-16 00:58:12    106088    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-14 08:03:29    996352    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 08:03:29    768000    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 23:56:05    3153408    ----a-w-    C:\Windows\System32\win32k.sys
2013-02-13 23:56:02    215040    ----a-w-    C:\Windows\System32\winsrv.dll
2013-02-13 23:56:01    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-02-13 23:56:01    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-02-13 23:56:01    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-02-13 23:56:01    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 23:56:00    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-02-13 23:55:57    288088    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 23:55:57    1913192    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-02-13 06:40:18    --------    d-----w-    C:\Users\Owner\AppData\Local\{3A632385-E02A-4698-BC28-DE52B286EC96}
2013-02-12 15:43:01    --------    d-----w-    C:\Users\Owner\AppData\Local\{6A4A7240-05BD-4984-8870-E48370334A9E}
2013-02-12 15:42:25    --------    d-----w-    C:\Users\Owner\AppData\Local\{BC76573A-D878-4E8D-A8E4-C87000E50EB9}
2013-02-09 08:20:07    --------    d-----w-    C:\Program Files (x86)\Ilusion Software
2013-02-06 08:27:58    --------    d-----w-    C:\Program Files (x86)\Audacity
2013-02-05 07:11:33    --------    d-----w-    C:\Users\Owner\AppData\Local\{C34027BE-6569-497D-A50F-6B054923666F}
.
==================== Find3M  ====================
.
2013-02-27 19:58:31    71024    ------w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 19:58:31    691568    ------w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-13 21:17:03    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02    2560    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42    10752    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21    4096    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08    5632    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07    5632    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31    9728    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31    2560    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18    10752    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07    3584    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48    4096    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41    5632    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40    5632    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40    3072    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40    3072    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00    1247744    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22    1988096    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31    293376    ----a-w-    C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00    249856    ----a-w-    C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43    220160    ----a-w-    C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35    1504768    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04    1643520    ----a-w-    C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28    1175552    ----a-w-    C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01    604160    ----a-w-    C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58    207872    ----a-w-    C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14    187392    ----a-w-    C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17    363008    ----a-w-    C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47    161792    ----a-w-    C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25    1080832    ----a-w-    C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39    333312    ----a-w-    C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21    296960    ----a-w-    C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57    3419136    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04    245248    ----a-w-    C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33    648192    ----a-w-    C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30    221184    ----a-w-    C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42    194560    ----a-w-    C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04    1238528    ----a-w-    C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36    3928064    ----a-w-    C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58    364544    ----a-w-    C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52    522752    ----a-w-    C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42    1158144    ----a-w-    C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09    1682432    ----a-w-    C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09    2312704    ----a-w-    C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2013-01-09 01:11:06    1494528    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21    1800704    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29    420864    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-01-04 06:11:21    2284544    ----a-w-    C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13    2776576    ----a-w-    C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2012-12-25 08:44:41    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2012-12-25 08:44:41    458712    ----a-w-    C:\Windows\System32\drivers\cng.sys
2012-12-25 08:44:41    340992    ----a-w-    C:\Windows\System32\schannel.dll
2012-12-25 08:44:41    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2012-12-25 08:44:41    154480    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2012-12-25 08:44:41    1448448    ----a-w-    C:\Windows\System32\lsasrv.dll
2012-12-25 08:44:37    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2012-12-25 08:43:10    366592    ----a-w-    C:\Windows\System32\qdvd.dll
2012-12-25 08:43:09    514560    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2012-12-16 17:11:22    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03    367616    ----a-w-    C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28    295424    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16    441856    ----a-w-    C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31    2746368    ----a-w-    C:\Windows\System32\gameux.dll
2012-12-07 12:26:17    308736    ----a-w-    C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43    2576384    ----a-w-    C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04    30720    ----a-w-    C:\Windows\System32\usk.rs
2012-12-07 11:20:03    43520    ----a-w-    C:\Windows\System32\csrr.rs
2012-12-07 11:20:03    23552    ----a-w-    C:\Windows\System32\oflc.rs
2012-12-07 11:20:01    45568    ----a-w-    C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01    44544    ----a-w-    C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01    20480    ----a-w-    C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00    20480    ----a-w-    C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59    20480    ----a-w-    C:\Windows\System32\pegi.rs
2012-12-07 11:19:58    46592    ----a-w-    C:\Windows\System32\fpb.rs
2012-12-07 11:19:57    40960    ----a-w-    C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57    21504    ----a-w-    C:\Windows\System32\grb.rs
2012-12-07 11:19:57    15360    ----a-w-    C:\Windows\System32\djctq.rs
2012-12-07 11:19:56    55296    ----a-w-    C:\Windows\System32\cero.rs
2012-12-07 11:19:55    51712    ----a-w-    C:\Windows\System32\esrb.rs
.
============= FINISH: 15:50:28.84 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:31 AM

Posted 06 March 2013 - 05:33 PM

Hello 

zoddie

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

Do you have a USb Flash Drive you can use?

Please run MalwareBytes again and post its log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 zoddie

zoddie
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 07 March 2013 - 11:08 PM

We don't have a flash drive but can certainly pick one up.

 

Here's my MBAM log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.08.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: DELLXPS8000 [administrator]

3/7/2013 11:01:40 PM
MBAM-log-2013-03-07 (23-07-08)- bleepingcomputer.txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243411
Time elapsed: 5 minute(s), 10 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 15488 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)
 



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:31 AM

Posted 09 March 2013 - 08:33 PM

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.


To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64)  and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 zoddie

zoddie
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 12 March 2013 - 01:20 PM

Sorry for the delay.  Here is the log --

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-03-2013 01
Ran by SYSTEM at 12-03-2013 14:12:31
Running from K:\
Windows 7 Home Premium   (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [722256 2008-12-11] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-06-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m [1779952 2009-07-07] ()
HKLM-x32\...\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1257817697\ee\AOLSoftware.exe [41800 2010-03-07] (AOL Inc.)
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2674464 2013-02-20] (Conduit)
HKLM-x32\...\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1065480 2013-02-05] (Carbonite, Inc.)
HKU\Owner\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Owner\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\Owner\...\Run: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe [2731296 2013-03-06] (Conduit)
HKU\Owner\...\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [491840 2013-01-15] (IObit)
HKU\Owner\...\Run: [Private WiFi Client] C:\Program Files (x86)\Private Communications\PRIVATE WiFi\WiFiPrivacyClient.exe [971776 2012-12-06] (Private Communications Corp)
HKU\Owner\...\Run: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE" -b [42320 2011-04-25] (AOL Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4A5B0DF2-012B-4F6F-9CA1-E91A38800471}: [NameServer]205.188.146.145
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ===================

2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-09-01] ()
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814904 2012-11-15] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [93984 2013-02-20] (Conduit)
2 CrossLoopService; "C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe" --service [569072 2012-01-06] (CrossLoop)
3 FirebirdServerMAGIXInstance; "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" [3276800 2008-08-07] (MAGIX®)
2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] ()
2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
2 MSMQ; C:\Windows\System32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
2 SNMP; C:\Windows\SysWow64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
3 tvnserver; "C:\Users\Owner\AppData\Local\CrossLoop\tvnserver.exe" -service [814080 2010-07-21] (GlavSoft LLC.)
2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
2 W3SVC; C:\Windows\SysWow64\inetsrv\iisw3adm.dll [397824 2010-11-20] (Microsoft Corporation)
2 SessionLauncher; C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]

==================== Drivers (Whitelisted) =====================

1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)
0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111968 2012-11-15] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
3 MQAC; C:\Windows\System32\Drivers\MQAC.sys [189440 2009-07-13] (Microsoft Corporation)
3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-03-12 14:12 - 2013-03-12 14:12 - 00000000 ____D C:\FRST
2013-03-12 10:02 - 2013-03-12 10:02 - 01466771 ____A (Farbar) C:\Users\Owner\Downloads\FRST64(1).exe
2013-03-12 09:28 - 2013-03-12 09:28 - 00000333 ____A C:\Users\Owner\Documents\SnipFile-{060C1CE1-C679-46E7-96F9-F2C39E5C0AE1}.html
2013-03-12 07:54 - 2013-03-12 07:54 - 00006268 ____A C:\Windows\PFRO.log
2013-03-12 07:31 - 2013-03-12 07:31 - 00133230 ____A C:\Users\Public\Documents\Belarc Advisor Computer Profile.html
2013-03-12 07:31 - 2013-03-12 07:31 - 00000000 ____D C:\Users\Public\Documents\Belarc Advisor Computer Profile_files
2013-03-12 07:28 - 2013-03-12 07:28 - 00002066 ____A C:\Users\Public\Desktop\Belarc Advisor.lnk
2013-03-12 07:28 - 2013-03-12 07:28 - 00000000 ____D C:\Program Files (x86)\Belarc
2013-03-12 07:27 - 2013-03-12 07:27 - 01466771 ____A (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2013-03-12 07:25 - 2013-03-12 10:01 - 00001644 ____A C:\Windows\setupact.log
2013-03-12 07:25 - 2013-03-12 07:25 - 00000000 ____A C:\Windows\setuperr.log
2013-03-12 00:47 - 2013-03-12 00:47 - 00000000 ____D C:\Users\Owner\AppData\Local\{A2F35192-D043-4841-ADD4-546EFC964D56}
2013-03-11 23:59 - 2013-03-11 23:59 - 00001044 ____A C:\Users\Owner\Desktop\Audacity 1.3 Beta (Unicode).lnk
2013-03-11 23:59 - 2013-03-11 23:59 - 00000000 ____D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2013-03-11 22:14 - 2013-03-11 22:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\PriceGong
2013-03-11 22:14 - 2013-03-11 22:14 - 00000000 ____D C:\Users\Owner\AppData\Local\Produtools_Manuals_2.1_B
2013-03-11 11:55 - 2013-03-11 11:56 - 00000000 ____D C:\Users\Owner\AppData\Local\{545409E9-4E9D-4894-9490-A5DF0F650365}
2013-03-11 10:05 - 2013-03-11 10:04 - 13086848 ____A (Todd, Michael & James, Inc.                                 ) C:\Users\Owner\Desktop\SongSurgeon3
2013-03-11 07:37 - 2013-03-11 07:37 - 12954919 ____A C:\Users\Owner\Documents\The_Song_Remembers_When_-_Laurie_edit_3-11-13a.zip
2013-03-11 07:37 - 2013-03-11 07:37 - 00000000 ____D C:\Users\Owner\Documents\The_Song_Remembers_When_-_Laurie_edit_3-11-13a
2013-03-11 02:44 - 2013-03-11 02:44 - 77709312 ____A C:\Windows\System32\config\software.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 44703744 ____A C:\Windows\System32\config\components.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 00438272 ____A C:\Windows\System32\config\default.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 00061440 ____A C:\Windows\System32\config\sam.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 00028672 ____A C:\Windows\System32\config\security.iobit
2013-03-10 03:10 - 2013-03-12 08:52 - 00000000 ____D C:\Program Files (x86)\Everything
2013-03-10 03:00 - 2013-03-10 03:01 - 00000000 ____D C:\Users\Owner\AppData\Roaming\NCH Software
2013-03-10 03:00 - 2013-03-10 03:00 - 00000000 ____D C:\ProgramData\NCH Software
2013-03-10 03:00 - 2013-03-10 03:00 - 00000000 ____D C:\ProgramData\Application Data\NCH Software
2013-03-10 02:59 - 2013-03-10 02:59 - 00001120 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2013-03-10 02:59 - 2013-03-10 02:59 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-03-10 02:57 - 2013-03-10 02:57 - 00899248 ____A (NCH Software) C:\Users\Owner\Desktop\wpsetup.exe
2013-03-10 02:23 - 2013-03-11 23:40 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-03-10 02:20 - 2013-03-10 03:06 - 00341811 ____A () C:\Users\Owner\Desktop\Everything-1.2.1.371.exe
2013-03-09 15:07 - 2013-03-11 22:01 - 00000000 ____D C:\Users\Owner\Desktop\Always Yours
2013-03-09 15:04 - 2013-03-09 15:05 - 00000000 ____D C:\Users\Owner\Desktop\Unknowns
2013-03-09 14:49 - 2013-03-09 14:58 - 00000000 ___RD C:\Users\Owner\Desktop\PHOTO'S
2013-03-09 14:46 - 2013-03-09 14:47 - 00000000 ____D C:\Users\Owner\AppData\Local\PWF
2013-03-09 14:46 - 2013-03-09 14:46 - 00000000 ____D C:\Users\Owner\AppData\Local\IsolatedStorage
2013-03-09 14:44 - 2013-03-09 14:44 - 00002093 ____A C:\Users\Public\Desktop\PRIVATE WiFi.lnk
2013-03-09 14:44 - 2013-03-09 14:44 - 00000000 ____D C:\Program Files (x86)\Private Communications
2013-03-09 14:43 - 2013-03-09 14:44 - 00000000 __HDC C:\ProgramData\Application Data\{E59468FD-CFE1-47D3-A4DF-E5459F851448}
2013-03-09 14:43 - 2013-03-09 14:44 - 00000000 __HDC C:\ProgramData\{E59468FD-CFE1-47D3-A4DF-E5459F851448}
2013-03-09 14:43 - 2013-03-09 14:43 - 00000000 ____D C:\Users\Owner\AppData\Local\PackageAware
2013-03-09 14:33 - 2013-03-09 14:39 - 06199264 ____A (Private Communications                                                                                                                                                                                                                                                                                      ) C:\Users\Owner\Desktop\WiFiPrivacyInstallation.exe
2013-03-08 19:13 - 2013-03-08 19:13 - 00001274 ____A C:\Users\Public\Desktop\Uninstaller.lnk
2013-03-08 19:13 - 2013-03-08 19:13 - 00001223 ____A C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-03-08 19:03 - 2013-03-08 19:03 - 01006912 ____A (IObit) C:\Users\Owner\Desktop\advanced_systemcare_installer.exe
2013-03-06 20:49 - 2013-03-06 20:49 - 00000000 ____D C:\Users\Public\Documents\Brandywineedit1-3-6-13
2013-03-06 20:48 - 2013-03-06 20:48 - 10440386 ____A C:\Users\Public\Documents\Brandywineedit1-3-6-13.zip
2013-03-06 12:55 - 2013-03-06 12:59 - 00018672 ____A C:\Users\Public\Documents\Attach.txt
2013-03-06 12:55 - 2013-03-06 12:55 - 00028947 ____A C:\Users\Public\Documents\DDS.txt
2013-03-06 12:50 - 2013-03-06 12:50 - 00018672 ____A C:\Users\Owner\Desktop\attach.txt
2013-03-05 13:50 - 2013-03-05 13:53 - 00000000 ____D C:\Users\Owner\Documents\2012FallCowElkHuntinSouthernCO
2013-03-05 13:50 - 2013-03-05 13:50 - 03387057 ____A C:\Users\Owner\Documents\2012FallCowElkHuntinSouthernCO.zip
2013-03-05 13:13 - 2013-03-05 13:13 - 00002272 ____A C:\Users\Owner\Desktop\CrossLoop.lnk
2013-03-05 13:07 - 2009-07-13 17:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2013-03-05 12:52 - 2013-03-05 12:52 - 00001913 ____A C:\Users\Public\Documents\aswMBR.txt
2013-03-05 12:52 - 2013-03-05 12:52 - 00000512 ____A C:\Users\Public\Documents\MBR.dat
2013-03-05 12:46 - 2013-03-05 12:48 - 04732416 ____A (AVAST Software) C:\Users\Owner\Downloads\aswMBR.exe
2013-03-05 12:22 - 2013-03-05 12:22 - 00031718 ____A C:\ComboFix.txt
2013-03-05 12:01 - 2013-03-05 12:10 - 05036545 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2013-03-05 12:00 - 2013-03-05 12:00 - 05036545 ____A (Swearware) C:\Users\Owner\Downloads\ComboFix(1).exe
2013-03-05 11:33 - 2013-03-08 16:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-05 11:33 - 2012-12-14 13:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-03-05 11:32 - 2013-03-08 16:46 - 00000000 ____D C:\Program Files\CCleaner
2013-03-05 11:32 - 2013-03-05 11:32 - 10156344 ____A (Malwarebytes Corporation                                    ) C:\Users\Owner\Downloads\mbam-setup-1.70.0.1100.exe
2013-03-05 11:31 - 2013-03-05 11:31 - 04190272 ____A (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup328.exe
2013-03-04 23:09 - 2013-03-04 23:09 - 00017128 ____A C:\Users\Owner\Desktop\Restore Report 03-05-2013 02-06-30AM.html
2013-03-04 17:56 - 2013-03-04 17:56 - 00002134 ____A C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2013-03-03 23:32 - 2013-03-03 23:32 - 00000000 ____D C:\Users\Owner\AppData\Local\{DE252F54-098D-4041-9F25-E6CF2E964B7E}
2013-03-03 21:59 - 2013-03-03 21:59 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Roxio Log Files
2013-03-03 21:54 - 2013-03-03 21:55 - 00005460 ____A C:\INSTALLHELPER.LOG
2013-03-02 23:15 - 2013-03-02 23:16 - 32999840 ____A (Oracle Corporation) C:\Users\Owner\Downloads\jre-7u15-windows-x64(1).exe
2013-03-02 23:13 - 2013-03-02 23:13 - 32999840 ____A (Oracle Corporation) C:\Users\Owner\Downloads\jre-7u15-windows-x64.exe
2013-03-02 23:12 - 2013-03-12 09:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-03-02 21:20 - 2013-03-02 21:20 - 00000000 ____D C:\Users\Owner\AppData\Local\{B06C43E2-E8A3-4E7E-B288-00FC57286C40}
2013-03-01 23:30 - 2013-03-01 23:30 - 00000000 ____D C:\Users\Owner\AppData\Local\{12D9CDE6-38A9-4A0D-8F25-DFEF6B05E60E}
2013-03-01 16:05 - 2013-03-01 16:05 - 13805299 ____A C:\Users\Owner\Documents\The_River_is_Wide-Marty-2ndedit3-1-13.zip
2013-03-01 08:44 - 2013-03-11 22:14 - 00000000 ____D C:\Users\Owner\AppData\Local\Conduit
2013-03-01 08:44 - 2013-03-01 08:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SearchProtect
2013-03-01 08:44 - 2013-03-01 08:44 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-01 08:44 - 2013-03-01 08:44 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-01 08:43 - 2013-03-01 08:44 - 00000000 ____D C:\Program Files (x86)\Produtools_Manuals_2.1_B
2013-03-01 08:41 - 2013-03-01 08:40 - 01988832 ____A (Conduit) C:\Users\Owner\Desktop\Produtools_Manuals_2.1_B.exe
2013-02-28 19:12 - 2013-02-28 19:12 - 00000000 ____D C:\Users\Owner\AppData\Local\{92A8D862-734E-406E-83C2-2999C18C555B}
2013-02-28 15:43 - 2013-02-28 15:44 - 00379904 ____A C:\Users\Owner\Documents\354baltic2.28.2013rvsd.xls
2013-02-27 00:00 - 2013-01-13 13:17 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:17 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:16 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:11 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 13:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:35 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:35 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:35 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:31 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-02-27 00:00 - 2013-01-13 12:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:31 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 00:00 - 2013-01-13 12:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-02-27 00:00 - 2013-01-13 12:20 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-02-27 00:00 - 2013-01-13 12:09 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-02-27 00:00 - 2013-01-13 12:08 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-02-27 00:00 - 2013-01-13 12:08 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-02-27 00:00 - 2013-01-13 11:59 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-02-27 00:00 - 2013-01-13 11:58 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-02-27 00:00 - 2013-01-13 11:54 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-02-27 00:00 - 2013-01-13 11:53 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-02-27 00:00 - 2013-01-13 11:53 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-02-27 00:00 - 2013-01-13 11:51 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-02-27 00:00 - 2013-01-13 11:49 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-02-27 00:00 - 2013-01-13 11:48 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-02-27 00:00 - 2013-01-13 11:46 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-02-27 00:00 - 2013-01-13 11:43 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-02-27 00:00 - 2013-01-13 11:38 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-02-27 00:00 - 2013-01-13 11:38 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-02-27 00:00 - 2013-01-13 11:38 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-02-27 00:00 - 2013-01-13 11:37 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-02-27 00:00 - 2013-01-13 11:25 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-02-27 00:00 - 2013-01-13 11:24 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-02-27 00:00 - 2013-01-13 11:24 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-02-27 00:00 - 2013-01-13 11:20 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-02-27 00:00 - 2013-01-13 11:20 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-02-27 00:00 - 2013-01-13 11:15 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-02-27 00:00 - 2013-01-13 11:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-02-27 00:00 - 2013-01-13 11:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-02-27 00:00 - 2013-01-13 10:34 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-02-27 00:00 - 2013-01-13 10:32 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-02-27 00:00 - 2013-01-13 10:09 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-02-27 00:00 - 2013-01-13 09:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-02-27 00:00 - 2013-01-13 09:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-02-27 00:00 - 2013-01-03 22:11 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-02-27 00:00 - 2013-01-03 22:11 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-02-26 23:45 - 2013-02-26 23:45 - 00049700 ____A C:\Users\Owner\Desktop\Lucida Calligraphy Italic.ttf
2013-02-26 23:37 - 2013-02-26 23:37 - 00117313 ____A C:\Users\Owner\Desktop\Abbeyline.zip
2013-02-26 23:37 - 2013-02-26 23:37 - 00047231 ____A C:\Users\Owner\Desktop\AnnabelAntiqueScript.zip
2013-02-26 12:34 - 2013-02-26 12:34 - 00000000 ____D C:\Users\Owner\AppData\Local\{BA88E79C-A8B7-449B-B303-667F5FED80BE}
2013-02-22 16:18 - 2013-02-22 16:18 - 00000000 ____D C:\Users\Owner\AppData\Local\{7E58E770-7DE2-4ED9-BB69-8638E285045D}
2013-02-17 15:40 - 2013-02-17 15:40 - 00000000 ____D C:\Users\Owner\AppData\Local\{5D170085-7F3F-4CCD-961D-9339AAC06652}
2013-02-17 15:38 - 2013-02-17 15:49 - 00000000 ____D C:\Users\Owner\Documents\IMG(10)
2013-02-17 15:37 - 2013-02-17 15:38 - 01085208 ____A C:\Users\Owner\Documents\IMG(10).zip
2013-02-17 00:54 - 2013-03-08 16:50 - 00000000 ____D C:\Users\Owner\Desktop\Karaoke-Itunes56c87c2
2013-02-17 00:43 - 2013-02-17 00:52 - 00124900 ____A C:\Users\Owner\Desktop\puyuan-itunes-karaoke-56c87c2.zip
2013-02-17 00:30 - 2013-02-17 00:31 - 00000000 ____D C:\Users\Owner\AppData\Local\{47DC1ABB-5810-4801-BC51-267242203773}
2013-02-14 00:01 - 2013-01-08 17:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-02-14 00:01 - 2013-01-08 17:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-02-14 00:01 - 2013-01-08 17:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-02-14 00:01 - 2013-01-08 17:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-02-14 00:01 - 2013-01-08 17:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-02-14 00:01 - 2013-01-08 17:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-02-14 00:01 - 2013-01-08 17:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-02-14 00:01 - 2013-01-08 17:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-02-14 00:01 - 2013-01-08 17:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-02-14 00:01 - 2013-01-08 17:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-02-14 00:01 - 2013-01-08 17:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-02-14 00:01 - 2013-01-08 17:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-02-14 00:01 - 2013-01-08 17:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-02-14 00:01 - 2013-01-08 17:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-02-14 00:01 - 2013-01-08 17:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-02-14 00:01 - 2013-01-08 17:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-02-14 00:01 - 2013-01-08 14:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-02-14 00:01 - 2013-01-08 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-02-14 00:01 - 2013-01-08 14:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-02-14 00:01 - 2013-01-08 14:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-02-14 00:01 - 2013-01-08 14:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-02-14 00:01 - 2013-01-08 14:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-02-14 00:01 - 2013-01-08 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-02-14 00:01 - 2013-01-08 14:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-02-14 00:01 - 2013-01-08 13:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-02-14 00:01 - 2013-01-08 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-02-14 00:01 - 2013-01-08 13:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-02-14 00:01 - 2013-01-08 13:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-02-14 00:01 - 2013-01-08 13:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-02-14 00:01 - 2013-01-08 13:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-02-14 00:01 - 2013-01-08 13:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-02-14 00:01 - 2013-01-08 13:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-02-13 15:56 - 2013-01-03 21:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-02-13 15:56 - 2013-01-03 20:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-02-13 15:56 - 2013-01-03 19:26 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-02-13 15:56 - 2013-01-03 18:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-02-13 15:56 - 2013-01-03 18:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-02-13 15:56 - 2013-01-03 18:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-02-13 15:56 - 2013-01-03 18:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-02-13 15:55 - 2013-01-02 22:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-02-13 15:55 - 2013-01-02 22:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-02-12 22:40 - 2013-02-12 22:40 - 00000000 ____D C:\Users\Owner\AppData\Local\{3A632385-E02A-4698-BC28-DE52B286EC96}
2013-02-12 22:39 - 2013-02-12 22:51 - 00000000 ____D C:\Users\Owner\Documents\Marty&LaurieatBewkes'sHamiltoncamp1966-edit2
2013-02-12 22:39 - 2013-02-12 22:39 - 01291648 ____A C:\Users\Owner\Documents\Marty&LaurieatBewkes'sHamiltoncamp1966-edit2.zip
2013-02-12 12:06 - 2013-02-12 12:06 - 00896928 ____A (Oracle Corporation) C:\Users\Owner\Downloads\chromeinstall-7u13.exe
2013-02-12 07:43 - 2013-02-12 07:43 - 00000000 ____D C:\Users\Owner\AppData\Local\{6A4A7240-05BD-4984-8870-E48370334A9E}
2013-02-12 07:42 - 2013-02-12 07:42 - 00000000 ____D C:\Users\Owner\AppData\Local\{BC76573A-D878-4E8D-A8E4-C87000E50EB9}
2013-02-11 09:37 - 2013-02-11 09:37 - 03353600 ____A C:\Users\Owner\Documents\Trop_mignon.pps

==================== One Month Modified Files and Folders =======

2013-03-12 14:12 - 2013-03-12 14:12 - 00000000 ____D C:\FRST
2013-03-12 10:04 - 2012-02-07 11:37 - 01243488 ____A C:\Windows\WindowsUpdate.log
2013-03-12 10:04 - 2009-07-13 21:13 - 00861522 ____A C:\Windows\System32\PerfStringBackup.INI
2013-03-12 10:02 - 2013-03-12 10:02 - 01466771 ____A (Farbar) C:\Users\Owner\Downloads\FRST64(1).exe
2013-03-12 10:01 - 2013-03-12 07:25 - 00001644 ____A C:\Windows\setupact.log
2013-03-12 10:01 - 2009-11-09 18:46 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-03-12 09:59 - 2013-03-02 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-03-12 09:59 - 2013-01-14 16:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-12 09:58 - 2012-08-11 20:27 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-03-12 09:28 - 2013-03-12 09:28 - 00000333 ____A C:\Users\Owner\Documents\SnipFile-{060C1CE1-C679-46E7-96F9-F2C39E5C0AE1}.html
2013-03-12 08:52 - 2013-03-10 03:10 - 00000000 ____D C:\Program Files (x86)\Everything
2013-03-12 08:24 - 2010-04-23 14:01 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2013-03-12 08:04 - 2009-07-13 20:45 - 00022464 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-03-12 08:04 - 2009-07-13 20:45 - 00022464 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-03-12 07:55 - 2009-11-09 18:46 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-03-12 07:54 - 2013-03-12 07:54 - 00006268 ____A C:\Windows\PFRO.log
2013-03-12 07:54 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-03-12 07:31 - 2013-03-12 07:31 - 00133230 ____A C:\Users\Public\Documents\Belarc Advisor Computer Profile.html
2013-03-12 07:31 - 2013-03-12 07:31 - 00000000 ____D C:\Users\Public\Documents\Belarc Advisor Computer Profile_files
2013-03-12 07:28 - 2013-03-12 07:28 - 00002066 ____A C:\Users\Public\Desktop\Belarc Advisor.lnk
2013-03-12 07:28 - 2013-03-12 07:28 - 00000000 ____D C:\Program Files (x86)\Belarc
2013-03-12 07:27 - 2013-03-12 07:27 - 01466771 ____A (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2013-03-12 07:25 - 2013-03-12 07:25 - 00000000 ____A C:\Windows\setuperr.log
2013-03-12 07:24 - 2012-02-07 10:21 - 00000000 ____D C:\Users\Owner\AppData\Local\CrossLoop
2013-03-12 01:35 - 2012-12-11 00:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Audacity
2013-03-12 00:47 - 2013-03-12 00:47 - 00000000 ____D C:\Users\Owner\AppData\Local\{A2F35192-D043-4841-ADD4-546EFC964D56}
2013-03-11 23:59 - 2013-03-11 23:59 - 00001044 ____A C:\Users\Owner\Desktop\Audacity 1.3 Beta (Unicode).lnk
2013-03-11 23:59 - 2013-03-11 23:59 - 00000000 ____D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2013-03-11 23:40 - 2013-03-10 02:23 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-03-11 22:14 - 2013-03-11 22:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\PriceGong
2013-03-11 22:14 - 2013-03-11 22:14 - 00000000 ____D C:\Users\Owner\AppData\Local\Produtools_Manuals_2.1_B
2013-03-11 22:14 - 2013-03-01 08:44 - 00000000 ____D C:\Users\Owner\AppData\Local\Conduit
2013-03-11 22:01 - 2013-03-09 15:07 - 00000000 ____D C:\Users\Owner\Desktop\Always Yours
2013-03-11 11:56 - 2013-03-11 11:55 - 00000000 ____D C:\Users\Owner\AppData\Local\{545409E9-4E9D-4894-9490-A5DF0F650365}
2013-03-11 10:04 - 2013-03-11 10:05 - 13086848 ____A (Todd, Michael & James, Inc.                                 ) C:\Users\Owner\Desktop\SongSurgeon3
2013-03-11 07:37 - 2013-03-11 07:37 - 12954919 ____A C:\Users\Owner\Documents\The_Song_Remembers_When_-_Laurie_edit_3-11-13a.zip
2013-03-11 07:37 - 2013-03-11 07:37 - 00000000 ____D C:\Users\Owner\Documents\The_Song_Remembers_When_-_Laurie_edit_3-11-13a
2013-03-11 02:50 - 2011-12-04 08:04 - 00000000 ____D C:\Windows\Minidump
2013-03-11 02:44 - 2013-03-11 02:44 - 77709312 ____A C:\Windows\System32\config\software.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 44703744 ____A C:\Windows\System32\config\components.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 00438272 ____A C:\Windows\System32\config\default.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 00061440 ____A C:\Windows\System32\config\sam.iobit
2013-03-11 02:44 - 2013-03-11 02:44 - 00028672 ____A C:\Windows\System32\config\security.iobit
2013-03-11 02:44 - 2012-12-25 17:06 - 00000000 ____D C:\users\DefaultAppPool
2013-03-11 02:44 - 2009-11-09 16:55 - 00000000 ____D C:\users\Owner
2013-03-11 01:54 - 2011-02-08 13:44 - 00000000 ____D C:\Users\Owner\Desktop\My Songs
2013-03-10 23:19 - 2010-07-14 17:07 - 00000000 ____D C:\Users\Owner\Documents\My Recordings
2013-03-10 03:06 - 2013-03-10 02:20 - 00341811 ____A () C:\Users\Owner\Desktop\Everything-1.2.1.371.exe
2013-03-10 03:01 - 2013-03-10 03:00 - 00000000 ____D C:\Users\Owner\AppData\Roaming\NCH Software
2013-03-10 03:00 - 2013-03-10 03:00 - 00000000 ____D C:\ProgramData\NCH Software
2013-03-10 03:00 - 2013-03-10 03:00 - 00000000 ____D C:\ProgramData\Application Data\NCH Software
2013-03-10 02:59 - 2013-03-10 02:59 - 00001120 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2013-03-10 02:59 - 2013-03-10 02:59 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-03-10 02:57 - 2013-03-10 02:57 - 00899248 ____A (NCH Software) C:\Users\Owner\Desktop\wpsetup.exe
2013-03-09 15:05 - 2013-03-09 15:04 - 00000000 ____D C:\Users\Owner\Desktop\Unknowns
2013-03-09 14:58 - 2013-03-09 14:49 - 00000000 ___RD C:\Users\Owner\Desktop\PHOTO'S
2013-03-09 14:47 - 2013-03-09 14:46 - 00000000 ____D C:\Users\Owner\AppData\Local\PWF
2013-03-09 14:46 - 2013-03-09 14:46 - 00000000 ____D C:\Users\Owner\AppData\Local\IsolatedStorage
2013-03-09 14:44 - 2013-03-09 14:44 - 00002093 ____A C:\Users\Public\Desktop\PRIVATE WiFi.lnk
2013-03-09 14:44 - 2013-03-09 14:44 - 00000000 ____D C:\Program Files (x86)\Private Communications
2013-03-09 14:44 - 2013-03-09 14:43 - 00000000 __HDC C:\ProgramData\Application Data\{E59468FD-CFE1-47D3-A4DF-E5459F851448}
2013-03-09 14:44 - 2013-03-09 14:43 - 00000000 __HDC C:\ProgramData\{E59468FD-CFE1-47D3-A4DF-E5459F851448}
2013-03-09 14:43 - 2013-03-09 14:43 - 00000000 ____D C:\Users\Owner\AppData\Local\PackageAware
2013-03-09 14:39 - 2013-03-09 14:33 - 06199264 ____A (Private Communications                                                                                                                                                                                                                                                                                      ) C:\Users\Owner\Desktop\WiFiPrivacyInstallation.exe
2013-03-09 07:57 - 2012-04-13 18:55 - 00000000 ___RD C:\Users\Owner\4Sync
2013-03-08 19:13 - 2013-03-08 19:13 - 00001274 ____A C:\Users\Public\Desktop\Uninstaller.lnk
2013-03-08 19:13 - 2013-03-08 19:13 - 00001223 ____A C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-03-08 19:13 - 2013-03-08 19:13 - 00000000 ____D C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-03-08 19:12 - 2012-12-24 22:36 - 00000000 ____D C:\ProgramData\IObit
2013-03-08 19:12 - 2012-12-24 22:36 - 00000000 ____D C:\ProgramData\Application Data\IObit
2013-03-08 19:03 - 2013-03-08 19:03 - 01006912 ____A (IObit) C:\Users\Owner\Desktop\advanced_systemcare_installer.exe
2013-03-08 16:50 - 2013-03-05 11:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-08 16:50 - 2013-02-17 00:54 - 00000000 ____D C:\Users\Owner\Desktop\Karaoke-Itunes56c87c2
2013-03-08 16:50 - 2012-03-14 00:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-03-08 16:50 - 2011-10-28 20:12 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-03-08 16:50 - 2011-10-28 12:22 - 00000000 ____D C:\Users\Owner\Documents\Van Vlaanderen family hx._files
2013-03-08 16:50 - 2011-10-02 00:20 - 00000000 ____D C:\Program Files (x86)\AOL Desktop 9.6
2013-03-08 16:50 - 2011-06-04 21:49 - 00000000 ____D C:\Users\Owner\Documents\WeightLossExtreme Meta Burn - CANCEL_files
2013-03-08 16:50 - 2011-06-04 21:45 - 00000000 ____D C:\Users\Owner\Documents\Weight Loss Extreme Meta Burn_files
2013-03-08 16:50 - 2011-05-14 08:03 - 00000000 ____D C:\Users\Owner\Documents\02JustLikeAWoman
2013-03-08 16:50 - 2010-12-14 21:13 - 00000000 ____D C:\ProgramData\MFAData
2013-03-08 16:50 - 2010-12-14 21:13 - 00000000 ____D C:\ProgramData\Application Data\MFAData
2013-03-08 16:50 - 2010-07-14 16:31 - 00000000 ____D C:\Users\Owner\Documents\Snowball_Update_Win[1]
2013-03-08 16:50 - 2009-11-09 20:38 - 00000000 ____D C:\ProgramData\CanonIJ
2013-03-08 16:50 - 2009-11-09 20:38 - 00000000 ____D C:\ProgramData\Application Data\CanonIJ
2013-03-08 16:50 - 2009-11-09 17:30 - 00000000 ____D C:\Users\Owner\Documents\New Folder (9)
2013-03-08 16:50 - 2009-11-09 17:19 - 00000000 ____D C:\Users\Owner\Documents\My Albums
2013-03-08 16:50 - 2009-11-09 17:18 - 00000000 __RSD C:\Users\Owner\Documents\McAfee Vaults
2013-03-08 16:50 - 2009-11-09 17:18 - 00000000 ____D C:\Users\Owner\Documents\JEOPARDY! 2
2013-03-08 16:50 - 2009-11-09 17:18 - 00000000 ____D C:\Users\Owner\Documents\Installation Files
2013-03-08 16:50 - 2009-11-09 17:18 - 00000000 ____D C:\Users\Owner\Documents\Corel User Files
2013-03-08 16:50 - 2009-11-09 17:09 - 00000000 ____D C:\Users\Owner\Documents\Palm
2013-03-08 16:50 - 2009-10-29 10:55 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Online
2013-03-08 16:50 - 2009-10-29 10:51 - 00000000 ____D C:\Program Files (x86)\Multimedia Card Reader(9106)
2013-03-08 16:48 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-03-08 16:46 - 2013-03-05 11:32 - 00000000 ____D C:\Program Files\CCleaner
2013-03-08 16:46 - 2010-09-21 10:18 - 00000000 ____D C:\Users\Owner\Documents\Fax
2013-03-08 16:46 - 2009-11-09 17:30 - 00000000 ____D C:\Users\Owner\Documents\My Webs
2013-03-06 20:49 - 2013-03-06 20:49 - 00000000 ____D C:\Users\Public\Documents\Brandywineedit1-3-6-13
2013-03-06 20:48 - 2013-03-06 20:48 - 10440386 ____A C:\Users\Public\Documents\Brandywineedit1-3-6-13.zip
2013-03-06 12:59 - 2013-03-06 12:55 - 00018672 ____A C:\Users\Public\Documents\Attach.txt
2013-03-06 12:55 - 2013-03-06 12:55 - 00028947 ____A C:\Users\Public\Documents\DDS.txt
2013-03-06 12:50 - 2013-03-06 12:50 - 00018672 ____A C:\Users\Owner\Desktop\attach.txt
2013-03-05 22:03 - 2013-01-14 18:04 - 00002185 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-03-05 21:49 - 2010-05-10 22:37 - 00000454 ____A C:\Users\Owner\Desktop\Welcome to AOL.url
2013-03-05 13:53 - 2013-03-05 13:50 - 00000000 ____D C:\Users\Owner\Documents\2012FallCowElkHuntinSouthernCO
2013-03-05 13:50 - 2013-03-05 13:50 - 03387057 ____A C:\Users\Owner\Documents\2012FallCowElkHuntinSouthernCO.zip
2013-03-05 13:13 - 2013-03-05 13:13 - 00002272 ____A C:\Users\Owner\Desktop\CrossLoop.lnk
2013-03-05 12:52 - 2013-03-05 12:52 - 00001913 ____A C:\Users\Public\Documents\aswMBR.txt
2013-03-05 12:52 - 2013-03-05 12:52 - 00000512 ____A C:\Users\Public\Documents\MBR.dat
2013-03-05 12:48 - 2013-03-05 12:46 - 04732416 ____A (AVAST Software) C:\Users\Owner\Downloads\aswMBR.exe
2013-03-05 12:22 - 2013-03-05 12:22 - 00031718 ____A C:\ComboFix.txt
2013-03-05 12:22 - 2012-02-06 14:38 - 00000000 ____D C:\Qoobox
2013-03-05 12:19 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2013-03-05 12:10 - 2013-03-05 12:01 - 05036545 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2013-03-05 12:00 - 2013-03-05 12:00 - 05036545 ____A (Swearware) C:\Users\Owner\Downloads\ComboFix(1).exe
2013-03-05 11:32 - 2013-03-05 11:32 - 10156344 ____A (Malwarebytes Corporation                                    ) C:\Users\Owner\Downloads\mbam-setup-1.70.0.1100.exe
2013-03-05 11:31 - 2013-03-05 11:31 - 04190272 ____A (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup328.exe
2013-03-04 23:09 - 2013-03-04 23:09 - 00017128 ____A C:\Users\Owner\Desktop\Restore Report 03-05-2013 02-06-30AM.html
2013-03-04 17:56 - 2013-03-04 17:56 - 00002134 ____A C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2013-03-03 23:32 - 2013-03-03 23:32 - 00000000 ____D C:\Users\Owner\AppData\Local\{DE252F54-098D-4041-9F25-E6CF2E964B7E}
2013-03-03 22:23 - 2010-10-13 11:18 - 00087744 ____A C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2013-03-03 22:21 - 2009-07-13 20:45 - 00345352 ____A C:\Windows\System32\FNTCACHE.DAT
2013-03-03 22:06 - 2009-10-29 11:03 - 00000000 ____D C:\ProgramData\Roxio
2013-03-03 22:06 - 2009-10-29 11:03 - 00000000 ____D C:\ProgramData\Application Data\Roxio
2013-03-03 21:59 - 2013-03-03 21:59 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Roxio Log Files
2013-03-03 21:59 - 2011-01-25 12:21 - 00000000 ____D C:\ProgramData\CyberLink
2013-03-03 21:59 - 2011-01-25 12:21 - 00000000 ____D C:\ProgramData\Application Data\CyberLink
2013-03-03 21:59 - 2009-10-29 10:55 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-03-03 21:59 - 2009-10-29 10:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-03-03 21:55 - 2013-03-03 21:54 - 00005460 ____A C:\INSTALLHELPER.LOG
2013-03-03 21:55 - 2013-01-14 20:37 - 63959910 ____A C:\alotserviceruntime.log
2013-03-03 21:53 - 2012-08-24 08:39 - 00000000 ____D C:\Program Files (x86)\Bucksbee Loyalty Plugin - 100815
2013-03-03 20:54 - 2012-11-13 08:05 - 00000000 ____D C:\ProgramData\AVG2013
2013-03-03 20:54 - 2012-11-13 08:05 - 00000000 ____D C:\ProgramData\Application Data\AVG2013
2013-03-02 23:16 - 2013-03-02 23:15 - 32999840 ____A (Oracle Corporation) C:\Users\Owner\Downloads\jre-7u15-windows-x64(1).exe
2013-03-02 23:13 - 2013-03-02 23:13 - 32999840 ____A (Oracle Corporation) C:\Users\Owner\Downloads\jre-7u15-windows-x64.exe
2013-03-02 21:20 - 2013-03-02 21:20 - 00000000 ____D C:\Users\Owner\AppData\Local\{B06C43E2-E8A3-4E7E-B288-00FC57286C40}
2013-03-02 20:31 - 2012-04-12 15:52 - 00590928 ____A C:\Users\Owner\AppData\Local\rx_image32.Cache
2013-03-02 20:31 - 2012-04-12 15:52 - 00023320 ____A C:\Users\Owner\AppData\Local\rx_audio.Cache
2013-03-02 14:54 - 2012-08-24 08:41 - 00000000 ____D C:\Users\Owner\.gimp-2.6
2013-03-01 23:30 - 2013-03-01 23:30 - 00000000 ____D C:\Users\Owner\AppData\Local\{12D9CDE6-38A9-4A0D-8F25-DFEF6B05E60E}
2013-03-01 16:27 - 2009-11-09 20:21 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-03-01 16:27 - 2009-11-09 20:21 - 00000000 ____D C:\ProgramData\Application Data\CanonIJPLM
2013-03-01 16:05 - 2013-03-01 16:05 - 13805299 ____A C:\Users\Owner\Documents\The_River_is_Wide-Marty-2ndedit3-1-13.zip
2013-03-01 08:49 - 2013-03-01 08:44 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SearchProtect
2013-03-01 08:44 - 2013-03-01 08:44 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-01 08:44 - 2013-03-01 08:44 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-01 08:44 - 2013-03-01 08:43 - 00000000 ____D C:\Program Files (x86)\Produtools_Manuals_2.1_B
2013-03-01 08:40 - 2013-03-01 08:41 - 01988832 ____A (Conduit) C:\Users\Owner\Desktop\Produtools_Manuals_2.1_B.exe
2013-02-28 19:12 - 2013-02-28 19:12 - 00000000 ____D C:\Users\Owner\AppData\Local\{92A8D862-734E-406E-83C2-2999C18C555B}
2013-02-28 15:44 - 2013-02-28 15:43 - 00379904 ____A C:\Users\Owner\Documents\354baltic2.28.2013rvsd.xls
2013-02-27 11:58 - 2012-04-04 07:28 - 00691568 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-02-27 11:58 - 2011-05-20 12:24 - 00071024 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-02-27 03:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-02-27 00:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-02-27 00:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-02-27 00:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-02-27 00:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-02-26 23:45 - 2013-02-26 23:45 - 00049700 ____A C:\Users\Owner\Desktop\Lucida Calligraphy Italic.ttf
2013-02-26 23:37 - 2013-02-26 23:37 - 00117313 ____A C:\Users\Owner\Desktop\Abbeyline.zip
2013-02-26 23:37 - 2013-02-26 23:37 - 00047231 ____A C:\Users\Owner\Desktop\AnnabelAntiqueScript.zip
2013-02-26 12:34 - 2013-02-26 12:34 - 00000000 ____D C:\Users\Owner\AppData\Local\{BA88E79C-A8B7-449B-B303-667F5FED80BE}
2013-02-26 12:29 - 2009-11-09 20:25 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Canon
2013-02-22 19:13 - 2012-05-16 08:44 - 00000000 ____D C:\Users\Owner\Documents\Doors
2013-02-22 16:18 - 2013-02-22 16:18 - 00000000 ____D C:\Users\Owner\AppData\Local\{7E58E770-7DE2-4ED9-BB69-8638E285045D}
2013-02-22 07:07 - 2013-02-01 07:44 - 00384000 ____A C:\Users\Owner\Documents\354baltic1.30.2013rvsd.xls
2013-02-17 15:49 - 2013-02-17 15:38 - 00000000 ____D C:\Users\Owner\Documents\IMG(10)
2013-02-17 15:40 - 2013-02-17 15:40 - 00000000 ____D C:\Users\Owner\AppData\Local\{5D170085-7F3F-4CCD-961D-9339AAC06652}
2013-02-17 15:38 - 2013-02-17 15:37 - 01085208 ____A C:\Users\Owner\Documents\IMG(10).zip
2013-02-17 00:52 - 2013-02-17 00:43 - 00124900 ____A C:\Users\Owner\Desktop\puyuan-itunes-karaoke-56c87c2.zip
2013-02-17 00:31 - 2013-02-17 00:30 - 00000000 ____D C:\Users\Owner\AppData\Local\{47DC1ABB-5810-4801-BC51-267242203773}
2013-02-14 23:36 - 2012-05-21 21:10 - 00000000 ____D C:\Users\Owner\Desktop\Working Recordings
2013-02-14 00:10 - 2009-10-29 10:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-02-14 00:10 - 2009-10-29 10:53 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help
2013-02-14 00:08 - 2009-11-09 17:03 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-02-13 23:24 - 2010-05-12 13:04 - 00000000 ____D C:\Users\Owner\Documents\1aConstanceDoB1
2013-02-12 22:51 - 2013-02-12 22:39 - 00000000 ____D C:\Users\Owner\Documents\Marty&LaurieatBewkes'sHamiltoncamp1966-edit2
2013-02-12 22:40 - 2013-02-12 22:40 - 00000000 ____D C:\Users\Owner\AppData\Local\{3A632385-E02A-4698-BC28-DE52B286EC96}
2013-02-12 22:39 - 2013-02-12 22:39 - 01291648 ____A C:\Users\Owner\Documents\Marty&LaurieatBewkes'sHamiltoncamp1966-edit2.zip
2013-02-12 12:06 - 2013-02-12 12:06 - 00896928 ____A (Oracle Corporation) C:\Users\Owner\Downloads\chromeinstall-7u13.exe
2013-02-12 07:43 - 2013-02-12 07:43 - 00000000 ____D C:\Users\Owner\AppData\Local\{6A4A7240-05BD-4984-8870-E48370334A9E}
2013-02-12 07:42 - 2013-02-12 07:42 - 00000000 ____D C:\Users\Owner\AppData\Local\{BC76573A-D878-4E8D-A8E4-C87000E50EB9}
2013-02-11 09:37 - 2013-02-11 09:37 - 03353600 ____A C:\Users\Owner\Documents\Trop_mignon.pps

ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-03-08 14:04:44
Restore point made on: 2013-03-08 14:14:10
Restore point made on: 2013-03-09 00:00:41
Restore point made on: 2013-03-09 00:36:24
Restore point made on: 2013-03-09 02:37:43
Restore point made on: 2013-03-09 06:37:22
Restore point made on: 2013-03-09 14:45:15
Restore point made on: 2013-03-09 14:48:46
Restore point made on: 2013-03-09 19:29:48
Restore point made on: 2013-03-10 00:00:33
Restore point made on: 2013-03-10 00:02:39
Restore point made on: 2013-03-10 02:43:32
Restore point made on: 2013-03-10 19:00:37
Restore point made on: 2013-03-10 19:45:38
Restore point made on: 2013-03-10 23:00:43
Restore point made on: 2013-03-10 23:46:41
Restore point made on: 2013-03-11 00:19:09
Restore point made on: 2013-03-11 23:00:32
Restore point made on: 2013-03-11 23:49:48
Restore point made on: 2013-03-12 07:33:54
Restore point made on: 2013-03-12 08:13:02
Restore point made on: 2013-03-12 08:21:14
Restore point made on: 2013-03-12 10:03:09

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 3063.12 MB
Available physical RAM: 2448.98 MB
Total Pagefile: 3061.27 MB
Available Pagefile: 2427.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:683.95 GB) (Free:599.37 GB) NTFS
8 Drive k: (KINGSTON) (Removable) (Total:7.44 GB) (Free:3.23 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:7.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          698 GB      0 B         
  Disk 1    No Media           0 B      0 B         
  Disk 2    No Media           0 B      0 B         
  Disk 3    No Media           0 B      0 B         
  Disk 4    No Media           0 B      0 B         
  Disk 5    Online         7628 MB      0 B         

Partitions of Disk 0:
===============

Disk ID: E05EAAD9

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    OEM                 39 MB    31 KB
  Partition 2    Primary             14 GB    40 MB
  Partition 3    Primary            683 GB    14 GB

==================================================================================

Disk: 0
Partition 1
Type  : DE
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 9                      FAT    Partition     39 MB  Healthy    Hidden  

=========================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     Y   RECOVERY     NTFS   Partition     14 GB  Healthy            

=========================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     C   OS           NTFS   Partition    683 GB  Healthy            

=========================================================

Partitions of Disk 5:
===============

Disk ID: D461D461

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           7624 MB  4032 KB

==================================================================================

Disk: 5
Partition 1
Type  : 0C
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 8     K   KINGSTON     FAT32  Removable   7624 MB  Healthy            

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: E05EAAD9

Partition 1:
=========
Hex: 80001500000000001400000000000000
Active: YES
Type: 00
Size: 0 byte
ATTENTION ===> 0 byte partition bootkit on partition 1

Partition 2:
=========
Hex: 00010100DEFE3F043F00000086390100
Active: NO
Type: DE
Size: 39 MB

Partition 3:
=========
Hex: 8019150507FEFFFF0040010000C0D401
Active: YES
Type: 07 (NTFS)
Size: 15 GB

Partition 4:
=========
Hex: 00FEFFFF07FEFFFF0000D601F05E7E55
Active: NO
Type: 07 (NTFS)
Size: 684 GB

==============================
Partitions of Disk 5:
===============
Disk ID: D461D461

Partition 1:
=========
Hex: 00010C0F0C04E020801F00008040EE00
Active: NO
Type: 0C
Size: 7 GB


Last Boot: 2013-03-05 02:55

==================== End Of Log =============================



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:31 AM

Posted 12 March 2013 - 07:33 PM

1.

Please download the latest version of TDSSKiller from and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

 

2.

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2674464 2013-02-20] (Conduit)
HKU\Owner\...\Run: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe [2731296 2013-03-06] (Conduit)
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
C:\Windows\PFRO.log
C:\Users\Owner\AppData\Local\PWF
C:\Windows\svchost.exe
TDL4: custom:26000022 <===== ATTENTION!



NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

3.

  •    
  • Download RogueKiller on the desktop
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Scan 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

 

 

Things to include in your next reply::

TdssKIller log

Fix.txt

Roguekiller log

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 zoddie

zoddie
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 14 March 2013 - 12:54 PM

13:35:32.0110 3996  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:35:32.0360 3996  ============================================================
13:35:32.0360 3996  Current date / time: 2013/03/14 13:35:32.0360
13:35:32.0360 3996  SystemInfo:
13:35:32.0360 3996 
13:35:32.0360 3996  OS Version: 6.1.7601 ServicePack: 1.0
13:35:32.0360 3996  Product type: Workstation
13:35:32.0360 3996  ComputerName: DELLXPS8000
13:35:32.0360 3996  UserName: Owner
13:35:32.0360 3996  Windows directory: C:\Windows
13:35:32.0360 3996  System windows directory: C:\Windows
13:35:32.0360 3996  Running under WOW64
13:35:32.0360 3996  Processor architecture: Intel x64
13:35:32.0360 3996  Number of processors: 4
13:35:32.0360 3996  Page size: 0x1000
13:35:32.0360 3996  Boot type: Normal boot
13:35:32.0360 3996  ============================================================
13:35:34.0107 3996  BG loaded
13:35:34.0575 3996  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:35:34.0591 3996  ============================================================
13:35:34.0591 3996  \Device\Harddisk0\DR0:
13:35:34.0591 3996  MBR partitions:
13:35:34.0591 3996  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
13:35:34.0591 3996  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
13:35:34.0591 3996  ============================================================
13:35:34.0653 3996  C: <-> \Device\Harddisk0\DR0\Partition2
13:35:34.0653 3996  ============================================================
13:35:34.0653 3996  Initialize success
13:35:34.0653 3996  ============================================================
13:40:33.0616 5172  ============================================================
13:40:33.0616 5172  Scan started
13:40:33.0616 5172  Mode: Manual; SigCheck; TDLFS;
13:40:33.0616 5172  ============================================================
13:40:42.0287 5172  ================ Scan system memory ========================
13:40:42.0287 5172  System memory - ok
13:40:42.0287 5172  ================ Scan services =============================
13:40:42.0597 5172  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:40:42.0857 5172  1394ohci - ok
13:40:42.0957 5172  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:40:43.0017 5172  ACPI - ok
13:40:43.0057 5172  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:40:43.0107 5172  AcpiPmi - ok
13:40:43.0187 5172  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:40:43.0207 5172  AdobeFlashPlayerUpdateSvc - ok
13:40:43.0277 5172  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:40:43.0307 5172  adp94xx - ok
13:40:43.0327 5172  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:40:43.0337 5172  adpahci - ok
13:40:43.0347 5172  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:40:43.0367 5172  adpu320 - ok
13:40:43.0479 5172  [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
13:40:43.0539 5172  AdvancedSystemCareService6 - ok
13:40:43.0599 5172  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:40:43.0699 5172  AeLookupSvc - ok
13:40:43.0769 5172  [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:40:43.0889 5172  AERTFilters - ok
13:40:43.0919 5172  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:40:43.0959 5172  AFD - ok
13:40:44.0009 5172  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:40:44.0019 5172  agp440 - ok
13:40:44.0039 5172  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:40:44.0099 5172  ALG - ok
13:40:44.0119 5172  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:40:44.0129 5172  aliide - ok
13:40:44.0169 5172  [ 54716D9BB43733578A5647E9B121141F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:40:44.0219 5172  AMD External Events Utility - ok
13:40:44.0229 5172  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:40:44.0239 5172  amdide - ok
13:40:44.0269 5172  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:40:44.0319 5172  AmdK8 - ok
13:40:44.0659 5172  [ 522A8BD1414CC7517FAEC907F138DB9C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:40:44.0910 5172  amdkmdag - ok
13:40:44.0940 5172  [ F712C26D40BF3CD2C020BB518E8150B1 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:40:44.0990 5172  amdkmdap - ok
13:40:45.0010 5172  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:40:45.0030 5172  AmdPPM - ok
13:40:45.0070 5172  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:40:45.0080 5172  amdsata - ok
13:40:45.0120 5172  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:40:45.0140 5172  amdsbs - ok
13:40:45.0150 5172  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:40:45.0160 5172  amdxata - ok
13:40:45.0250 5172  [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS         C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
13:40:45.0260 5172  AOL ACS - ok
13:40:45.0340 5172  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
13:40:45.0390 5172  AppHostSvc - ok
13:40:45.0420 5172  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:40:45.0801 5172  AppID - ok
13:40:45.0841 5172  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:40:45.0931 5172  AppIDSvc - ok
13:40:45.0961 5172  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
13:40:46.0001 5172  Appinfo - ok
13:40:46.0181 5172  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:40:46.0211 5172  Apple Mobile Device - ok
13:40:46.0261 5172  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:40:46.0271 5172  arc - ok
13:40:46.0281 5172  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:40:46.0291 5172  arcsas - ok
13:40:46.0311 5172  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:46.0391 5172  AsyncMac - ok
13:40:46.0411 5172  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:40:46.0421 5172  atapi - ok
13:40:46.0711 5172  [ 522A8BD1414CC7517FAEC907F138DB9C ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:40:46.0802 5172  atikmdag - ok
13:40:46.0842 5172  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:40:46.0902 5172  AudioEndpointBuilder - ok
13:40:46.0912 5172  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:40:46.0952 5172  AudioSrv - ok
13:40:47.0112 5172  [ 3A457C2F798CAD79CD30224E723E01FB ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
13:40:47.0142 5172  AVG Security Toolbar Service - ok
13:40:47.0412 5172  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:40:47.0642 5172  AVGIDSAgent - ok
13:40:47.0752 5172  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:40:48.0392 5172  AVGIDSDriver - ok
13:40:48.0462 5172  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
13:40:48.0472 5172  AVGIDSHA - ok
13:40:48.0532 5172  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
13:40:48.0542 5172  Avgldx64 - ok
13:40:48.0602 5172  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
13:40:48.0642 5172  Avgloga - ok
13:40:48.0672 5172  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
13:40:48.0702 5172  Avgmfx64 - ok
13:40:48.0712 5172  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
13:40:48.0732 5172  Avgrkx64 - ok
13:40:48.0782 5172  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
13:40:48.0802 5172  Avgtdia - ok
13:40:48.0842 5172  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:40:48.0862 5172  avgwd - ok
13:40:48.0942 5172  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:40:49.0022 5172  AxInstSV - ok
13:40:49.0102 5172  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:40:49.0142 5172  b06bdrv - ok
13:40:49.0172 5172  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:40:49.0212 5172  b57nd60a - ok
13:40:49.0312 5172  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:40:49.0362 5172  BDESVC - ok
13:40:49.0382 5172  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:40:49.0432 5172  Beep - ok
13:40:49.0492 5172  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:40:49.0542 5172  BFE - ok
13:40:49.0582 5172  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
13:40:49.0642 5172  BITS - ok
13:40:49.0672 5172  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:40:49.0712 5172  blbdrive - ok
13:40:49.0833 5172  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:40:49.0853 5172  Bonjour Service - ok
13:40:49.0893 5172  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:40:49.0933 5172  bowser - ok
13:40:49.0933 5172  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:40:50.0053 5172  BrFiltLo - ok
13:40:50.0073 5172  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:40:50.0093 5172  BrFiltUp - ok
13:40:50.0123 5172  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:40:50.0203 5172  BridgeMP - ok
13:40:50.0233 5172  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:40:50.0283 5172  Browser - ok
13:40:50.0333 5172  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:40:50.0463 5172  Brserid - ok
13:40:50.0483 5172  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:40:50.0513 5172  BrSerWdm - ok
13:40:50.0553 5172  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:40:50.0583 5172  BrUsbMdm - ok
13:40:50.0593 5172  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:40:50.0603 5172  BrUsbSer - ok
13:40:50.0623 5172  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:40:50.0653 5172  BTHMODEM - ok
13:40:50.0723 5172  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:40:50.0823 5172  bthserv - ok
13:40:50.0853 5172  [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64     C:\Windows\system32\drivers\BVRPMPR5a64.SYS
13:40:50.0873 5172  BVRPMPR5a64 - ok
13:40:51.0053 5172  [ F7439FC81A2B81E53D7BFD0C443BA6D6 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
13:40:51.0263 5172  CarboniteService - ok
13:40:51.0263 5172  catchme - ok
13:40:51.0293 5172  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:40:51.0353 5172  cdfs - ok
13:40:51.0383 5172  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:40:51.0413 5172  cdrom - ok
13:40:51.0433 5172  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:40:51.0483 5172  CertPropSvc - ok
13:40:51.0563 5172  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:40:51.0643 5172  circlass - ok
13:40:51.0763 5172  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:40:51.0824 5172  CLFS - ok
13:40:51.0934 5172  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:40:51.0944 5172  clr_optimization_v2.0.50727_32 - ok
13:40:51.0994 5172  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:40:52.0004 5172  clr_optimization_v2.0.50727_64 - ok
13:40:52.0094 5172  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:40:52.0224 5172  clr_optimization_v4.0.30319_32 - ok
13:40:52.0254 5172  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:40:52.0364 5172  clr_optimization_v4.0.30319_64 - ok
13:40:52.0444 5172  [ 1CDFB108952A68CB8DAAC67177850560 ] CltMngSvc       C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
13:40:52.0474 5172  CltMngSvc - ok
13:40:52.0494 5172  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:52.0514 5172  CmBatt - ok
13:40:52.0534 5172  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:40:52.0544 5172  cmdide - ok
13:40:52.0634 5172  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
13:40:52.0684 5172  CNG - ok
13:40:52.0714 5172  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:40:52.0734 5172  Compbatt - ok
13:40:52.0764 5172  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:40:52.0814 5172  CompositeBus - ok
13:40:52.0814 5172  COMSysApp - ok
13:40:52.0834 5172  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:40:52.0844 5172  crcdisk - ok
13:40:53.0244 5172  [ 97558F429F8F09446AE51C1AA88C9B9B ] CrossLoopService C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe
13:40:53.0284 5172  CrossLoopService - ok
13:40:53.0314 5172  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:40:53.0384 5172  CryptSvc - ok
13:40:53.0558 5172  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:40:53.0696 5172  DcomLaunch - ok
13:40:53.0807 5172  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:40:53.0917 5172  defragsvc - ok
13:40:53.0977 5172  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:40:54.0027 5172  DfsC - ok
13:40:54.0127 5172  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:40:54.0387 5172  Dhcp - ok
13:40:54.0417 5172  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:40:54.0517 5172  discache - ok
13:40:54.0577 5172  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:40:54.0597 5172  Disk - ok
13:40:54.0677 5172  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:40:54.0937 5172  Dnscache - ok
13:40:55.0177 5172  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:40:55.0317 5172  DockLoginService ( UnsignedFile.Multi.Generic ) - warning
13:40:55.0317 5172  DockLoginService - detected UnsignedFile.Multi.Generic (1)
13:40:55.0667 5172  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:40:55.0897 5172  dot3svc - ok
13:40:56.0047 5172  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:40:56.0117 5172  DPS - ok
13:40:56.0237 5172  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:40:56.0797 5172  drmkaud - ok
13:40:57.0107 5172  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:40:57.0187 5172  DXGKrnl - ok
13:40:57.0357 5172  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:40:57.0427 5172  EapHost - ok
13:40:58.0238 5172  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:40:58.0378 5172  ebdrv - ok
13:40:58.0458 5172  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:40:58.0508 5172  EFS - ok
13:40:58.0688 5172  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:40:58.0839 5172  ehRecvr - ok
13:40:58.0909 5172  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:40:59.0029 5172  ehSched - ok
13:40:59.0079 5172  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:40:59.0121 5172  elxstor - ok
13:40:59.0161 5172  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:40:59.0281 5172  ErrDev - ok
13:40:59.0771 5172  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:40:59.0831 5172  EventSystem - ok
13:40:59.0891 5172  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:40:59.0941 5172  exfat - ok
13:41:00.0341 5172  Fabs - ok
13:41:00.0361 5172  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:41:00.0411 5172  fastfat - ok
13:41:00.0481 5172  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:41:00.0581 5172  Fax - ok
13:41:00.0651 5172  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:41:00.0671 5172  fdc - ok
13:41:00.0701 5172  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:41:00.0741 5172  fdPHost - ok
13:41:00.0751 5172  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:41:00.0791 5172  FDResPub - ok
13:41:00.0811 5172  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:41:00.0821 5172  FileInfo - ok
13:41:00.0831 5172  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:41:00.0881 5172  Filetrace - ok
13:41:00.0991 5172  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:41:01.0101 5172  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
13:41:01.0101 5172  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
13:41:01.0121 5172  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:41:01.0141 5172  flpydisk - ok
13:41:01.0191 5172  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:41:01.0211 5172  FltMgr - ok
13:41:01.0261 5172  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:41:01.0401 5172  FontCache - ok
13:41:01.0461 5172  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:41:01.0491 5172  FontCache3.0.0.0 - ok
13:41:01.0551 5172  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:41:01.0571 5172  FsDepends - ok
13:41:01.0651 5172  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:41:01.0701 5172  Fs_Rec - ok
13:41:01.0781 5172  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:41:01.0841 5172  fvevol - ok
13:41:01.0872 5172  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:41:01.0882 5172  gagp30kx - ok
13:41:01.0932 5172  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:41:01.0932 5172  GEARAspiWDM - ok
13:41:02.0002 5172  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:41:02.0052 5172  gpsvc - ok
13:41:02.0142 5172  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:02.0152 5172  gupdate - ok
13:41:02.0162 5172  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:02.0172 5172  gupdatem - ok
13:41:02.0212 5172  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:41:02.0282 5172  hcw85cir - ok
13:41:02.0342 5172  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:41:02.0362 5172  HdAudAddService - ok
13:41:02.0432 5172  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:41:02.0482 5172  HDAudBus - ok
13:41:02.0532 5172  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:41:02.0582 5172  HidBatt - ok
13:41:02.0602 5172  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:41:02.0632 5172  HidBth - ok
13:41:02.0672 5172  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:41:02.0702 5172  HidIr - ok
13:41:02.0742 5172  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
13:41:02.0782 5172  hidserv - ok
13:41:02.0912 5172  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:41:02.0942 5172  HidUsb - ok
13:41:02.0972 5172  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:41:03.0022 5172  hkmsvc - ok
13:41:03.0072 5172  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:41:03.0102 5172  HomeGroupListener - ok
13:41:03.0152 5172  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:41:03.0192 5172  HomeGroupProvider - ok
13:41:03.0222 5172  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:41:03.0232 5172  HpSAMD - ok
13:41:03.0292 5172  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:41:03.0362 5172  HTTP - ok
13:41:03.0402 5172  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:41:03.0422 5172  hwpolicy - ok
13:41:03.0442 5172  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:41:03.0452 5172  i8042prt - ok
13:41:03.0522 5172  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:41:03.0532 5172  iaStor - ok
13:41:03.0622 5172  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:41:03.0642 5172  iaStorV - ok
13:41:03.0692 5172  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:41:03.0712 5172  idsvc - ok
13:41:03.0762 5172  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:41:03.0772 5172  iirsp - ok
13:41:03.0883 5172  [ E5E6A7D13BBC0F80B866D021F306BF6C ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
13:41:03.0903 5172  IJPLMSVC - ok
13:41:03.0963 5172  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:41:04.0033 5172  IKEEXT - ok
13:41:04.0145 5172  [ D42D651676883181400E22957A7E0B1E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:41:04.0255 5172  IntcAzAudAddService - ok
13:41:04.0275 5172  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:41:04.0295 5172  intelide - ok
13:41:04.0315 5172  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:41:04.0355 5172  intelppm - ok
13:41:04.0395 5172  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:41:04.0475 5172  IPBusEnum - ok
13:41:04.0555 5172  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:04.0605 5172  IpFilterDriver - ok
13:41:04.0685 5172  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:41:04.0725 5172  iphlpsvc - ok
13:41:04.0765 5172  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:41:04.0785 5172  IPMIDRV - ok
13:41:04.0805 5172  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:41:04.0865 5172  IPNAT - ok
13:41:04.0985 5172  [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:41:05.0055 5172  iPod Service - ok
13:41:05.0105 5172  [ 11FE7637A49B67D9B1F895B2AD4D982F ] iprip           C:\Windows\System32\iprip.dll
13:41:05.0145 5172  iprip - ok
13:41:05.0165 5172  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:41:05.0215 5172  IRENUM - ok
13:41:05.0225 5172  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:41:05.0255 5172  isapnp - ok
13:41:05.0275 5172  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:41:05.0295 5172  iScsiPrt - ok
13:41:05.0405 5172  [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
13:41:05.0445 5172  k57nd60a - ok
13:41:05.0545 5172  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:41:05.0635 5172  kbdclass - ok
13:41:05.0765 5172  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:41:05.0855 5172  kbdhid - ok
13:41:05.0936 5172  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:41:05.0946 5172  KeyIso - ok
13:41:06.0086 5172  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:41:06.0146 5172  KSecDD - ok
13:41:06.0246 5172  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:41:06.0276 5172  KSecPkg - ok
13:41:06.0316 5172  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:41:06.0406 5172  ksthunk - ok
13:41:06.0556 5172  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:41:06.0646 5172  KtmRm - ok
13:41:06.0756 5172  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:41:06.0826 5172  LanmanServer - ok
13:41:06.0876 5172  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:41:06.0937 5172  LanmanWorkstation - ok
13:41:06.0957 5172  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:41:07.0027 5172  lltdio - ok
13:41:07.0047 5172  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:41:07.0107 5172  lltdsvc - ok
13:41:07.0127 5172  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:41:07.0167 5172  lmhosts - ok
13:41:07.0197 5172  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:41:07.0217 5172  LSI_FC - ok
13:41:07.0247 5172  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:41:07.0277 5172  LSI_SAS - ok
13:41:07.0287 5172  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:41:07.0297 5172  LSI_SAS2 - ok
13:41:07.0337 5172  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:41:07.0347 5172  LSI_SCSI - ok
13:41:07.0357 5172  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:41:07.0407 5172  luafv - ok
13:41:07.0457 5172  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
13:41:07.0497 5172  LVPr2M64 - ok
13:41:07.0537 5172  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
13:41:07.0547 5172  LVPr2Mon - ok
13:41:07.0817 5172  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
13:41:07.0968 5172  LVRS64 - ok
13:41:08.0939 5172  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
13:41:09.0088 5172  LVUVC64 - ok
13:41:09.0123 5172  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:41:09.0153 5172  Mcx2Svc - ok
13:41:09.0193 5172  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:41:09.0203 5172  megasas - ok
13:41:09.0223 5172  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:41:09.0233 5172  MegaSR - ok
13:41:09.0273 5172  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:41:09.0343 5172  MMCSS - ok
13:41:09.0393 5172  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:41:09.0443 5172  Modem - ok
13:41:09.0473 5172  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:41:09.0543 5172  monitor - ok
13:41:09.0623 5172  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:41:09.0683 5172  mouclass - ok
13:41:09.0753 5172  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:41:09.0833 5172  mouhid - ok
13:41:09.0933 5172  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:41:09.0993 5172  mountmgr - ok
13:41:10.0193 5172  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:41:10.0273 5172  MozillaMaintenance - ok
13:41:10.0313 5172  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:41:10.0383 5172  mpio - ok
13:41:10.0493 5172  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:41:10.0553 5172  mpsdrv - ok
13:41:10.0653 5172  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:41:10.0743 5172  MpsSvc - ok
13:41:10.0833 5172  [ CD22D2563039DDA6793F7624719363A7 ] MQAC            C:\Windows\system32\drivers\mqac.sys
13:41:10.0923 5172  MQAC - ok
13:41:10.0963 5172  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:41:10.0983 5172  MRxDAV - ok
13:41:11.0073 5172  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:11.0113 5172  mrxsmb - ok
13:41:11.0183 5172  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:41:11.0213 5172  mrxsmb10 - ok
13:41:11.0263 5172  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:41:11.0313 5172  mrxsmb20 - ok
13:41:11.0343 5172  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:41:11.0363 5172  msahci - ok
13:41:11.0393 5172  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:41:11.0413 5172  msdsm - ok
13:41:11.0433 5172  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:41:11.0463 5172  MSDTC - ok
13:41:11.0613 5172  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:41:11.0733 5172  Msfs - ok
13:41:11.0763 5172  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:41:11.0803 5172  mshidkmdf - ok
13:41:11.0833 5172  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:41:11.0853 5172  msisadrv - ok
13:41:11.0873 5172  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:41:11.0923 5172  MSiSCSI - ok
13:41:11.0923 5172  msiserver - ok
13:41:11.0953 5172  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:41:12.0003 5172  MSKSSRV - ok
13:41:12.0043 5172  [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ            C:\Windows\system32\mqsvc.exe
13:41:12.0073 5172  MSMQ - ok
13:41:12.0093 5172  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:41:12.0133 5172  MSPCLOCK - ok
13:41:12.0163 5172  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:41:12.0233 5172  MSPQM - ok
13:41:12.0273 5172  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:41:12.0293 5172  MsRPC - ok
13:41:12.0313 5172  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:41:12.0323 5172  mssmbios - ok
13:41:12.0333 5172  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:41:12.0363 5172  MSTEE - ok
13:41:12.0413 5172  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:41:12.0433 5172  MTConfig - ok
13:41:12.0453 5172  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:41:12.0463 5172  Mup - ok
13:41:12.0503 5172  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:41:12.0543 5172  napagent - ok
13:41:12.0583 5172  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:41:12.0623 5172  NativeWifiP - ok
13:41:12.0793 5172  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:41:12.0833 5172  NDIS - ok
13:41:12.0863 5172  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:41:12.0903 5172  NdisCap - ok
13:41:12.0923 5172  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:41:12.0963 5172  NdisTapi - ok
13:41:12.0993 5172  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:41:13.0033 5172  Ndisuio - ok
13:41:13.0103 5172  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:41:13.0143 5172  NdisWan - ok
13:41:13.0203 5172  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:41:13.0263 5172  NDProxy - ok
13:41:13.0283 5172  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:41:13.0363 5172  NetBIOS - ok
13:41:13.0413 5172  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:41:13.0443 5172  NetBT - ok
13:41:13.0473 5172  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:41:13.0483 5172  Netlogon - ok
13:41:13.0563 5172  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:41:13.0693 5172  Netman - ok
13:41:13.0723 5172  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:41:13.0773 5172  netprofm - ok
13:41:13.0813 5172  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:41:13.0833 5172  NetTcpPortSharing - ok
13:41:13.0843 5172  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:41:13.0853 5172  nfrd960 - ok
13:41:13.0903 5172  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:41:13.0923 5172  NlaSvc - ok
13:41:13.0933 5172  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:41:13.0973 5172  Npfs - ok
13:41:14.0023 5172  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:41:14.0063 5172  nsi - ok
13:41:14.0083 5172  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:41:14.0113 5172  nsiproxy - ok
13:41:14.0163 5172  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:41:14.0213 5172  Ntfs - ok
13:41:14.0233 5172  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:41:14.0283 5172  Null - ok
13:41:14.0343 5172  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:41:14.0393 5172  nvraid - ok
13:41:14.0423 5172  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:41:14.0443 5172  nvstor - ok
13:41:14.0453 5172  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:41:14.0463 5172  nv_agp - ok
13:41:14.0623 5172  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:41:14.0653 5172  odserv - ok
13:41:14.0693 5172  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:41:14.0713 5172  ohci1394 - ok
13:41:14.0753 5172  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:41:14.0773 5172  ose - ok
13:41:14.0853 5172  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:41:14.0893 5172  p2pimsvc - ok
13:41:15.0364 5172  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:41:15.0464 5172  p2psvc - ok
13:41:15.0514 5172  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:41:15.0594 5172  Parport - ok
13:41:15.0674 5172  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:41:16.0054 5172  partmgr - ok
13:41:16.0094 5172  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:41:16.0154 5172  PcaSvc - ok
13:41:16.0224 5172  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:41:16.0244 5172  pci - ok
13:41:16.0274 5172  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:41:16.0304 5172  pciide - ok
13:41:16.0324 5172  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:41:16.0344 5172  pcmcia - ok
13:41:16.0354 5172  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:41:16.0364 5172  pcw - ok
13:41:16.0444 5172  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:41:16.0484 5172  PEAUTH - ok
13:41:16.0744 5172  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:41:16.0774 5172  PerfHost - ok
13:41:16.0894 5172  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:41:16.0984 5172  pla - ok
13:41:17.0024 5172  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:41:17.0074 5172  PlugPlay - ok
13:41:17.0084 5172  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:41:17.0094 5172  PNRPAutoReg - ok
13:41:17.0134 5172  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:41:17.0154 5172  PNRPsvc - ok
13:41:17.0224 5172  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:41:17.0294 5172  PolicyAgent - ok
13:41:17.0304 5172  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:41:17.0364 5172  Power - ok
13:41:17.0384 5172  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:41:17.0454 5172  PptpMiniport - ok
13:41:17.0494 5172  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:41:17.0564 5172  Processor - ok
13:41:17.0604 5172  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:41:17.0634 5172  ProfSvc - ok
13:41:17.0644 5172  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:41:17.0654 5172  ProtectedStorage - ok
13:41:17.0694 5172  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:41:17.0744 5172  Psched - ok
13:41:17.0784 5172  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
13:41:17.0794 5172  PxHlpa64 - ok
13:41:17.0864 5172  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:41:17.0904 5172  ql2300 - ok
13:41:17.0914 5172  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:41:17.0934 5172  ql40xx - ok
13:41:17.0984 5172  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:41:17.0994 5172  QWAVE - ok
13:41:18.0024 5172  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:41:18.0044 5172  QWAVEdrv - ok
13:41:18.0054 5172  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:41:18.0084 5172  RasAcd - ok
13:41:18.0124 5172  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:41:18.0164 5172  RasAgileVpn - ok
13:41:18.0204 5172  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:41:18.0244 5172  RasAuto - ok
13:41:18.0294 5172  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:41:18.0364 5172  Rasl2tp - ok
13:41:18.0424 5172  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:41:18.0504 5172  RasMan - ok
13:41:18.0554 5172  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:41:18.0604 5172  RasPppoe - ok
13:41:18.0624 5172  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:41:18.0694 5172  RasSstp - ok
13:41:18.0784 5172  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:41:18.0834 5172  rdbss - ok
13:41:18.0894 5172  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:41:18.0954 5172  rdpbus - ok
13:41:18.0974 5172  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:41:19.0054 5172  RDPCDD - ok
13:41:19.0084 5172  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:41:19.0244 5172  RDPENCDD - ok
13:41:19.0334 5172  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:41:19.0394 5172  RDPREFMP - ok
13:41:19.0604 5172  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:41:19.0864 5172  RdpVideoMiniport - ok
13:41:20.0024 5172  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:41:20.0424 5172  RDPWD - ok
13:41:20.0564 5172  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:41:20.0644 5172  rdyboost - ok
13:41:20.0784 5172  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:41:20.0904 5172  RemoteAccess - ok
13:41:21.0004 5172  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:41:21.0064 5172  RemoteRegistry - ok
13:41:21.0174 5172  [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:41:21.0274 5172  RimUsb - ok
13:41:21.0314 5172  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:41:21.0364 5172  RpcEptMapper - ok
13:41:21.0474 5172  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:41:21.0554 5172  RpcLocator - ok
13:41:21.0734 5172  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:41:21.0764 5172  RpcSs - ok
13:41:21.0804 5172  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:41:21.0864 5172  rspndr - ok
13:41:21.0904 5172  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:41:21.0914 5172  SamSs - ok
13:41:22.0174 5172  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:41:22.0204 5172  sbp2port - ok
13:41:22.0224 5172  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:41:22.0264 5172  SCardSvr - ok
13:41:22.0304 5172  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:41:22.0354 5172  scfilter - ok
13:41:22.0484 5172  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:41:22.0574 5172  Schedule - ok
13:41:22.0604 5172  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:41:22.0634 5172  SCPolicySvc - ok
13:41:22.0684 5172  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:41:22.0754 5172  SDRSVC - ok
13:41:22.0784 5172  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:41:22.0814 5172  secdrv - ok
13:41:22.0834 5172  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:41:22.0874 5172  seclogon - ok
13:41:22.0924 5172  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
13:41:22.0964 5172  SENS - ok
13:41:22.0984 5172  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:41:23.0014 5172  SensrSvc - ok
13:41:23.0024 5172  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:41:23.0044 5172  Serenum - ok
13:41:23.0064 5172  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:41:23.0074 5172  Serial - ok
13:41:23.0104 5172  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:41:23.0144 5172  sermouse - ok
13:41:23.0174 5172  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:41:23.0224 5172  SessionEnv - ok
13:41:23.0254 5172  SessionLauncher - ok
13:41:23.0284 5172  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:41:23.0314 5172  sffdisk - ok
13:41:23.0324 5172  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:41:23.0334 5172  sffp_mmc - ok
13:41:23.0354 5172  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:41:23.0374 5172  sffp_sd - ok
13:41:23.0394 5172  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:41:23.0404 5172  sfloppy - ok
13:41:23.0464 5172  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:41:23.0534 5172  SharedAccess - ok
13:41:23.0654 5172  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:41:23.0754 5172  ShellHWDetection - ok
13:41:23.0784 5172  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:41:23.0814 5172  SiSRaid2 - ok
13:41:23.0834 5172  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:41:23.0854 5172  SiSRaid4 - ok
13:41:23.0954 5172  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:41:23.0974 5172  SkypeUpdate - ok
13:41:23.0984 5172  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:41:24.0034 5172  Smb - ok
13:41:24.0074 5172  [ CA62AE004E98374BF7F082CD765EEA02 ] SNMP            C:\Windows\System32\snmp.exe
13:41:24.0154 5172  SNMP - ok
13:41:24.0164 5172  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:41:24.0194 5172  SNMPTRAP - ok
13:41:24.0204 5172  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:41:24.0214 5172  spldr - ok
13:41:24.0314 5172  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:41:24.0364 5172  Spooler - ok
13:41:24.0834 5172  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:41:24.0964 5172  sppsvc - ok
13:41:25.0004 5172  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:41:25.0054 5172  sppuinotify - ok
13:41:25.0154 5172  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:41:25.0194 5172  srv - ok
13:41:25.0214 5172  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:41:25.0244 5172  srv2 - ok
13:41:25.0264 5172  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:41:25.0284 5172  srvnet - ok
13:41:25.0324 5172  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:41:25.0374 5172  SSDPSRV - ok
13:41:25.0424 5172  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:41:25.0474 5172  SstpSvc - ok
13:41:25.0574 5172  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:41:25.0624 5172  stexstor - ok
13:41:25.0864 5172  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:41:25.0964 5172  stisvc - ok
13:41:25.0994 5172  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:41:26.0014 5172  swenum - ok
13:41:26.0204 5172  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:41:26.0294 5172  swprv - ok
13:41:26.0364 5172  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:41:26.0424 5172  SysMain - ok
13:41:26.0454 5172  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:41:26.0474 5172  TabletInputService - ok
13:41:26.0534 5172  [ BCD6A90D6FD757CE9C29DDC850F7F231 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:41:26.0574 5172  tap0901 - ok
13:41:26.0594 5172  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:41:26.0624 5172  TapiSrv - ok
13:41:26.0674 5172  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:41:26.0704 5172  TBS - ok
13:41:26.0994 5172  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:41:27.0074 5172  Tcpip - ok
13:41:27.0264 5172  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:41:27.0294 5172  TCPIP6 - ok
13:41:27.0354 5172  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:41:27.0374 5172  tcpipreg - ok
13:41:27.0384 5172  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:41:27.0444 5172  TDPIPE - ok
13:41:27.0474 5172  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:41:27.0494 5172  TDTCP - ok
13:41:27.0614 5172  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:41:27.0754 5172  tdx - ok
13:41:27.0814 5172  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:41:27.0824 5172  TermDD - ok
13:41:27.0944 5172  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:41:28.0004 5172  TermService - ok
13:41:28.0074 5172  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:41:28.0114 5172  Themes - ok
13:41:28.0144 5172  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:41:28.0174 5172  THREADORDER - ok
13:41:28.0194 5172  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:41:28.0244 5172  TrkWks - ok
13:41:28.0344 5172  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:41:28.0394 5172  TrustedInstaller - ok
13:41:28.0414 5172  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:41:28.0454 5172  tssecsrv - ok
13:41:28.0504 5172  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:41:28.0584 5172  TsUsbFlt - ok
13:41:28.0624 5172  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:41:28.0664 5172  tunnel - ok
13:41:29.0604 5172  [ 7694DCA064D0B7E0D1A6972BB9C71B39 ] tvnserver       C:\Users\Owner\AppData\Local\CrossLoop\tvnserver.exe
13:41:29.0664 5172  tvnserver ( UnsignedFile.Multi.Generic ) - warning
13:41:29.0664 5172  tvnserver - detected UnsignedFile.Multi.Generic (1)
13:41:29.0684 5172  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:41:29.0694 5172  uagp35 - ok
13:41:29.0764 5172  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:41:29.0834 5172  udfs - ok
13:41:29.0864 5172  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:41:29.0884 5172  UI0Detect - ok
13:41:29.0904 5172  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:41:29.0934 5172  uliagpkx - ok
13:41:29.0954 5172  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
13:41:29.0964 5172  umbus - ok
13:41:29.0974 5172  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:41:29.0984 5172  UmPass - ok
13:41:30.0214 5172  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:41:30.0244 5172  UMVPFSrv - ok
13:41:30.0294 5172  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:41:30.0354 5172  upnphost - ok
13:41:30.0394 5172  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:41:30.0414 5172  USBAAPL64 - ok
13:41:30.0434 5172  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:41:30.0484 5172  usbaudio - ok
13:41:30.0514 5172  [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus          C:\Windows\system32\DRIVERS\lgx64bus.sys
13:41:30.0544 5172  usbbus - ok
13:41:30.0554 5172  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:41:30.0594 5172  usbccgp - ok
13:41:30.0624 5172  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:41:30.0644 5172  usbcir - ok
13:41:30.0664 5172  [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag         C:\Windows\system32\DRIVERS\lgx64diag.sys
13:41:30.0684 5172  UsbDiag - ok
13:41:30.0714 5172  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:41:30.0734 5172  usbehci - ok
13:41:30.0764 5172  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:41:30.0784 5172  usbhub - ok
13:41:30.0804 5172  [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem        C:\Windows\system32\DRIVERS\lgx64modem.sys
13:41:30.0824 5172  USBModem - ok
13:41:30.0834 5172  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:41:30.0844 5172  usbohci - ok
13:41:30.0874 5172  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:41:30.0904 5172  usbprint - ok
13:41:30.0924 5172  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:41:30.0964 5172  usbscan - ok
13:41:30.0984 5172  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:41:31.0024 5172  USBSTOR - ok
13:41:31.0034 5172  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:41:31.0054 5172  usbuhci - ok
13:41:31.0074 5172  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:41:31.0124 5172  UxSms - ok
13:41:31.0144 5172  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:41:31.0154 5172  VaultSvc - ok
13:41:31.0194 5172  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:41:31.0224 5172  vdrvroot - ok
13:41:31.0314 5172  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:41:31.0394 5172  vds - ok
13:41:31.0414 5172  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:41:31.0444 5172  vga - ok
13:41:31.0464 5172  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:41:31.0504 5172  VgaSave - ok
13:41:31.0564 5172  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:41:31.0594 5172  vhdmp - ok
13:41:31.0604 5172  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:41:31.0614 5172  viaide - ok
13:41:31.0634 5172  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:41:31.0664 5172  volmgr - ok
13:41:31.0704 5172  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:41:31.0734 5172  volmgrx - ok
13:41:31.0744 5172  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:41:31.0754 5172  volsnap - ok
13:41:31.0764 5172  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:41:31.0774 5172  vsmraid - ok
13:41:32.0034 5172  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:41:32.0114 5172  VSS - ok
13:41:32.0144 5172  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:41:32.0174 5172  vwifibus - ok
13:41:32.0204 5172  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:41:32.0244 5172  W32Time - ok
13:41:32.0424 5172  [ B32009DB1972E7F2C227499289C4384A ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
13:41:32.0474 5172  W3SVC - ok
13:41:32.0484 5172  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:41:32.0514 5172  WacomPen - ok
13:41:32.0544 5172  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:41:32.0584 5172  WANARP - ok
13:41:32.0594 5172  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:41:32.0624 5172  Wanarpv6 - ok
13:41:32.0654 5172  [ ECEB715BECE47E101DDEC06B11126066 ] wanatw          C:\Windows\system32\DRIVERS\wanatw64.sys
13:41:32.0684 5172  wanatw - ok
13:41:32.0694 5172  [ B32009DB1972E7F2C227499289C4384A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
13:41:32.0704 5172  WAS - ok
13:41:32.0984 5172  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:41:33.0034 5172  WatAdminSvc - ok
13:41:33.0294 5172  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:41:33.0354 5172  wbengine - ok
13:41:33.0384 5172  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:41:33.0404 5172  WbioSrvc - ok
13:41:33.0444 5172  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:41:33.0504 5172  wcncsvc - ok
13:41:33.0524 5172  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:41:33.0544 5172  WcsPlugInService - ok
13:41:33.0564 5172  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:41:33.0584 5172  Wd - ok
13:41:33.0644 5172  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:41:33.0684 5172  Wdf01000 - ok
13:41:33.0704 5172  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:41:33.0784 5172  WdiServiceHost - ok
13:41:33.0784 5172  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:41:33.0794 5172  WdiSystemHost - ok
13:41:33.0874 5172  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:41:33.0934 5172  WebClient - ok
13:41:33.0945 5172  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:41:33.0985 5172  Wecsvc - ok
13:41:34.0045 5172  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:41:34.0095 5172  wercplsupport - ok
13:41:34.0115 5172  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:41:34.0155 5172  WerSvc - ok
13:41:34.0195 5172  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:41:34.0225 5172  WfpLwf - ok
13:41:34.0255 5172  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:41:34.0285 5172  WIMMount - ok
13:41:34.0315 5172  WinDefend - ok
13:41:34.0315 5172  WinHttpAutoProxySvc - ok
13:41:34.0395 5172  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:41:34.0445 5172  Winmgmt - ok
13:41:34.0685 5172  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:41:34.0775 5172  WinRM - ok
13:41:34.0835 5172  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:41:34.0865 5172  WinUsb - ok
13:41:35.0045 5172  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:41:35.0125 5172  Wlansvc - ok
13:41:35.0405 5172  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:41:35.0485 5172  wlidsvc - ok
13:41:35.0525 5172  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:41:35.0555 5172  WmiAcpi - ok
13:41:35.0585 5172  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:41:35.0605 5172  wmiApSrv - ok
13:41:35.0625 5172  WMPNetworkSvc - ok
13:41:35.0645 5172  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:41:35.0655 5172  WPCSvc - ok
13:41:35.0695 5172  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:41:35.0725 5172  WPDBusEnum - ok
13:41:35.0745 5172  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:41:35.0775 5172  ws2ifsl - ok
13:41:35.0795 5172  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
13:41:35.0825 5172  wscsvc - ok
13:41:35.0825 5172  WSearch - ok
13:41:36.0225 5172  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:41:36.0305 5172  wuauserv - ok
13:41:36.0355 5172  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:41:36.0415 5172  WudfPf - ok
13:41:36.0425 5172  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:41:36.0455 5172  WUDFRd - ok
13:41:36.0485 5172  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:41:36.0515 5172  wudfsvc - ok
13:41:36.0565 5172  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:41:36.0635 5172  WwanSvc - ok
13:41:36.0635 5172  ================ Scan global ===============================
13:41:36.0745 5172  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:41:36.0805 5172  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:41:36.0825 5172  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:41:36.0855 5172  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:41:36.0865 5172  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:41:36.0865 5172  [Global] - ok
13:41:36.0875 5172  ================ Scan MBR ==================================
13:41:36.0875 5172  [ D7AD5AA31A559120C3BA48FD0A1B1636 ] \Device\Harddisk0\DR0
13:41:36.0875 5172  Suspicious mbr (Forged): \Device\Harddisk0\DR0
13:41:36.0945 5172  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
13:41:36.0945 5172  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
13:41:37.0345 5172  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:41:37.0345 5172  \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:41:37.0345 5172  ================ Scan VBR ==================================
13:41:37.0345 5172  [ A5C682221BB3BE9CA89446427C662F59 ] \Device\Harddisk0\DR0\Partition1
13:41:37.0345 5172  \Device\Harddisk0\DR0\Partition1 - ok
13:41:37.0355 5172  [ C7F7140ACA3BB3C4BB3FC71E50E0A8F1 ] \Device\Harddisk0\DR0\Partition2
13:41:37.0355 5172  \Device\Harddisk0\DR0\Partition2 - ok
13:41:37.0355 5172  ================ Scan active images ========================
13:41:37.0355 5172  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
13:41:37.0355 5172  C:\Windows\System32\drivers\atapi.sys - ok
13:41:37.0355 5172  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
13:41:37.0355 5172  C:\Windows\System32\drivers\crashdmp.sys - ok
13:41:37.0365 5172  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
13:41:37.0365 5172  C:\Windows\System32\drivers\Dumpata.sys - ok
13:41:37.0365 5172  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
13:41:37.0365 5172  C:\Windows\System32\drivers\dumpfve.sys - ok
13:41:37.0365 5172  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
13:41:37.0365 5172  C:\Windows\System32\drivers\cdrom.sys - ok
13:41:37.0365 5172  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
13:41:37.0365 5172  C:\Windows\System32\drivers\null.sys - ok
13:41:37.0375 5172  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
13:41:37.0375 5172  C:\Windows\System32\drivers\beep.sys - ok
13:41:37.0375 5172  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
13:41:37.0375 5172  C:\Windows\System32\drivers\msfs.sys - ok
13:41:37.0375 5172  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
13:41:37.0375 5172  C:\Windows\System32\drivers\npfs.sys - ok
13:41:37.0375 5172  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
13:41:37.0375 5172  C:\Windows\System32\drivers\RDPCDD.sys - ok
13:41:37.0385 5172  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
13:41:37.0385 5172  C:\Windows\System32\drivers\RDPENCDD.sys - ok
13:41:37.0385 5172  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
13:41:37.0385 5172  C:\Windows\System32\drivers\RDPREFMP.sys - ok
13:41:37.0385 5172  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
13:41:37.0385 5172  C:\Windows\System32\drivers\tdi.sys - ok
13:41:37.0395 5172  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
13:41:37.0395 5172  C:\Windows\System32\drivers\tdx.sys - ok
13:41:37.0395 5172  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
13:41:37.0395 5172  C:\Windows\System32\drivers\vga.sys - ok
13:41:37.0395 5172  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
13:41:37.0395 5172  C:\Windows\System32\drivers\videoprt.sys - ok
13:41:37.0395 5172  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
13:41:37.0395 5172  C:\Windows\System32\drivers\watchdog.sys - ok
13:41:37.0405 5172  [ 6E634525613D48A1D1657FB21F21F3B2 ] C:\Windows\System32\drivers\avgtdia.sys
13:41:37.0405 5172  C:\Windows\System32\drivers\avgtdia.sys - ok
13:41:37.0405 5172  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
13:41:37.0405 5172  C:\Windows\System32\drivers\afd.sys - ok
13:41:37.0405 5172  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
13:41:37.0405 5172  C:\Windows\System32\drivers\netbios.sys - ok
13:41:37.0405 5172  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
13:41:37.0405 5172  C:\Windows\System32\drivers\netbt.sys - ok
13:41:37.0415 5172  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
13:41:37.0415 5172  C:\Windows\System32\drivers\pacer.sys - ok
13:41:37.0415 5172  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
13:41:37.0415 5172  C:\Windows\System32\drivers\wanarp.sys - ok
13:41:37.0415 5172  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
13:41:37.0415 5172  C:\Windows\System32\drivers\wfplwf.sys - ok
13:41:37.0425 5172  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
13:41:37.0425 5172  C:\Windows\System32\drivers\ws2ifsl.sys - ok
13:41:37.0425 5172  [ 5989592A91A17587799792A81E1541D4 ] C:\Windows\System32\drivers\avgldx64.sys
13:41:37.0425 5172  C:\Windows\System32\drivers\avgldx64.sys - ok
13:41:37.0425 5172  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
13:41:37.0425 5172  C:\Windows\System32\drivers\blbdrive.sys - ok
13:41:37.0425 5172  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
13:41:37.0425 5172  C:\Windows\System32\drivers\dfsc.sys - ok
13:41:37.0435 5172  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
13:41:37.0435 5172  C:\Windows\System32\drivers\discache.sys - ok
13:41:37.0435 5172  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
13:41:37.0435 5172  C:\Windows\System32\drivers\mssmbios.sys - ok
13:41:37.0435 5172  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
13:41:37.0435 5172  C:\Windows\System32\drivers\nsiproxy.sys - ok
13:41:37.0445 5172  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
13:41:37.0445 5172  C:\Windows\System32\drivers\rdbss.sys - ok
13:41:37.0445 5172  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
13:41:37.0445 5172  C:\Windows\System32\drivers\termdd.sys - ok
13:41:37.0445 5172  [ F712C26D40BF3CD2C020BB518E8150B1 ] C:\Windows\System32\drivers\atikmpag.sys
13:41:37.0445 5172  C:\Windows\System32\drivers\atikmpag.sys - ok
13:41:37.0445 5172  [ 388056EBD5FE6718FE669078DBE37897 ] C:\Windows\System32\drivers\avgidsdrivera.sys
13:41:37.0445 5172  C:\Windows\System32\drivers\avgidsdrivera.sys - ok
13:41:37.0455 5172  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
13:41:37.0455 5172  C:\Windows\System32\drivers\intelppm.sys - ok
13:41:37.0455 5172  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
13:41:37.0455 5172  C:\Windows\System32\drivers\tunnel.sys - ok
13:41:37.0455 5172  [ 522A8BD1414CC7517FAEC907F138DB9C ] C:\Windows\System32\drivers\atikmdag.sys
13:41:37.0455 5172  C:\Windows\System32\drivers\atikmdag.sys - ok
13:41:37.0455 5172  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
13:41:37.0455 5172  C:\Windows\System32\ntdll.dll - ok
13:41:37.0465 5172  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
13:41:37.0465 5172  C:\Windows\System32\smss.exe - ok
13:41:37.0465 5172  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
13:41:37.0465 5172  C:\Windows\System32\drivers\dxgkrnl.sys - ok
13:41:37.0465 5172  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
13:41:37.0465 5172  C:\Windows\System32\drivers\dxgmms1.sys - ok
13:41:37.0475 5172  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
13:41:37.0475 5172  C:\Windows\System32\drivers\1394ohci.sys - ok
13:41:37.0475 5172  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
13:41:37.0475 5172  C:\Windows\System32\drivers\hdaudbus.sys - ok
13:41:37.0475 5172  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
13:41:37.0475 5172  C:\Windows\System32\drivers\usbehci.sys - ok
13:41:37.0475 5172  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
13:41:37.0475 5172  C:\Windows\System32\drivers\usbport.sys - ok
13:41:37.0485 5172  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
13:41:37.0485 5172  C:\Windows\System32\drivers\agilevpn.sys - ok
13:41:37.0485 5172  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
13:41:37.0485 5172  C:\Windows\System32\drivers\CompositeBus.sys - ok
13:41:37.0485 5172  [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
13:41:37.0485 5172  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
13:41:37.0495 5172  [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] C:\Windows\System32\drivers\k57nd60a.sys
13:41:37.0495 5172  C:\Windows\System32\drivers\k57nd60a.sys - ok
13:41:37.0495 5172  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
13:41:37.0495 5172  C:\Windows\System32\drivers\ndistapi.sys - ok
13:41:37.0495 5172  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
13:41:37.0495 5172  C:\Windows\System32\drivers\rasl2tp.sys - ok
13:41:37.0495 5172  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
13:41:37.0495 5172  C:\Windows\System32\drivers\kbdclass.sys - ok
13:41:37.0505 5172  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
13:41:37.0505 5172  C:\Windows\System32\drivers\mouclass.sys - ok
13:41:37.0505 5172  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
13:41:37.0505 5172  C:\Windows\System32\drivers\ndiswan.sys - ok
13:41:37.0505 5172  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
13:41:37.0505 5172  C:\Windows\System32\drivers\raspppoe.sys - ok
13:41:37.0515 5172  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
13:41:37.0515 5172  C:\Windows\System32\drivers\raspptp.sys - ok
13:41:37.0515 5172  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
13:41:37.0515 5172  C:\Windows\System32\drivers\rassstp.sys - ok
13:41:37.0515 5172  [ BCD6A90D6FD757CE9C29DDC850F7F231 ] C:\Windows\System32\drivers\tap0901.sys
13:41:37.0515 5172  C:\Windows\System32\drivers\tap0901.sys - ok
13:41:37.0515 5172  [ ECEB715BECE47E101DDEC06B11126066 ] C:\Windows\System32\drivers\wanatw64.sys
13:41:37.0515 5172  C:\Windows\System32\drivers\wanatw64.sys - ok
13:41:37.0525 5172  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
13:41:37.0525 5172  C:\Windows\System32\drivers\ks.sys - ok
13:41:37.0525 5172  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
13:41:37.0525 5172  C:\Windows\System32\drivers\swenum.sys - ok
13:41:37.0525 5172  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
13:41:37.0525 5172  C:\Windows\System32\drivers\umbus.sys - ok
13:41:37.0525 5172  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
13:41:37.0525 5172  C:\Windows\System32\drivers\usbhub.sys - ok
13:41:37.0535 5172  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
13:41:37.0535 5172  C:\Windows\System32\drivers\ndproxy.sys - ok
13:41:37.0535 5172  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
13:41:37.0535 5172  C:\Windows\System32\drivers\drmk.sys - ok
13:41:37.0535 5172  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
13:41:37.0535 5172  C:\Windows\System32\drivers\ksthunk.sys - ok
13:41:37.0535 5172  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
13:41:37.0535 5172  C:\Windows\System32\drivers\portcls.sys - ok
13:41:37.0545 5172  [ D42D651676883181400E22957A7E0B1E ] C:\Windows\System32\drivers\RTKVHD64.sys
13:41:37.0545 5172  C:\Windows\System32\drivers\RTKVHD64.sys - ok
13:41:37.0545 5172  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
13:41:37.0545 5172  C:\Windows\System32\autochk.exe - ok
13:41:37.0545 5172  [ DC83C9F4130F447EAD187879708C8035 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
13:41:37.0545 5172  C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
13:41:37.0555 5172  [ E3F8DC5B5AF00A892ED3546C01C9B6E1 ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
13:41:37.0555 5172  C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
13:41:37.0555 5172  [ 70D1A44B0D05FEC737CC2C9662D6FB70 ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
13:41:37.0555 5172  C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
13:41:37.0555 5172  [ 4848422594D3B6A6BFF438AF0B6D030D ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
13:41:37.0555 5172  C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
13:41:37.0555 5172  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
13:41:37.0555 5172  C:\Windows\System32\drivers\usbd.sys - ok
13:41:37.0565 5172  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
13:41:37.0565 5172  C:\Windows\System32\drivers\usbccgp.sys - ok
13:41:37.0565 5172  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
13:41:37.0565 5172  C:\Windows\System32\drivers\hidparse.sys - ok
13:41:37.0565 5172  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
13:41:37.0565 5172  C:\Windows\System32\drivers\hidclass.sys - ok
13:41:37.0575 5172  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
13:41:37.0575 5172  C:\Windows\System32\drivers\hidusb.sys - ok
13:41:37.0575 5172  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
13:41:37.0575 5172  C:\Windows\System32\drivers\kbdhid.sys - ok
13:41:37.0575 5172  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
13:41:37.0575 5172  C:\Windows\System32\drivers\mouhid.sys - ok
13:41:37.0575 5172  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
13:41:37.0575 5172  C:\Windows\System32\drivers\USBSTOR.SYS - ok
13:41:37.0585 5172  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] C:\Windows\System32\drivers\lvuvc64.sys
13:41:37.0585 5172  C:\Windows\System32\drivers\lvuvc64.sys - ok
13:41:37.0585 5172  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
13:41:37.0585 5172  C:\Windows\System32\drivers\USBAUDIO.sys - ok
13:41:37.0585 5172  [ 0C85B2B6FB74B36A251792D45E0EF860 ] C:\Windows\System32\drivers\lvrs64.sys
13:41:37.0585 5172  C:\Windows\System32\drivers\lvrs64.sys - ok
13:41:37.0585 5172  [ 784BD252A13B3DDDA29790FBCB64E536 ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll
13:41:37.0585 5172  C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok
13:41:37.0595 5172  [ 2C19A4BC4D3C714F890A58B4C942077F ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll
13:41:37.0595 5172  C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok
13:41:37.0595 5172  [ B4CF2DAC753DD785FD92076B3CD36CED ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll
13:41:37.0595 5172  C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok
13:41:37.0595 5172  [ CF433BC29D4089D264F24A1ED371941D ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
13:41:37.0595 5172  C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
13:41:37.0605 5172  [ B7D172EC0DD4FB8A9A9CE817E01B1103 ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
13:41:37.0605 5172  C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
13:41:37.0605 5172  [ C297715529E28F7283EE621CCFDB1DDB ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
13:41:37.0605 5172  C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
13:41:37.0605 5172  [ 06F3F7E9E9B29C32F8702B541E4C2156 ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
13:41:37.0605 5172  C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
13:41:37.0605 5172  [ 275061F56FC648ED884C38A93EAB6FC6 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
13:41:37.0605 5172  C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
13:41:37.0615 5172  [ AAD184F33A9A4A2AECF3CB5247651D01 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
13:41:37.0615 5172  C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
13:41:37.0615 5172  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
13:41:37.0615 5172  C:\Windows\System32\comdlg32.dll - ok
13:41:37.0615 5172  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
13:41:37.0615 5172  C:\Windows\System32\advapi32.dll - ok
13:41:37.0625 5172  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
13:41:37.0625 5172  C:\Windows\System32\clbcatq.dll - ok
13:41:37.0625 5172  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
13:41:37.0625 5172  C:\Windows\System32\difxapi.dll - ok
13:41:37.0625 5172  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
13:41:37.0625 5172  C:\Windows\System32\lpk.dll - ok
13:41:37.0625 5172  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
13:41:37.0625 5172  C:\Windows\System32\msvcrt.dll - ok
13:41:37.0635 5172  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
13:41:37.0635 5172  C:\Windows\System32\normaliz.dll - ok
13:41:37.0635 5172  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
13:41:37.0635 5172  C:\Windows\System32\oleaut32.dll - ok
13:41:37.0635 5172  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
13:41:37.0635 5172  C:\Windows\System32\sechost.dll - ok
13:41:37.0635 5172  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
13:41:37.0635 5172  C:\Windows\System32\ws2_32.dll - ok
13:41:37.0645 5172  [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
13:41:37.0645 5172  C:\Windows\System32\iertutil.dll - ok
13:41:37.0645 5172  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
13:41:37.0645 5172  C:\Windows\System32\imagehlp.dll - ok
13:41:37.0645 5172  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
13:41:37.0645 5172  C:\Windows\System32\nsi.dll - ok
13:41:37.0655 5172  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
13:41:37.0655 5172  C:\Windows\System32\psapi.dll - ok
13:41:37.0655 5172  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
13:41:37.0655 5172  C:\Windows\System32\setupapi.dll - ok
13:41:37.0655 5172  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
13:41:37.0655 5172  C:\Windows\System32\kernel32.dll - ok
13:41:37.0655 5172  [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
13:41:37.0655 5172  C:\Windows\System32\wininet.dll - ok
13:41:37.0665 5172  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
13:41:37.0665 5172  C:\Windows\System32\gdi32.dll - ok
13:41:37.0665 5172  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
13:41:37.0665 5172  C:\Windows\System32\ole32.dll - ok
13:41:37.0665 5172  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
13:41:37.0665 5172  C:\Windows\System32\user32.dll - ok
13:41:37.0665 5172  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
13:41:37.0665 5172  C:\Windows\System32\imm32.dll - ok
13:41:37.0675 5172  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
13:41:37.0675 5172  C:\Windows\System32\shell32.dll - ok
13:41:37.0675 5172  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
13:41:37.0675 5172  C:\Windows\System32\shlwapi.dll - ok
13:41:37.0675 5172  [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
13:41:37.0675 5172  C:\Windows\System32\urlmon.dll - ok
13:41:37.0675 5172  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
13:41:37.0675 5172  C:\Windows\System32\Wldap32.dll - ok
13:41:37.0685 5172  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
13:41:37.0685 5172  C:\Windows\System32\msctf.dll - ok
13:41:37.0685 5172  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
13:41:37.0685 5172  C:\Windows\System32\rpcrt4.dll - ok
13:41:37.0685 5172  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
13:41:37.0685 5172  C:\Windows\System32\usp10.dll - ok
13:41:37.0695 5172  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
13:41:37.0695 5172  C:\Windows\System32\cfgmgr32.dll - ok
13:41:37.0695 5172  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
13:41:37.0695 5172  C:\Windows\System32\comctl32.dll - ok
13:41:37.0695 5172  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
13:41:37.0695 5172  C:\Windows\System32\crypt32.dll - ok
13:41:37.0695 5172  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
13:41:37.0695 5172  C:\Windows\System32\devobj.dll - ok
13:41:37.0705 5172  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
13:41:37.0705 5172  C:\Windows\System32\KernelBase.dll - ok
13:41:37.0705 5172  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
13:41:37.0705 5172  C:\Windows\System32\msasn1.dll - ok
13:41:37.0705 5172  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
13:41:37.0705 5172  C:\Windows\System32\wintrust.dll - ok
13:41:37.0705 5172  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
13:41:37.0705 5172  C:\Windows\SysWOW64\normaliz.dll - ok
13:41:37.0715 5172  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
13:41:37.0715 5172  C:\Windows\System32\drivers\dxapi.sys - ok
13:41:37.0715 5172  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
13:41:37.0715 5172  C:\Windows\System32\win32k.sys - ok
13:41:37.0715 5172  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
13:41:37.0715 5172  C:\Windows\System32\basesrv.dll - ok
13:41:37.0725 5172  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
13:41:37.0725 5172  C:\Windows\System32\csrsrv.dll - ok
13:41:37.0725 5172  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
13:41:37.0725 5172  C:\Windows\System32\csrss.exe - ok
13:41:37.0725 5172  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
13:41:37.0725 5172  C:\Windows\System32\winsrv.dll - ok
13:41:37.0725 5172  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
13:41:37.0725 5172  C:\Windows\System32\drivers\monitor.sys - ok
13:41:37.0735 5172  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
13:41:37.0735 5172  C:\Windows\System32\tsddd.dll - ok
13:41:37.0735 5172  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
13:41:37.0735 5172  C:\Windows\System32\sxssrv.dll - ok
13:41:37.0735 5172  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
13:41:37.0735 5172  C:\Windows\System32\wininit.exe - ok
13:41:37.0735 5172  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
13:41:37.0735 5172  C:\Windows\System32\profapi.dll - ok
13:41:37.0745 5172  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
13:41:37.0745 5172  C:\Windows\System32\cdd.dll - ok
13:41:37.0745 5172  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
13:41:37.0745 5172  C:\Windows\System32\RpcRtRemote.dll - ok
13:41:37.0745 5172  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
13:41:37.0745 5172  C:\Windows\System32\KBDUS.DLL - ok
13:41:37.0745 5172  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
13:41:37.0745 5172  C:\Windows\System32\winlogon.exe - ok
13:41:37.0755 5172  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
13:41:37.0755 5172  C:\Windows\System32\sxs.dll - ok
13:41:37.0755 5172  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
13:41:37.0755 5172  C:\Windows\System32\WlS0WndH.dll - ok
13:41:37.0755 5172  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
13:41:37.0755 5172  C:\Windows\System32\cryptbase.dll - ok
13:41:37.0765 5172  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
13:41:37.0765 5172  C:\Windows\System32\apphelp.dll - ok
13:41:37.0765 5172  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
13:41:37.0765 5172  C:\Windows\System32\lsass.exe - ok
13:41:37.0765 5172  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
13:41:37.0765 5172  C:\Windows\System32\lsm.exe - ok
13:41:37.0765 5172  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
13:41:37.0765 5172  C:\Windows\System32\services.exe - ok
13:41:37.0775 5172  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
13:41:37.0775 5172  C:\Windows\System32\winsta.dll - ok
13:41:37.0775 5172  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
13:41:37.0775 5172  C:\Windows\System32\lsasrv.dll - ok
13:41:37.0775 5172  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
13:41:37.0775 5172  C:\Windows\System32\scesrv.dll - ok
13:41:37.0775 5172  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
13:41:37.0775 5172  C:\Windows\System32\scext.dll - ok
13:41:37.0785 5172  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
13:41:37.0785 5172  C:\Windows\System32\secur32.dll - ok
13:41:37.0785 5172  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
13:41:37.0785 5172  C:\Windows\System32\srvcli.dll - ok
13:41:37.0785 5172  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
13:41:37.0785 5172  C:\Windows\System32\sspicli.dll - ok
13:41:37.0785 5172  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
13:41:37.0785 5172  C:\Windows\System32\sspisrv.dll - ok
13:41:37.0795 5172  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
13:41:37.0795 5172  C:\Windows\System32\authz.dll - ok
13:41:37.0795 5172  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
13:41:37.0795 5172  C:\Windows\System32\cngaudit.dll - ok
13:41:37.0795 5172  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
13:41:37.0795 5172  C:\Windows\System32\cryptdll.dll - ok
13:41:37.0805 5172  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
13:41:37.0805 5172  C:\Windows\System32\samsrv.dll - ok
13:41:37.0805 5172  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
13:41:37.0805 5172  C:\Windows\System32\wevtapi.dll - ok
13:41:37.0805 5172  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
13:41:37.0805 5172  C:\Windows\System32\bcrypt.dll - ok
13:41:37.0805 5172  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
13:41:37.0805 5172  C:\Windows\System32\cryptsp.dll - ok
13:41:37.0815 5172  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
13:41:37.0815 5172  C:\Windows\System32\kerberos.dll - ok
13:41:37.0815 5172  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
13:41:37.0815 5172  C:\Windows\System32\msprivs.dll - ok
13:41:37.0815 5172  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
13:41:37.0815 5172  C:\Windows\System32\ncrypt.dll - ok
13:41:37.0815 5172  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
13:41:37.0815 5172  C:\Windows\System32\negoexts.dll - ok
13:41:37.0825 5172  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
13:41:37.0825 5172  C:\Windows\System32\netjoin.dll - ok
13:41:37.0825 5172  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
13:41:37.0825 5172  C:\Windows\System32\sysntfy.dll - ok
13:41:37.0825 5172  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
13:41:37.0825 5172  C:\Windows\System32\wmsgapi.dll - ok
13:41:37.0825 5172  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
13:41:37.0825 5172  C:\Windows\System32\dnsapi.dll - ok
13:41:37.0835 5172  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
13:41:37.0835 5172  C:\Windows\System32\logoncli.dll - ok
13:41:37.0835 5172  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
13:41:37.0835 5172  C:\Windows\System32\msv1_0.dll - ok
13:41:37.0835 5172  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
13:41:37.0835 5172  C:\Windows\System32\mswsock.dll - ok
13:41:37.0845 5172  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
13:41:37.0845 5172  C:\Windows\System32\netlogon.dll - ok
13:41:37.0845 5172  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
13:41:37.0845 5172  C:\Windows\System32\schannel.dll - ok
13:41:37.0845 5172  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
13:41:37.0845 5172  C:\Windows\System32\version.dll - ok
13:41:37.0845 5172  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
13:41:37.0845 5172  C:\Windows\System32\wship6.dll - ok
13:41:37.0855 5172  [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
13:41:37.0855 5172  C:\Windows\System32\LIVESSP.DLL - ok
13:41:37.0855 5172  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
13:41:37.0855 5172  C:\Windows\System32\pku2u.dll - ok
13:41:37.0855 5172  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
13:41:37.0855 5172  C:\Windows\System32\rsaenh.dll - ok
13:41:37.0855 5172  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
13:41:37.0855 5172  C:\Windows\System32\TSpkg.dll - ok
13:41:37.0865 5172  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
13:41:37.0865 5172  C:\Windows\System32\wdigest.dll - ok
13:41:37.0865 5172  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
13:41:37.0865 5172  C:\Windows\System32\bcryptprimitives.dll - ok
13:41:37.0865 5172  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
13:41:37.0865 5172  C:\Windows\System32\credssp.dll - ok
13:41:37.0865 5172  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
13:41:37.0875 5172  C:\Windows\System32\efslsaext.dll - ok
13:41:37.0875 5172  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
13:41:37.0875 5172  C:\Windows\System32\scecli.dll - ok
13:41:37.0875 5172  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
13:41:37.0875 5172  C:\Windows\System32\ubpm.dll - ok
13:41:37.0875 5172  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
13:41:37.0875 5172  C:\Windows\System32\svchost.exe - ok
13:41:37.0885 5172  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
13:41:37.0885 5172  C:\Windows\System32\umpnpmgr.dll - ok
13:41:37.0885 5172  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
13:41:37.0885 5172  C:\Windows\System32\devrtl.dll - ok
13:41:37.0885 5172  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
13:41:37.0885 5172  C:\Windows\System32\gpapi.dll - ok
13:41:37.0885 5172  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
13:41:37.0885 5172  C:\Windows\System32\pcwum.dll - ok
13:41:37.0895 5172  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
13:41:37.0895 5172  C:\Windows\System32\SPInf.dll - ok
13:41:37.0895 5172  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
13:41:37.0895 5172  C:\Windows\System32\umpo.dll - ok
13:41:37.0895 5172  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
13:41:37.0895 5172  C:\Windows\System32\userenv.dll - ok
13:41:37.0895 5172  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
13:41:37.0895 5172  C:\Windows\System32\powrprof.dll - ok
13:41:37.0905 5172  [ CBFAA333EBA2E402A0439A3A0E5413F3 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
13:41:37.0905 5172  C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe - ok
13:41:37.0905 5172  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
13:41:37.0905 5172  C:\Windows\System32\wow64.dll - ok
13:41:37.0905 5172  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
13:41:37.0905 5172  C:\Windows\System32\wow64cpu.dll - ok
13:41:37.0915 5172  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
13:41:37.0915 5172  C:\Windows\System32\wow64win.dll - ok
13:41:37.0915 5172  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
13:41:37.0915 5172  C:\Windows\SysWOW64\kernel32.dll - ok
13:41:37.0915 5172  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
13:41:37.0915 5172  C:\Windows\SysWOW64\ntdll.dll - ok
13:41:37.0915 5172  [ DDB9BCFF8CBF73638A15579FEC223229 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl
13:41:37.0915 5172  C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl - ok
13:41:37.0925 5172  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
13:41:37.0925 5172  C:\Windows\SysWOW64\KernelBase.dll - ok
13:41:37.0925 5172  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
13:41:37.0925 5172  C:\Windows\SysWOW64\ole32.dll - ok
13:41:37.0925 5172  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
13:41:37.0925 5172  C:\Windows\SysWOW64\oleaut32.dll - ok
13:41:37.0925 5172  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
13:41:37.0925 5172  C:\Windows\SysWOW64\advapi32.dll - ok
13:41:37.0935 5172  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
13:41:37.0935 5172  C:\Windows\SysWOW64\cryptbase.dll - ok
13:41:37.0935 5172  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
13:41:37.0935 5172  C:\Windows\SysWOW64\gdi32.dll - ok
13:41:37.0935 5172  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
13:41:37.0935 5172  C:\Windows\SysWOW64\lpk.dll - ok
13:41:37.0945 5172  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
13:41:37.0945 5172  C:\Windows\SysWOW64\msvcrt.dll - ok
13:41:37.0945 5172  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
13:41:37.0945 5172  C:\Windows\SysWOW64\rpcrt4.dll - ok
13:41:37.0945 5172  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
13:41:37.0945 5172  C:\Windows\SysWOW64\sechost.dll - ok
13:41:37.0945 5172  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
13:41:37.0945 5172  C:\Windows\SysWOW64\sspicli.dll - ok
13:41:37.0955 5172  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
13:41:37.0955 5172  C:\Windows\SysWOW64\user32.dll - ok
13:41:37.0955 5172  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
13:41:37.0955 5172  C:\Windows\SysWOW64\usp10.dll - ok
13:41:37.0955 5172  [ 8290E04F8A4D9594BFB53D520B677B8A ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl
13:41:37.0955 5172  C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl - ok
13:41:37.0955 5172  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
13:41:37.0955 5172  C:\Windows\SysWOW64\imagehlp.dll - ok
13:41:37.0965 5172  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
13:41:37.0965 5172  C:\Windows\SysWOW64\mpr.dll - ok
13:41:37.0965 5172  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
13:41:37.0965 5172  C:\Windows\SysWOW64\nsi.dll - ok
13:41:37.0965 5172  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
13:41:37.0965 5172  C:\Windows\SysWOW64\oleacc.dll - ok
13:41:37.0965 5172  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
13:41:37.0965 5172  C:\Windows\SysWOW64\version.dll - ok
13:41:37.0975 5172  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
13:41:37.0975 5172  C:\Windows\SysWOW64\ws2_32.dll - ok
13:41:37.0975 5172  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
13:41:37.0975 5172  C:\Windows\SysWOW64\wsock32.dll - ok
13:41:37.0975 5172  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
13:41:37.0975 5172  C:\Windows\SysWOW64\msimg32.dll - ok
13:41:37.0985 5172  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
13:41:37.0985 5172  C:\Windows\SysWOW64\shell32.dll - ok
13:41:37.0985 5172  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
13:41:37.0985 5172  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
13:41:37.0985 5172  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
13:41:37.0985 5172  C:\Windows\SysWOW64\comdlg32.dll - ok
13:41:37.0985 5172  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
13:41:37.0985 5172  C:\Windows\SysWOW64\shlwapi.dll - ok
13:41:37.0995 5172  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
13:41:37.0995 5172  C:\Windows\SysWOW64\winspool.drv - ok
13:41:37.0995 5172  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
13:41:37.0995 5172  C:\Windows\SysWOW64\imm32.dll - ok
13:41:37.0995 5172  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
13:41:37.0995 5172  C:\Windows\SysWOW64\msctf.dll - ok
13:41:37.0995 5172  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
13:41:37.0995 5172  C:\Windows\SysWOW64\oledlg.dll - ok
13:41:38.0005 5172  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
13:41:38.0005 5172  C:\Windows\SysWOW64\profapi.dll - ok
13:41:38.0005 5172  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
13:41:38.0005 5172  C:\Windows\SysWOW64\userenv.dll - ok
13:41:38.0005 5172  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
13:41:38.0005 5172  C:\Windows\SysWOW64\winmm.dll - ok
13:41:38.0015 5172  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
13:41:38.0015 5172  C:\Windows\SysWOW64\atl.dll - ok
13:41:38.0015 5172  [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
13:41:38.0015 5172  C:\Windows\SysWOW64\iertutil.dll - ok
13:41:38.0015 5172  [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
13:41:38.0015 5172  C:\Windows\SysWOW64\urlmon.dll - ok
13:41:38.0015 5172  [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
13:41:38.0015 5172  C:\Windows\SysWOW64\wininet.dll - ok
13:41:38.0025 5172  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
13:41:38.0025 5172  C:\Windows\System32\drivers\luafv.sys - ok
13:41:38.0025 5172  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
13:41:38.0025 5172  C:\Windows\System32\rpcss.dll - ok
13:41:38.0025 5172  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
13:41:38.0025 5172  C:\Windows\System32\RpcEpMap.dll - ok
13:41:38.0025 5172  [ 54716D9BB43733578A5647E9B121141F ] C:\Windows\System32\atiesrxx.exe
13:41:38.0025 5172  C:\Windows\System32\atiesrxx.exe - ok
13:41:38.0035 5172  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
13:41:38.0035 5172  C:\Windows\System32\wshqos.dll - ok
13:41:38.0035 5172  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
13:41:38.0035 5172  C:\Windows\System32\WSHTCPIP.DLL - ok
13:41:38.0035 5172  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
13:41:38.0035 5172  C:\Windows\System32\FirewallAPI.dll - ok
13:41:38.0035 5172  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
13:41:38.0035 5172  C:\Windows\System32\LogonUI.exe - ok
13:41:38.0045 5172  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
13:41:38.0045 5172  C:\Windows\System32\wtsapi32.dll - ok
13:41:38.0045 5172  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
13:41:38.0045 5172  C:\Windows\System32\authui.dll - ok
13:41:38.0045 5172  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
13:41:38.0045 5172  C:\Windows\System32\cryptui.dll - ok
13:41:38.0055 5172  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
13:41:38.0055 5172  C:\Windows\System32\samlib.dll - ok
13:41:38.0055 5172  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
13:41:38.0055 5172  C:\Windows\System32\shacct.dll - ok
13:41:38.0055 5172  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
13:41:38.0055 5172  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
13:41:38.0055 5172  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
13:41:38.0055 5172  C:\Windows\System32\propsys.dll - ok
13:41:38.0065 5172  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
13:41:38.0065 5172  C:\Windows\System32\uxtheme.dll - ok
13:41:38.0065 5172  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
13:41:38.0065 5172  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
13:41:38.0065 5172  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
13:41:38.0065 5172  C:\Windows\System32\dui70.dll - ok
13:41:38.0065 5172  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
13:41:38.0065 5172  C:\Windows\System32\duser.dll - ok
13:41:38.0075 5172  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
13:41:38.0075 5172  C:\Windows\System32\SndVolSSO.dll - ok
13:41:38.0075 5172  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
13:41:38.0075 5172  C:\Windows\System32\wevtsvc.dll - ok
13:41:38.0075 5172  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
13:41:38.0075 5172  C:\Windows\System32\dwmapi.dll - ok
13:41:38.0075 5172  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
13:41:38.0075 5172  C:\Windows\System32\hid.dll - ok
13:41:38.0085 5172  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
13:41:38.0085 5172  C:\Windows\System32\MMDevAPI.dll - ok
13:41:38.0085 5172  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
13:41:38.0085 5172  C:\Windows\System32\xmllite.dll - ok
13:41:38.0085 5172  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
13:41:38.0085 5172  C:\Windows\System32\WindowsCodecs.dll - ok
13:41:38.0095 5172  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
13:41:38.0095 5172  C:\Windows\System32\audiosrv.dll - ok
13:41:38.0095 5172  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
13:41:38.0095 5172  C:\Windows\System32\avrt.dll - ok
13:41:38.0095 5172  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
13:41:38.0095 5172  C:\Windows\System32\FntCache.dll - ok
13:41:38.0095 5172  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
13:41:38.0095 5172  C:\Windows\System32\VaultCredProvider.dll - ok
13:41:38.0105 5172  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
13:41:38.0105 5172  C:\Windows\System32\winbrand.dll - ok
13:41:38.0105 5172  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
13:41:38.0105 5172  C:\Windows\System32\BioCredProv.dll - ok
13:41:38.0105 5172  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
13:41:38.0105 5172  C:\Windows\System32\credui.dll - ok
13:41:38.0105 5172  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
13:41:38.0105 5172  C:\Windows\System32\netapi32.dll - ok
13:41:38.0115 5172  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
13:41:38.0115 5172  C:\Windows\System32\netutils.dll - ok
13:41:38.0115 5172  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
13:41:38.0115 5172  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
13:41:38.0115 5172  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
13:41:38.0115 5172  C:\Windows\System32\vaultcli.dll - ok
13:41:38.0125 5172  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
13:41:38.0125 5172  C:\Windows\System32\winbio.dll - ok
13:41:38.0125 5172  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
13:41:38.0125 5172  C:\Windows\System32\wkscli.dll - ok
13:41:38.0125 5172  [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
13:41:38.0125 5172  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
13:41:38.0125 5172  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
13:41:38.0125 5172  C:\Windows\System32\certCredProvider.dll - ok
13:41:38.0135 5172  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
13:41:38.0135 5172  C:\Windows\System32\samcli.dll - ok
13:41:38.0135 5172  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
13:41:38.0135 5172  C:\Windows\System32\rasapi32.dll - ok
13:41:38.0135 5172  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
13:41:38.0135 5172  C:\Windows\System32\rasman.dll - ok
13:41:38.0135 5172  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
13:41:38.0135 5172  C:\Windows\System32\rasplap.dll - ok
13:41:38.0145 5172  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
13:41:38.0145 5172  C:\Windows\System32\rtutils.dll - ok
13:41:38.0145 5172  [ 67A95B9D129ED5399E7965CD09CF30E7 ] C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:41:38.0145 5172  C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe - ok
13:41:38.0145 5172  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
13:41:38.0145 5172  C:\Windows\System32\mmcss.dll - ok
13:41:38.0155 5172  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
13:41:38.0155 5172  C:\Windows\SysWOW64\setupapi.dll - ok
13:41:38.0155 5172  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
13:41:38.0155 5172  C:\Windows\SysWOW64\cfgmgr32.dll - ok
13:41:38.0155 5172  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
13:41:38.0155 5172  C:\Windows\SysWOW64\devobj.dll - ok
13:41:38.0155 5172  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
13:41:38.0155 5172  C:\Windows\SysWOW64\crypt32.dll - ok
13:41:38.0165 5172  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
13:41:38.0165 5172  C:\Windows\SysWOW64\msasn1.dll - ok
13:41:38.0165 5172  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
13:41:38.0165 5172  C:\Windows\SysWOW64\wintrust.dll - ok
13:41:38.0165 5172  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
13:41:38.0165 5172  C:\Windows\System32\audiodg.exe - ok
13:41:38.0165 5172  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
13:41:38.0165 5172  C:\Windows\System32\drivers\fltMgr.sys - ok
13:41:38.0175 5172  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
13:41:38.0175 5172  C:\Windows\System32\PSHED.DLL - ok
13:41:38.0175 5172  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
13:41:38.0175 5172  C:\Windows\System32\ntmarta.dll - ok
13:41:38.0175 5172  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
13:41:38.0175 5172  C:\Windows\System32\adtschema.dll - ok
13:41:38.0185 5172  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
13:41:38.0185 5172  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
13:41:38.0185 5172  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
13:41:38.0185 5172  C:\Windows\System32\atl.dll - ok
13:41:38.0185 5172  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
13:41:38.0185 5172  C:\Windows\System32\es.dll - ok
13:41:38.0185 5172  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
13:41:38.0185 5172  C:\Windows\System32\gpsvc.dll - ok
13:41:38.0195 5172  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
13:41:38.0195 5172  C:\Windows\System32\nlaapi.dll - ok
13:41:38.0195 5172  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
13:41:38.0195 5172  C:\Windows\System32\profsvc.dll - ok
13:41:38.0195 5172  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
13:41:38.0195 5172  C:\Windows\System32\themeservice.dll - ok
13:41:38.0195 5172  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
13:41:38.0195 5172  C:\Windows\System32\comres.dll - ok
13:41:38.0205 5172  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
13:41:38.0205 5172  C:\Windows\System32\dsrole.dll - ok
13:41:38.0205 5172  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
13:41:38.0205 5172  C:\Windows\System32\Sens.dll - ok
13:41:38.0205 5172  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
13:41:38.0205 5172  C:\Windows\System32\slc.dll - ok
13:41:38.0205 5172  [ 0840ABBBDF438691EE65A20040635CBE ] C:\Program Files\Dell\DellDock\DockLogin.exe
13:41:38.0205 5172  C:\Program Files\Dell\DellDock\DockLogin.exe - ok
13:41:38.0215 5172  [ 34988E1741CA36740284D902F8CC5A2E ] C:\Windows\System32\atieclxx.exe
13:41:38.0215 5172  C:\Windows\System32\atieclxx.exe - ok
13:41:38.0215 5172  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
13:41:38.0215 5172  C:\Windows\System32\UXInit.dll - ok
13:41:38.0215 5172  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
13:41:38.0215 5172  C:\Windows\System32\imageres.dll - ok
13:41:38.0225 5172  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
13:41:38.0225 5172  C:\Windows\System32\IPHLPAPI.DLL - ok
13:41:38.0225 5172  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
13:41:38.0225 5172  C:\Windows\System32\winnsi.dll - ok
13:41:38.0225 5172  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
13:41:38.0225 5172  C:\Windows\SysWOW64\wtsapi32.dll - ok
13:41:38.0225 5172  [ 9C998DB6710BE03FAA3C7D2E506FA774 ] C:\Windows\System32\atiadlxx.dll
13:41:38.0225 5172  C:\Windows\System32\atiadlxx.dll - ok
13:41:38.0235 5172  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
13:41:38.0235 5172  C:\Windows\System32\drivers\lltdio.sys - ok
13:41:38.0235 5172  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
13:41:38.0235 5172  C:\Windows\System32\drivers\rspndr.sys - ok
13:41:38.0235 5172  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
13:41:38.0235 5172  C:\Windows\System32\uxsms.dll - ok
13:41:38.0235 5172  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
13:41:38.0235 5172  C:\Windows\System32\dhcpcore.dll - ok
13:41:38.0245 5172  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
13:41:38.0245 5172  C:\Windows\System32\lmhsvc.dll - ok
13:41:38.0245 5172  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
13:41:38.0245 5172  C:\Windows\System32\nrpsrv.dll - ok
13:41:38.0245 5172  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
13:41:38.0245 5172  C:\Windows\System32\nsisvc.dll - ok
13:41:38.0255 5172  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
13:41:38.0255 5172  C:\Windows\System32\dhcpcore6.dll - ok
13:41:38.0255 5172  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
13:41:38.0255 5172  C:\Windows\System32\dhcpcsvc.dll - ok
13:41:38.0255 5172  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
13:41:38.0255 5172  C:\Windows\System32\dhcpcsvc6.dll - ok
13:41:38.0255 5172  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
13:41:38.0255 5172  C:\Windows\System32\dnsrslvr.dll - ok
13:41:38.0265 5172  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
13:41:38.0265 5172  C:\Windows\System32\FWPUCLNT.DLL - ok
13:41:38.0265 5172  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
13:41:38.0265 5172  C:\Windows\System32\dnsext.dll - ok
13:41:38.0265 5172  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
13:41:38.0265 5172  C:\Windows\System32\schedsvc.dll - ok
13:41:38.0265 5172  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
13:41:38.0265 5172  C:\Windows\System32\shsvcs.dll - ok
13:41:38.0275 5172  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
13:41:38.0275 5172  C:\Windows\System32\ktmw32.dll - ok
13:41:38.0275 5172  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
13:41:38.0275 5172  C:\Windows\System32\dllhost.exe - ok
13:41:38.0275 5172  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
13:41:38.0275 5172  C:\Windows\System32\fveapi.dll - ok
13:41:38.0275 5172  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
13:41:38.0275 5172  C:\Windows\System32\fvecerts.dll - ok
13:41:38.0285 5172  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
13:41:38.0285 5172  C:\Windows\System32\tbs.dll - ok
13:41:38.0285 5172  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
13:41:38.0285 5172  C:\Windows\System32\taskcomp.dll - ok
13:41:38.0285 5172  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
13:41:38.0285 5172  C:\Windows\System32\wiarpc.dll - ok
13:41:38.0285 5172  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
13:41:38.0285 5172  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
13:41:38.0295 5172  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
13:41:38.0295 5172  C:\Windows\System32\IDStore.dll - ok
13:41:38.0295 5172  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
13:41:38.0295 5172  C:\Windows\SysWOW64\winsta.dll - ok
13:41:38.0295 5172  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
13:41:38.0295 5172  C:\Windows\System32\drivers\http.sys - ok
13:41:38.0305 5172  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
 



13:41:38.0305 5172 C:\Windows\System32\spoolsv.exe - ok
13:41:38.0305 5172 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
13:41:38.0305 5172 C:\Windows\System32\taskhost.exe - ok
13:41:38.0305 5172 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
13:41:38.0305 5172 C:\Windows\System32\BFE.DLL - ok
13:41:38.0305 5172 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
13:41:38.0305 5172 C:\Windows\System32\drivers\bowser.sys - ok
13:41:38.0315 5172 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
13:41:38.0315 5172 C:\Windows\System32\drivers\mpsdrv.sys - ok
13:41:38.0315 5172 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
13:41:38.0315 5172 C:\Windows\System32\drivers\mrxsmb.sys - ok
13:41:38.0315 5172 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
13:41:38.0315 5172 C:\Windows\System32\drivers\mrxsmb10.sys - ok
13:41:38.0325 5172 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
13:41:38.0325 5172 C:\Windows\System32\drivers\mrxsmb20.sys - ok
13:41:38.0325 5172 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
13:41:38.0325 5172 C:\Windows\System32\MPSSVC.dll - ok
13:41:38.0325 5172 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
13:41:38.0325 5172 C:\Windows\System32\wkssvc.dll - ok
13:41:38.0325 5172 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:41:38.0325 5172 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
13:41:38.0335 5172 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
13:41:38.0335 5172 C:\Windows\System32\wfapigp.dll - ok
13:41:38.0335 5172 [ CA62AE004E98374BF7F082CD765EEA02 ] C:\Windows\System32\snmp.exe
13:41:38.0335 5172 C:\Windows\System32\snmp.exe - ok
13:41:38.0335 5172 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] C:\Windows\System32\inetsrv\apphostsvc.dll
13:41:38.0335 5172 C:\Windows\System32\inetsrv\apphostsvc.dll - ok
13:41:38.0335 5172 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
13:41:38.0335 5172 C:\Windows\System32\mscms.dll - ok
13:41:38.0345 5172 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:41:38.0345 5172 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
13:41:38.0345 5172 [ C99C5AD6E5412A8D37D40E780113D7B5 ] C:\Windows\System32\inetsrv\iisutil.dll
13:41:38.0345 5172 C:\Windows\System32\inetsrv\iisutil.dll - ok
13:41:38.0345 5172 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
13:41:38.0345 5172 C:\Windows\System32\pcasvc.dll - ok
13:41:38.0355 5172 [ B1A8D4A2974CA902148F0B0FC00D877E ] C:\Windows\System32\inetsrv\iisres.dll
13:41:38.0355 5172 C:\Windows\System32\inetsrv\iisres.dll - ok
13:41:38.0355 5172 [ A77EA0AF89B0147A9B38211E3096A2E0 ] C:\Windows\System32\inetsrv\nativerd.dll
13:41:38.0355 5172 C:\Windows\System32\inetsrv\nativerd.dll - ok
13:41:38.0355 5172 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
13:41:38.0355 5172 C:\Windows\System32\PlaySndSrv.dll - ok
13:41:38.0355 5172 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
13:41:38.0355 5172 C:\Windows\System32\snmptrap.exe - ok
13:41:38.0365 5172 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
13:41:38.0365 5172 C:\Windows\System32\AtBroker.exe - ok
13:41:38.0365 5172 [ 11FE7637A49B67D9B1F895B2AD4D982F ] C:\Windows\System32\iprip.dll
13:41:38.0365 5172 C:\Windows\System32\iprip.dll - ok
13:41:38.0365 5172 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
13:41:38.0365 5172 C:\Windows\System32\MsCtfMonitor.dll - ok
13:41:38.0365 5172 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
13:41:38.0365 5172 C:\Windows\System32\msutb.dll - ok
13:41:38.0375 5172 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
13:41:38.0375 5172 C:\Windows\System32\vssapi.dll - ok
13:41:38.0375 5172 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
13:41:38.0375 5172 C:\Windows\System32\mpr.dll - ok
13:41:38.0375 5172 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
13:41:38.0375 5172 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
13:41:38.0385 5172 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
13:41:38.0385 5172 C:\Windows\System32\vsstrace.dll - ok
13:41:38.0385 5172 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
13:41:38.0385 5172 C:\Windows\System32\mlang.dll - ok
13:41:38.0385 5172 [ 6AD7B72BC49C29348D2668CCAAEC87FE ] C:\Windows\System32\mqutil.dll
13:41:38.0385 5172 C:\Windows\System32\mqutil.dll - ok
13:41:38.0385 5172 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
13:41:38.0385 5172 C:\Windows\System32\userinit.exe - ok
13:41:38.0395 5172 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
13:41:38.0395 5172 C:\Windows\System32\HotStartUserAgent.dll - ok
13:41:38.0395 5172 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
13:41:38.0395 5172 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
13:41:38.0395 5172 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
13:41:38.0395 5172 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
13:41:38.0405 5172 [ 605C6370240FC79CADBCD34960A741D2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
13:41:38.0405 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
13:41:38.0405 5172 [ 2FDFA845DCE5D6A843E413F18307561A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
13:41:38.0405 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
13:41:38.0405 5172 [ 7290A6DD34862278DF9E26D96E5A95D8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
13:41:38.0405 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
13:41:38.0405 5172 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
13:41:38.0405 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
13:41:38.0415 5172 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
13:41:38.0415 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
13:41:38.0415 5172 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
13:41:38.0415 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
13:41:38.0415 5172 [ 4AA0527547BE16653D5ADF96F41E1E24 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
13:41:38.0415 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
13:41:38.0425 5172 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
13:41:38.0425 5172 C:\Windows\System32\provsvc.dll - ok
13:41:38.0425 5172 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
13:41:38.0425 5172 C:\Windows\System32\winmm.dll - ok
13:41:38.0425 5172 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
13:41:38.0425 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
13:41:38.0425 5172 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
13:41:38.0425 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
13:41:38.0435 5172 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
13:41:38.0435 5172 C:\Windows\System32\dwm.exe - ok
13:41:38.0435 5172 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
13:41:38.0435 5172 C:\Windows\System32\sstpsvc.dll - ok
13:41:38.0435 5172 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
13:41:38.0435 5172 C:\Windows\System32\dwmcore.dll - ok
13:41:38.0445 5172 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
13:41:38.0445 5172 C:\Windows\System32\dwmredir.dll - ok
13:41:38.0445 5172 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
13:41:38.0445 5172 C:\Windows\System32\d3d10_1.dll - ok
13:41:38.0445 5172 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
13:41:38.0445 5172 C:\Windows\System32\d3d10_1core.dll - ok
13:41:38.0445 5172 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
13:41:38.0445 5172 C:\Windows\System32\d3d11.dll - ok
13:41:38.0455 5172 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
13:41:38.0455 5172 C:\Windows\System32\dxgi.dll - ok
13:41:38.0455 5172 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
13:41:38.0455 5172 C:\Windows\explorer.exe - ok
13:41:38.0455 5172 [ 73B1901F324E07D6CB46F5CDB2FFE37A ] C:\Windows\System32\aticfx64.dll
13:41:38.0455 5172 C:\Windows\System32\aticfx64.dll - ok
13:41:38.0465 5172 [ 142D78D1D776122DFB0ECFFC0809E4C6 ] C:\Windows\System32\atidxx64.dll
13:41:38.0465 5172 C:\Windows\System32\atidxx64.dll - ok
13:41:38.0465 5172 [ F0C432F39962CC51F357619BA785A74C ] C:\Windows\System32\atiuxp64.dll
13:41:38.0465 5172 C:\Windows\System32\atiuxp64.dll - ok
13:41:38.0465 5172 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
13:41:38.0465 5172 C:\Windows\System32\uDWM.dll - ok
13:41:38.0465 5172 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
13:41:38.0465 5172 C:\Windows\SysWOW64\clbcatq.dll - ok
13:41:38.0475 5172 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
13:41:38.0475 5172 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
13:41:38.0475 5172 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
13:41:38.0475 5172 C:\Windows\SysWOW64\propsys.dll - ok
13:41:38.0475 5172 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
13:41:38.0475 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
13:41:38.0475 5172 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
13:41:38.0475 5172 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
13:41:38.0485 5172 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:41:38.0485 5172 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
13:41:38.0485 5172 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
13:41:38.0485 5172 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
13:41:38.0485 5172 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
13:41:38.0485 5172 C:\Windows\SysWOW64\dnssd.dll - ok
13:41:38.0495 5172 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
13:41:38.0495 5172 C:\Windows\SysWOW64\mswsock.dll - ok
13:41:38.0495 5172 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
13:41:38.0495 5172 C:\Windows\SysWOW64\ntmarta.dll - ok
13:41:38.0495 5172 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
13:41:38.0495 5172 C:\Windows\SysWOW64\Wldap32.dll - ok
13:41:38.0495 5172 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
13:41:38.0495 5172 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
13:41:38.0505 5172 [ 2D0157B482115B37F1D84D69A22790D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
13:41:38.0505 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
13:41:38.0505 5172 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
13:41:38.0505 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
13:41:38.0505 5172 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
13:41:38.0505 5172 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
13:41:38.0515 5172 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
13:41:38.0515 5172 C:\Windows\SysWOW64\winnsi.dll - ok
13:41:38.0515 5172 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
13:41:38.0515 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
13:41:38.0515 5172 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
13:41:38.0515 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
13:41:38.0515 5172 [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
13:41:38.0515 5172 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
13:41:38.0525 5172 [ 484987420BC8DED2CB26C6F4EC9BA7F2 ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
13:41:38.0525 5172 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
13:41:38.0525 5172 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
13:41:38.0525 5172 C:\Windows\SysWOW64\msvcp100.dll - ok
13:41:38.0525 5172 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
13:41:38.0525 5172 C:\Windows\SysWOW64\msvcr100.dll - ok
13:41:38.0525 5172 [ F036DB9CF05B3C21405403FF074A78D9 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
13:41:38.0525 5172 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
13:41:38.0535 5172 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
13:41:38.0535 5172 C:\Windows\SysWOW64\psapi.dll - ok
13:41:38.0535 5172 [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
13:41:38.0535 5172 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
13:41:38.0535 5172 [ B40F5DCD59ED2A46EED8AE340CC167FB ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
13:41:38.0535 5172 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
13:41:38.0545 5172 [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
13:41:38.0545 5172 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
13:41:38.0545 5172 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:41:38.0545 5172 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
13:41:38.0545 5172 [ 76FFA2433FEB42E78FB5421A50C8FBE3 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
13:41:38.0545 5172 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
13:41:38.0545 5172 [ 43D8779059D848BB26D725D4E6C3350C ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
13:41:38.0545 5172 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
13:41:38.0555 5172 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
13:41:38.0555 5172 C:\Program Files\Bonjour\mDNSResponder.exe - ok
13:41:38.0555 5172 [ 95EFDCB44DD093EDAD447F1D21C8A3F7 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
13:41:38.0555 5172 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
13:41:38.0555 5172 [ 6F19639188F792BBB234B2A3FCB0C8C9 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
13:41:38.0555 5172 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
13:41:38.0565 5172 [ F820B93E4ABCCABD698A175FD5FC83FE ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
13:41:38.0565 5172 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
13:41:38.0565 5172 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
13:41:38.0565 5172 C:\Windows\SysWOW64\secur32.dll - ok
13:41:38.0565 5172 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
13:41:38.0565 5172 C:\Windows\SysWOW64\sfc.dll - ok
13:41:38.0565 5172 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
13:41:38.0565 5172 C:\Windows\SysWOW64\sfc_os.dll - ok
13:41:38.0575 5172 [ F7439FC81A2B81E53D7BFD0C443BA6D6 ] C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
13:41:38.0575 5172 C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe - ok
13:41:38.0575 5172 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
13:41:38.0575 5172 C:\Windows\System32\dbghelp.dll - ok
13:41:38.0575 5172 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
13:41:38.0575 5172 C:\Windows\System32\msi.dll - ok
13:41:38.0575 5172 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
13:41:38.0575 5172 C:\Windows\System32\ExplorerFrame.dll - ok
13:41:38.0585 5172 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
13:41:38.0585 5172 C:\Windows\System32\pdh.dll - ok
13:41:38.0585 5172 [ 2A76CE1AA8D709E328450D6CC7117006 ] C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll
13:41:38.0585 5172 C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll - ok
13:41:38.0585 5172 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
13:41:38.0585 5172 C:\Windows\System32\cscapi.dll - ok
13:41:38.0595 5172 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
13:41:38.0595 5172 C:\Windows\System32\EhStorShell.dll - ok
13:41:38.0595 5172 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
13:41:38.0595 5172 C:\Windows\System32\IconCodecService.dll - ok
13:41:38.0595 5172 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
13:41:38.0595 5172 C:\Windows\System32\ntshrui.dll - ok
13:41:38.0595 5172 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
13:41:38.0595 5172 C:\Windows\System32\taskeng.exe - ok
13:41:38.0605 5172 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
13:41:38.0605 5172 C:\Windows\System32\TSChannel.dll - ok
13:41:38.0605 5172 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:38.0605 5172 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
13:41:38.0605 5172 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
13:41:38.0605 5172 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
13:41:38.0605 5172 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
13:41:38.0605 5172 C:\Windows\SysWOW64\netapi32.dll - ok
13:41:38.0615 5172 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
13:41:38.0615 5172 C:\Windows\SysWOW64\netutils.dll - ok
13:41:38.0615 5172 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
13:41:38.0615 5172 C:\Windows\SysWOW64\srvcli.dll - ok
13:41:38.0615 5172 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
13:41:38.0615 5172 C:\Windows\SysWOW64\wkscli.dll - ok
13:41:38.0625 5172 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
13:41:38.0625 5172 C:\Windows\SysWOW64\cscapi.dll - ok
13:41:38.0625 5172 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
13:41:38.0625 5172 C:\Windows\SysWOW64\msi.dll - ok
13:41:38.0625 5172 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
13:41:38.0625 5172 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
13:41:38.0625 5172 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
13:41:38.0625 5172 C:\Windows\SysWOW64\apphelp.dll - ok
13:41:38.0635 5172 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
13:41:38.0635 5172 C:\Windows\SysWOW64\dbghelp.dll - ok
13:41:38.0635 5172 [ 57616A5583E6406F88BC71A5A5E0C165 ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
13:41:38.0635 5172 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
13:41:38.0635 5172 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
13:41:38.0635 5172 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
13:41:38.0635 5172 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
13:41:38.0635 5172 C:\Windows\SysWOW64\mstask.dll - ok
13:41:38.0645 5172 [ 807EB11BD87CD9026906FB79015414CE ] C:\Windows\System32\perfdisk.dll
13:41:38.0645 5172 C:\Windows\System32\perfdisk.dll - ok
13:41:38.0645 5172 [ 1CDFB108952A68CB8DAAC67177850560 ] C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
13:41:38.0645 5172 C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe - ok
13:41:38.0645 5172 [ B466E673B5E219520A12B40F1289E455 ] C:\Windows\System32\perfproc.dll
13:41:38.0645 5172 C:\Windows\System32\perfproc.dll - ok
13:41:38.0655 5172 [ 9E30B21B14FB24C383AC255BDFA47E0E ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
13:41:38.0655 5172 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
13:41:38.0655 5172 [ 491918E4C46ED4CEB6E7A90F7B73924D ] C:\Program Files (x86)\AVG\AVG2013\avgxpl.dll
13:41:38.0655 5172 C:\Program Files (x86)\AVG\AVG2013\avgxpl.dll - ok
13:41:38.0655 5172 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
13:41:38.0655 5172 C:\Windows\SysWOW64\wevtapi.dll - ok
13:41:38.0655 5172 [ F67480EE1AC3CB32C63AF86B0AE57AC9 ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
13:41:38.0655 5172 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
13:41:38.0665 5172 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
13:41:38.0665 5172 C:\Windows\SysWOW64\wscapi.dll - ok
13:41:38.0665 5172 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
13:41:38.0665 5172 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
13:41:38.0665 5172 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
13:41:38.0665 5172 C:\Windows\SysWOW64\wbemcomn.dll - ok
13:41:38.0675 5172 [ 2FC6C98A23864B2E50E53B4848939EAF ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
13:41:38.0675 5172 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
13:41:38.0675 5172 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
13:41:38.0675 5172 C:\Windows\SysWOW64\cryptsp.dll - ok
13:41:38.0675 5172 [ FF0602E28D69B977F889D435F902545E ] C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
13:41:38.0675 5172 C:\Program Files (x86)\AVG\AVG2013\avgemca.exe - ok
13:41:38.0675 5172 [ 8622AE563E2AC2F8BF9FAFEE726FC7B8 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
13:41:38.0675 5172 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
13:41:38.0685 5172 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
13:41:38.0685 5172 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
13:41:38.0685 5172 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
13:41:38.0685 5172 C:\Windows\SysWOW64\rsaenh.dll - ok
13:41:38.0685 5172 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
13:41:38.0685 5172 C:\Windows\System32\NapiNSP.dll - ok
13:41:38.0685 5172 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
13:41:38.0685 5172 C:\Program Files\Bonjour\mdnsNSP.dll - ok
13:41:38.0695 5172 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
13:41:38.0695 5172 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
13:41:38.0695 5172 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
13:41:38.0695 5172 C:\Windows\System32\pnrpnsp.dll - ok
13:41:38.0695 5172 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
13:41:38.0695 5172 C:\Windows\System32\winrnr.dll - ok
13:41:38.0705 5172 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
13:41:38.0705 5172 C:\Windows\SysWOW64\SensApi.dll - ok
13:41:38.0705 5172 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
13:41:38.0705 5172 C:\Windows\System32\rasadhlp.dll - ok
13:41:38.0705 5172 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll
13:41:38.0705 5172 C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll - ok
13:41:38.0705 5172 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll
13:41:38.0705 5172 C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll - ok
13:41:38.0715 5172 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
13:41:38.0715 5172 C:\Windows\System32\msvcr100.dll - ok
13:41:38.0715 5172 [ 97558F429F8F09446AE51C1AA88C9B9B ] C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe
13:41:38.0715 5172 C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe - ok
13:41:38.0715 5172 [ BE706AC2CAEE39BA8C90BE3A6C037A08 ] C:\Users\Owner\AppData\Local\CrossLoop\diCrPKI.dll
13:41:38.0715 5172 C:\Users\Owner\AppData\Local\CrossLoop\diCrPKI.dll - ok
13:41:38.0715 5172 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
13:41:38.0715 5172 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
13:41:38.0725 5172 [ 1355EBE184F9DAB1718BC587F8A7E05E ] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
13:41:38.0725 5172 C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe - ok
13:41:38.0725 5172 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
13:41:38.0725 5172 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
13:41:38.0725 5172 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
13:41:38.0725 5172 C:\Windows\System32\cryptnet.dll - ok
13:41:38.0735 5172 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
13:41:38.0735 5172 C:\Windows\System32\cryptsvc.dll - ok
13:41:38.0735 5172 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
13:41:38.0735 5172 C:\Windows\System32\dps.dll - ok
13:41:38.0735 5172 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
13:41:38.0735 5172 C:\Windows\System32\efscore.dll - ok
13:41:38.0735 5172 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
13:41:38.0735 5172 C:\Windows\System32\efssvc.dll - ok
13:41:38.0745 5172 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
13:41:38.0745 5172 C:\Windows\System32\efsutil.dll - ok
13:41:38.0745 5172 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
13:41:38.0745 5172 C:\Windows\System32\taskschd.dll - ok
13:41:38.0745 5172 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
13:41:38.0745 5172 C:\Windows\SysWOW64\dnsapi.dll - ok
13:41:38.0745 5172 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
13:41:38.0745 5172 C:\Windows\SysWOW64\NapiNSP.dll - ok
13:41:38.0755 5172 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
13:41:38.0755 5172 C:\Windows\SysWOW64\nlaapi.dll - ok
13:41:38.0755 5172 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
13:41:38.0755 5172 C:\Windows\SysWOW64\pnrpnsp.dll - ok
13:41:38.0755 5172 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
13:41:38.0755 5172 C:\Windows\SysWOW64\winrnr.dll - ok
13:41:38.0765 5172 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
13:41:38.0765 5172 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
13:41:38.0765 5172 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
13:41:38.0765 5172 C:\Windows\SysWOW64\rasadhlp.dll - ok
13:41:38.0765 5172 [ 76ACCC871C2A021BBC9A8B292244D0EC ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
13:41:38.0765 5172 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
13:41:38.0765 5172 [ FF9AFBD2864BBEA6A9E7F90F8C94F6B7 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
13:41:38.0765 5172 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
13:41:38.0775 5172 [ A9BEAEE40D353F85D213BB46F54EBBED ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll
13:41:38.0775 5172 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll - ok
13:41:38.0775 5172 [ E5E6A7D13BBC0F80B866D021F306BF6C ] C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
13:41:38.0775 5172 C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe - ok
13:41:38.0775 5172 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
13:41:38.0775 5172 C:\Windows\System32\FDResPub.dll - ok
13:41:38.0775 5172 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
13:41:38.0775 5172 C:\Windows\System32\WSDApi.dll - ok
13:41:38.0785 5172 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
13:41:38.0785 5172 C:\Windows\System32\fundisc.dll - ok
13:41:38.0785 5172 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
13:41:38.0785 5172 C:\Windows\System32\webservices.dll - ok
13:41:38.0785 5172 [ 8964E7F65751FEC4185285E3329EADE6 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll
13:41:38.0785 5172 C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll - ok
13:41:38.0795 5172 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
13:41:38.0795 5172 C:\Windows\System32\httpapi.dll - ok
13:41:38.0795 5172 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
13:41:38.0795 5172 C:\Windows\System32\msxml6.dll - ok
13:41:38.0795 5172 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
13:41:38.0795 5172 C:\Windows\System32\webio.dll - ok
13:41:38.0795 5172 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
13:41:38.0795 5172 C:\Windows\System32\winhttp.dll - ok
13:41:38.0805 5172 [ CD22D2563039DDA6793F7624719363A7 ] C:\Windows\System32\drivers\mqac.sys
13:41:38.0805 5172 C:\Windows\System32\drivers\mqac.sys - ok
13:41:38.0805 5172 [ FAAEAEF99E53561BEEE58F946CA56F0D ] C:\Windows\System32\mqsvc.exe
13:41:38.0805 5172 C:\Windows\System32\mqsvc.exe - ok
13:41:38.0805 5172 [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
13:41:38.0805 5172 C:\Windows\System32\activeds.dll - ok
13:41:38.0805 5172 [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
13:41:38.0805 5172 C:\Windows\System32\adsldpc.dll - ok
13:41:38.0815 5172 [ 9470D074D49F353D3A151676EAFF8367 ] C:\Windows\System32\mqqm.dll
13:41:38.0815 5172 C:\Windows\System32\mqqm.dll - ok
13:41:38.0815 5172 [ B6E94E5F902FE19E72992711C93F64C5 ] C:\Windows\System32\mqsec.dll
13:41:38.0815 5172 C:\Windows\System32\mqsec.dll - ok
13:41:38.0815 5172 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
13:41:38.0815 5172 C:\Windows\System32\ntdsapi.dll - ok
13:41:38.0815 5172 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
13:41:38.0815 5172 C:\Windows\System32\wsock32.dll - ok
13:41:38.0825 5172 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
13:41:38.0825 5172 C:\Windows\System32\aepic.dll - ok
13:41:38.0825 5172 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
13:41:38.0825 5172 C:\Windows\System32\clusapi.dll - ok
13:41:38.0825 5172 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
13:41:38.0825 5172 C:\Windows\System32\ncsi.dll - ok
13:41:38.0835 5172 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
13:41:38.0835 5172 C:\Windows\System32\netman.dll - ok
13:41:38.0835 5172 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
13:41:38.0835 5172 C:\Windows\System32\nlasvc.dll - ok
13:41:38.0835 5172 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
13:41:38.0835 5172 C:\Windows\System32\drivers\PEAuth.sys - ok
13:41:38.0835 5172 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
13:41:38.0835 5172 C:\Windows\System32\drivers\secdrv.sys - ok
13:41:38.0845 5172 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
13:41:38.0845 5172 C:\Windows\System32\seclogon.dll - ok
13:41:38.0845 5172 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
13:41:38.0845 5172 C:\Windows\System32\sfc.dll - ok
13:41:38.0845 5172 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
13:41:38.0845 5172 C:\Windows\System32\sfc_os.dll - ok
13:41:38.0845 5172 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
13:41:38.0845 5172 C:\Windows\System32\ssdpapi.dll - ok
13:41:38.0855 5172 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
13:41:38.0855 5172 C:\Windows\SysWOW64\devrtl.dll - ok
13:41:38.0855 5172 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files (x86)\Skype\Updater\Updater.exe
13:41:38.0855 5172 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
13:41:38.0855 5172 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
13:41:38.0855 5172 C:\Windows\System32\aeevts.dll - ok
13:41:38.0865 5172 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
13:41:38.0865 5172 C:\Windows\System32\dssenh.dll - ok
13:41:38.0865 5172 [ 203AFD760D58EF377716A88716B329A3 ] C:\Windows\System32\mqlogmgr.dll
13:41:38.0865 5172 C:\Windows\System32\mqlogmgr.dll - ok
13:41:38.0865 5172 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
13:41:38.0865 5172 C:\Windows\System32\drivers\srvnet.sys - ok
13:41:38.0865 5172 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
13:41:38.0865 5172 C:\Windows\System32\snmpapi.dll - ok
13:41:38.0875 5172 [ 94B0B1A2635004267C14301270C8CE37 ] C:\Windows\System32\inetsrv\httpmib.dll
13:41:38.0875 5172 C:\Windows\System32\inetsrv\httpmib.dll - ok
13:41:38.0875 5172 [ C68646093AB79AC5D794E5CED965BAE7 ] C:\Windows\System32\wow64mib.dll
13:41:38.0875 5172 C:\Windows\System32\wow64mib.dll - ok
13:41:38.0875 5172 [ 8F5171C837E64FF0AC48F0A29DD9E180 ] C:\Windows\SysWOW64\snmp.exe
13:41:38.0875 5172 C:\Windows\SysWOW64\snmp.exe - ok
13:41:38.0875 5172 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
13:41:38.0875 5172 C:\Windows\System32\drivers\tcpipreg.sys - ok
13:41:38.0885 5172 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
13:41:38.0885 5172 C:\Windows\System32\sysmain.dll - ok
13:41:38.0885 5172 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
13:41:38.0885 5172 C:\Windows\System32\tapisrv.dll - ok
13:41:38.0885 5172 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
13:41:38.0885 5172 C:\Windows\System32\wiaservc.dll - ok
13:41:38.0895 5172 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
13:41:38.0895 5172 C:\Windows\System32\wiatrace.dll - ok
13:41:38.0895 5172 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
13:41:38.0895 5172 C:\Windows\System32\trkwks.dll - ok
13:41:38.0895 5172 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
13:41:38.0895 5172 C:\Windows\System32\conhost.exe - ok
13:41:38.0895 5172 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:41:38.0895 5172 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
13:41:38.0905 5172 [ B32009DB1972E7F2C227499289C4384A ] C:\Windows\System32\inetsrv\iisw3adm.dll
13:41:38.0905 5172 C:\Windows\System32\inetsrv\iisw3adm.dll - ok
13:41:38.0905 5172 [ 49F9AF60349A514C1BCF14DB9C843C5A ] C:\Windows\System32\inetsrv\w3tp.dll
13:41:38.0905 5172 C:\Windows\System32\inetsrv\w3tp.dll - ok
13:41:38.0905 5172 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
13:41:38.0905 5172 C:\Windows\System32\wbemcomn.dll - ok
13:41:38.0905 5172 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
13:41:38.0905 5172 C:\Windows\System32\wbem\fastprox.dll - ok
13:41:38.0915 5172 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
13:41:38.0915 5172 C:\Windows\System32\wbem\WinMgmtR.dll - ok
13:41:38.0915 5172 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
13:41:38.0915 5172 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
13:41:38.0915 5172 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
13:41:38.0915 5172 C:\Windows\System32\wbem\WMIsvc.dll - ok
13:41:38.0925 5172 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
13:41:38.0925 5172 C:\Windows\System32\wbem\wbemcore.dll - ok
13:41:38.0925 5172 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
13:41:38.0925 5172 C:\Windows\System32\wbem\wbemprox.dll - ok
13:41:38.0925 5172 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
13:41:38.0925 5172 C:\Windows\System32\wbem\esscli.dll - ok
13:41:38.0925 5172 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
13:41:38.0925 5172 C:\Windows\System32\wbem\wbemsvc.dll - ok
13:41:38.0935 5172 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
13:41:38.0935 5172 C:\Windows\System32\wbem\wmiutils.dll - ok
13:41:38.0935 5172 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
13:41:38.0935 5172 C:\Windows\SysWOW64\snmpapi.dll - ok
13:41:38.0935 5172 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
13:41:38.0935 5172 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
13:41:38.0935 5172 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
13:41:38.0935 5172 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
13:41:38.0945 5172 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
13:41:38.0945 5172 C:\Windows\System32\wbem\repdrvfs.dll - ok
13:41:38.0945 5172 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
13:41:38.0945 5172 C:\Windows\SysWOW64\ntdsapi.dll - ok
13:41:38.0945 5172 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
13:41:38.0945 5172 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
13:41:38.0955 5172 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
13:41:38.0955 5172 C:\Windows\System32\ncobjapi.dll - ok
13:41:38.0955 5172 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
13:41:38.0955 5172 C:\Windows\System32\wbem\wbemess.dll - ok
13:41:38.0955 5172 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
13:41:38.0955 5172 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
13:41:38.0955 5172 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
13:41:38.0955 5172 C:\Windows\System32\SensApi.dll - ok
13:41:38.0965 5172 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
13:41:38.0965 5172 C:\Windows\System32\wer.dll - ok
13:41:38.0965 5172 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
13:41:38.0965 5172 C:\Windows\System32\WinSCard.dll - ok
13:41:38.0965 5172 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
13:41:38.0965 5172 C:\Windows\System32\drivers\srv2.sys - ok
13:41:38.0965 5172 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
13:41:38.0965 5172 C:\Windows\System32\eappprxy.dll - ok
13:41:38.0975 5172 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
13:41:38.0975 5172 C:\Windows\System32\rasmans.dll - ok
13:41:38.0975 5172 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
13:41:38.0975 5172 C:\Windows\System32\rastapi.dll - ok
13:41:38.0975 5172 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
13:41:38.0975 5172 C:\Windows\System32\tapi32.dll - ok
13:41:38.0985 5172 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
13:41:38.0985 5172 C:\Windows\System32\drivers\srv.sys - ok
13:41:38.0985 5172 [ 66C5255881F6F37F5CB22B9C9C777662 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
13:41:38.0985 5172 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
13:41:38.0985 5172 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
13:41:38.0985 5172 C:\Windows\System32\browser.dll - ok
13:41:38.0985 5172 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
13:41:38.0985 5172 C:\Windows\System32\msxml3.dll - ok
13:41:38.0995 5172 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
13:41:38.0995 5172 C:\Windows\System32\srvsvc.dll - ok
13:41:38.0995 5172 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
13:41:38.0995 5172 C:\Windows\System32\netmsg.dll - ok
13:41:38.0995 5172 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
13:41:38.0995 5172 C:\Windows\System32\resutils.dll - ok
13:41:38.0995 5172 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
13:41:38.0995 5172 C:\Windows\System32\sscore.dll - ok
13:41:39.0005 5172 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
13:41:39.0005 5172 C:\Windows\System32\unimdm.tsp - ok
13:41:39.0005 5172 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
13:41:39.0005 5172 C:\Windows\System32\kmddsp.tsp - ok
13:41:39.0005 5172 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
13:41:39.0005 5172 C:\Windows\System32\ndptsp.tsp - ok
13:41:39.0015 5172 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
13:41:39.0015 5172 C:\Windows\System32\uniplat.dll - ok
13:41:39.0015 5172 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
13:41:39.0015 5172 C:\Windows\System32\hidphone.tsp - ok
13:41:39.0015 5172 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
13:41:39.0015 5172 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
13:41:39.0015 5172 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
13:41:39.0015 5172 C:\Windows\System32\eappcfg.dll - ok
13:41:39.0025 5172 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
13:41:39.0025 5172 C:\Windows\System32\rasppp.dll - ok
13:41:39.0025 5172 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
13:41:39.0025 5172 C:\Windows\System32\vpnike.dll - ok
13:41:39.0025 5172 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
13:41:39.0025 5172 C:\Windows\System32\raschap.dll - ok
13:41:39.0025 5172 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
13:41:39.0025 5172 C:\Windows\System32\ipnathlp.dll - ok
13:41:39.0035 5172 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
13:41:39.0035 5172 C:\Windows\System32\mprapi.dll - ok
13:41:39.0035 5172 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
13:41:39.0035 5172 C:\Windows\System32\netshell.dll - ok
13:41:39.0035 5172 [ CF2C95D5FF3E37A535D0C9F2E7A1E0A2 ] C:\Windows\System32\evntagnt.dll
13:41:39.0035 5172 C:\Windows\System32\evntagnt.dll - ok
13:41:39.0035 5172 [ 90CC31E54E79E9E5800FFF3CCF2FC5DB ] C:\Windows\System32\inetmib1.dll
13:41:39.0035 5172 C:\Windows\System32\inetmib1.dll - ok
13:41:39.0045 5172 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
13:41:39.0045 5172 C:\Windows\System32\browcli.dll - ok
13:41:39.0045 5172 [ 85C81F2367126BAD531C86998CB4418A ] C:\Windows\System32\hostmib.dll
13:41:39.0045 5172 C:\Windows\System32\hostmib.dll - ok
13:41:39.0045 5172 [ 2693448F9BE4CE1809188495D1D711E1 ] C:\Windows\System32\lmmib2.dll
13:41:39.0045 5172 C:\Windows\System32\lmmib2.dll - ok
13:41:39.0055 5172 [ C55A9A7FDDDD58347F320E08BBA76FD3 ] C:\Windows\System32\snmpmib.dll
13:41:39.0055 5172 C:\Windows\System32\snmpmib.dll - ok
13:41:39.0055 5172 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
13:41:39.0055 5172 C:\Windows\System32\winspool.drv - ok
13:41:39.0055 5172 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
13:41:39.0055 5172 C:\Windows\System32\hnetcfg.dll - ok
13:41:39.0055 5172 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
13:41:39.0055 5172 C:\Windows\System32\umb.dll - ok
13:41:39.0065 5172 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
13:41:39.0065 5172 C:\Windows\System32\localspl.dll - ok
13:41:39.0065 5172 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
13:41:39.0065 5172 C:\Windows\System32\PrintIsolationProxy.dll - ok
13:41:39.0065 5172 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
13:41:39.0065 5172 C:\Windows\System32\spoolss.dll - ok
13:41:39.0065 5172 [ 9FEFF98E2A0F71577AB401BE4E05518A ] C:\Windows\System32\CNMLM9P.DLL
13:41:39.0065 5172 C:\Windows\System32\CNMLM9P.DLL - ok
13:41:39.0075 5172 [ 85D546ADDF491C9DFF6993BB0F4059B2 ] C:\Windows\System32\CNCF2Li.DLL
13:41:39.0075 5172 C:\Windows\System32\CNCF2Li.DLL - ok
13:41:39.0075 5172 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
13:41:39.0075 5172 C:\Windows\System32\fdPnp.dll - ok
13:41:39.0075 5172 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
13:41:39.0075 5172 C:\Windows\System32\FXSMON.dll - ok
13:41:39.0075 5172 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
13:41:39.0075 5172 C:\Windows\System32\perfos.dll - ok
13:41:39.0085 5172 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
13:41:39.0085 5172 C:\Windows\System32\tcpmon.dll - ok
13:41:39.0085 5172 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
13:41:39.0085 5172 C:\Windows\System32\usbmon.dll - ok
13:41:39.0085 5172 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
13:41:39.0085 5172 C:\Windows\System32\WSDMon.dll - ok
13:41:39.0095 5172 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
13:41:39.0095 5172 C:\Windows\System32\wsnmp32.dll - ok
13:41:39.0095 5172 [ E0330C3E6CD6C499A7DE69B560AFEE4D ] C:\Windows\System32\spool\prtprocs\x64\CNMPD9P.DLL
13:41:39.0095 5172 C:\Windows\System32\spool\prtprocs\x64\CNMPD9P.DLL - ok
13:41:39.0095 5172 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
13:41:39.0095 5172 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
13:41:39.0095 5172 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
13:41:39.0095 5172 C:\Windows\System32\win32spl.dll - ok
13:41:39.0105 5172 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
13:41:39.0105 5172 C:\Windows\System32\inetpp.dll - ok
13:41:39.0105 5172 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
13:41:39.0105 5172 C:\Windows\System32\appinfo.dll - ok
13:41:39.0105 5172 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
13:41:39.0105 5172 C:\Windows\System32\hidserv.dll - ok
13:41:39.0105 5172 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
13:41:39.0105 5172 C:\Windows\System32\wdi.dll - ok
13:41:39.0115 5172 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
13:41:39.0115 5172 C:\Windows\System32\wpdbusenum.dll - ok
13:41:39.0115 5172 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
13:41:39.0115 5172 C:\Windows\System32\diagperf.dll - ok
13:41:39.0115 5172 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
13:41:39.0115 5172 C:\Windows\System32\perftrack.dll - ok
13:41:39.0125 5172 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
13:41:39.0125 5172 C:\Windows\System32\Apphlpdm.dll - ok
13:41:39.0125 5172 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
13:41:39.0125 5172 C:\Windows\System32\PortableDeviceApi.dll - ok
13:41:39.0125 5172 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
13:41:39.0125 5172 C:\Windows\System32\pnpts.dll - ok
13:41:39.0125 5172 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
13:41:39.0125 5172 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
13:41:39.0135 5172 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
13:41:39.0135 5172 C:\Windows\System32\radardt.dll - ok
13:41:39.0135 5172 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
13:41:39.0135 5172 C:\Windows\System32\wdiasqmmodule.dll - ok
13:41:39.0135 5172 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
13:41:39.0135 5172 C:\Windows\System32\drivers\WUDFRd.sys - ok
13:41:39.0135 5172 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
13:41:39.0135 5172 C:\Windows\System32\p2pcollab.dll - ok
13:41:39.0145 5172 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
13:41:39.0145 5172 C:\Windows\System32\QAGENTRT.DLL - ok
13:41:39.0145 5172 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
13:41:39.0145 5172 C:\Windows\System32\fveui.dll - ok
13:41:39.0145 5172 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
13:41:39.0145 5172 C:\Windows\System32\runonce.exe - ok
13:41:39.0155 5172 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
13:41:39.0155 5172 C:\Windows\SysWOW64\runonce.exe - ok
13:41:39.0155 5172 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
13:41:39.0155 5172 C:\Windows\System32\WUDFPlatform.dll - ok
13:41:39.0155 5172 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
13:41:39.0155 5172 C:\Windows\SysWOW64\uxtheme.dll - ok
13:41:39.0155 5172 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
13:41:39.0155 5172 C:\Windows\System32\tdh.dll - ok
13:41:39.0165 5172 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
13:41:39.0165 5172 C:\Windows\System32\pnidui.dll - ok
13:41:39.0165 5172 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
13:41:39.0165 5172 C:\Windows\SysWOW64\cmd.exe - ok
13:41:39.0165 5172 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
13:41:39.0165 5172 C:\Windows\System32\drivers\WUDFPf.sys - ok
13:41:39.0165 5172 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
13:41:39.0165 5172 C:\Windows\System32\IPSECSVC.DLL - ok
13:41:39.0175 5172 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
13:41:39.0175 5172 C:\Windows\System32\WUDFSvc.dll - ok
13:41:39.0175 5172 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
13:41:39.0175 5172 C:\Windows\System32\dimsjob.dll - ok
13:41:39.0175 5172 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
13:41:39.0175 5172 C:\Windows\System32\FwRemoteSvr.dll - ok
13:41:39.0185 5172 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
13:41:39.0185 5172 C:\Windows\System32\netprofm.dll - ok
13:41:39.0185 5172 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
13:41:39.0185 5172 C:\Windows\System32\WUDFHost.exe - ok
13:41:39.0185 5172 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
13:41:39.0185 5172 C:\Windows\System32\npmproxy.dll - ok
13:41:39.0185 5172 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
13:41:39.0185 5172 C:\Windows\System32\wmp.dll - ok
13:41:39.0195 5172 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
13:41:39.0195 5172 C:\Windows\System32\aelupsvc.dll - ok
13:41:39.0195 5172 [ 915A96EFF6DE6DD482864647332C5A42 ] C:\Windows\System32\spool\drivers\x64\3\CNCFIMi.DLL
13:41:39.0195 5172 C:\Windows\System32\spool\drivers\x64\3\CNCFIMi.DLL - ok
13:41:39.0195 5172 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
13:41:39.0195 5172 C:\Windows\SysWOW64\winbrand.dll - ok
13:41:39.0195 5172 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
13:41:39.0195 5172 C:\Windows\System32\WUDFx.dll - ok
13:41:39.0205 5172 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
13:41:39.0205 5172 C:\Windows\SysWOW64\ieframe.dll - ok
13:41:39.0205 5172 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
13:41:39.0205 5172 C:\Windows\System32\drivers\nwifi.sys - ok
13:41:39.0205 5172 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
13:41:39.0205 5172 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
13:41:39.0215 5172 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
13:41:39.0215 5172 C:\Windows\System32\wlansvc.dll - ok
13:41:39.0215 5172 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
13:41:39.0215 5172 C:\Windows\System32\WMVCORE.DLL - ok
13:41:39.0215 5172 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
13:41:39.0215 5172 C:\Windows\System32\WMASF.DLL - ok
13:41:39.0215 5172 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
13:41:39.0215 5172 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
13:41:39.0225 5172 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
13:41:39.0225 5172 C:\Windows\System32\PortableDeviceTypes.dll - ok
13:41:39.0225 5172 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
13:41:39.0225 5172 C:\Windows\SysWOW64\shdocvw.dll - ok
13:41:39.0225 5172 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Owner\AppData\Local\Temp\FF01FD9F-F8C7-4971-A90B-D006D3F78437.exe
13:41:39.0225 5172 C:\Users\Owner\AppData\Local\Temp\FF01FD9F-F8C7-4971-A90B-D006D3F78437.exe - ok
13:41:39.0225 5172 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
13:41:39.0225 5172 C:\Windows\System32\ie4uinit.exe - ok
13:41:39.0235 5172 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
13:41:39.0235 5172 C:\Windows\System32\iedkcs32.dll - ok
13:41:39.0235 5172 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
13:41:39.0235 5172 C:\Windows\System32\themeui.dll - ok
13:41:39.0235 5172 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
13:41:39.0235 5172 C:\Windows\SysWOW64\winhttp.dll - ok
13:41:39.0245 5172 [ 7EC788D53F6F43061A9BFB70D745CCBC ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
13:41:39.0245 5172 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
13:41:39.0245 5172 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
13:41:39.0245 5172 C:\Windows\SysWOW64\webio.dll - ok
13:41:39.0245 5172 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
13:41:39.0245 5172 C:\Windows\System32\msvcp100.dll - ok
13:41:39.0245 5172 [ 7E87637EECBACBB11BBA1124B805A747 ] C:\Program Files (x86)\AVG\AVG2013\avgopenssla.dll
13:41:39.0245 5172 C:\Program Files (x86)\AVG\AVG2013\avgopenssla.dll - ok
13:41:39.0255 5172 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
13:41:39.0255 5172 C:\Windows\System32\timedate.cpl - ok
13:41:39.0255 5172 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
13:41:39.0255 5172 C:\Windows\System32\actxprxy.dll - ok
13:41:39.0255 5172 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
13:41:39.0255 5172 C:\Windows\System32\shdocvw.dll - ok
13:41:39.0255 5172 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
13:41:39.0255 5172 C:\Windows\System32\linkinfo.dll - ok
13:41:39.0265 5172 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
13:41:39.0265 5172 C:\Windows\System32\msiltcfg.dll - ok
13:41:39.0265 5172 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
13:41:39.0265 5172 C:\Windows\SysWOW64\dwmapi.dll - ok
13:41:39.0265 5172 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
13:41:39.0265 5172 C:\Windows\SysWOW64\credssp.dll - ok
13:41:39.0275 5172 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
13:41:39.0275 5172 C:\Windows\SysWOW64\wship6.dll - ok
13:41:39.0275 5172 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
13:41:39.0275 5172 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
13:41:39.0275 5172 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
13:41:39.0275 5172 C:\Windows\System32\msftedit.dll - ok
13:41:39.0275 5172 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
13:41:39.0275 5172 C:\Windows\System32\msls31.dll - ok
13:41:39.0285 5172 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
13:41:39.0285 5172 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
13:41:39.0285 5172 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
13:41:39.0285 5172 C:\Windows\System32\gameux.dll - ok
13:41:39.0285 5172 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
13:41:39.0285 5172 C:\Windows\System32\ieframe.dll - ok
13:41:39.0285 5172 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
13:41:39.0285 5172 C:\Windows\System32\oleacc.dll - ok
13:41:39.0295 5172 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\85556317.sys
13:41:39.0295 5172 C:\Windows\System32\drivers\85556317.sys - ok
13:41:39.0295 5172 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
13:41:39.0295 5172 C:\Windows\System32\DeviceCenter.dll - ok
13:41:39.0295 5172 [ 981EDD3164829B256E71B5AC8CF12EC3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:41:39.0295 5172 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
13:41:39.0295 5172 [ B653CC2510CA44369C47498ABBCA8E98 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
13:41:39.0295 5172 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
13:41:39.0305 5172 [ BF3DE35824837DF4D39E462874850BBE ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
13:41:39.0305 5172 C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE - ok
13:41:39.0305 5172 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
13:41:39.0305 5172 C:\Windows\System32\rundll32.exe - ok
13:41:39.0305 5172 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
13:41:39.0305 5172 C:\Windows\System32\wdmaud.drv - ok
13:41:39.0315 5172 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
13:41:39.0315 5172 C:\Windows\System32\ksuser.dll - ok
13:41:39.0315 5172 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
13:41:39.0315 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
13:41:39.0315 5172 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
13:41:39.0315 5172 C:\Windows\System32\AudioSes.dll - ok
13:41:39.0315 5172 [ 497F27E279C0F921E2130BB89C1CB5CA ] C:\Program Files (x86)\Skype\Phone\Skype.exe
13:41:39.0315 5172 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
13:41:39.0325 5172 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
13:41:39.0325 5172 C:\Windows\System32\msacm32.dll - ok
13:41:39.0325 5172 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
13:41:39.0325 5172 C:\Windows\System32\msacm32.drv - ok
13:41:39.0325 5172 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
13:41:39.0325 5172 C:\Windows\System32\midimap.dll - ok
13:41:39.0335 5172 [ 521BE0575EE9CBD360ECC57BDE9A0309 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
13:41:39.0335 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe - ok
13:41:39.0335 5172 [ 8BF6E87D0A6455905B89049851704201 ] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
13:41:39.0335 5172 C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe - ok
13:41:39.0335 5172 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
13:41:39.0335 5172 C:\Windows\System32\AudioEng.dll - ok
13:41:39.0335 5172 [ 1C40729BD49A8045EF646C270FB9E8A7 ] C:\Program Files (x86)\Private Communications\PRIVATE WiFi\WiFiPrivacyClient.exe
13:41:39.0335 5172 C:\Program Files (x86)\Private Communications\PRIVATE WiFi\WiFiPrivacyClient.exe - ok
13:41:39.0345 5172 [ C7EF0EA6DEC000B6CAA37939116D7C2E ] C:\Program Files (x86)\AOL Desktop 9.6\aol.exe
13:41:39.0345 5172 C:\Program Files (x86)\AOL Desktop 9.6\aol.exe - ok
13:41:39.0345 5172 [ 32C26797AB646074A2BB562F9D10ADB5 ] C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
13:41:39.0345 5172 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - ok
13:41:39.0345 5172 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
13:41:39.0345 5172 C:\Windows\System32\AUDIOKSE.dll - ok
13:41:39.0355 5172 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
13:41:39.0355 5172 C:\Windows\SysWOW64\riched20.dll - ok
13:41:39.0355 5172 [ 14EAAD6A782FF16B05AADACFE05C8D2A ] C:\Windows\System32\LogiLDA.DLL
13:41:39.0355 5172 C:\Windows\System32\LogiLDA.DLL - ok
13:41:39.0355 5172 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
13:41:39.0355 5172 C:\Windows\System32\msimg32.dll - ok
13:41:39.0355 5172 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
13:41:39.0355 5172 C:\Windows\System32\oledlg.dll - ok
13:41:39.0365 5172 [ 114CF6C8F5897162DFC00A7C920DDF16 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
13:41:39.0365 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl - ok
13:41:39.0365 5172 [ 123EBB4E85A6198C26E1AA482AA633DB ] C:\Program Files\Canon\MyPrinter\CNMPU.DLL
13:41:39.0365 5172 C:\Program Files\Canon\MyPrinter\CNMPU.DLL - ok
13:41:39.0365 5172 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\msvcp100.dll
13:41:39.0365 5172 C:\Users\Owner\AppData\Roaming\SearchProtect\bin\msvcp100.dll - ok
13:41:39.0375 5172 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
13:41:39.0375 5172 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
13:41:39.0375 5172 [ F58732600FC92413A8B2451FEC5B2FC9 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
13:41:39.0375 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl - ok
13:41:39.0375 5172 [ 1843E81FA7ACFFF4344A7DD4328D7DA0 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\ONINTL.DLL
13:41:39.0375 5172 C:\Program Files (x86)\Microsoft Office\Office12\1033\ONINTL.DLL - ok
13:41:39.0375 5172 [ 8CEF1C3C5F558B8834FF89FE854DB351 ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
13:41:39.0375 5172 C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
13:41:39.0385 5172 [ E35B794124685EAF5EFD3F46C7CF5834 ] C:\Program Files (x86)\AOL Desktop 9.6\waol.exe
13:41:39.0385 5172 C:\Program Files (x86)\AOL Desktop 9.6\waol.exe - ok
13:41:39.0385 5172 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
13:41:39.0385 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
13:41:39.0385 5172 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\msvcr100.dll
13:41:39.0385 5172 C:\Users\Owner\AppData\Roaming\SearchProtect\bin\msvcr100.dll - ok
13:41:39.0395 5172 [ 8838B1D35DA190061890A8FED8596EAE ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
13:41:39.0395 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl - ok
13:41:39.0395 5172 [ 31C364E11F4F37160AF8716861BB5039 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll
13:41:39.0395 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll - ok
13:41:39.0395 5172 [ F04D174B06579027134724D1C2D49108 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:41:39.0395 5172 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
13:41:39.0395 5172 [ C098BF3845C738DD4F6F76B55B442D29 ] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
13:41:39.0395 5172 C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe - ok
13:41:39.0405 5172 [ 4CD6180CB65630F9D8028E9CF51CD64F ] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
13:41:39.0405 5172 C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe - ok
13:41:39.0405 5172 [ 3F654601A593A96BC4A47035B0829E69 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\aolsoftware.exe
13:41:39.0405 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\aolsoftware.exe - ok
13:41:39.0405 5172 [ A2418D3C557C0A0C634DA713A8AC3789 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
13:41:39.0405 5172 C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe - ok
13:41:39.0415 5172 [ D2DAD71C96C113ED07F7BB79AD831C28 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:41:39.0415 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
13:41:39.0415 5172 [ E66532FD491AD5604C36916715FBA092 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
13:41:39.0415 5172 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
13:41:39.0415 5172 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:41:39.0415 5172 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
13:41:39.0425 5172 [ 6E3245DF783E58375B3465F03274743E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:41:39.0425 5172 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
13:41:39.0425 5172 [ D9D79F547AE2A70C650DFCFC27AEC0F7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:41:39.0425 5172 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
13:41:39.0425 5172 [ 9DADF1A809ECEC86F04BDE35190D59FE ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
13:41:39.0425 5172 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
13:41:39.0425 5172 [ 1B40CD1E82DB54671A292CB9720882B4 ] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll
13:41:39.0425 5172 C:\Users\Owner\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll - ok
13:41:39.0435 5172 [ F1D096ACC613CA92024260D875A9180D ] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll
13:41:39.0435 5172 C:\Users\Owner\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll - ok
13:41:39.0435 5172 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
13:41:39.0435 5172 C:\Windows\SysWOW64\mscoree.dll - ok
13:41:39.0435 5172 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
13:41:39.0435 5172 C:\Windows\System32\dsound.dll - ok
13:41:39.0445 5172 [ 050D1C454A49D4DF8EB5222D352B6630 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
13:41:39.0445 5172 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
13:41:39.0445 5172 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
13:41:39.0445 5172 C:\Windows\System32\wbem\unsecapp.exe - ok
13:41:39.0445 5172 [ D1BF902C9663764E5D9C325AA6E82AF9 ] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\ChromeModule.dll
13:41:39.0445 5172 C:\Users\Owner\AppData\Roaming\SearchProtect\bin\ChromeModule.dll - ok
13:41:39.0445 5172 [ 1E220A0A6F5FCA76FB8E11EAC4F2B24B ] C:\Windows\System32\RtkCfg64.dll
13:41:39.0445 5172 C:\Windows\System32\RtkCfg64.dll - ok
13:41:39.0455 5172 [ C56811CFF76E139CCBF1E5B9EFF839F5 ] C:\Windows\System32\RtkAPO64.dll
13:41:39.0455 5172 C:\Windows\System32\RtkAPO64.dll - ok
13:41:39.0455 5172 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
13:41:39.0455 5172 C:\Windows\System32\WMALFXGFXDSP.dll - ok
13:41:39.0455 5172 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
13:41:39.0455 5172 C:\Windows\System32\mfplat.dll - ok
13:41:39.0465 5172 [ 24081AE1E47A890025A91A25D79EC9B0 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
13:41:39.0465 5172 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll - ok
13:41:39.0465 5172 [ D16903B9431F799877AD6DF13D16BDA0 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll
13:41:39.0465 5172 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll - ok
13:41:39.0465 5172 [ 9FA27860528F7217F416DB1E5F0CDE05 ] C:\Program Files (x86)\AOL Desktop 9.6\waol.dll
13:41:39.0465 5172 C:\Program Files (x86)\AOL Desktop 9.6\waol.dll - ok
13:41:39.0465 5172 [ EAAD988F5D1C6904DF8D59382D326371 ] C:\Windows\SysWOW64\atiadlxy.dll
13:41:39.0465 5172 C:\Windows\SysWOW64\atiadlxy.dll - ok
13:41:39.0475 5172 [ F7F2F299DD5019C67D9FDDB18E5D3916 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
13:41:39.0475 5172 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
13:41:39.0475 5172 [ 85BB840D1A1818EA340CD29666FDB939 ] C:\Program Files (x86)\AOL Desktop 9.6\supersub.dll
13:41:39.0475 5172 C:\Program Files (x86)\AOL Desktop 9.6\supersub.dll - ok
13:41:39.0475 5172 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
13:41:39.0475 5172 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
13:41:39.0485 5172 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
13:41:39.0485 5172 C:\Windows\System32\mscoree.dll - ok
13:41:39.0485 5172 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
13:41:39.0485 5172 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
13:41:39.0485 5172 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
13:41:39.0485 5172 C:\Windows\System32\qmgr.dll - ok
13:41:39.0485 5172 [ 691771D7570A53130E7E885D8266E6C0 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
13:41:39.0485 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
13:41:39.0495 5172 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
13:41:39.0495 5172 C:\Windows\System32\bitsperf.dll - ok
13:41:39.0495 5172 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
13:41:39.0495 5172 C:\Windows\System32\bitsigd.dll - ok
13:41:39.0495 5172 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
13:41:39.0495 5172 C:\Windows\System32\upnp.dll - ok
13:41:39.0495 5172 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
13:41:39.0495 5172 C:\Windows\System32\ssdpsrv.dll - ok
13:41:39.0505 5172 [ B64F80B64EE7DE4FB68A0FEDA192EE52 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
13:41:39.0505 5172 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
13:41:39.0505 5172 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
13:41:39.0505 5172 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
13:41:39.0505 5172 [ C75EB64B73839EFB8B9D8F80B4E971F1 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\AOLSvcMgr.dll
13:41:39.0505 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\AOLSvcMgr.dll - ok
13:41:39.0515 5172 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
13:41:39.0515 5172 C:\Windows\System32\wbem\NCProv.dll - ok
13:41:39.0515 5172 [ A5DFFC8F69EFB4521B766278F7402B14 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\xprt6.dll
13:41:39.0515 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\xprt6.dll - ok
13:41:39.0515 5172 [ A0F110AB73271DA15E6BC314A8C1512A ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
13:41:39.0515 5172 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
13:41:39.0515 5172 [ F047AC8029004B2FB94E2429F54617A9 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
13:41:39.0515 5172 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
13:41:39.0525 5172 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
13:41:39.0525 5172 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
13:41:39.0525 5172 [ E01945331345F678AFAE3ECD5369D61A ] C:\Program Files (x86)\Common Files\aol\AOLDiag\tbdiag.dll
13:41:39.0525 5172 C:\Program Files (x86)\Common Files\aol\AOLDiag\tbdiag.dll - ok
13:41:39.0525 5172 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
13:41:39.0525 5172 C:\Windows\SysWOW64\shfolder.dll - ok
13:41:39.0535 5172 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
13:41:39.0535 5172 C:\Windows\System32\wbem\cimwin32.dll - ok
13:41:39.0535 5172 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
13:41:39.0535 5172 C:\Windows\System32\framedynos.dll - ok
13:41:39.0535 5172 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
13:41:39.0535 5172 C:\Windows\System32\stobject.dll - ok
13:41:39.0535 5172 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
13:41:39.0535 5172 C:\Windows\System32\batmeter.dll - ok
13:41:39.0545 5172 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
13:41:39.0545 5172 C:\Windows\System32\qmgrprxy.dll - ok
13:41:39.0545 5172 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
13:41:39.0545 5172 C:\Windows\SysWOW64\d3d9.dll - ok
13:41:39.0545 5172 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
13:41:39.0545 5172 C:\Windows\SysWOW64\qmgrprxy.dll - ok
13:41:39.0545 5172 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
13:41:39.0545 5172 C:\Windows\System32\prnfldr.dll - ok
13:41:39.0555 5172 [ CEF32B574F8C732BACAFD93210642DBB ] C:\Users\Owner\AppData\LocalLow\Produtools_Manuals_2.1_B\tbProd.dll
13:41:39.0555 5172 C:\Users\Owner\AppData\LocalLow\Produtools_Manuals_2.1_B\tbProd.dll - ok
13:41:39.0555 5172 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
13:41:39.0555 5172 C:\Windows\SysWOW64\d3d8thk.dll - ok
13:41:39.0555 5172 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
13:41:39.0555 5172 C:\Windows\SysWOW64\powrprof.dll - ok
13:41:39.0565 5172 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
13:41:39.0565 5172 C:\Windows\SysWOW64\msacm32.dll - ok
13:41:39.0565 5172 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
13:41:39.0565 5172 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
13:41:39.0565 5172 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
13:41:39.0565 5172 C:\Windows\SysWOW64\olepro32.dll - ok
13:41:39.0565 5172 [ 483302397A9A1334FB9D44DD16638898 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\os\ver5_2_1_1\os.dll
13:41:39.0565 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\os\ver5_2_1_1\os.dll - ok
13:41:39.0575 5172 [ BF9D64E0ECD591BC1B38BD335156B66F ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\xprt5.dll
13:41:39.0575 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\xprt5.dll - ok
13:41:39.0575 5172 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
13:41:39.0575 5172 C:\Windows\SysWOW64\avrt.dll - ok
13:41:39.0575 5172 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
13:41:39.0575 5172 C:\Windows\SysWOW64\cryptui.dll - ok
13:41:39.0585 5172 [ 1337EF044854F38B9DFD085E56EBC3A2 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\os\ver5_2_1_1\AOLIdleMon.dll
13:41:39.0585 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\os\ver5_2_1_1\AOLIdleMon.dll - ok
13:41:39.0585 5172 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
13:41:39.0585 5172 C:\Windows\System32\DXP.dll - ok
13:41:39.0585 5172 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
13:41:39.0585 5172 C:\Windows\SysWOW64\mapi32.dll - ok
13:41:39.0585 5172 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
13:41:39.0585 5172 C:\Windows\System32\Syncreg.dll - ok
13:41:39.0595 5172 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
13:41:39.0595 5172 C:\Windows\SysWOW64\sxs.dll - ok
13:41:39.0595 5172 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
13:41:39.0595 5172 C:\Windows\SysWOW64\wlanapi.dll - ok
13:41:39.0595 5172 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
13:41:39.0595 5172 C:\Windows\SysWOW64\wlanutil.dll - ok
13:41:39.0595 5172 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
13:41:39.0595 5172 C:\Windows\ehome\ehSSO.dll - ok
13:41:39.0605 5172 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
13:41:39.0605 5172 C:\Windows\System32\AltTab.dll - ok
13:41:39.0605 5172 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
13:41:39.0605 5172 C:\Windows\System32\WPDShServiceObj.dll - ok
13:41:39.0605 5172 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
13:41:39.0605 5172 C:\Windows\System32\SearchIndexer.exe - ok
13:41:39.0605 5172 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
13:41:39.0605 5172 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
13:41:39.0615 5172 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
13:41:39.0615 5172 C:\Windows\System32\QUTIL.DLL - ok
13:41:39.0615 5172 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
13:41:39.0615 5172 C:\Windows\System32\rasdlg.dll - ok
13:41:39.0615 5172 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
13:41:39.0615 5172 C:\Windows\System32\srchadmin.dll - ok
13:41:39.0625 5172 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
13:41:39.0625 5172 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
13:41:39.0625 5172 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
13:41:39.0625 5172 C:\Windows\System32\ActionCenter.dll - ok
13:41:39.0625 5172 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
13:41:39.0625 5172 C:\Windows\System32\tquery.dll - ok
13:41:39.0625 5172 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
13:41:39.0625 5172 C:\Windows\System32\netcfgx.dll - ok
13:41:39.0635 5172 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
13:41:39.0635 5172 C:\Windows\System32\dot3api.dll - ok
13:41:39.0635 5172 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
13:41:39.0635 5172 C:\Windows\System32\wlanapi.dll - ok
13:41:39.0635 5172 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
13:41:39.0635 5172 C:\Windows\System32\wlanhlp.dll - ok
13:41:39.0635 5172 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
13:41:39.0635 5172 C:\Windows\System32\wlanutil.dll - ok
13:41:39.0645 5172 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
13:41:39.0645 5172 C:\Windows\System32\onex.dll - ok
13:41:39.0645 5172 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
13:41:39.0645 5172 C:\Windows\System32\mssrch.dll - ok
13:41:39.0645 5172 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
13:41:39.0645 5172 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
13:41:39.0655 5172 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
13:41:39.0655 5172 C:\Windows\System32\WWanAPI.dll - ok
13:41:39.0655 5172 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
13:41:39.0655 5172 C:\Windows\System32\wwapi.dll - ok
13:41:39.0655 5172 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
13:41:39.0655 5172 C:\Windows\System32\QAGENT.DLL - ok
13:41:39.0655 5172 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
13:41:39.0655 5172 C:\Windows\SysWOW64\rasapi32.dll - ok
13:41:39.0665 5172 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
13:41:39.0665 5172 C:\Windows\System32\bthprops.cpl - ok
13:41:39.0665 5172 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
13:41:39.0665 5172 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
13:41:39.0665 5172 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
13:41:39.0665 5172 C:\Windows\System32\esent.dll - ok
13:41:39.0675 5172 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
13:41:39.0675 5172 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
13:41:39.0675 5172 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
13:41:39.0675 5172 C:\Windows\System32\msidle.dll - ok
13:41:39.0675 5172 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
13:41:39.0675 5172 C:\Windows\System32\mssprxy.dll - ok
13:41:39.0675 5172 [ 09EAD9CB2346B671F8F079D3472134D8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
13:41:39.0675 5172 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
13:41:39.0685 5172 [ 263963D93A3CA8F685EFA5966F1E6581 ] C:\Windows\SysWOW64\mshtml.dll
13:41:39.0685 5172 C:\Windows\SysWOW64\mshtml.dll - ok
13:41:39.0685 5172 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
13:41:39.0685 5172 C:\Windows\System32\wmdrmdev.dll - ok
13:41:39.0685 5172 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
13:41:39.0685 5172 C:\Windows\System32\en-US\tquery.dll.mui - ok
13:41:39.0685 5172 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
13:41:39.0685 5172 C:\Windows\System32\drmv2clt.dll - ok
13:41:39.0695 5172 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
13:41:39.0695 5172 C:\Windows\System32\wmploc.DLL - ok
13:41:39.0695 5172 [ 54AD2D2BD8FB25B07C61EB750D015A8A ] C:\Program Files (x86)\AOL Desktop 9.6\xprt6.dll
13:41:39.0695 5172 C:\Program Files (x86)\AOL Desktop 9.6\xprt6.dll - ok
13:41:39.0695 5172 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
13:41:39.0695 5172 C:\Windows\System32\FXSST.dll - ok
13:41:39.0705 5172 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
13:41:39.0705 5172 C:\Windows\System32\FXSAPI.dll - ok
13:41:39.0705 5172 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
13:41:39.0705 5172 C:\Windows\System32\FXSRESM.dll - ok
13:41:39.0705 5172 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
13:41:39.0705 5172 C:\Windows\System32\FXSSVC.exe - ok
13:41:39.0705 5172 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
13:41:39.0705 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
13:41:39.0715 5172 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
13:41:39.0715 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
13:41:39.0715 5172 [ 25D7CFBBFAD6E76A85865310F2E6FEA7 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
13:41:39.0715 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
13:41:39.0715 5172 [ E2D1853679F5BCCDB9100D02AE8A0444 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
13:41:39.0715 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
13:41:39.0725 5172 [ 28AFFB03DA67C31FF0BD50F54566B140 ] C:\Program Files (x86)\AOL Desktop 9.6\coolcore60.dll
13:41:39.0725 5172 C:\Program Files (x86)\AOL Desktop 9.6\coolcore60.dll - ok
13:41:39.0725 5172 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
13:41:39.0725 5172 C:\Windows\SysWOW64\samcli.dll - ok
13:41:39.0725 5172 [ 3687E37869B69040657E0CE3F5DB58AA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
13:41:39.0725 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
13:41:39.0725 5172 [ 79EEFF8FF8C4AA0129C68DF160894A5D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
13:41:39.0725 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
13:41:39.0735 5172 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
13:41:39.0735 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
13:41:39.0735 5172 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
13:41:39.0735 5172 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
13:41:39.0735 5172 [ 77B2D990F587509180625DCAC6A96E7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
13:41:39.0735 5172 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
13:41:39.0745 5172 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
13:41:39.0745 5172 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
13:41:39.0745 5172 [ 9BE95786D648A9D0D31CAF5D98DBE3A2 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
13:41:39.0745 5172 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll - ok
13:41:39.0745 5172 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
13:41:39.0745 5172 C:\Windows\SysWOW64\MMDevAPI.dll - ok
13:41:39.0745 5172 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
13:41:39.0745 5172 C:\Windows\SysWOW64\duser.dll - ok
13:41:39.0755 5172 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
13:41:39.0755 5172 C:\Windows\SysWOW64\rasman.dll - ok
13:41:39.0755 5172 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
13:41:39.0755 5172 C:\Windows\SysWOW64\rtutils.dll - ok
13:41:39.0755 5172 [ BABA28EF2F258B74EA22AC2042536589 ] C:\Program Files (x86)\AOL Desktop 9.6\zlib.dll
13:41:39.0755 5172 C:\Program Files (x86)\AOL Desktop 9.6\zlib.dll - ok
13:41:39.0765 5172 [ 79A3C68FC62384FAA93C170A45382547 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\notification\ver7_1_1_1\Notify.dll
13:41:39.0765 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\notification\ver7_1_1_1\Notify.dll - ok
13:41:39.0765 5172 [ DA9469CBC7AED0D94BD3CCF29BAB0CB4 ] C:\Program Files (x86)\AOL Desktop 9.6\comm.dll
13:41:39.0765 5172 C:\Program Files (x86)\AOL Desktop 9.6\comm.dll - ok
13:41:39.0765 5172 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:41:39.0765 5172 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
13:41:39.0765 5172 [ B9BA2E4F86221E925F272F4EF812A165 ] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
13:41:39.0765 5172 C:\Program Files (x86)\SearchProtect\bin\cltmng.exe - ok
13:41:39.0775 5172 [ A01ABE7AD08224D4B222C3431DB50C30 ] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
13:41:39.0775 5172 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe - ok
13:41:39.0775 5172 [ C4F6B2E61ABA9A13819EA2E217E0BFC0 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\localStorage\ver8_1_1_1\clsSvc.dll
13:41:39.0775 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\localStorage\ver8_1_1_1\clsSvc.dll - ok
13:41:39.0775 5172 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
13:41:39.0775 5172 C:\Windows\System32\webcheck.dll - ok
13:41:39.0775 5172 [ 4DAB37E8BEDA1F286F0C40B8AAB0D65C ] C:\Program Files (x86)\Everything\Everything.exe
13:41:39.0775 5172 C:\Program Files (x86)\Everything\Everything.exe - ok
13:41:39.0785 5172 [ DD31423901153676F65CCF854B554F24 ] C:\Program Files (x86)\AOL Desktop 9.6\manager.dll
13:41:39.0785 5172 C:\Program Files (x86)\AOL Desktop 9.6\manager.dll - ok
13:41:39.0785 5172 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] C:\Program Files\iPod\bin\iPodService.exe
13:41:39.0785 5172 C:\Program Files\iPod\bin\iPodService.exe - ok
13:41:39.0785 5172 [ D93F2485714AA6550421FE7A1050B2D1 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll
13:41:39.0785 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll - ok
13:41:39.0795 5172 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
13:41:39.0795 5172 C:\Windows\System32\SyncCenter.dll - ok
13:41:39.0795 5172 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
13:41:39.0795 5172 C:\Windows\System32\SearchProtocolHost.exe - ok
13:41:39.0795 5172 [ E7E21E5BCE1EA6E034298CCE69E0226A ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\preferences\ver6_1_1_1\preferences.dll
13:41:39.0795 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\preferences\ver6_1_1_1\preferences.dll - ok
13:41:39.0795 5172 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
13:41:39.0795 5172 C:\Windows\SysWOW64\schannel.dll - ok
13:41:39.0805 5172 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
13:41:39.0805 5172 C:\Windows\SysWOW64\dui70.dll - ok
13:41:39.0805 5172 [ 7F1949EBFB85165952BE3239CDEAC2B2 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\osInfo\ver2_1_1_1\osInfo.dll
13:41:39.0805 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\osInfo\ver2_1_1_1\osInfo.dll - ok
13:41:39.0805 5172 [ 878D1F57E7D32DEDA43D165FC22B7A97 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\authentication\ver7_1_6_1\authentication.dll
13:41:39.0805 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\authentication\ver7_1_6_1\authentication.dll - ok
13:41:39.0815 5172 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
13:41:39.0815 5172 C:\Windows\System32\consent.exe - ok
13:41:39.0815 5172 [ 5767306C882E304CC0D2114A7F6B6998 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\authentication\ver7_1_6_1\authenticationshadow.dll
13:41:39.0815 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\authentication\ver7_1_6_1\authenticationshadow.dll - ok
13:41:39.0815 5172 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
13:41:39.0815 5172 C:\Windows\SysWOW64\ncrypt.dll - ok
13:41:39.0815 5172 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
13:41:39.0815 5172 C:\Windows\SysWOW64\bcrypt.dll - ok
13:41:39.0825 5172 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
13:41:39.0825 5172 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
13:41:39.0825 5172 [ 27EEDA30B662B2E5BA175EC67AC3C5F6 ] C:\Program Files (x86)\AOL Desktop 9.6\synccore.dll
13:41:39.0825 5172 C:\Program Files (x86)\AOL Desktop 9.6\synccore.dll - ok
13:41:39.0825 5172 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
13:41:39.0825 5172 C:\Windows\SysWOW64\gpapi.dll - ok
13:41:39.0835 5172 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
13:41:39.0835 5172 C:\Windows\SysWOW64\mlang.dll - ok
13:41:39.0835 5172 [ 1C4C8B90C96FA1573A4BBE5F225FC51E ] C:\Program Files (x86)\AOL Desktop 9.6\proxymgr.dll
13:41:39.0835 5172 C:\Program Files (x86)\AOL Desktop 9.6\proxymgr.dll - ok
13:41:39.0835 5172 [ 6D555A0D73B41A6E39352A5B8FC43A48 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\miniXML\ver2_1_1_1\XMLMini.dll
13:41:39.0835 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\miniXML\ver2_1_1_1\XMLMini.dll - ok
13:41:39.0835 5172 [ BAE979CF6DCDF11D1846B04AD02C3211 ] C:\Program Files (x86)\AOL Desktop 9.6\tai2.dll
13:41:39.0835 5172 C:\Program Files (x86)\AOL Desktop 9.6\tai2.dll - ok
13:41:39.0845 5172 [ 254132D980A71332770E96DA3273B9AE ] C:\Program Files (x86)\AOL Desktop 9.6\abook.dll
13:41:39.0845 5172 C:\Program Files (x86)\AOL Desktop 9.6\abook.dll - ok
13:41:39.0845 5172 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
13:41:39.0845 5172 C:\Windows\SysWOW64\gameux.dll - ok
13:41:39.0845 5172 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
13:41:39.0845 5172 C:\Windows\System32\imapi2.dll - ok
13:41:39.0855 5172 [ 956CF4A70C14DE6B8FE6BF2B9E21B49F ] C:\Program Files (x86)\AOL Desktop 9.6\acfBase.dll
13:41:39.0855 5172 C:\Program Files (x86)\AOL Desktop 9.6\acfBase.dll - ok
13:41:39.0855 5172 [ 28FAEBBF207B5BF042FF75866CBC1528 ] C:\Program Files (x86)\AOL Desktop 9.6\appdata.dll
13:41:39.0855 5172 C:\Program Files (x86)\AOL Desktop 9.6\appdata.dll - ok
13:41:39.0855 5172 [ 6548C67BC96A25D7D005B93615A90338 ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\metrics\ver4_1_11_1\cmls.dll
13:41:39.0855 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\metrics\ver4_1_11_1\cmls.dll - ok
13:41:39.0855 5172 [ 60277878D320CEC6966DA135C5F570E4 ] C:\Program Files (x86)\AOL Desktop 9.6\resource.dll
13:41:39.0855 5172 C:\Program Files (x86)\AOL Desktop 9.6\resource.dll - ok
13:41:39.0865 5172 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
13:41:39.0865 5172 C:\Windows\System32\hgcpl.dll - ok
13:41:39.0865 5172 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
13:41:39.0865 5172 C:\Windows\SysWOW64\wer.dll - ok
13:41:39.0865 5172 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
13:41:39.0865 5172 C:\Windows\SysWOW64\xmllite.dll - ok
13:41:39.0865 5172 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
13:41:39.0865 5172 C:\Windows\SysWOW64\linkinfo.dll - ok
13:41:39.0875 5172 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
13:41:39.0875 5172 C:\Windows\SysWOW64\ntshrui.dll - ok
13:41:39.0875 5172 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
13:41:39.0875 5172 C:\Windows\SysWOW64\slc.dll - ok
13:41:39.0875 5172 [ C337529A8175C695CFA8E563DF549028 ] C:\Windows\SysWOW64\aticfx32.dll
13:41:39.0875 5172 C:\Windows\SysWOW64\aticfx32.dll - ok
13:41:39.0885 5172 [ 03DF31B15ADB2D0DCC2B6C56256D592B ] C:\Windows\SysWOW64\atiu9pag.dll
13:41:39.0885 5172 C:\Windows\SysWOW64\atiu9pag.dll - ok
13:41:39.0885 5172 [ 385EF8B29F7D77F713BBA461E954EAD1 ] C:\Windows\SysWOW64\atiumdag.dll
13:41:39.0885 5172 C:\Windows\SysWOW64\atiumdag.dll - ok
13:41:39.0885 5172 [ B1516A90A3CBE0C108E679691AD05A7B ] C:\Windows\SysWOW64\atiumdva.dll
13:41:39.0885 5172 C:\Windows\SysWOW64\atiumdva.dll - ok
13:41:39.0885 5172 [ D597F5E4459CE74BBE61377424044281 ] C:\ProgramData\Carbonite\Carbonite Backup\CarbonitePossibleUpgrade.exe
13:41:39.0885 5172 C:\ProgramData\Carbonite\Carbonite Backup\CarbonitePossibleUpgrade.exe - ok
13:41:39.0895 5172 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
13:41:39.0895 5172 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
13:41:39.0895 5172 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
13:41:39.0895 5172 C:\Windows\System32\drivers\fastfat.sys - ok
13:41:39.0895 5172 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
13:41:39.0895 5172 C:\Windows\svchost.exe - ok
13:41:39.0895 5172 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
13:41:39.0895 5172 C:\Windows\System32\msshooks.dll - ok
13:41:39.0905 5172 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
13:41:39.0905 5172 C:\Windows\System32\SearchFilterHost.exe - ok
13:41:39.0905 5172 [ D171FFB6DF8F648BA9022A550B056E00 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
13:41:39.0905 5172 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
13:41:39.0905 5172 [ E0A8EDCE1DFDC9874CD2817F9FC4BDF0 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
13:41:39.0905 5172 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
13:41:39.0915 5172 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
13:41:39.0915 5172 C:\Windows\SysWOW64\msimtf.dll - ok
13:41:39.0915 5172 [ 20372F3078B78AC1426621E05C7A048E ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
13:41:39.0915 5172 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
13:41:39.0915 5172 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
13:41:39.0915 5172 C:\Program Files\Internet Explorer\ieproxy.dll - ok
13:41:39.0915 5172 [ 69F42E40A0C4344939437D86A8893DA6 ] C:\Windows\SysWOW64\jscript9.dll
13:41:39.0915 5172 C:\Windows\SysWOW64\jscript9.dll - ok
13:41:39.0925 5172 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
13:41:39.0925 5172 C:\Windows\System32\wmpps.dll - ok
13:41:39.0925 5172 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
13:41:39.0925 5172 C:\Windows\SysWOW64\mfc100u.dll - ok
13:41:39.0925 5172 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
13:41:39.0925 5172 C:\Windows\System32\wmpmde.dll - ok
13:41:39.0935 5172 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
13:41:39.0935 5172 C:\Windows\SysWOW64\dsound.dll - ok
13:41:39.0935 5172 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
13:41:39.0935 5172 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
13:41:39.0935 5172 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
13:41:39.0935 5172 C:\Windows\System32\WinSATAPI.dll - ok
13:41:39.0935 5172 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
13:41:39.0935 5172 C:\Windows\SysWOW64\d2d1.dll - ok
13:41:39.0945 5172 [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
13:41:39.0945 5172 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
13:41:39.0945 5172 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
13:41:39.0945 5172 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
13:41:39.0945 5172 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
13:41:39.0945 5172 C:\Windows\SysWOW64\msxml3.dll - ok
13:41:39.0955 5172 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
13:41:39.0955 5172 C:\Windows\SysWOW64\DWrite.dll - ok
13:41:39.0955 5172 [ DAE616813F2371B85F8E36D6F9AE4AED ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll
13:41:39.0955 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll - ok
13:41:39.0955 5172 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
13:41:39.0955 5172 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
13:41:39.0955 5172 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
13:41:39.0955 5172 C:\Windows\SysWOW64\mfc100enu.dll - ok
13:41:39.0965 5172 [ E7FC2CFE8953E69D665A4A798F4D69D4 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
13:41:39.0965 5172 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll - ok
13:41:39.0965 5172 [ 305F5E1AE25B54C5C78634E2231428AC ] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
13:41:39.0965 5172 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll - ok
13:41:39.0965 5172 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
13:41:39.0965 5172 C:\Windows\SysWOW64\dxgi.dll - ok
13:41:39.0975 5172 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
13:41:39.0975 5172 C:\Windows\System32\MSMPEG2ENC.DLL - ok
13:41:39.0975 5172 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
13:41:39.0975 5172 C:\Windows\SysWOW64\d3d10_1.dll - ok
13:41:39.0975 5172 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
13:41:39.0975 5172 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
13:41:39.0975 5172 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
13:41:39.0975 5172 C:\Windows\SysWOW64\d3d10_1core.dll - ok
13:41:39.0985 5172 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
13:41:39.0985 5172 C:\Windows\SysWOW64\EhStorShell.dll - ok
13:41:39.0985 5172 [ E9296800685ED622132C0E1FA9241F92 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
13:41:39.0985 5172 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
13:41:39.0985 5172 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
13:41:39.0985 5172 C:\Windows\SysWOW64\d3d11.dll - ok
13:41:39.0985 5172 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
13:41:39.0985 5172 C:\Windows\SysWOW64\imageres.dll - ok
13:41:39.0995 5172 [ 4BC63466E104393AE3A4729B8122D299 ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\Main_help.dll
13:41:39.0995 5172 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\Main_help.dll - ok
13:41:39.0995 5172 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
13:41:39.0995 5172 C:\Windows\System32\devenum.dll - ok
13:41:39.0995 5172 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
13:41:39.0995 5172 C:\Windows\System32\msdmo.dll - ok
13:41:40.0005 5172 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
13:41:40.0005 5172 C:\Windows\System32\upnphost.dll - ok
13:41:40.0005 5172 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
13:41:40.0005 5172 C:\Windows\SysWOW64\d3d10warp.dll - ok
13:41:40.0005 5172 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
13:41:40.0005 5172 C:\Windows\System32\wbem\wmiprov.dll - ok
13:41:40.0005 5172 [ 8FAD04A00BFE6977AA4743C067364B5F ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
13:41:40.0005 5172 C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll - ok
13:41:40.0015 5172 [ CEF58ABD7D7CC34431C9AD79D123F37D ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
13:41:40.0015 5172 C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll - ok
13:41:40.0015 5172 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
13:41:40.0015 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
13:41:40.0015 5172 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
13:41:40.0015 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
13:41:40.0025 5172 [ 3924B7B6258D8F35D9BEE1F61D453553 ] C:\Program Files (x86)\Common Files\aol\acs\ACSCmn.dll
13:41:40.0025 5172 C:\Program Files (x86)\Common Files\aol\acs\ACSCmn.dll - ok
13:41:40.0025 5172 [ 9730643AB698D3B7F19D9192E4D3E4B0 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
13:41:40.0025 5172 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
13:41:40.0025 5172 [ 85180CF88C5EBAD73B452A43A004CA51 ] C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe
13:41:40.0025 5172 C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe - ok
13:41:40.0025 5172 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
13:41:40.0025 5172 C:\Windows\System32\udhisapi.dll - ok
13:41:40.0035 5172 [ DE35D659575C700BA4E8E912671EA4BA ] C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
13:41:40.0035 5172 C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe - ok
13:41:40.0035 5172 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
13:41:40.0035 5172 C:\Windows\SysWOW64\msls31.dll - ok
13:41:40.0035 5172 [ 751EEDB874FD17A6F26B9E2CC5E19170 ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
13:41:40.0035 5172 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
13:41:40.0035 5172 [ F7E915FA38C119101873AE5E0E7C8B66 ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
13:41:40.0035 5172 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
13:41:40.0045 5172 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
13:41:40.0045 5172 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
13:41:40.0045 5172 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
13:41:40.0045 5172 C:\Windows\SysWOW64\cryptnet.dll - ok
13:41:40.0045 5172 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
13:41:40.0045 5172 C:\Windows\SysWOW64\msisip.dll - ok
13:41:40.0055 5172 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
13:41:40.0055 5172 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
13:41:40.0055 5172 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
13:41:40.0055 5172 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
13:41:40.0055 5172 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
13:41:40.0055 5172 C:\Windows\AppPatch\AcLayers.dll - ok
13:41:40.0055 5172 [ 6DBD8C6D28EEB5BC16C730FF07AE5979 ] C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.dll
13:41:40.0055 5172 C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.dll - ok
13:41:40.0065 5172 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
13:41:40.0065 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
13:41:40.0065 5172 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
13:41:40.0065 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
13:41:40.0065 5172 [ EBCC2CEFDA0CE9F8DBFD7F4E380AF081 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
13:41:40.0065 5172 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe - ok
13:41:40.0075 5172 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
13:41:40.0075 5172 C:\Windows\SysWOW64\tapi32.dll - ok
13:41:40.0075 5172 [ 7332AED6A02FE37C4356C40628E175CE ] C:\Program Files (x86)\Common Files\aol\acs\xpat.dll
13:41:40.0075 5172 C:\Program Files (x86)\Common Files\aol\acs\xpat.dll - ok
13:41:40.0075 5172 [ C6B2AD321E6C12E12898D1CAE587D0D5 ] C:\Program Files (x86)\Common Files\aol\acs\shfolder.dll
13:41:40.0075 5172 C:\Program Files (x86)\Common Files\aol\acs\shfolder.dll - ok
13:41:40.0085 5172 [ 1EB873F19426A826DCA41C08CDAD98B4 ] C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
13:41:40.0085 5172 C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll - ok
13:41:40.0085 5172 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
13:41:40.0085 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
13:41:40.0085 5172 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
13:41:40.0085 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
13:41:40.0085 5172 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
13:41:40.0085 5172 C:\Windows\SysWOW64\pdh.dll - ok
13:41:40.0095 5172 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
13:41:40.0095 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
13:41:40.0095 5172 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
13:41:40.0095 5172 C:\Windows\SysWOW64\IconCodecService.dll - ok
13:41:40.0095 5172 [ 0B5EDD2871209EA886A9B48A36828D65 ] C:\Program Files (x86)\Common Files\aol\acs\ACSMDiag.dll
13:41:40.0095 5172 C:\Program Files (x86)\Common Files\aol\acs\ACSMDiag.dll - ok
13:41:40.0105 5172 [ EB7C5582D26FA37A0D7387166EC7C447 ] C:\Program Files (x86)\Common Files\aol\acs\ACSSwu.dll
13:41:40.0105 5172 C:\Program Files (x86)\Common Files\aol\acs\ACSSwu.dll - ok
13:41:40.0105 5172 [ 11777320B123AEE0226764EA99736963 ] C:\Program Files (x86)\Common Files\aol\acs\AcsInstall.dll
13:41:40.0105 5172 C:\Program Files (x86)\Common Files\aol\acs\AcsInstall.dll - ok
13:41:40.0105 5172 [ ED913975B68EAC21839DD3C1A7729A37 ] C:\Program Files (x86)\Common Files\aol\acs\acsui.dll
13:41:40.0105 5172 C:\Program Files (x86)\Common Files\aol\acs\acsui.dll - ok
13:41:40.0105 5172 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
13:41:40.0105 5172 C:\Windows\SysWOW64\devenum.dll - ok
13:41:40.0115 5172 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
13:41:40.0115 5172 C:\Windows\SysWOW64\msdmo.dll - ok
13:41:40.0115 5172 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
13:41:40.0115 5172 C:\Windows\SysWOW64\avicap32.dll - ok
13:41:40.0115 5172 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
13:41:40.0115 5172 C:\Windows\SysWOW64\msvfw32.dll - ok
13:41:40.0125 5172 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
13:41:40.0125 5172 C:\Windows\SysWOW64\vfwwdm32.dll - ok
13:41:40.0125 5172 [ BE210318FA6DA2A862BD41EA87E8CBE6 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
13:41:40.0125 5172 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
13:41:40.0125 5172 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
13:41:40.0125 5172 C:\Windows\SysWOW64\ksproxy.ax - ok
13:41:40.0125 5172 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
13:41:40.0125 5172 C:\Windows\SysWOW64\ksuser.dll - ok
13:41:40.0135 5172 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
13:41:40.0135 5172 C:\Windows\SysWOW64\wshqos.dll - ok
13:41:40.0135 5172 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
13:41:40.0135 5172 C:\Windows\SysWOW64\vidcap.ax - ok
13:41:40.0135 5172 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
13:41:40.0135 5172 C:\Windows\SysWOW64\Kswdmcap.ax - ok
13:41:40.0135 5172 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
13:41:40.0135 5172 C:\Windows\SysWOW64\mfc42.dll - ok
13:41:40.0145 5172 [ F33381A982246365E9426C5D4C038C02 ] C:\Program Files (x86)\Common Files\aol\acs\InsWanAtw.dll
13:41:40.0145 5172 C:\Program Files (x86)\Common Files\aol\acs\InsWanAtw.dll - ok
13:41:40.0145 5172 [ 91D58C64A22C1C94B4D02B6162DC2256 ] C:\Program Files (x86)\Common Files\aol\acs\MultiOS.dll
13:41:40.0145 5172 C:\Program Files (x86)\Common Files\aol\acs\MultiOS.dll - ok
13:41:40.0145 5172 [ F090278A70677B340C663E5FA30D8072 ] C:\Program Files (x86)\Common Files\aol\acs\UniNetInst.dll
13:41:40.0145 5172 C:\Program Files (x86)\Common Files\aol\acs\UniNetInst.dll - ok
13:41:40.0155 5172 [ BDCA3ED0C61D45E02854A59A0183DCBB ] C:\Program Files (x86)\Common Files\aol\acs\inshlp2k.dll
13:41:40.0155 5172 C:\Program Files (x86)\Common Files\aol\acs\inshlp2k.dll - ok
13:41:40.0155 5172 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
13:41:40.0155 5172 C:\Windows\SysWOW64\odbc32.dll - ok
13:41:40.0155 5172 [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\SysWOW64\newdev.dll
13:41:40.0155 5172 C:\Windows\SysWOW64\newdev.dll - ok
13:41:40.0155 5172 [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
13:41:40.0155 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
13:41:40.0165 5172 [ ECEB715BECE47E101DDEC06B11126066 ] C:\Program Files (x86)\Common Files\aol\acs\wanatw64.sys
13:41:40.0165 5172 C:\Program Files (x86)\Common Files\aol\acs\wanatw64.sys - ok
13:41:40.0165 5172 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
13:41:40.0165 5172 C:\Windows\SysWOW64\odbcint.dll - ok
13:41:40.0165 5172 [ 70B01D485878A217ABE7A32E5F5E753D ] C:\Program Files (x86)\AOL Desktop 9.6\tool\imfdecode.rct
13:41:40.0165 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\imfdecode.rct - ok
13:41:40.0165 5172 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
13:41:40.0165 5172 C:\Windows\System32\shfolder.dll - ok
13:41:40.0175 5172 [ 65ACAA21069C7DE97C507193DEA7CE1F ] C:\Program Files (x86)\AOL Desktop 9.6\tool\coretool.rct
13:41:40.0175 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\coretool.rct - ok
13:41:40.0175 5172 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
13:41:40.0175 5172 C:\Windows\System32\networkexplorer.dll - ok
13:41:40.0175 5172 [ E6C3EC8ADB7396B709CD1DECDC18276C ] C:\Program Files (x86)\AOL Desktop 9.6\dunzip32.dll
13:41:40.0175 5172 C:\Program Files (x86)\AOL Desktop 9.6\dunzip32.dll - ok
13:41:40.0185 5172 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
13:41:40.0185 5172 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
13:41:40.0185 5172 [ DFED78D9FF88F1C572381F8EB1FA1BF9 ] C:\Program Files (x86)\AOL Desktop 9.6\tool\mip.tol
13:41:40.0185 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\mip.tol - ok
13:41:40.0185 5172 [ D225A5294A135F409CC6354561066E3A ] C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
13:41:40.0185 5172 C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll - ok
13:41:40.0185 5172 [ D55F1150EDC0D1857F0D40E3A8D750EB ] C:\Program Files (x86)\AOL Desktop 9.6\tool\rich.rct
13:41:40.0185 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\rich.rct - ok
13:41:40.0195 5172 [ 2EB78EE9E99B49E1E2EC329E6B3B6DE5 ] C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
13:41:40.0195 5172 C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll - ok
13:41:40.0195 5172 [ 916A1956E147D6DD634D5C80022A31B7 ] C:\Program Files (x86)\AOL Desktop 9.6\tool\actvx.rct
13:41:40.0195 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\actvx.rct - ok
13:41:40.0195 5172 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
13:41:40.0195 5172 C:\Windows\System32\drprov.dll - ok
13:41:40.0205 5172 [ B78E390C802B8F0D2BAF4F8B181318A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll
13:41:40.0205 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll - ok
13:41:40.0205 5172 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
13:41:40.0205 5172 C:\Windows\System32\ntlanman.dll - ok
13:41:40.0205 5172 [ 44F7B52066F5C42CAAE4851233D87E12 ] C:\Program Files (x86)\AOL Desktop 9.6\tool\sec.cct
13:41:40.0205 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\sec.cct - ok
13:41:40.0205 5172 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
13:41:40.0205 5172 C:\Windows\System32\davclnt.dll - ok
13:41:40.0215 5172 [ 0733FB263FEC9442B86F77B3B458E4DF ] C:\Program Files (x86)\AOL Desktop 9.6\tool\chat.tol
13:41:40.0215 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\chat.tol - ok
13:41:40.0215 5172 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
13:41:40.0215 5172 C:\Windows\System32\davhlpr.dll - ok
13:41:40.0215 5172 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
13:41:40.0215 5172 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
13:41:40.0225 5172 [ 301E028763251820B3DC2DD76FA7D6B7 ] C:\Program Files (x86)\AOL Desktop 9.6\coolapi.dll
13:41:40.0225 5172 C:\Program Files (x86)\AOL Desktop 9.6\coolapi.dll - ok
13:41:40.0225 5172 [ 84DDD1B289CC09E3FC49B982795ED86D ] C:\Program Files (x86)\AOL Desktop 9.6\idleproc.dll
13:41:40.0225 5172 C:\Program Files (x86)\AOL Desktop 9.6\idleproc.dll - ok
13:41:40.0225 5172 [ 4D5A0520DEB3D0FF52EEF66FB1997C0A ] C:\Program Files (x86)\AOL Desktop 9.6\tool\htmlview.tol
13:41:40.0225 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\htmlview.tol - ok
13:41:40.0225 5172 [ D03A8F21D624E47169A79023869090FB ] C:\Program Files (x86)\AOL Desktop 9.6\tool\www.tol
13:41:40.0225 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\www.tol - ok
13:41:40.0235 5172 [ 5B46226838D51E27CC27F73E53FEA76E ] C:\Program Files (x86)\AOL Desktop 9.6\tool\lvi.tol
13:41:40.0235 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\lvi.tol - ok
13:41:40.0235 5172 [ 458446E464D969A2CAF307F6093EAC78 ] C:\Program Files (x86)\AOL Desktop 9.6\tool\session.tol
13:41:40.0235 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\session.tol - ok
13:41:40.0235 5172 [ 5023E9A9DB148882B3DE8539B8C67B0F ] C:\Program Files (x86)\AOL Desktop 9.6\tool\talk.tol
13:41:40.0235 5172 C:\Program Files (x86)\AOL Desktop 9.6\tool\talk.tol - ok
13:41:40.0245 5172 [ A3F51E726D98510C0A9B3D9F92D0686A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll
13:41:40.0245 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll - ok
13:41:40.0245 5172 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
13:41:40.0245 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
13:41:40.0245 5172 [ 050E000D89D4FB750B124380020674E9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll
13:41:40.0245 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll - ok
13:41:40.0245 5172 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
13:41:40.0245 5172 C:\Windows\SysWOW64\AudioSes.dll - ok
13:41:40.0255 5172 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
13:41:40.0255 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
13:41:40.0255 5172 [ E05AE1168E3F716797E1AAAF11BA134B ] C:\Windows\temp\UDD8B7.tmp
13:41:40.0255 5172 C:\Windows\temp\UDD8B7.tmp - ok
13:41:40.0255 5172 [ A5D805752FBE16D6AB6E5F52CB01563D ] C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
13:41:40.0255 5172 C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll - ok
13:41:40.0265 5172 [ 456D4D2759AE9F84C5290749F1E77115 ] C:\Program Files (x86)\Dell DataSafe Online\OlbEng.dll
13:41:40.0265 5172 C:\Program Files (x86)\Dell DataSafe Online\OlbEng.dll - ok
13:41:40.0265 5172 [ B2A31DFEEEA314104B16EA238FF24E26 ] C:\Program Files (x86)\Dell DataSafe Online\BuEng.dll
13:41:40.0265 5172 C:\Program Files (x86)\Dell DataSafe Online\BuEng.dll - ok
13:41:40.0265 5172 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
13:41:40.0265 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
13:41:40.0275 5172 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
13:41:40.0275 5172 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
13:41:40.0275 5172 [ 64DEC20C088832E46DEF5B5A5B28E028 ] C:\Windows\System32\atipdl64.dll
13:41:40.0275 5172 C:\Windows\System32\atipdl64.dll - ok
13:41:40.0275 5172 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
13:41:40.0275 5172 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
13:41:40.0275 5172 [ E05AE1168E3F716797E1AAAF11BA134B ] C:\Windows\System32\drivers\ATWPKT264.SYS
13:41:40.0275 5172 C:\Windows\System32\drivers\ATWPKT264.SYS - ok
13:41:40.0285 5172 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
13:41:40.0285 5172 C:\Windows\SysWOW64\security.dll - ok
13:41:40.0285 5172 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
13:41:40.0285 5172 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
13:41:40.0285 5172 [ 51D2F66C0C55419CA4A797C8D1B0AD8D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
13:41:40.0285 5172 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll - ok
13:41:40.0285 5172 [ 5F41266A590682F2F831884D007DAC30 ] C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
13:41:40.0285 5172 C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll - ok
13:41:40.0295 5172 [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx
13:41:40.0295 5172 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
13:41:40.0295 5172 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
13:41:40.0295 5172 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
13:41:40.0295 5172 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
13:41:40.0295 5172 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
13:41:40.0305 5172 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
13:41:40.0305 5172 C:\Windows\System32\wmi.dll - ok
13:41:40.0305 5172 [ 7AD238B3DD17DFB49DDA4684EDE95CA7 ] C:\Program Files (x86)\Dell DataSafe Online\DataSafeUpdater.exe
13:41:40.0305 5172 C:\Program Files (x86)\Dell DataSafe Online\DataSafeUpdater.exe - ok
13:41:40.0305 5172 [ F68913B6DEDA7F61C02A58001BD1B942 ] C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll
13:41:40.0305 5172 C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll - ok
13:41:40.0305 5172 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
13:41:40.0305 5172 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
13:41:40.0315 5172 [ 0E9F26FA32CF32BA5312D334372CF7DA ] C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll
13:41:40.0315 5172 C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll - ok
13:41:40.0315 5172 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
13:41:40.0315 5172 C:\Windows\SysWOW64\mscms.dll - ok
13:41:40.0315 5172 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
13:41:40.0315 5172 C:\Windows\System32\d3d9.dll - ok
13:41:40.0325 5172 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
13:41:40.0325 5172 C:\Windows\System32\d3d8thk.dll - ok
13:41:40.0325 5172 [ 95438D931BC4F3D7EB8EF9A0B51DFC8E ] C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\bfts\ver3_1_11_1\bfts.dll
13:41:40.0325 5172 C:\Program Files (x86)\Common Files\aol\1257817697\ee\services\bfts\ver3_1_11_1\bfts.dll - ok
13:41:40.0325 5172 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
13:41:40.0325 5172 C:\Windows\SysWOW64\dxtrans.dll - ok
13:41:40.0325 5172 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
13:41:40.0325 5172 C:\Windows\SysWOW64\ddrawex.dll - ok
13:41:40.0335 5172 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
13:41:40.0335 5172 C:\Windows\SysWOW64\ddraw.dll - ok
13:41:40.0335 5172 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
13:41:40.0335 5172 C:\Windows\SysWOW64\dciman32.dll - ok
13:41:40.0335 5172 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll
13:41:40.0335 5172 C:\Windows\SysWOW64\dxtmsft.dll - ok
13:41:40.0345 5172 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
13:41:40.0345 5172 C:\Windows\SysWOW64\wdmaud.drv - ok
13:41:40.0345 5172 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
13:41:40.0345 5172 C:\Windows\SysWOW64\msacm32.drv - ok
13:41:40.0345 5172 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
13:41:40.0345 5172 C:\Windows\SysWOW64\midimap.dll - ok
13:41:40.0345 5172 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:41:40.0345 5172 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
13:41:40.0355 5172 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
13:41:40.0355 5172 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
13:41:40.0355 5172 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:41:40.0355 5172 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
13:41:40.0355 5172 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
13:41:40.0355 5172 C:\Windows\System32\msvcr100_clr0400.dll - ok
13:41:40.0365 5172 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
13:41:40.0365 5172 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
13:41:40.0365 5172 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
13:41:40.0365 5172 C:\Windows\System32\sppsvc.exe - ok
13:41:40.0365 5172 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\SysWOW64\imgutil.dll
13:41:40.0365 5172 C:\Windows\SysWOW64\imgutil.dll - ok
13:41:40.0365 5172 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\SysWOW64\AtBroker.exe
13:41:40.0365 5172 C:\Windows\SysWOW64\AtBroker.exe - ok
13:41:40.0375 5172 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
13:41:40.0375 5172 C:\Windows\System32\drivers\spsys.sys - ok
13:41:40.0375 5172 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
13:41:40.0375 5172 C:\Windows\System32\wscsvc.dll - ok
13:41:40.0375 5172 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
13:41:40.0375 5172 C:\Windows\System32\wuapi.dll - ok
13:41:40.0375 5172 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
13:41:40.0375 5172 C:\Windows\System32\wuaueng.dll - ok
13:41:40.0385 5172 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
13:41:40.0385 5172 C:\Windows\System32\cabinet.dll - ok
13:41:40.0385 5172 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
13:41:40.0385 5172 C:\Windows\System32\wups.dll - ok
13:41:40.0385 5172 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
13:41:40.0385 5172 C:\Windows\System32\mspatcha.dll - ok
13:41:40.0395 5172 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
13:41:40.0395 5172 C:\Windows\SysWOW64\wscisvif.dll - ok
13:41:40.0395 5172 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
13:41:40.0395 5172 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
13:41:40.0395 5172 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
13:41:40.0395 5172 C:\Windows\System32\sppwinob.dll - ok
13:41:40.0395 5172 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
13:41:40.0395 5172 C:\Windows\System32\wscinterop.dll - ok
13:41:40.0405 5172 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
13:41:40.0405 5172 C:\Windows\System32\wscapi.dll - ok
13:41:40.0405 5172 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
13:41:40.0405 5172 C:\Windows\System32\wscui.cpl - ok
13:41:40.0405 5172 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
13:41:40.0405 5172 C:\Windows\System32\werconcpl.dll - ok
13:41:40.0405 5172 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
13:41:40.0405 5172 C:\Windows\System32\sppobjs.dll - ok
13:41:40.0415 5172 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
13:41:40.0415 5172 C:\Windows\System32\wercplsupport.dll - ok
13:41:40.0415 5172 [ C9A2D460FD5E409C9320B4CE68A81549 ] C:\Windows\SysWOW64\vbscript.dll
13:41:40.0415 5172 C:\Windows\SysWOW64\vbscript.dll - ok
13:41:40.0415 5172 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
13:41:40.0415 5172 C:\Windows\System32\hcproviders.dll - ok
13:41:40.0425 5172 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
13:41:40.0425 5172 C:\Windows\SysWOW64\wmp.dll - ok
13:41:40.0425 5172 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
13:41:40.0425 5172 C:\Windows\System32\wups2.dll - ok
13:41:40.0425 5172 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
13:41:40.0425 5172 C:\Windows\SysWOW64\wmploc.DLL - ok
13:41:40.0425 5172 [ 84F74D73185DB975CD9B8A022D0FB807 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\OFCommon.dll
13:41:40.0425 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\OFCommon.dll - ok
13:41:40.0435 5172 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
13:41:40.0435 5172 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
13:41:40.0435 5172 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
13:41:40.0435 5172 C:\Windows\System32\wbem\wmipcima.dll - ok
13:41:40.0435 5172 [ 3163B59E1C568C8C6EACA1EAB06FA851 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll
13:41:40.0435 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll - ok
13:41:40.0435 5172 [ 126B75D50756FE204283D418AE1A66DF ] C:\Windows\SysWOW64\msvcirt.dll
13:41:40.0435 5172 C:\Windows\SysWOW64\msvcirt.dll - ok
13:41:40.0445 5172 [ 153A74D7361FDF58FEE6710C067D6C84 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\ComponentMgr.dll
13:41:40.0445 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\ComponentMgr.dll - ok
13:41:40.0445 5172 [ F68440A921D0F5A3B4979D78EA735BB8 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\SceneComponent.dll
13:41:40.0445 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\SceneComponent.dll - ok
13:41:40.0445 5172 [ 930D959F612AA545DEF48CA94616E5D8 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\AOLUserShell.dll
13:41:40.0445 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\AOLUserShell.dll - ok
13:41:40.0455 5172 [ 3BADDC0379DC2E57F654E900F403D5AE ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\SreeDMMX.dll
13:41:40.0455 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\SreeDMMX.dll - ok
13:41:40.0455 5172 [ 5331DC9D1C88840326F68C2C531A82A7 ] C:\Users\Owner\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
13:41:40.0455 5172 C:\Users\Owner\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe - ok
13:41:40.0455 5172 [ 20085B5B8BC179425ED29DCE0C5DD6DD ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\SWFView.dll
13:41:40.0455 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\SWFView.dll - ok
13:41:40.0465 5172 [ F3AF459CFBE6335FD23D140C924449FA ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\ZoomView.dll
13:41:40.0465 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\ZoomView.dll - ok
13:41:40.0465 5172 [ F4A2D162C1E19CA87BC9AB5308E2E8E7 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\WaveletReader.dll
13:41:40.0465 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\WaveletReader.dll - ok
13:41:40.0465 5172 [ 83E69BF3F25B6509DF49FBD820507466 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPVideo.dll
13:41:40.0465 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPVideo.dll - ok
13:41:40.0475 5172 [ 32CA45AED04E3A4A6AA1C623EB4157F9 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPSpeech.dll
13:41:40.0475 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPSpeech.dll - ok
13:41:40.0475 5172 [ B9AC778ACEE6414AEA36EA6B425B6951 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPExtras.dll
13:41:40.0475 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPExtras.dll - ok
13:41:40.0475 5172 [ A024FE1D90C21AE895521D3860BF334A ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPAudio.dll
13:41:40.0475 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VMPAudio.dll - ok
13:41:40.0485 5172 [ A770F0546F95E5142AC2241E497FBCE5 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VectorView.dll
13:41:40.0485 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\VectorView.dll - ok
13:41:40.0485 5172 [ BF7BFE2B5D96974F7EFFC890012965D3 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\ServiceComponent.dll
13:41:40.0485 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\ServiceComponent.dll - ok
13:41:40.0485 5172 [ 6E707DED0E2586B1886E10D362612F86 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\ObjectMovie.dll
13:41:40.0485 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\ObjectMovie.dll - ok
13:41:40.0485 5172 [ 6B7C7DDAB8A282FDBBA346AFB2BFBA57 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\Mts3Reader.dll
13:41:40.0485 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\Mts3Reader.dll - ok
13:41:40.0495 5172 [ A14C502E125CDE756E6671FA5E43ECC2 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\LensFlares.dll
13:41:40.0495 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\LensFlares.dll - ok
13:41:40.0495 5172 [ CC0AA68B854AFAB3BBF64DF5A8FD7CDC ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\JpegReader.dll
13:41:40.0495 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\JpegReader.dll - ok
13:41:40.0495 5172 [ 57E1FEDFB88E7D8078EA066878218B06 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\GifReader.dll
13:41:40.0495 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\GifReader.dll - ok
13:41:40.0505 5172 [ 6206A059E927D91FBE6E58DA741B8CC9 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\DataTracking.dll
13:41:40.0505 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\DataTracking.dll - ok
13:41:40.0505 5172 [ 2019856C43381CE76FB7B5BB5C74657B ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\Cursors.dll
13:41:40.0505 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\Cursors.dll - ok
13:41:40.0505 5172 [ 469CD270E5420D2196DABEDD69790422 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\AOLShell.dll
13:41:40.0505 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\AOLShell.dll - ok
13:41:40.0515 5172 [ 9BAD0326F7910021287536FD10F18593 ] C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\AOLArt.dll
13:41:40.0515 5172 C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\Components\AOLArt.dll - ok
13:41:40.0515 5172 [ BBB92EFC61A2D867EB21CE24FC1BB5CA ] C:\Windows\SysWOW64\jgpl400.dll
13:41:40.0515 5172 C:\Windows\SysWOW64\jgpl400.dll - ok
13:41:40.0515 5172 [ 07F5D42EA81FC1A8A2F59D5104714546 ] C:\Windows\SysWOW64\jgdw400.dll
13:41:40.0515 5172 C:\Windows\SysWOW64\jgdw400.dll - ok
13:41:40.0515 5172 [ B458EB36499704E09EEA90A92C73A0A0 ] C:\Windows\SysWOW64\msvcrt20.dll
13:41:40.0515 5172 C:\Windows\SysWOW64\msvcrt20.dll - ok
13:41:40.0525 5172 [ 235D42833F2F89083FA70B9787899846 ] C:\Users\Owner\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
13:41:40.0525 5172 C:\Users\Owner\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe - ok
13:41:40.0525 5172 [ 168E359AAFB8C1EE6C19FA377E6CFA84 ] C:\Program Files (x86)\AOL Desktop 9.6\shellmon.exe
13:41:40.0525 5172 C:\Program Files (x86)\AOL Desktop 9.6\shellmon.exe - ok
13:41:40.0525 5172 [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
13:41:40.0525 5172 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
13:41:40.0535 5172 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
13:41:40.0535 5172 C:\Windows\SysWOW64\msxml6.dll - ok
13:41:40.0535 5172 [ 3420D325EE810E0D0495EA47A64603ED ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe
13:41:40.0535 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe - ok
13:41:40.0535 5172 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
13:41:40.0535 5172 C:\Windows\System32\NaturalLanguage6.dll - ok
13:41:40.0535 5172 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
13:41:40.0535 5172 C:\Windows\System32\NlsData0009.dll - ok
13:41:40.0545 5172 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
13:41:40.0545 5172 C:\Windows\System32\NlsLexicons0009.dll - ok
13:41:40.0545 5172 [ EDB26DC6AA9801CFAD0FCDA6A8BE2122 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTooltips.exe
13:41:40.0545 5172 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTooltips.exe - ok
13:41:40.0545 5172 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
13:41:40.0545 5172 C:\Windows\System32\mssph.dll - ok
13:41:40.0545 5172 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
13:41:40.0545 5172 C:\Windows\System32\mapi32.dll - ok
13:41:40.0555 5172 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
13:41:40.0555 5172 C:\Windows\System32\ELSCore.dll - ok
13:41:40.0555 5172 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
13:41:40.0555 5172 C:\Windows\System32\elsTrans.dll - ok
13:41:40.0555 5172 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
13:41:40.0555 5172 C:\Windows\System32\elslad.dll - ok
13:41:40.0565 5172 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
13:41:40.0565 5172 C:\Windows\System32\NlsData0000.dll - ok
13:41:40.0565 5172 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
13:41:40.0565 5172 C:\Windows\System32\wbem\WMIADAP.exe - ok
13:41:40.0565 5172 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
13:41:40.0565 5172 C:\Windows\System32\loadperf.dll - ok
13:41:40.0565 5172 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
13:41:40.0565 5172 C:\Windows\System32\security.dll - ok
13:41:40.0575 5172 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
13:41:40.0575 5172 C:\Windows\System32\schedcli.dll - ok
13:41:40.0575 5172 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
13:41:40.0575 5172 C:\Windows\System32\slwga.dll - ok
13:41:40.0575 5172 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
13:41:40.0575 5172 C:\Windows\System32\sppc.dll - ok
13:41:40.0575 5172 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
13:41:40.0575 5172 C:\Windows\System32\advpack.dll - ok
13:41:40.0585 5172 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
13:41:40.0585 5172 C:\Windows\servicing\TrustedInstaller.exe - ok
13:41:40.0585 5172 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
13:41:40.0585 5172 C:\Windows\System32\wdscore.dll - ok
13:41:40.0585 5172 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
13:41:40.0585 5172 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
13:41:40.0595 5172 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
13:41:40.0595 5172 C:\Windows\System32\dpx.dll - ok
13:41:40.0595 5172 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
13:41:40.0595 5172 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
13:41:40.0595 5172 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
13:41:40.0595 5172 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
13:41:40.0595 5172 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
13:41:40.0595 5172 C:\Windows\System32\spp.dll - ok
13:41:40.0605 5172 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
13:41:40.0605 5172 C:\Windows\System32\srclient.dll - ok
13:41:40.0605 5172 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
13:41:40.0605 5172 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
13:41:40.0605 5172 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
13:41:40.0605 5172 C:\Windows\System32\sxsstore.dll - ok
13:41:40.0615 5172 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
13:41:40.0615 5172 C:\Windows\System32\sqmapi.dll - ok
13:41:40.0615 5172 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
13:41:40.0615 5172 C:\Windows\servicing\CbsApi.dll - ok
13:41:40.0615 5172 [ CDEBD55FFBDA3889AA2A8CE52B9DC097 ] C:\Windows\System32\sdclt.exe
13:41:40.0615 5172 C:\Windows\System32\sdclt.exe - ok
13:41:40.0615 5172 [ 8CE1C165396F2453012B3E23ADD9DF76 ] C:\Windows\System32\ReAgent.dll
13:41:40.0615 5172 C:\Windows\System32\ReAgent.dll - ok
13:41:40.0625 5172 [ 11C405A2DCF38E098316FD904A4FB662 ] C:\Windows\System32\sdengin2.dll
13:41:40.0625 5172 C:\Windows\System32\sdengin2.dll - ok
13:41:40.0625 5172 [ 3977E4863FBA44B07B278A115074544A ] C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll
13:41:40.0625 5172 C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll - ok
13:41:40.0625 5172 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
13:41:40.0625 5172 C:\Windows\System32\sdrsvc.dll - ok
13:41:40.0625 5172 [ E7FBBF3193E248EE05CBC9562810C44A ] C:\Windows\System32\sxshared.dll
13:41:40.0625 5172 C:\Windows\System32\sxshared.dll - ok
13:41:40.0635 5172 [ 55BA6C87FFB2C478E1C9351FA631CC1A ] C:\Windows\System32\sxproxy.dll
13:41:40.0635 5172 C:\Windows\System32\sxproxy.dll - ok
13:41:40.0635 5172 ============================================================
13:41:40.0635 5172 Scan finished
13:41:40.0635 5172 ============================================================
13:41:40.0695 4452 Detected object count: 5
13:41:40.0695 4452 Actual detected object count: 5
13:42:03.0706 4452 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:03.0706 4452 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:03.0706 4452 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:03.0706 4452 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:03.0706 4452 tvnserver ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:03.0706 4452 tvnserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:06.0966 4452 \Device\Harddisk0\DR0\# - copied to quarantine
13:42:06.0996 4452 \Device\Harddisk0\DR0 - copied to quarantine
13:42:07.0156 4452 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
13:42:07.0166 4452 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
13:42:07.0186 4452 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:42:07.0226 4452 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:42:07.0226 4452 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
13:42:07.0226 4452 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
13:42:07.0226 4452 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
13:42:07.0226 4452 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:42:07.0236 4452 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:42:07.0236 4452 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
13:42:07.0236 4452 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
13:42:07.0236 4452 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
13:42:07.0266 4452 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
13:42:07.0266 4452 \Device\Harddisk0\DR0 - ok
13:42:07.0346 4452 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
13:42:07.0346 4452 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:42:07.0346 4452 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:42:25.0137 3952 Deinitialize success
 



#8 zoddie

zoddie
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 14 March 2013 - 01:11 PM

Here is the fixlog.txt --

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-03-2013 01
Ran by SYSTEM at 2013-03-14 13:58:47 Run:1
Running from K:\

==============================================

HKEY_LOCAL_MACHINE\software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll Value deleted successfully.
HKEY_USERS\Owner\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect Value deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe moved successfully.
C:\Windows\PFRO.log not found.
C:\Users\Owner\AppData\Local\PWF moved successfully.
C:\Windows\svchost.exe moved successfully.

An error occurred while attempting to delete the specified data element.
Element not found.
The operation completed successfully.

==== End of Fixlog ====



#9 zoddie

zoddie
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 14 March 2013 - 02:30 PM

We tried to run RogueKiller.  It runs, but gets stuck at "Searching in startup folders."  It does find 4 suspicious items, but it has been at the same spot for over an hour.



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:31 AM

Posted 15 March 2013 - 10:33 PM

Hello,

 

Please run TDSSKILLER  again and select delete for these items.

13:42:07.0346 4452 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:42:07.0346 4452 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

 

Please try and run Roguekiller in safemode


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:31 AM

Posted 23 March 2013 - 01:12 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users