Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Member
    Join Date
    Mar 2007
    Location
    Butler, PA
    Posts
    102
    Points
    0

    Default Can't get online to do the downloads

    This computer is running windows 7 and when you try to go online it opens so many instances of IE the machine slows down and dies. I pulled the hard drive and ran Malwarebytes on another computer. I deleted Trojan.fakealert.ed and Trojan.malpackgen. I also disabled System Restore. What else can I do? It still wont let me online to run the programs you want run so I can post.

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Do you have a USB Flash Drive you can use?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member
    Join Date
    Mar 2007
    Location
    Butler, PA
    Posts
    102
    Points
    0

    Default

    Yes, I have a flash drive and know how to use it. Should I use it do D/L the programs on a working computer and transfer them to the one that is defective? One question if that is what you want me to do. How do I get the updates to the program installed?

    Thanks for your comeback.

  4. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.


    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.


    On the System Recovery Options menu you will get the following options:
    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #5
    Member
    Join Date
    Mar 2007
    Location
    Butler, PA
    Posts
    102
    Points
    0

    Default

    FRST.txt log as you requested.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-07-2013
    Ran by SYSTEM on 24-07-2013 21:42:42
    Running from F:\
    Windows 7 Professional (X86) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Recovery

    The current controlset is ControlSet001
    ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
    HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4408368 2013-04-28] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2567272 2011-07-19] (CANON INC.)
    HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
    HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
    HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-06-30] (RealNetworks, Inc.)
    HKU\Al\...\Run: [WebCake Desktop] - "C:\Users\Al\AppData\Roaming\WebCake\WebCakeDesktop.exe" [ 2013-06-20] (WebCake LLC)
    HKU\Al\...\Run: [Browser Infrastructure Helper] - C:\Users\Al\AppData\Local\Smartbar\Application\QuickShare.exe startup [ 2013-06-17] (Smartbar)

    ========================== Services (Whitelisted) =================

    S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-13] (AVG Technologies CZ, s.r.o.)
    S2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
    S2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
    S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-15] ()
    S2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-05-16] ()
    S2 WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
    S2 WebCake Desktop Updater; C:\Users\Al\AppData\Roaming\WebCake\WebCakeDesktop.exe [47896 2013-06-20] (WebCake LLC)

    ==================== Drivers (Whitelisted) ====================

    S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-03-28] (AVG Technologies CZ, s.r.o.)
    S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-02-08] (AVG Technologies CZ, s.r.o.)
    S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
    S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [170808 2013-02-08] (AVG Technologies CZ, s.r.o.)
    S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [245048 2013-02-08] (AVG Technologies CZ, s.r.o.)
    S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-02-08] (AVG Technologies CZ, s.r.o.)
    S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-02-08] (AVG Technologies CZ, s.r.o.)
    S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-20] (AVG Technologies CZ, s.r.o.)

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-07-24 21:42 - 2013-07-24 21:42 - 00000000 ____D C:\FRST
    2013-07-24 17:32 - 2013-07-24 17:28 - 01220306 _____ (Farbar) C:\FRST.exe
    2013-07-24 17:30 - 2013-07-24 17:30 - 00000000 ____D C:\Windows\LastGood
    2013-07-21 13:59 - 2013-07-21 13:59 - 00000111 _____ C:\Users\Al\Desktop\New Internet Shortcut.url
    2013-07-12 07:19 - 2013-07-12 07:19 - 00000000 ____D C:\Users\Al\Documents\New folder (5)
    2013-07-12 05:54 - 2013-07-12 05:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
    2013-07-12 05:54 - 2013-07-12 05:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
    2013-07-11 18:10 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-07-11 18:10 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-07-11 18:10 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-07-11 18:10 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-07-11 18:10 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-07-11 18:10 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-07-11 18:10 - 2013-06-11 15:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-07-11 18:10 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-07-11 18:10 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-07-11 18:10 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-07-11 18:10 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-07-11 18:10 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-07-11 18:10 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-07-11 18:10 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-07-11 18:10 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-07-11 18:10 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-07-11 10:35 - 2013-06-04 19:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-07-11 10:35 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
    2013-07-11 10:35 - 2013-05-05 20:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
    2013-07-11 10:35 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
    2013-07-08 05:05 - 2013-07-08 05:05 - 00000000 ____D C:\Users\Al\Documents\New folder (4)
    2013-07-07 10:33 - 2013-07-07 10:33 - 00000000 ____D C:\Users\Al\AppData\Roaming\Macromedia
    2013-07-07 10:32 - 2013-07-07 10:32 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-07-07 10:32 - 2013-07-07 10:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2013-07-07 10:32 - 2013-07-07 10:32 - 00000000 ____D C:\Windows\System32\Macromed
    2013-07-07 09:54 - 2013-07-07 09:54 - 00000000 ____D C:\Users\Al\Documents\New folder (3)
    2013-07-07 06:10 - 2013-07-07 06:10 - 00000000 ____D C:\Users\Al\Documents\New folder (2)
    2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Users\Al\Documents\New folder
    2013-06-30 06:41 - 2013-06-30 06:41 - 00000000 ____D C:\Users\Al\SyncFolder
    2013-06-30 06:03 - 2013-06-30 06:03 - 00000000 ____D C:\Users\Al\AppData\Roaming\RealNetworks
    2013-06-30 06:02 - 2013-06-30 06:02 - 00272896 _____ (Progressive Networks) C:\Windows\System32\pncrt.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\System32\rmoc3260.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\System32\pndx5016.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\System32\pndx5032.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00000000 ____D C:\ProgramData\RealNetworks
    2013-06-30 06:02 - 2013-06-30 06:02 - 00000000 ____D C:\Program Files\RealNetworks
    2013-06-30 06:02 - 2013-06-30 06:02 - 00000000 ____D C:\Program Files\Common Files\xing shared
    2013-06-30 06:01 - 2013-06-30 06:03 - 00000000 ____D C:\Users\Al\AppData\Roaming\Real
    2013-06-30 06:01 - 2013-06-30 06:02 - 00000000 ____D C:\Program Files\Real
    2013-06-30 06:01 - 2013-06-30 06:01 - 00499712 _____ (Microsoft Corporation) C:\Windows\System32\msvcp71.dll
    2013-06-30 06:01 - 2013-06-30 06:01 - 00348160 _____ (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
    2013-06-30 06:00 - 2013-06-30 06:04 - 00000000 ____D C:\ProgramData\Real
    2013-06-30 05:59 - 2013-07-07 07:00 - 00000000 ____D C:\Program Files\Updater By SweetPacks
    2013-06-30 05:59 - 2013-06-30 05:59 - 00000000 ____D C:\Program Files\SweetIM
    2013-06-30 05:58 - 2013-07-21 13:46 - 00000000 ____D C:\Program Files\MyPC Backup
    2013-06-30 05:58 - 2013-02-04 23:25 - 00632656 _____ (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
    2013-06-30 05:58 - 2013-02-04 23:25 - 00554832 _____ (Microsoft Corporation) C:\Windows\System32\msvcp80.dll
    2013-06-30 05:58 - 2013-02-04 23:25 - 00479232 _____ (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
    2013-06-30 05:58 - 2013-02-04 23:25 - 00001870 _____ C:\Windows\System32\Microsoft.VC80.CRT.manifest
    2013-06-30 05:57 - 2013-07-08 16:57 - 00000000 _____ C:\END
    2013-06-30 05:57 - 2013-07-07 07:00 - 00000000 ____D C:\Program Files\Wajam
    2013-06-30 05:57 - 2013-06-30 05:59 - 00000000 ____D C:\Users\Al\AppData\Local\Smartbar
    2013-06-30 05:57 - 2013-06-30 05:58 - 06237746 _____ C:\Users\Al\Downloads\jp2setup.exe
    2013-06-30 05:56 - 2013-07-20 12:26 - 00000000 ____D C:\ProgramData\WeCareReminder
    2013-06-30 05:56 - 2013-07-07 06:59 - 00000000 ____D C:\Users\Al\AppData\Local\TopArcadeHits
    2013-06-30 05:56 - 2013-06-30 05:56 - 00033958 _____ C:\ProgramData\uninstaller.exe
    2013-06-30 05:56 - 2013-06-30 05:56 - 00000000 ____D C:\Users\Al\AppData\Roaming\Mozilla
    2013-06-27 17:08 - 2013-06-27 17:08 - 00000000 ____D C:\ProgramData\Sun
    2013-06-27 17:08 - 2013-06-27 17:08 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-06-27 17:08 - 2013-06-27 17:07 - 00867240 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
    2013-06-27 17:08 - 2013-06-27 17:07 - 00789416 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
    2013-06-27 17:08 - 2013-06-27 17:07 - 00263592 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-06-27 17:08 - 2013-06-27 17:07 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-06-27 17:08 - 2013-06-27 17:07 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
    2013-06-27 17:08 - 2013-06-27 17:07 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-06-27 17:07 - 2013-06-27 17:07 - 00000000 ____D C:\Program Files\Java
    2013-06-27 17:06 - 2013-06-27 17:06 - 00000000 ____D C:\ProgramData\McAfee
    2013-06-27 10:31 - 2013-07-07 07:00 - 00000000 ___HD C:\ProgramData\CanonIJEGV
    2013-06-25 13:17 - 2013-06-25 13:17 - 00587624 _____ C:\Users\Al\Downloads\jigsawpuzzle-setup.exe
    2013-06-24 18:41 - 2013-06-24 18:41 - 04325376 _____ C:\ProgramData\ReadOnlyInstaller.msi
    2013-06-24 17:13 - 2013-06-24 17:13 - 00000682 _____ C:\Users\Al\Desktop\Libraries - Shortcut (2).lnk
    2013-06-24 17:11 - 2013-06-24 17:11 - 00000682 _____ C:\Users\Al\Desktop\Libraries - Shortcut.lnk
    2013-06-24 17:10 - 2013-06-24 17:10 - 00001061 _____ C:\Users\Al\Desktop\Documents - Shortcut.lnk
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonEPP
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ____D C:\Users\Al\AppData\Roaming\Canon
    2013-06-24 16:15 - 2013-06-24 16:15 - 00000000 ___HD C:\ProgramData\CanonIJFAX
    2013-06-24 16:11 - 2013-06-24 16:11 - 00002025 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
    2013-06-24 16:11 - 2013-06-24 16:11 - 00000000 ____D C:\ProgramData\CanonIJWSpt
    2013-06-24 16:11 - 2013-06-24 16:11 - 00000000 ____D C:\Program Files\Common Files\CANON
    2013-06-24 16:09 - 2013-06-24 16:09 - 00002304 _____ C:\Users\Public\Desktop\Canon MX430 series On-screen Manual.lnk
    2013-06-24 16:08 - 2013-07-07 06:59 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
    2013-06-24 16:08 - 2013-06-24 16:08 - 00000000 ___HD C:\ProgramData\CanonBJ
    2013-06-24 16:07 - 2013-07-07 06:59 - 00000000 ____D C:\Windows\System32\STRING
    2013-06-24 16:07 - 2013-06-24 16:07 - 00000000 ___HD C:\Program Files\CanonBJ
    2013-06-24 16:07 - 2011-11-03 01:00 - 00311296 _____ (CANON INC.) C:\Windows\System32\CNMLMB1.DLL
    2013-06-24 16:07 - 2011-10-14 07:57 - 00102912 _____ (CANON INC.) C:\Windows\System32\CNC_B1U.dll
    2013-06-24 16:07 - 2011-10-14 07:55 - 00272896 _____ (CANON INC.) C:\Windows\System32\CNC_B1C.dll
    2013-06-24 16:07 - 2011-10-14 07:54 - 00098304 _____ (CANON INC.) C:\Windows\System32\CNC_B1I.dll
    2013-06-24 16:07 - 2011-09-29 01:22 - 00184832 _____ (CANON INC.) C:\Windows\System32\CNMIUB1.DLL
    2013-06-24 16:07 - 2011-09-22 04:57 - 00316416 _____ (CANON INC.) C:\Windows\System32\CNC_B1L.dll
    2013-06-24 16:07 - 2011-09-21 01:00 - 00257536 _____ (CANON INC.) C:\Windows\System32\CNCALB1.DLL
    2013-06-24 16:07 - 2011-08-16 00:30 - 00035840 _____ (CANON INC.) C:\Windows\System32\CNMNPUI.DLL
    2013-06-24 16:07 - 2011-06-30 09:52 - 00065280 _____ C:\Windows\System32\CNC175BD.TBL
    2013-06-24 16:07 - 2011-05-27 08:19 - 00088064 _____ (Canon Inc.) C:\Windows\System32\CNC_B1O.dll
    2013-06-24 16:07 - 2008-08-25 14:02 - 00015872 _____ (CANON INC.) C:\Windows\System32\CNHMCA.dll
    2013-06-24 16:06 - 2013-07-07 07:00 - 00000000 ___HD C:\ProgramData\CanonIJETV
    2013-06-24 16:06 - 2013-07-03 15:32 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2013-06-24 16:06 - 2013-06-24 16:12 - 00000000 ____D C:\Program Files\Canon
    2013-06-24 15:13 - 2013-06-24 15:13 - 00001404 _____ C:\Users\Al\Desktop\Windows Live Mail.lnk
    2013-06-24 15:10 - 2013-06-25 08:34 - 00000000 ____D C:\Users\Al\AppData\Local\Windows Live Writer
    2013-06-24 15:10 - 2013-06-24 15:10 - 00000000 ____D C:\Users\Al\AppData\Roaming\Windows Live Writer
    2013-06-24 15:08 - 2013-06-24 15:08 - 00000000 ____D C:\Windows\PCHEALTH
    2013-06-24 15:07 - 2013-07-07 07:00 - 00000000 ____D C:\Program Files\Windows Live
    2013-06-24 15:04 - 2013-06-27 04:11 - 00000000 ____D C:\Users\Al\AppData\Local\Windows Live
    2013-06-24 15:04 - 2013-06-24 15:04 - 01239536 _____ (Microsoft Corporation) C:\Users\Al\Downloads\wlsetup-web.exe
    2013-06-24 15:04 - 2013-06-24 15:04 - 00000000 ____D C:\Program Files\Common Files\Windows Live
    2013-06-24 15:00 - 2013-07-21 18:03 - 00000000 ____D C:\Users\Al\AppData\Roaming\WebCake
    2013-06-24 15:00 - 2013-07-07 07:00 - 00000000 ____D C:\Program Files\WebCake
    2013-06-24 14:53 - 2013-01-28 14:28 - 00515272 _____ (Ask Partner Network) C:\Users\Al\Documents\APNSetup.exe
    2013-06-24 14:53 - 2012-12-23 12:31 - 00000372 _____ C:\Users\Al\Documents\spider.sav
    2013-06-24 14:53 - 2011-12-17 17:40 - 01081344 _____ C:\Users\Al\Documents\WOT-20110704.msi

    ==================== One Month Modified Files and Folders =======

    2013-07-24 21:42 - 2013-07-24 21:42 - 00000000 ____D C:\FRST
    2013-07-24 17:33 - 2013-06-18 18:15 - 01691229 _____ C:\Windows\WindowsUpdate.log
    2013-07-24 17:33 - 2009-07-13 20:34 - 00015168 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-24 17:33 - 2009-07-13 20:34 - 00015168 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-24 17:31 - 2013-06-18 18:24 - 00726316 _____ C:\Windows\System32\PerfStringBackup.INI
    2013-07-24 17:30 - 2013-07-24 17:30 - 00000000 ____D C:\Windows\LastGood
    2013-07-24 17:30 - 2009-07-13 20:39 - 00031432 _____ C:\Windows\setupact.log
    2013-07-24 17:28 - 2013-07-24 17:32 - 01220306 _____ (Farbar) C:\FRST.exe
    2013-07-24 16:48 - 2013-06-19 17:44 - 00000000 ____D C:\ProgramData\MFAData
    2013-07-21 18:21 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\LogFiles
    2013-07-21 18:04 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2013-07-21 18:03 - 2013-06-24 15:00 - 00000000 ____D C:\Users\Al\AppData\Roaming\WebCake
    2013-07-21 13:59 - 2013-07-21 13:59 - 00000111 _____ C:\Users\Al\Desktop\New Internet Shortcut.url
    2013-07-21 13:59 - 2013-06-18 18:17 - 00000000 ___RD C:\Users\Al\Desktop
    2013-07-21 13:46 - 2013-06-30 05:58 - 00000000 ____D C:\Program Files\MyPC Backup
    2013-07-20 12:26 - 2013-06-30 05:56 - 00000000 ____D C:\ProgramData\WeCareReminder
    2013-07-13 06:20 - 2013-06-21 11:54 - 00012448 _____ C:\Windows\PFRO.log
    2013-07-12 09:09 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
    2013-07-12 07:19 - 2013-07-12 07:19 - 00000000 ____D C:\Users\Al\Documents\New folder (5)
    2013-07-12 05:54 - 2013-07-12 05:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
    2013-07-12 05:54 - 2013-07-12 05:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
    2013-07-12 05:54 - 2013-06-19 17:49 - 00000935 _____ C:\Users\Public\Desktop\AVG 2013.lnk
    2013-07-12 05:54 - 2009-07-13 18:37 - 00000000 __RHD C:\Users\Public\Desktop
    2013-07-12 03:58 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-07-12 03:27 - 2009-07-13 20:33 - 00268128 _____ C:\Windows\System32\FNTCACHE.DAT
    2013-07-12 03:26 - 2009-07-13 23:50 - 00000000 ____D C:\Program Files\Windows Journal
    2013-07-12 03:26 - 2009-07-13 20:52 - 00000000 ____D C:\Program Files\Windows Defender
    2013-07-11 18:07 - 2013-06-19 18:52 - 75699896 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-07-08 16:57 - 2013-06-30 05:57 - 00000000 _____ C:\END
    2013-07-08 05:05 - 2013-07-08 05:05 - 00000000 ____D C:\Users\Al\Documents\New folder (4)
    2013-07-07 10:33 - 2013-07-07 10:33 - 00000000 ____D C:\Users\Al\AppData\Roaming\Macromedia
    2013-07-07 10:32 - 2013-07-07 10:32 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-07-07 10:32 - 2013-07-07 10:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2013-07-07 10:32 - 2013-07-07 10:32 - 00000000 ____D C:\Windows\System32\Macromed
    2013-07-07 09:54 - 2013-07-07 09:54 - 00000000 ____D C:\Users\Al\Documents\New folder (3)
    2013-07-07 07:12 - 2013-06-18 18:17 - 00000000 ____D C:\users\Al
    2013-07-07 07:12 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
    2013-07-07 07:00 - 2013-06-30 05:59 - 00000000 ____D C:\Program Files\Updater By SweetPacks
    2013-07-07 07:00 - 2013-06-30 05:57 - 00000000 ____D C:\Program Files\Wajam
    2013-07-07 07:00 - 2013-06-27 10:31 - 00000000 ___HD C:\ProgramData\CanonIJEGV
    2013-07-07 07:00 - 2013-06-24 16:06 - 00000000 ___HD C:\ProgramData\CanonIJETV
    2013-07-07 07:00 - 2013-06-24 15:07 - 00000000 ____D C:\Program Files\Windows Live
    2013-07-07 07:00 - 2013-06-24 15:00 - 00000000 ____D C:\Program Files\WebCake
    2013-07-07 07:00 - 2012-04-11 17:50 - 00000000 ____D C:\Program Files\Realtek
    2013-07-07 07:00 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2013-07-07 06:59 - 2013-06-30 05:56 - 00000000 ____D C:\Users\Al\AppData\Local\TopArcadeHits
    2013-07-07 06:59 - 2013-06-24 16:08 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
    2013-07-07 06:59 - 2013-06-24 16:07 - 00000000 ____D C:\Windows\System32\STRING
    2013-07-07 06:59 - 2012-04-11 17:50 - 00000000 ____D C:\Windows\System32\RTCOM
    2013-07-07 06:59 - 2009-07-13 23:49 - 00000000 ___RD C:\Users\Public\Recorded TV
    2013-07-07 06:59 - 2009-07-13 18:37 - 00000000 __RSD C:\Windows\Media
    2013-07-07 06:59 - 2009-07-13 18:37 - 00000000 __RHD C:\Users\Public\Libraries
    2013-07-07 06:59 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
    2013-07-07 06:59 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\AppCompat
    2013-07-07 06:10 - 2013-07-07 06:10 - 00000000 ____D C:\Users\Al\Documents\New folder (2)
    2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Users\Al\Documents\New folder
    2013-07-03 15:32 - 2013-06-24 16:06 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2013-06-30 06:41 - 2013-06-30 06:41 - 00000000 ____D C:\Users\Al\SyncFolder
    2013-06-30 06:04 - 2013-06-30 06:00 - 00000000 ____D C:\ProgramData\Real
    2013-06-30 06:03 - 2013-06-30 06:03 - 00000000 ____D C:\Users\Al\AppData\Roaming\RealNetworks
    2013-06-30 06:03 - 2013-06-30 06:01 - 00000000 ____D C:\Users\Al\AppData\Roaming\Real
    2013-06-30 06:02 - 2013-06-30 06:02 - 00272896 _____ (Progressive Networks) C:\Windows\System32\pncrt.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\System32\rmoc3260.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\System32\pndx5016.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\System32\pndx5032.dll
    2013-06-30 06:02 - 2013-06-30 06:02 - 00000000 ____D C:\ProgramData\RealNetworks
    2013-06-30 06:02 - 2013-06-30 06:02 - 00000000 ____D C:\Program Files\RealNetworks
    2013-06-30 06:02 - 2013-06-30 06:02 - 00000000 ____D C:\Program Files\Common Files\xing shared
    2013-06-30 06:02 - 2013-06-30 06:01 - 00000000 ____D C:\Program Files\Real
    2013-06-30 06:01 - 2013-06-30 06:01 - 00499712 _____ (Microsoft Corporation) C:\Windows\System32\msvcp71.dll
    2013-06-30 06:01 - 2013-06-30 06:01 - 00348160 _____ (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
    2013-06-30 05:59 - 2013-06-30 05:59 - 00000000 ____D C:\Program Files\SweetIM
    2013-06-30 05:59 - 2013-06-30 05:57 - 00000000 ____D C:\Users\Al\AppData\Local\Smartbar
    2013-06-30 05:58 - 2013-06-30 05:57 - 06237746 _____ C:\Users\Al\Downloads\jp2setup.exe
    2013-06-30 05:56 - 2013-06-30 05:56 - 00033958 _____ C:\ProgramData\uninstaller.exe
    2013-06-30 05:56 - 2013-06-30 05:56 - 00000000 ____D C:\Users\Al\AppData\Roaming\Mozilla
    2013-06-30 05:52 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Resources
    2013-06-28 08:52 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\LiveKernelReports
    2013-06-27 17:08 - 2013-06-27 17:08 - 00000000 ____D C:\ProgramData\Sun
    2013-06-27 17:08 - 2013-06-27 17:08 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-06-27 17:07 - 2013-06-27 17:08 - 00867240 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
    2013-06-27 17:07 - 2013-06-27 17:08 - 00789416 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
    2013-06-27 17:07 - 2013-06-27 17:08 - 00263592 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-06-27 17:07 - 2013-06-27 17:08 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-06-27 17:07 - 2013-06-27 17:08 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
    2013-06-27 17:07 - 2013-06-27 17:08 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-06-27 17:07 - 2013-06-27 17:07 - 00000000 ____D C:\Program Files\Java
    2013-06-27 17:06 - 2013-06-27 17:06 - 00000000 ____D C:\ProgramData\McAfee
    2013-06-27 04:11 - 2013-06-24 15:04 - 00000000 ____D C:\Users\Al\AppData\Local\Windows Live
    2013-06-25 13:17 - 2013-06-25 13:17 - 00587624 _____ C:\Users\Al\Downloads\jigsawpuzzle-setup.exe
    2013-06-25 08:34 - 2013-06-24 15:10 - 00000000 ____D C:\Users\Al\AppData\Local\Windows Live Writer
    2013-06-24 18:41 - 2013-06-24 18:41 - 04325376 _____ C:\ProgramData\ReadOnlyInstaller.msi
    2013-06-24 17:13 - 2013-06-24 17:13 - 00000682 _____ C:\Users\Al\Desktop\Libraries - Shortcut (2).lnk
    2013-06-24 17:11 - 2013-06-24 17:11 - 00000682 _____ C:\Users\Al\Desktop\Libraries - Shortcut.lnk
    2013-06-24 17:10 - 2013-06-24 17:10 - 00001061 _____ C:\Users\Al\Desktop\Documents - Shortcut.lnk
    2013-06-24 16:54 - 2013-06-18 18:33 - 00000000 ____D C:\ProgramData\Adobe
    2013-06-24 16:53 - 2013-06-21 18:22 - 00000000 ____D C:\Users\Al\AppData\Roaming\Adobe
    2013-06-24 16:53 - 2013-06-18 18:32 - 00000000 ____D C:\Users\Al\AppData\Local\Adobe
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ___HD C:\ProgramData\CanonEPP
    2013-06-24 16:17 - 2013-06-24 16:17 - 00000000 ____D C:\Users\Al\AppData\Roaming\Canon
    2013-06-24 16:15 - 2013-06-24 16:15 - 00000000 ___HD C:\ProgramData\CanonIJFAX
    2013-06-24 16:14 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\twain_32
    2013-06-24 16:12 - 2013-06-24 16:06 - 00000000 ____D C:\Program Files\Canon
    2013-06-24 16:11 - 2013-06-24 16:11 - 00002025 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
    2013-06-24 16:11 - 2013-06-24 16:11 - 00000000 ____D C:\ProgramData\CanonIJWSpt
    2013-06-24 16:11 - 2013-06-24 16:11 - 00000000 ____D C:\Program Files\Common Files\CANON
    2013-06-24 16:09 - 2013-06-24 16:09 - 00002304 _____ C:\Users\Public\Desktop\Canon MX430 series On-screen Manual.lnk
    2013-06-24 16:08 - 2013-06-24 16:08 - 00000000 ___HD C:\ProgramData\CanonBJ
    2013-06-24 16:07 - 2013-06-24 16:07 - 00000000 ___HD C:\Program Files\CanonBJ
    2013-06-24 15:13 - 2013-06-24 15:13 - 00001404 _____ C:\Users\Al\Desktop\Windows Live Mail.lnk
    2013-06-24 15:10 - 2013-06-24 15:10 - 00000000 ____D C:\Users\Al\AppData\Roaming\Windows Live Writer
    2013-06-24 15:08 - 2013-06-24 15:08 - 00000000 ____D C:\Windows\PCHEALTH
    2013-06-24 15:04 - 2013-06-24 15:04 - 01239536 _____ (Microsoft Corporation) C:\Users\Al\Downloads\wlsetup-web.exe
    2013-06-24 15:04 - 2013-06-24 15:04 - 00000000 ____D C:\Program Files\Common Files\Windows Live

    Files to move or delete:
    ====================
    C:\ProgramData\uninstaller.exe

    ==================== Known DLLs (Whitelisted) ============


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================


    ==================== Memory info ===========================

    Percentage of memory in use: 30%
    Total physical RAM: 1638.55 MB
    Available physical RAM: 1145.82 MB
    Total Pagefile: 1638.55 MB
    Available Pagefile: 1149.43 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1926.81 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:465.66 GB) (Free:449.39 GB) NTFS
    Drive f: (TRAVELDRIVE) (Removable) (Total:0.96 GB) (Free:0.7 GB) FAT
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BDD34E03)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 984 MB) (Disk ID: 420E79CD)
    Partition 1: (Active) - (Size=984 MB) - (Type=0E)


    LastRegBack: 2013-07-24 17:29

    ==================== End Of Log ============================

  6. #6
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

    Code:
    HKU\Al\...\Run: [WebCake Desktop] - "C:\Users\Al\AppData\Roaming\WebCake\WebCakeDesktop.exe" [ 2013-06-20] (WebCake LLC)
    HKU\Al\...\Run: [Browser Infrastructure Helper] - C:\Users\Al\AppData\Local\Smartbar\Application\QuickShare.exe startup [ 2013-06-17] (Smartbar)
    S2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-05-16] ()
    S2 WebCake Desktop Updater; C:\Users\Al\AppData\Roaming\WebCake\WebCakeDesktop.exe [47896 2013-06-20] (WebCake LLC)
    2013-06-30 05:59 - 2013-07-07 07:00 - 00000000 ____D C:\Program Files\Updater By SweetPacks
    2013-06-30 05:57 - 2013-06-30 05:59 - 00000000 ____D C:\Users\Al\AppData\Local\Smartbar
    2013-06-30 05:57 - 2013-07-07 07:00 - 00000000 ____D C:\Program Files\Wajam
    S2 WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
    C:\ProgramData\uninstaller.exe
    C:\Program Files\Wajam
    C:\Program Files\Updater By SweetPacks
    C:\Users\Al\AppData\Local\Smartbar
    C:\Users\Al\AppData\Roaming\WebCake
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the BartPE CD.
    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.


    How is the machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  7. #7
    Member
    Join Date
    Mar 2007
    Location
    Butler, PA
    Posts
    102
    Points
    0

    Default

    I restarted the machine and it still tries to open multiple instances of IE. Attached is the fix log you requested.

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-07-2013
    Ran by SYSTEM at 2013-07-25 23:12:24 Run:1
    Running from F:\
    Boot Mode: Recovery

    ==============================================

    HKU\Al\Software\Microsoft\Windows\CurrentVersion\Run\\WebCake Desktop => Value deleted successfully.
    HKU\Al\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper => Value deleted successfully.
    Updater By SweetPacks => Service deleted successfully.
    WebCake Desktop Updater => Service deleted successfully.
    C:\Program Files\Updater By SweetPacks => Moved successfully.
    C:\Users\Al\AppData\Local\Smartbar => Moved successfully.
    C:\Program Files\Wajam => Moved successfully.
    WajamUpdater => Service deleted successfully.
    C:\ProgramData\uninstaller.exe => Moved successfully.
    "C:\Program Files\Wajam" => File/Directory not found.
    "C:\Program Files\Updater By SweetPacks" => File/Directory not found.
    "C:\Users\Al\AppData\Local\Smartbar" => File/Directory not found.
    C:\Users\Al\AppData\Roaming\WebCake => Moved successfully.

    ==== End of Fixlog ====

  8. #8
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    1.
    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
    • Click the Delete button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.


    2.
    Please download the latest version of TDSSKiller from here and save it to your Desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    • Put a checkmark beside loaded modules.
    • A reboot will be needed to apply the changes. Do it.
    • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
    • Then click on Change parameters in TDSSKiller.
    • Check all boxes then click OK.
    • Click the Start Scan button.
    • The scan should take no longer than 2 minutes.
    • If a suspicious object is detected, the default action will be Skip, click on Continue.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
      Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

      Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
    • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  9. #9
    Member
    Join Date
    Mar 2007
    Location
    Butler, PA
    Posts
    102
    Points
    0

    Default

    The computer is running very quickly and it will go to a browser and navigate around the Internet. I don't know why I got two TDSS logs so I included them both as well as the adwclean.

    # AdwCleaner v2.306 - Logfile created 07/27/2013 at 23:48:45
    # Updated 19/07/2013 by Xplode
    # Operating system : Windows 7 Professional Service Pack 1 (32 bits)
    # User : Al - AL-PC
    # Boot Mode : Normal
    # Running from : F:\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Deleted on reboot : C:\Users\Al\AppData\LocAl\Temp\Zynga
    File Deleted : C:\END
    Folder Deleted : C:\Program Files\SweetIM
    Folder Deleted : C:\Program Files\WebCake
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\Users\Al\AppData\LocAl\Temp\Smartbar
    Folder Deleted : C:\Users\Al\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

    ***** [Registry] *****

    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Software\SmartbarBackup
    Key Deleted : HKCU\Software\SmartbarLog
    Key Deleted : HKCU\Software\Wajam
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKCU\Software\WNLT
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
    Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
    Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    Key Deleted : HKLM\Software\Tarma Installer
    Key Deleted : HKLM\Software\Wajam
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16635

    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={1BA8A6C9-E18D-11E2-978B-3860774DCE0F} --> hxxp://www.google.com

    *************************

    AdwCleaner[R1].txt - [8805 octets] - [27/07/2013 23:47:54]
    AdwCleaner[S1].txt - [8821 octets] - [27/07/2013 23:48:45]

    ########## EOF - C:\AdwCleaner[S1].txt - [8881 octets] ##########


    23:58:48.0680 3308 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
    23:58:48.0743 3308 ============================================================
    23:58:48.0743 3308 Current date / time: 2013/07/27 23:58:48.0743
    23:58:48.0743 3308 SystemInfo:
    23:58:48.0743 3308
    23:58:48.0743 3308 OS Version: 6.1.7601 ServicePack: 1.0
    23:58:48.0743 3308 Product type: Workstation
    23:58:48.0743 3308 ComputerName: AL-PC
    23:58:48.0758 3308 UserName: Al
    23:58:48.0758 3308 Windows directory: C:\Windows
    23:58:48.0758 3308 System windows directory: C:\Windows
    23:58:48.0758 3308 Processor architecture: Intel x86
    23:58:48.0758 3308 Number of processors: 2
    23:58:48.0758 3308 Page size: 0x1000
    23:58:48.0758 3308 Boot type: Normal boot
    23:58:48.0758 3308 ============================================================
    23:58:48.0758 3308 BG loaded
    23:58:49.0601 3308 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x3C538, SectorsPerTrack: 0x3B, TracksPerCylinder: 0x43, Type 'K0', Flags 0x00000050
    23:58:49.0726 3308 ============================================================
    23:58:49.0726 3308 \Device\Harddisk0\DR0:
    23:58:49.0726 3308 MBR partitions:
    23:58:49.0726 3308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    23:58:49.0726 3308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
    23:58:49.0726 3308 ============================================================
    23:58:49.0788 3308 C: <-> \Device\Harddisk0\DR0\Partition2
    23:58:49.0788 3308 ============================================================
    23:58:49.0788 3308 Initialize success
    23:58:49.0788 3308 ============================================================
    23:59:33.0997 3096 ============================================================
    23:59:33.0997 3096 Scan started
    23:59:33.0997 3096 Mode: Manual; SigCheck; TDLFS;
    23:59:33.0997 3096 ============================================================
    23:59:35.0434 3096 ================ Scan system memory ========================
    23:59:35.0434 3096 System memory - ok
    23:59:35.0435 3096 ================ Scan services =============================
    23:59:35.0600 3096 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    23:59:43.0917 3096 1394ohci - ok
    23:59:43.0956 3096 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    23:59:43.0994 3096 ACPI - ok
    23:59:44.0016 3096 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    23:59:44.0124 3096 AcpiPmi - ok
    23:59:44.0203 3096 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    23:59:44.0234 3096 AdobeARMservice - ok
    23:59:44.0297 3096 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    23:59:44.0347 3096 AdobeFlashPlayerUpdateSvc - ok
    23:59:44.0406 3096 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    23:59:44.0452 3096 adp94xx - ok
    23:59:44.0488 3096 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    23:59:44.0532 3096 adpahci - ok
    23:59:44.0558 3096 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    23:59:44.0607 3096 adpu320 - ok
    23:59:44.0644 3096 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    23:59:44.0716 3096 AeLookupSvc - ok
    23:59:44.0757 3096 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
    23:59:44.0824 3096 AFD - ok
    23:59:44.0850 3096 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
    23:59:44.0887 3096 agp440 - ok
    23:59:44.0928 3096 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
    23:59:44.0959 3096 aic78xx - ok
    23:59:44.0992 3096 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
    23:59:45.0048 3096 ALG - ok
    23:59:45.0088 3096 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
    23:59:45.0116 3096 aliide - ok
    23:59:45.0143 3096 [ EC98CA8298F67926FA50876348534B1D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    23:59:45.0279 3096 AMD External Events Utility - ok
    23:59:45.0295 3096 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
    23:59:45.0329 3096 amdagp - ok
    23:59:45.0363 3096 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
    23:59:45.0405 3096 amdide - ok
    23:59:45.0439 3096 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    23:59:45.0495 3096 AmdK8 - ok
    23:59:45.0764 3096 [ 65B44179CF184B08E86097BFFBF03F24 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    23:59:46.0017 3096 amdkmdag - ok
    23:59:46.0087 3096 [ 5E1C65524FF1713711CE27879D813384 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    23:59:46.0162 3096 amdkmdap - ok
    23:59:46.0207 3096 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    23:59:46.0255 3096 AmdPPM - ok
    23:59:46.0293 3096 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
    23:59:46.0325 3096 amdsata - ok
    23:59:46.0356 3096 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    23:59:46.0390 3096 amdsbs - ok
    23:59:46.0419 3096 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    23:59:46.0446 3096 amdxata - ok
    23:59:46.0500 3096 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
    23:59:46.0636 3096 AppID - ok
    23:59:46.0685 3096 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    23:59:46.0781 3096 AppIDSvc - ok
    23:59:46.0821 3096 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
    23:59:46.0879 3096 Appinfo - ok
    23:59:46.0926 3096 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
    23:59:46.0981 3096 AppMgmt - ok
    23:59:47.0008 3096 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
    23:59:47.0038 3096 arc - ok
    23:59:47.0059 3096 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    23:59:47.0090 3096 arcsas - ok
    23:59:47.0110 3096 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    23:59:47.0254 3096 AsyncMac - ok
    23:59:47.0285 3096 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
    23:59:47.0314 3096 atapi - ok
    23:59:47.0370 3096 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    23:59:47.0456 3096 AudioEndpointBuilder - ok
    23:59:47.0487 3096 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
    23:59:47.0559 3096 Audiosrv - ok
    23:59:47.0778 3096 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
    23:59:47.0965 3096 AVGIDSAgent - ok
    23:59:48.0019 3096 [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
    23:59:48.0068 3096 AVGIDSDriver - ok
    23:59:48.0087 3096 [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
    23:59:48.0124 3096 AVGIDSHX - ok
    23:59:48.0150 3096 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
    23:59:48.0185 3096 AVGIDSShim - ok
    23:59:48.0209 3096 [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
    23:59:48.0250 3096 Avgldx86 - ok
    23:59:48.0274 3096 [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
    23:59:48.0318 3096 Avglogx - ok
    23:59:48.0350 3096 [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
    23:59:48.0387 3096 Avgmfx86 - ok
    23:59:48.0414 3096 [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
    23:59:48.0449 3096 Avgrkx86 - ok
    23:59:48.0470 3096 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
    23:59:48.0514 3096 Avgtdix - ok
    23:59:48.0572 3096 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    23:59:48.0618 3096 avgwd - ok
    23:59:48.0690 3096 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
    23:59:48.0778 3096 AxInstSV - ok
    23:59:48.0810 3096 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
    23:59:48.0870 3096 b06bdrv - ok
    23:59:48.0904 3096 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
    23:59:48.0952 3096 b57nd60x - ok
    23:59:48.0997 3096 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
    23:59:49.0059 3096 BDESVC - ok
    23:59:49.0077 3096 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
    23:59:49.0153 3096 Beep - ok
    23:59:49.0209 3096 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
    23:59:49.0302 3096 BFE - ok
    23:59:49.0330 3096 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
    23:59:49.0424 3096 BITS - ok
    23:59:49.0437 3096 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    23:59:49.0479 3096 blbdrive - ok
    23:59:49.0503 3096 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    23:59:49.0599 3096 bowser - ok
    23:59:49.0622 3096 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    23:59:49.0684 3096 BrFiltLo - ok
    23:59:49.0715 3096 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    23:59:49.0761 3096 BrFiltUp - ok
    23:59:49.0790 3096 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
    23:59:49.0828 3096 Browser - ok
    23:59:49.0861 3096 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    23:59:49.0931 3096 Brserid - ok
    23:59:49.0968 3096 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    23:59:50.0013 3096 BrSerWdm - ok
    23:59:50.0036 3096 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    23:59:50.0085 3096 BrUsbMdm - ok
    23:59:50.0110 3096 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    23:59:50.0153 3096 BrUsbSer - ok
    23:59:50.0165 3096 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    23:59:50.0202 3096 BTHMODEM - ok
    23:59:50.0246 3096 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
    23:59:50.0326 3096 bthserv - ok
    23:59:50.0349 3096 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    23:59:50.0421 3096 cdfs - ok
    23:59:50.0459 3096 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    23:59:50.0507 3096 cdrom - ok
    23:59:50.0564 3096 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
    23:59:50.0637 3096 CertPropSvc - ok
    23:59:50.0678 3096 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    23:59:50.0721 3096 circlass - ok
    23:59:50.0751 3096 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
    23:59:50.0786 3096 CLFS - ok
    23:59:50.0843 3096 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    23:59:50.0882 3096 clr_optimization_v2.0.50727_32 - ok
    23:59:50.0938 3096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    23:59:51.0039 3096 clr_optimization_v4.0.30319_32 - ok
    23:59:51.0069 3096 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    23:59:51.0120 3096 CmBatt - ok
    23:59:51.0152 3096 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
    23:59:51.0181 3096 cmdide - ok
    23:59:51.0209 3096 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
    23:59:51.0265 3096 CNG - ok
    23:59:51.0292 3096 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    23:59:51.0321 3096 Compbatt - ok
    23:59:51.0351 3096 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    23:59:51.0397 3096 CompositeBus - ok
    23:59:51.0418 3096 COMSysApp - ok
    23:59:51.0445 3096 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    23:59:51.0475 3096 crcdisk - ok
    23:59:51.0514 3096 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    23:59:51.0566 3096 CryptSvc - ok
    23:59:51.0621 3096 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
    23:59:51.0678 3096 CSC - ok
    23:59:51.0739 3096 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
    23:59:51.0803 3096 CscService - ok
    23:59:51.0847 3096 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
    23:59:51.0931 3096 DcomLaunch - ok
    23:59:51.0976 3096 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
    23:59:52.0073 3096 defragsvc - ok
    23:59:52.0159 3096 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    23:59:52.0245 3096 DfsC - ok
    23:59:52.0304 3096 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
    23:59:52.0361 3096 Dhcp - ok
    23:59:52.0388 3096 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
    23:59:52.0460 3096 discache - ok
    23:59:52.0488 3096 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
    23:59:52.0520 3096 Disk - ok
    23:59:52.0548 3096 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    23:59:52.0609 3096 Dnscache - ok
    23:59:52.0648 3096 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
    23:59:52.0742 3096 dot3svc - ok
    23:59:52.0786 3096 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
    23:59:52.0871 3096 DPS - ok
    23:59:52.0905 3096 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    23:59:52.0946 3096 drmkaud - ok
    23:59:52.0988 3096 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    23:59:53.0040 3096 DXGKrnl - ok
    23:59:53.0072 3096 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
    23:59:53.0164 3096 EapHost - ok
    23:59:53.0264 3096 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
    23:59:53.0399 3096 ebdrv - ok
    23:59:53.0430 3096 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
    23:59:53.0483 3096 EFS - ok
    23:59:53.0543 3096 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    23:59:53.0660 3096 ehRecvr - ok
    23:59:53.0700 3096 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
    23:59:53.0771 3096 ehSched - ok
    23:59:53.0834 3096 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    23:59:53.0889 3096 elxstor - ok
    23:59:53.0937 3096 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    23:59:53.0995 3096 ErrDev - ok
    23:59:54.0060 3096 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
    23:59:54.0155 3096 EventSystem - ok
    23:59:54.0189 3096 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
    23:59:54.0269 3096 exfat - ok
    23:59:54.0297 3096 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    23:59:54.0371 3096 fastfat - ok
    23:59:54.0419 3096 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
    23:59:54.0477 3096 Fax - ok
    23:59:54.0501 3096 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    23:59:54.0542 3096 fdc - ok
    23:59:54.0569 3096 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
    23:59:54.0640 3096 fdPHost - ok
    23:59:54.0662 3096 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
    23:59:54.0735 3096 FDResPub - ok
    23:59:54.0768 3096 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    23:59:54.0797 3096 FileInfo - ok
    23:59:54.0821 3096 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    23:59:54.0897 3096 Filetrace - ok
    23:59:54.0925 3096 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    23:59:54.0960 3096 flpydisk - ok
    23:59:54.0993 3096 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    23:59:55.0027 3096 FltMgr - ok
    23:59:55.0101 3096 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
    23:59:55.0176 3096 FontCache - ok
    23:59:55.0224 3096 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    23:59:55.0254 3096 FontCache3.0.0.0 - ok
    23:59:55.0271 3096 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    23:59:55.0301 3096 FsDepends - ok
    23:59:55.0329 3096 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    23:59:55.0359 3096 Fs_Rec - ok
    23:59:55.0401 3096 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    23:59:55.0443 3096 fvevol - ok
    23:59:55.0471 3096 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    23:59:55.0504 3096 gagp30kx - ok
    23:59:55.0550 3096 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
    23:59:55.0634 3096 gpsvc - ok
    23:59:55.0661 3096 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    23:59:55.0720 3096 hcw85cir - ok
    23:59:55.0771 3096 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    23:59:55.0817 3096 HDAudBus - ok
    23:59:55.0827 3096 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    23:59:55.0867 3096 HidBatt - ok
    23:59:55.0902 3096 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    23:59:55.0951 3096 HidBth - ok
    23:59:55.0982 3096 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    23:59:56.0033 3096 HidIr - ok
    23:59:56.0064 3096 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
    23:59:56.0139 3096 hidserv - ok
    23:59:56.0174 3096 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    23:59:56.0215 3096 HidUsb - ok
    23:59:56.0240 3096 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
    23:59:56.0312 3096 hkmsvc - ok
    23:59:56.0363 3096 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    23:59:56.0423 3096 HomeGroupListener - ok
    23:59:56.0479 3096 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    23:59:56.0528 3096 HomeGroupProvider - ok
    23:59:56.0569 3096 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    23:59:56.0600 3096 HpSAMD - ok
    23:59:56.0646 3096 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    23:59:56.0716 3096 HTTP - ok
    23:59:56.0747 3096 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    23:59:56.0777 3096 hwpolicy - ok
    23:59:56.0797 3096 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    23:59:56.0837 3096 i8042prt - ok
    23:59:56.0868 3096 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    23:59:56.0909 3096 iaStorV - ok
    23:59:56.0977 3096 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    23:59:57.0043 3096 idsvc - ok
    23:59:57.0067 3096 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    23:59:57.0099 3096 iirsp - ok
    23:59:57.0166 3096 [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    23:59:57.0203 3096 IJPLMSVC - ok
    23:59:57.0272 3096 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
    23:59:57.0357 3096 IKEEXT - ok
    23:59:57.0483 3096 [ 0FD8A26BB84F61F9301B2D7B91151818 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
    23:59:57.0642 3096 IntcAzAudAddService - ok
    23:59:57.0676 3096 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
    23:59:57.0706 3096 intelide - ok
    23:59:57.0753 3096 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    23:59:57.0795 3096 intelppm - ok
    23:59:57.0825 3096 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    23:59:57.0907 3096 IPBusEnum - ok
    23:59:57.0936 3096 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    23:59:58.0014 3096 IpFilterDriver - ok
    23:59:58.0055 3096 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    23:59:58.0119 3096 iphlpsvc - ok
    23:59:58.0152 3096 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    23:59:58.0192 3096 IPMIDRV - ok
    23:59:58.0213 3096 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    23:59:58.0297 3096 IPNAT - ok
    23:59:58.0318 3096 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
    23:59:58.0376 3096 IRENUM - ok
    23:59:58.0391 3096 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    23:59:58.0421 3096 isapnp - ok
    23:59:58.0444 3096 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    23:59:58.0483 3096 iScsiPrt - ok
    23:59:58.0499 3096 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    23:59:58.0528 3096 kbdclass - ok
    23:59:58.0558 3096 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    23:59:58.0598 3096 kbdhid - ok
    23:59:58.0613 3096 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
    23:59:58.0645 3096 KeyIso - ok
    23:59:58.0679 3096 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    23:59:58.0710 3096 KSecDD - ok
    23:59:58.0752 3096 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    23:59:58.0785 3096 KSecPkg - ok
    23:59:58.0821 3096 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
    23:59:58.0895 3096 KtmRm - ok
    23:59:58.0934 3096 [ B15A671443B98FC8A7BB0E8A78C3F65E ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
    23:59:58.0970 3096 L1C - ok
    23:59:59.0008 3096 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
    23:59:59.0092 3096 LanmanServer - ok
    23:59:59.0128 3096 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    23:59:59.0202 3096 LanmanWorkstation - ok
    23:59:59.0247 3096 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    23:59:59.0320 3096 lltdio - ok
    23:59:59.0349 3096 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    23:59:59.0429 3096 lltdsvc - ok
    23:59:59.0445 3096 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
    23:59:59.0518 3096 lmhosts - ok
    23:59:59.0543 3096 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    23:59:59.0576 3096 LSI_FC - ok
    23:59:59.0609 3096 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    23:59:59.0640 3096 LSI_SAS - ok
    23:59:59.0657 3096 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    23:59:59.0689 3096 LSI_SAS2 - ok
    23:59:59.0701 3096 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    23:59:59.0735 3096 LSI_SCSI - ok
    23:59:59.0764 3096 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
    23:59:59.0828 3096 luafv - ok
    23:59:59.0864 3096 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    23:59:59.0900 3096 Mcx2Svc - ok
    23:59:59.0922 3096 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    23:59:59.0952 3096 megasas - ok
    23:59:59.0973 3096 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    00:00:00.0011 3096 MegaSR - ok
    00:00:00.0042 3096 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
    00:00:00.0122 3096 MMCSS - ok
    00:00:00.0139 3096 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
    00:00:00.0214 3096 Modem - ok
    00:00:00.0260 3096 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    00:00:00.0307 3096 monitor - ok
    00:00:00.0328 3096 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    00:00:00.0358 3096 mouclass - ok
    00:00:00.0380 3096 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    00:00:00.0421 3096 mouhid - ok
    00:00:00.0467 3096 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    00:00:00.0498 3096 mountmgr - ok
    00:00:00.0523 3096 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
    00:00:00.0557 3096 mpio - ok
    00:00:00.0572 3096 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    00:00:00.0643 3096 mpsdrv - ok
    00:00:00.0684 3096 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
    00:00:00.0783 3096 MpsSvc - ok
    00:00:00.0812 3096 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    00:00:00.0868 3096 MRxDAV - ok
    00:00:00.0906 3096 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    00:00:00.0958 3096 mrxsmb - ok
    00:00:00.0985 3096 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    00:00:01.0020 3096 mrxsmb10 - ok
    00:00:01.0041 3096 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    00:00:01.0078 3096 mrxsmb20 - ok
    00:00:01.0094 3096 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
    00:00:01.0125 3096 msahci - ok
    00:00:01.0139 3096 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    00:00:01.0172 3096 msdsm - ok
    00:00:01.0192 3096 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
    00:00:01.0242 3096 MSDTC - ok
    00:00:01.0272 3096 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
    00:00:01.0349 3096 Msfs - ok
    00:00:01.0372 3096 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    00:00:01.0450 3096 mshidkmdf - ok
    00:00:01.0474 3096 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    00:00:01.0507 3096 msisadrv - ok
    00:00:01.0548 3096 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    00:00:01.0613 3096 MSiSCSI - ok
    00:00:01.0622 3096 msiserver - ok
    00:00:01.0667 3096 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    00:00:01.0731 3096 MSKSSRV - ok
    00:00:01.0750 3096 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    00:00:01.0824 3096 MSPCLOCK - ok
    00:00:01.0834 3096 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    00:00:01.0903 3096 MSPQM - ok
    00:00:01.0925 3096 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    00:00:01.0959 3096 MsRPC - ok
    00:00:01.0991 3096 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    00:00:02.0020 3096 mssmbios - ok
    00:00:02.0043 3096 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    00:00:02.0107 3096 MSTEE - ok
    00:00:02.0137 3096 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    00:00:02.0170 3096 MTConfig - ok
    00:00:02.0189 3096 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
    00:00:02.0218 3096 Mup - ok
    00:00:02.0261 3096 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
    00:00:02.0343 3096 napagent - ok
    00:00:02.0381 3096 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    00:00:02.0426 3096 NativeWifiP - ok
    00:00:02.0475 3096 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
    00:00:02.0526 3096 NDIS - ok
    00:00:02.0562 3096 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    00:00:02.0638 3096 NdisCap - ok
    00:00:02.0662 3096 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    00:00:02.0736 3096 NdisTapi - ok
    00:00:02.0789 3096 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    00:00:02.0863 3096 Ndisuio - ok
    00:00:02.0912 3096 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    00:00:02.0985 3096 NdisWan - ok
    00:00:03.0030 3096 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    00:00:03.0101 3096 NDProxy - ok
    00:00:03.0143 3096 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    00:00:03.0223 3096 NetBIOS - ok
    00:00:03.0276 3096 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    00:00:03.0358 3096 NetBT - ok
    00:00:03.0380 3096 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
    00:00:03.0412 3096 Netlogon - ok
    00:00:03.0452 3096 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
    00:00:03.0540 3096 Netman - ok
    00:00:03.0574 3096 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
    00:00:03.0659 3096 netprofm - ok
    00:00:03.0699 3096 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    00:00:03.0743 3096 NetTcpPortSharing - ok
    00:00:03.0796 3096 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    00:00:03.0836 3096 nfrd960 - ok
    00:00:03.0865 3096 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
    00:00:03.0916 3096 NlaSvc - ok
    00:00:03.0961 3096 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    00:00:04.0036 3096 Npfs - ok
    00:00:04.0068 3096 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
    00:00:04.0143 3096 nsi - ok
    00:00:04.0159 3096 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    00:00:04.0233 3096 nsiproxy - ok
    00:00:04.0288 3096 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    00:00:04.0353 3096 Ntfs - ok
    00:00:04.0380 3096 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
    00:00:04.0450 3096 Null - ok
    00:00:04.0479 3096 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    00:00:04.0513 3096 nvraid - ok
    00:00:04.0534 3096 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    00:00:04.0568 3096 nvstor - ok
    00:00:04.0590 3096 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    00:00:04.0623 3096 nv_agp - ok
    00:00:04.0648 3096 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    00:00:04.0691 3096 ohci1394 - ok
    00:00:04.0734 3096 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    00:00:04.0796 3096 p2pimsvc - ok
    00:00:04.0828 3096 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
    00:00:04.0883 3096 p2psvc - ok
    00:00:04.0910 3096 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    00:00:04.0953 3096 Parport - ok
    00:00:04.0976 3096 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
    00:00:05.0005 3096 partmgr - ok
    00:00:05.0033 3096 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
    00:00:05.0073 3096 Parvdm - ok
    00:00:05.0094 3096 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
    00:00:05.0136 3096 PcaSvc - ok
    00:00:05.0172 3096 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
    00:00:05.0204 3096 pci - ok
    00:00:05.0222 3096 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
    00:00:05.0249 3096 pciide - ok
    00:00:05.0280 3096 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    00:00:05.0315 3096 pcmcia - ok
    00:00:05.0340 3096 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
    00:00:05.0370 3096 pcw - ok
    00:00:05.0402 3096 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    00:00:05.0491 3096 PEAUTH - ok
    00:00:05.0531 3096 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    00:00:05.0612 3096 PeerDistSvc - ok
    00:00:05.0718 3096 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
    00:00:05.0843 3096 pla - ok
    00:00:05.0883 3096 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    00:00:05.0943 3096 PlugPlay - ok
    00:00:05.0959 3096 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    00:00:05.0998 3096 PNRPAutoReg - ok
    00:00:06.0017 3096 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    00:00:06.0056 3096 PNRPsvc - ok
    00:00:06.0087 3096 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    00:00:06.0166 3096 PolicyAgent - ok
    00:00:06.0195 3096 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
    00:00:06.0278 3096 Power - ok
    00:00:06.0321 3096 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    00:00:06.0411 3096 PptpMiniport - ok
    00:00:06.0439 3096 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    00:00:06.0472 3096 Processor - ok
    00:00:06.0499 3096 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
    00:00:06.0548 3096 ProfSvc - ok
    00:00:06.0563 3096 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
    00:00:06.0599 3096 ProtectedStorage - ok
    00:00:06.0620 3096 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    00:00:06.0692 3096 Psched - ok
    00:00:06.0747 3096 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    00:00:06.0837 3096 ql2300 - ok
    00:00:06.0864 3096 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    00:00:06.0896 3096 ql40xx - ok
    00:00:06.0929 3096 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
    00:00:06.0985 3096 QWAVE - ok
    00:00:07.0008 3096 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    00:00:07.0047 3096 QWAVEdrv - ok
    00:00:07.0064 3096 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    00:00:07.0136 3096 RasAcd - ok
    00:00:07.0184 3096 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    00:00:07.0256 3096 RasAgileVpn - ok
    00:00:07.0281 3096 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
    00:00:07.0363 3096 RasAuto - ok
    00:00:07.0381 3096 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    00:00:07.0446 3096 Rasl2tp - ok
    00:00:07.0493 3096 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
    00:00:07.0569 3096 RasMan - ok
    00:00:07.0584 3096 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    00:00:07.0657 3096 RasPppoe - ok
    00:00:07.0690 3096 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    00:00:07.0761 3096 RasSstp - ok
    00:00:07.0805 3096 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    00:00:07.0868 3096 rdbss - ok
    00:00:07.0887 3096 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    00:00:07.0934 3096 rdpbus - ok
    00:00:07.0962 3096 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    00:00:08.0032 3096 RDPCDD - ok
    00:00:08.0088 3096 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    00:00:08.0146 3096 RDPDR - ok
    00:00:08.0184 3096 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    00:00:08.0252 3096 RDPENCDD - ok
    00:00:08.0274 3096 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    00:00:08.0333 3096 RDPREFMP - ok
    00:00:08.0377 3096 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    00:00:08.0434 3096 RdpVideoMiniport - ok
    00:00:08.0469 3096 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    00:00:08.0532 3096 RDPWD - ok
    00:00:08.0584 3096 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    00:00:08.0617 3096 rdyboost - ok
    00:00:08.0677 3096 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    00:00:08.0714 3096 RealNetworks Downloader Resolver Service - ok
    00:00:08.0752 3096 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
    00:00:08.0826 3096 RemoteAccess - ok
    00:00:08.0851 3096 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    00:00:08.0925 3096 RemoteRegistry - ok
    00:00:08.0945 3096 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    00:00:09.0021 3096 RpcEptMapper - ok
    00:00:09.0044 3096 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
    00:00:09.0085 3096 RpcLocator - ok
    00:00:09.0113 3096 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
    00:00:09.0183 3096 RpcSs - ok
    00:00:09.0227 3096 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    00:00:09.0297 3096 rspndr - ok
    00:00:09.0320 3096 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    00:00:09.0365 3096 s3cap - ok
    00:00:09.0380 3096 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
    00:00:09.0412 3096 SamSs - ok
    00:00:09.0451 3096 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    00:00:09.0483 3096 sbp2port - ok
    00:00:09.0518 3096 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    00:00:09.0590 3096 SCardSvr - ok
    00:00:09.0608 3096 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    00:00:09.0677 3096 scfilter - ok
    00:00:09.0724 3096 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
    00:00:09.0812 3096 Schedule - ok
    00:00:09.0838 3096 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
    00:00:09.0903 3096 SCPolicySvc - ok
    00:00:09.0944 3096 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    00:00:09.0998 3096 SDRSVC - ok
    00:00:10.0029 3096 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    00:00:10.0093 3096 secdrv - ok
    00:00:10.0129 3096 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
    00:00:10.0204 3096 seclogon - ok
    00:00:10.0234 3096 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
    00:00:10.0312 3096 SENS - ok
    00:00:10.0346 3096 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
    00:00:10.0398 3096 SensrSvc - ok
    00:00:10.0416 3096 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    00:00:10.0455 3096 Serenum - ok
    00:00:10.0476 3096 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    00:00:10.0518 3096 Serial - ok
    00:00:10.0545 3096 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    00:00:10.0589 3096 sermouse - ok
    00:00:10.0642 3096 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
    00:00:10.0717 3096 SessionEnv - ok
    00:00:10.0737 3096 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    00:00:10.0780 3096 sffdisk - ok
    00:00:10.0798 3096 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    00:00:10.0834 3096 sffp_mmc - ok
    00:00:10.0853 3096 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    00:00:10.0895 3096 sffp_sd - ok
    00:00:10.0923 3096 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    00:00:10.0955 3096 sfloppy - ok
    00:00:10.0985 3096 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    00:00:11.0058 3096 SharedAccess - ok
    00:00:11.0089 3096 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    00:00:11.0160 3096 ShellHWDetection - ok
    00:00:11.0183 3096 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
    00:00:11.0216 3096 sisagp - ok
    00:00:11.0260 3096 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    00:00:11.0289 3096 SiSRaid2 - ok
    00:00:11.0318 3096 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    00:00:11.0349 3096 SiSRaid4 - ok
    00:00:11.0379 3096 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
    00:00:11.0460 3096 Smb - ok
    00:00:11.0509 3096 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    00:00:11.0558 3096 SNMPTRAP - ok
    00:00:11.0579 3096 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
    00:00:11.0607 3096 spldr - ok
    00:00:11.0647 3096 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
    00:00:11.0700 3096 Spooler - ok
    00:00:11.0812 3096 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
    00:00:11.0987 3096 sppsvc - ok
    00:00:12.0014 3096 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    00:00:12.0088 3096 sppuinotify - ok
    00:00:12.0112 3096 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
    00:00:12.0170 3096 srv - ok
    00:00:12.0195 3096 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    00:00:12.0242 3096 srv2 - ok
    00:00:12.0263 3096 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    00:00:12.0302 3096 srvnet - ok
    00:00:12.0331 3096 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    00:00:12.0410 3096 SSDPSRV - ok
    00:00:12.0430 3096 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
    00:00:12.0504 3096 SstpSvc - ok
    00:00:12.0534 3096 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    00:00:12.0562 3096 stexstor - ok
    00:00:12.0625 3096 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
    00:00:12.0694 3096 StiSvc - ok
    00:00:12.0729 3096 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
    00:00:12.0759 3096 storflt - ok
    00:00:12.0797 3096 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
    00:00:12.0846 3096 StorSvc - ok
    00:00:12.0871 3096 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
    00:00:12.0901 3096 storvsc - ok
    00:00:12.0917 3096 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
    00:00:12.0951 3096 swenum - ok
    00:00:12.0993 3096 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
    00:00:13.0102 3096 swprv - ok
    00:00:13.0150 3096 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
    00:00:13.0216 3096 SysMain - ok
    00:00:13.0238 3096 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
    00:00:13.0294 3096 TabletInputService - ok
    00:00:13.0324 3096 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
    00:00:13.0405 3096 TapiSrv - ok
    00:00:13.0421 3096 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
    00:00:13.0502 3096 TBS - ok
    00:00:13.0749 3096 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    00:00:13.0828 3096 Tcpip - ok
    00:00:14.0048 3096 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    00:00:14.0117 3096 TCPIP6 - ok
    00:00:14.0160 3096 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    00:00:14.0222 3096 tcpipreg - ok
    00:00:14.0273 3096 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    00:00:14.0350 3096 TDPIPE - ok
    00:00:14.0387 3096 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    00:00:14.0447 3096 TDTCP - ok
    00:00:14.0499 3096 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    00:00:14.0560 3096 tdx - ok
    00:00:14.0586 3096 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
    00:00:14.0618 3096 TermDD - ok
    00:00:14.0661 3096 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
    00:00:14.0765 3096 TermService - ok
    00:00:14.0806 3096 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
    00:00:14.0862 3096 Themes - ok
    00:00:14.0891 3096 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
    00:00:14.0958 3096 THREADORDER - ok
    00:00:14.0988 3096 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
    00:00:15.0059 3096 TrkWks - ok
    00:00:15.0130 3096 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    00:00:15.0219 3096 TrustedInstaller - ok
    00:00:15.0259 3096 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    00:00:15.0338 3096 tssecsrv - ok
    00:00:15.0370 3096 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    00:00:15.0449 3096 TsUsbFlt - ok
    00:00:15.0529 3096 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    00:00:15.0590 3096 tunnel - ok
    00:00:15.0612 3096 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    00:00:15.0642 3096 uagp35 - ok
    00:00:15.0671 3096 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    00:00:15.0750 3096 udfs - ok
    00:00:15.0791 3096 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    00:00:15.0835 3096 UI0Detect - ok
    00:00:15.0845 3096 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    00:00:15.0875 3096 uliagpkx - ok
    00:00:15.0922 3096 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
    00:00:15.0954 3096 umbus - ok
    00:00:15.0998 3096 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    00:00:16.0037 3096 UmPass - ok
    00:00:16.0066 3096 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
    00:00:16.0114 3096 UmRdpService - ok
    00:00:16.0148 3096 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
    00:00:16.0222 3096 upnphost - ok
    00:00:16.0252 3096 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    00:00:16.0297 3096 usbccgp - ok
    00:00:16.0342 3096 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    00:00:16.0379 3096 usbcir - ok
    00:00:16.0399 3096 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    00:00:16.0437 3096 usbehci - ok
    00:00:16.0470 3096 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    00:00:16.0517 3096 usbhub - ok
    00:00:16.0536 3096 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
    00:00:16.0575 3096 usbohci - ok
    00:00:16.0600 3096 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    00:00:16.0648 3096 usbprint - ok
    00:00:16.0670 3096 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    00:00:16.0721 3096 usbscan - ok
    00:00:16.0750 3096 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    00:00:16.0792 3096 USBSTOR - ok
    00:00:16.0815 3096 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    00:00:16.0852 3096 usbuhci - ok
    00:00:16.0881 3096 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
    00:00:16.0955 3096 UxSms - ok
    00:00:16.0971 3096 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
    00:00:17.0003 3096 VaultSvc - ok
    00:00:17.0026 3096 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    00:00:17.0056 3096 vdrvroot - ok
    00:00:17.0091 3096 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
    00:00:17.0179 3096 vds - ok
    00:00:17.0213 3096 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    00:00:17.0257 3096 vga - ok
    00:00:17.0273 3096 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
    00:00:17.0337 3096 VgaSave - ok
    00:00:17.0365 3096 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    00:00:17.0400 3096 vhdmp - ok
    00:00:17.0434 3096 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
    00:00:17.0465 3096 viaagp - ok
    00:00:17.0480 3096 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
    00:00:17.0528 3096 ViaC7 - ok
    00:00:17.0550 3096 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
    00:00:17.0578 3096 viaide - ok
    00:00:17.0594 3096 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
    00:00:17.0628 3096 vmbus - ok
    00:00:17.0650 3096 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    00:00:17.0686 3096 VMBusHID - ok
    00:00:17.0704 3096 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    00:00:17.0734 3096 volmgr - ok
    00:00:17.0772 3096 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    00:00:17.0810 3096 volmgrx - ok
    00:00:17.0836 3096 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    00:00:17.0871 3096 volsnap - ok
    00:00:17.0898 3096 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    00:00:17.0934 3096 vsmraid - ok
    00:00:17.0981 3096 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
    00:00:18.0082 3096 VSS - ok
    00:00:18.0099 3096 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
    00:00:18.0135 3096 vwifibus - ok
    00:00:18.0169 3096 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
    00:00:18.0253 3096 W32Time - ok
    00:00:18.0285 3096 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    00:00:18.0317 3096 WacomPen - ok
    00:00:18.0369 3096 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    00:00:18.0456 3096 WANARP - ok
    00:00:18.0464 3096 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    00:00:18.0534 3096 Wanarpv6 - ok
    00:00:18.0595 3096 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    00:00:18.0687 3096 WatAdminSvc - ok
    00:00:18.0759 3096 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
    00:00:18.0850 3096 wbengine - ok
    00:00:18.0896 3096 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    00:00:18.0974 3096 WbioSrvc - ok
    00:00:19.0032 3096 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
    00:00:19.0094 3096 wcncsvc - ok
    00:00:19.0119 3096 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    00:00:19.0168 3096 WcsPlugInService - ok
    00:00:19.0194 3096 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
    00:00:19.0224 3096 Wd - ok
    00:00:19.0260 3096 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    00:00:19.0311 3096 Wdf01000 - ok
    00:00:19.0324 3096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
    00:00:19.0389 3096 WdiServiceHost - ok
    00:00:19.0397 3096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
    00:00:19.0438 3096 WdiSystemHost - ok
    00:00:19.0470 3096 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
    00:00:19.0527 3096 WebClient - ok
    00:00:19.0560 3096 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
    00:00:19.0630 3096 Wecsvc - ok
    00:00:19.0652 3096 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
    00:00:19.0729 3096 wercplsupport - ok
    00:00:19.0761 3096 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
    00:00:19.0837 3096 WerSvc - ok
    00:00:19.0875 3096 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    00:00:19.0939 3096 WfpLwf - ok
    00:00:19.0958 3096 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    00:00:19.0990 3096 WIMMount - ok
    00:00:20.0057 3096 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
    00:00:20.0139 3096 WinDefend - ok
    00:00:20.0153 3096 WinHttpAutoProxySvc - ok
    00:00:20.0211 3096 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    00:00:20.0289 3096 Winmgmt - ok
    00:00:20.0377 3096 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
    00:00:20.0494 3096 WinRM - ok
    00:00:20.0561 3096 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
    00:00:20.0630 3096 Wlansvc - ok
    00:00:20.0715 3096 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    00:00:20.0796 3096 wlidsvc - ok
    00:00:20.0813 3096 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    00:00:20.0845 3096 WmiAcpi - ok
    00:00:20.0888 3096 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    00:00:20.0922 3096 wmiApSrv - ok
    00:00:20.0996 3096 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
    00:00:21.0090 3096 WMPNetworkSvc - ok
    00:00:21.0124 3096 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
    00:00:21.0177 3096 WPCSvc - ok
    00:00:21.0225 3096 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    00:00:21.0285 3096 WPDBusEnum - ok
    00:00:21.0315 3096 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    00:00:21.0390 3096 ws2ifsl - ok
    00:00:21.0409 3096 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
    00:00:21.0451 3096 wscsvc - ok
    00:00:21.0460 3096 WSearch - ok
    00:00:21.0534 3096 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
    00:00:21.0652 3096 wuauserv - ok
    00:00:21.0684 3096 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    00:00:21.0732 3096 WudfPf - ok
    00:00:21.0767 3096 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    00:00:21.0815 3096 WUDFRd - ok
    00:00:21.0846 3096 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    00:00:21.0888 3096 wudfsvc - ok
    00:00:21.0920 3096 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
    00:00:21.0966 3096 WwanSvc - ok
    00:00:21.0993 3096 ================ Scan global ===============================
    00:00:22.0037 3096 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
    00:00:22.0070 3096 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
    00:00:22.0095 3096 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
    00:00:22.0124 3096 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
    00:00:22.0159 3096 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
    00:00:22.0167 3096 [Global] - ok
    00:00:22.0168 3096 ================ Scan MBR ==================================
    00:00:22.0184 3096 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    00:00:22.0578 3096 \Device\Harddisk0\DR0 - ok
    00:00:22.0579 3096 ================ Scan VBR ==================================
    00:00:22.0585 3096 [ F7BE2DFC04A59B2EAAE295BD83491541 ] \Device\Harddisk0\DR0\Partition1
    00:00:22.0589 3096 \Device\Harddisk0\DR0\Partition1 - ok
    00:00:22.0631 3096 [ 8CF710A9541E644C4E47991CE2A268AE ] \Device\Harddisk0\DR0\Partition2
    00:00:22.0634 3096 \Device\Harddisk0\DR0\Partition2 - ok
    00:00:22.0635 3096 ================ Scan active images ========================
    00:00:22.0642 3096 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
    00:00:22.0642 3096 C:\Windows\System32\drivers\crashdmp.sys - ok
    00:00:22.0654 3096 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
    00:00:22.0655 3096 C:\Windows\System32\drivers\Dumpata.sys - ok
    00:00:22.0667 3096 [ 338C86357871C167A96AB976519BF59E ] C:\Windows\System32\drivers\atapi.sys
    00:00:22.0668 3096 C:\Windows\System32\drivers\atapi.sys - ok
    00:00:22.0681 3096 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
    00:00:22.0681 3096 C:\Windows\System32\drivers\dumpfve.sys - ok
    00:00:22.0694 3096 [ BA6E70AA0E6091BC39DE29477D866A77 ] C:\Windows\System32\drivers\cdrom.sys
    00:00:22.0695 3096 C:\Windows\System32\drivers\cdrom.sys - ok
    00:00:22.0708 3096 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
    00:00:22.0708 3096 C:\Windows\System32\drivers\null.sys - ok
    00:00:22.0720 3096 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
    00:00:22.0720 3096 C:\Windows\System32\drivers\beep.sys - ok
    00:00:22.0733 3096 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
    00:00:22.0734 3096 C:\Windows\System32\drivers\videoprt.sys - ok
    00:00:22.0746 3096 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
    00:00:22.0746 3096 C:\Windows\System32\drivers\watchdog.sys - ok
    00:00:22.0759 3096 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
    00:00:22.0760 3096 C:\Windows\System32\drivers\vga.sys - ok
    00:00:22.0772 3096 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
    00:00:22.0772 3096 C:\Windows\System32\drivers\RDPCDD.sys - ok
    00:00:22.0784 3096 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
    00:00:22.0784 3096 C:\Windows\System32\drivers\RDPENCDD.sys - ok
    00:00:22.0797 3096 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
    00:00:22.0798 3096 C:\Windows\System32\drivers\RDPREFMP.sys - ok
    00:00:22.0805 3096 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
    00:00:22.0805 3096 C:\Windows\System32\drivers\msfs.sys - ok
    00:00:22.0818 3096 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
    00:00:22.0818 3096 C:\Windows\System32\drivers\npfs.sys - ok
    00:00:22.0831 3096 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
    00:00:22.0831 3096 C:\Windows\System32\drivers\tdi.sys - ok
    00:00:22.0844 3096 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
    00:00:22.0844 3096 C:\Windows\System32\drivers\tdx.sys - ok
    00:00:22.0856 3096 [ 14370FB29526F593C04FA48B5D69F7F0 ] C:\Windows\System32\drivers\avgtdix.sys
    00:00:22.0858 3096 C:\Windows\System32\drivers\avgtdix.sys - ok
    00:00:22.0872 3096 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
    00:00:22.0872 3096 C:\Windows\System32\drivers\netbt.sys - ok
    00:00:22.0882 3096 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
    00:00:22.0882 3096 C:\Windows\System32\drivers\afd.sys - ok
    00:00:22.0895 3096 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
    00:00:22.0895 3096 C:\Windows\System32\drivers\pacer.sys - ok
    00:00:22.0909 3096 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
    00:00:22.0909 3096 C:\Windows\System32\drivers\wfplwf.sys - ok
    00:00:22.0920 3096 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
    00:00:22.0920 3096 C:\Windows\System32\drivers\netbios.sys - ok
    00:00:22.0933 3096 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
    00:00:22.0934 3096 C:\Windows\System32\drivers\wanarp.sys - ok
    00:00:22.0946 3096 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
    00:00:22.0946 3096 C:\Windows\System32\drivers\termdd.sys - ok
    00:00:22.0959 3096 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
    00:00:22.0959 3096 C:\Windows\System32\drivers\rdbss.sys - ok
    00:00:22.0972 3096 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
    00:00:22.0972 3096 C:\Windows\System32\drivers\nsiproxy.sys - ok
    00:00:22.0984 3096 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
    00:00:22.0984 3096 C:\Windows\System32\drivers\mssmbios.sys - ok
    00:00:22.0997 3096 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
    00:00:22.0998 3096 C:\Windows\System32\drivers\discache.sys - ok
    00:00:23.0011 3096 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
    00:00:23.0011 3096 C:\Windows\System32\drivers\csc.sys - ok
    00:00:23.0023 3096 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
    00:00:23.0023 3096 C:\Windows\System32\drivers\dfsc.sys - ok
    00:00:23.0036 3096 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
    00:00:23.0036 3096 C:\Windows\System32\drivers\blbdrive.sys - ok
    00:00:23.0049 3096 [ 08FA13787D77A75DC413E27FD92B44E8 ] C:\Windows\System32\drivers\avgldx86.sys
    00:00:23.0049 3096 C:\Windows\System32\drivers\avgldx86.sys - ok
    00:00:23.0059 3096 [ A426B2DC795531D99E2EE1952AEC051A ] C:\Windows\System32\drivers\avgidsshimx.sys
    00:00:23.0059 3096 C:\Windows\System32\drivers\avgidsshimx.sys - ok
    00:00:23.0070 3096 [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] C:\Windows\System32\drivers\avgidsdriverx.sys
    00:00:23.0071 3096 C:\Windows\System32\drivers\avgidsdriverx.sys - ok
    00:00:23.0083 3096 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
    00:00:23.0083 3096 C:\Windows\System32\drivers\tunnel.sys - ok
    00:00:23.0096 3096 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
    00:00:23.0096 3096 C:\Windows\System32\ntdll.dll - ok
    00:00:23.0109 3096 [ DE91DCC7BC55E940979097E98F743205 ] C:\Windows\System32\smss.exe
    00:00:23.0109 3096 C:\Windows\System32\smss.exe - ok
    00:00:23.0121 3096 [ 5E1C65524FF1713711CE27879D813384 ] C:\Windows\System32\drivers\atikmpag.sys
    00:00:23.0121 3096 C:\Windows\System32\drivers\atikmpag.sys - ok
    00:00:23.0134 3096 [ 65B44179CF184B08E86097BFFBF03F24 ] C:\Windows\System32\drivers\atikmdag.sys
    00:00:23.0134 3096 C:\Windows\System32\drivers\atikmdag.sys - ok
    00:00:23.0149 3096 [ 16498EBC04AE9DD07049A8884B205C05 ] C:\Windows\System32\drivers\dxgkrnl.sys
    00:00:23.0149 3096 C:\Windows\System32\drivers\dxgkrnl.sys - ok
    00:00:23.0159 3096 [ E405328A0E38BF823E2361C413283F6D ] C:\Windows\System32\drivers\dxgmms1.sys
    00:00:23.0159 3096 C:\Windows\System32\drivers\dxgmms1.sys - ok
    00:00:23.0172 3096 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
    00:00:23.0172 3096 C:\Windows\System32\drivers\usbport.sys - ok
    00:00:23.0185 3096 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys
    00:00:23.0185 3096 C:\Windows\System32\drivers\usbohci.sys - ok
    00:00:23.0198 3096 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
    00:00:23.0198 3096 C:\Windows\System32\drivers\usbehci.sys - ok
    00:00:23.0211 3096 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
    00:00:23.0211 3096 C:\Windows\System32\drivers\hdaudbus.sys - ok
    00:00:23.0224 3096 [ B15A671443B98FC8A7BB0E8A78C3F65E ] C:\Windows\System32\drivers\L1C62x86.sys
    00:00:23.0226 3096 C:\Windows\System32\drivers\L1C62x86.sys - ok
    00:00:23.0236 3096 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] C:\Windows\System32\drivers\amdppm.sys
    00:00:23.0236 3096 C:\Windows\System32\drivers\amdppm.sys - ok
    00:00:23.0249 3096 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
    00:00:23.0249 3096 C:\Windows\System32\drivers\CompositeBus.sys - ok
    00:00:23.0262 3096 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
    00:00:23.0262 3096 C:\Windows\System32\drivers\agilevpn.sys - ok
    00:00:23.0274 3096 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
    00:00:23.0276 3096 C:\Windows\System32\drivers\rasl2tp.sys - ok
    00:00:23.0289 3096 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
    00:00:23.0289 3096 C:\Windows\System32\drivers\ndistapi.sys - ok
    00:00:23.0300 3096 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
    00:00:23.0300 3096 C:\Windows\System32\drivers\ndiswan.sys - ok
    00:00:23.0310 3096 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
    00:00:23.0310 3096 C:\Windows\System32\drivers\raspppoe.sys - ok
    00:00:23.0321 3096 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
    00:00:23.0321 3096 C:\Windows\System32\drivers\raspptp.sys - ok
    00:00:23.0333 3096 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
    00:00:23.0333 3096 C:\Windows\System32\drivers\rassstp.sys - ok
    00:00:23.0347 3096 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
    00:00:23.0347 3096 C:\Windows\System32\drivers\rdpbus.sys - ok
    00:00:23.0360 3096 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
    00:00:23.0360 3096 C:\Windows\System32\drivers\kbdclass.sys - ok
    00:00:23.0372 3096 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
    00:00:23.0372 3096 C:\Windows\System32\drivers\mouclass.sys - ok
    00:00:23.0385 3096 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
    00:00:23.0385 3096 C:\Windows\System32\drivers\ks.sys - ok
    00:00:23.0397 3096 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
    00:00:23.0397 3096 C:\Windows\System32\drivers\swenum.sys - ok
    00:00:23.0409 3096 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
    00:00:23.0410 3096 C:\Windows\System32\drivers\umbus.sys - ok
    00:00:23.0423 3096 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
    00:00:23.0423 3096 C:\Windows\System32\drivers\usbhub.sys - ok
    00:00:23.0437 3096 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
    00:00:23.0437 3096 C:\Windows\System32\drivers\ndproxy.sys - ok
    00:00:23.0450 3096 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
    00:00:23.0451 3096 C:\Windows\System32\drivers\drmk.sys - ok
    00:00:23.0463 3096 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
    00:00:23.0463 3096 C:\Windows\System32\drivers\portcls.sys - ok
    00:00:23.0476 3096 [ 0FD8A26BB84F61F9301B2D7B91151818 ] C:\Windows\System32\drivers\RTKVHDA.sys
    00:00:23.0477 3096 C:\Windows\System32\drivers\RTKVHDA.sys - ok
    00:00:23.0497 3096 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
    00:00:23.0497 3096 C:\Windows\System32\autochk.exe - ok
    00:00:23.0506 3096 [ 3CBE72BDF167CC075B7CFA09B2089B4C ] C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
    00:00:23.0506 3096 C:\PROGRA~1\AVG\AVG2013\avgrsx.exe - ok
    00:00:23.0519 3096 [ 3B3D5E94A5F24417BE2C179DDD883702 ] C:\Program Files\AVG\AVG2013\avgsysx.dll
    00:00:23.0519 3096 C:\Program Files\AVG\AVG2013\avgsysx.dll - ok
    00:00:23.0532 3096 [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files\AVG\AVG2013\avgntopensslx.dll
    00:00:23.0532 3096 C:\Program Files\AVG\AVG2013\avgntopensslx.dll - ok
    00:00:23.0545 3096 [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files\AVG\AVG2013\avglogx.dll
    00:00:23.0545 3096 C:\Program Files\AVG\AVG2013\avglogx.dll - ok
    00:00:23.0552 3096 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
    00:00:23.0552 3096 C:\Windows\System32\drivers\hidparse.sys - ok
    00:00:23.0568 3096 [ B682E1CC0FDC7AC04B71D1FA9A07EF21 ] C:\Windows\System32\drivers\hidclass.sys
    00:00:23.0568 3096 C:\Windows\System32\drivers\hidclass.sys - ok
    00:00:23.0579 3096 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
    00:00:23.0579 3096 C:\Windows\System32\drivers\usbd.sys - ok
    00:00:23.0591 3096 [ 25072FB35AC90B25F9E4E3BACF774102 ] C:\Windows\System32\drivers\hidusb.sys
    00:00:23.0591 3096 C:\Windows\System32\drivers\hidusb.sys - ok
    00:00:23.0604 3096 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
    00:00:23.0604 3096 C:\Windows\System32\drivers\mouhid.sys - ok
    00:00:23.0617 3096 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
    00:00:23.0617 3096 C:\Windows\System32\drivers\usbccgp.sys - ok
    00:00:23.0630 3096 [ 3D9F0EBF350EDCFD6498057301455964 ] C:\Windows\System32\drivers\kbdhid.sys
    00:00:23.0630 3096 C:\Windows\System32\drivers\kbdhid.sys - ok
    00:00:23.0643 3096 [ D8889D56E0D27E57ED4591837FE71D27 ] C:\Windows\System32\drivers\USBSTOR.SYS
    00:00:23.0643 3096 C:\Windows\System32\drivers\USBSTOR.SYS - ok
    00:00:23.0656 3096 [ F95D55859E9ABF442161A738CDACA3B2 ] C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll
    00:00:23.0656 3096 C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll - ok
    00:00:23.0668 3096 [ 414F57444511B818DB23FA5CF89F3205 ] C:\PROGRA~1\AVG\AVG2013\avgclitx.dll
    00:00:23.0669 3096 C:\PROGRA~1\AVG\AVG2013\avgclitx.dll - ok
    00:00:23.0682 3096 [ 6D2EDE5CC51FF35004BD07E9EF3E1996 ] C:\PROGRA~1\AVG\AVG2013\avgcclix.dll
    00:00:23.0682 3096 C:\PROGRA~1\AVG\AVG2013\avgcclix.dll - ok
    00:00:23.0695 3096 [ 53B18D940D7155C49D507F076AF43554 ] C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    00:00:23.0696 3096 C:\Program Files\AVG\AVG2013\avgcsrvx.exe - ok
    00:00:23.0712 3096 [ D97B5EAE263304486002000F90FA3EA0 ] C:\Program Files\AVG\AVG2013\avgcorex.dll
    00:00:23.0713 3096 C:\Program Files\AVG\AVG2013\avgcorex.dll - ok
    00:00:23.0720 3096 [ E365153089457720A70B19811D1F3B19 ] C:\Program Files\AVG\AVG2013\avgcertx.dll
    00:00:23.0721 3096 C:\Program Files\AVG\AVG2013\avgcertx.dll - ok
    00:00:23.0734 3096 [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files\AVG\AVG2013\avgchclx.dll
    00:00:23.0734 3096 C:\Program Files\AVG\AVG2013\avgchclx.dll - ok
    00:00:23.0747 3096 [ EC70AFEE4E70DE5F16933F934E44EF10 ] C:\Program Files\AVG\AVG2013\avgcommx.dll
    00:00:23.0747 3096 C:\Program Files\AVG\AVG2013\avgcommx.dll - ok
    00:00:23.0760 3096 [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files\AVG\AVG2013\avgntsqlitex.dll
    00:00:23.0760 3096 C:\Program Files\AVG\AVG2013\avgntsqlitex.dll - ok
    00:00:23.0773 3096 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
    00:00:23.0774 3096 C:\Windows\System32\imagehlp.dll - ok
    00:00:23.0786 3096 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
    00:00:23.0786 3096 C:\Windows\System32\psapi.dll - ok
    00:00:23.0798 3096 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
    00:00:23.0799 3096 C:\Windows\System32\gdi32.dll - ok
    00:00:23.0805 3096 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
    00:00:23.0805 3096 C:\Windows\System32\imm32.dll - ok
    00:00:23.0819 3096 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
    00:00:23.0819 3096 C:\Windows\System32\oleaut32.dll - ok
    00:00:23.0834 3096 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
    00:00:23.0834 3096 C:\Windows\System32\setupapi.dll - ok
    00:00:23.0844 3096 [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\System32\urlmon.dll
    00:00:23.0844 3096 C:\Windows\System32\urlmon.dll - ok
    00:00:23.0856 3096 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
    00:00:23.0856 3096 C:\Windows\System32\rpcrt4.dll - ok
    00:00:23.0869 3096 [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\System32\shell32.dll
    00:00:23.0869 3096 C:\Windows\System32\shell32.dll - ok
    00:00:23.0882 3096 [ AE09B85158C66E2C154C5C9B3C0027B3 ] C:\Windows\System32\kernel32.dll
    00:00:23.0882 3096 C:\Windows\System32\kernel32.dll - ok
    00:00:23.0894 3096 [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\System32\iertutil.dll
    00:00:23.0894 3096 C:\Windows\System32\iertutil.dll - ok
    00:00:23.0907 3096 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
    00:00:23.0907 3096 C:\Windows\System32\nsi.dll - ok
    00:00:23.0919 3096 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
    00:00:23.0919 3096 C:\Windows\System32\advapi32.dll - ok
    00:00:23.0932 3096 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
    00:00:23.0932 3096 C:\Windows\System32\normaliz.dll - ok
    00:00:23.0944 3096 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
    00:00:23.0945 3096 C:\Windows\System32\sechost.dll - ok
    00:00:23.0957 3096 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
    00:00:23.0957 3096 C:\Windows\System32\shlwapi.dll - ok
    00:00:23.0969 3096 [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\System32\wininet.dll
    00:00:23.0969 3096 C:\Windows\System32\wininet.dll - ok
    00:00:23.0982 3096 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
    00:00:23.0982 3096 C:\Windows\System32\user32.dll - ok
    00:00:23.0995 3096 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
    00:00:23.0995 3096 C:\Windows\System32\lpk.dll - ok
    00:00:24.0007 3096 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
    00:00:24.0007 3096 C:\Windows\System32\msvcrt.dll - ok
    00:00:24.0020 3096 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
    00:00:24.0020 3096 C:\Windows\System32\Wldap32.dll - ok
    00:00:24.0032 3096 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
    00:00:24.0033 3096 C:\Windows\System32\ole32.dll - ok
    00:00:24.0045 3096 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
    00:00:24.0045 3096 C:\Windows\System32\comdlg32.dll - ok
    00:00:24.0058 3096 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\System32\usp10.dll
    00:00:24.0058 3096 C:\Windows\System32\usp10.dll - ok
    00:00:24.0066 3096 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
    00:00:24.0066 3096 C:\Windows\System32\difxapi.dll - ok
    00:00:24.0078 3096 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
    00:00:24.0079 3096 C:\Windows\System32\msctf.dll - ok
    00:00:24.0090 3096 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
    00:00:24.0090 3096 C:\Windows\System32\clbcatq.dll - ok
    00:00:24.0103 3096 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
    00:00:24.0103 3096 C:\Windows\System32\ws2_32.dll - ok
    00:00:24.0115 3096 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    00:00:24.0116 3096 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
    00:00:24.0129 3096 [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\System32\crypt32.dll
    00:00:24.0130 3096 C:\Windows\System32\crypt32.dll - ok
    00:00:24.0142 3096 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
    00:00:24.0142 3096 C:\Windows\System32\wintrust.dll - ok
    00:00:24.0155 3096 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    00:00:24.0155 3096 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
    00:00:24.0168 3096 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
    00:00:24.0168 3096 C:\Windows\System32\comctl32.dll - ok
    00:00:24.0181 3096 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    00:00:24.0181 3096 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
    00:00:24.0194 3096 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    00:00:24.0195 3096 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
    00:00:24.0207 3096 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    00:00:24.0207 3096 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
    00:00:24.0220 3096 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
    00:00:24.0220 3096 C:\Windows\System32\cfgmgr32.dll - ok
    00:00:24.0233 3096 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
    00:00:24.0233 3096 C:\Windows\System32\devobj.dll - ok
    00:00:24.0244 3096 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    00:00:24.0245 3096 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
    00:00:24.0258 3096 [ AD88D390C9417C959E08F8BF6F2B8154 ] C:\Windows\System32\KernelBase.dll
    00:00:24.0258 3096 C:\Windows\System32\KernelBase.dll - ok
    00:00:24.0271 3096 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
    00:00:24.0271 3096 C:\Windows\System32\msasn1.dll - ok
    00:00:24.0283 3096 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
    00:00:24.0283 3096 C:\Windows\System32\drivers\dxapi.sys - ok
    00:00:24.0296 3096 [ 4D52150FC35E333F6CBBB6B6E6D9366D ] C:\Windows\System32\win32k.sys
    00:00:24.0296 3096 C:\Windows\System32\win32k.sys - ok
    00:00:24.0308 3096 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
    00:00:24.0308 3096 C:\Windows\System32\csrss.exe - ok
    00:00:24.0316 3096 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
    00:00:24.0316 3096 C:\Windows\System32\basesrv.dll - ok
    00:00:24.0329 3096 [ 23AB7E36551C6BA5370EF7F05142F0EB ] C:\Windows\System32\csrsrv.dll
    00:00:24.0329 3096 C:\Windows\System32\csrsrv.dll - ok
    00:00:24.0341 3096 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\System32\winsrv.dll
    00:00:24.0341 3096 C:\Windows\System32\winsrv.dll - ok
    00:00:24.0353 3096 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
    00:00:24.0353 3096 C:\Windows\System32\drivers\monitor.sys - ok
    00:00:24.0366 3096 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
    00:00:24.0366 3096 C:\Windows\System32\tsddd.dll - ok
    00:00:24.0381 3096 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
    00:00:24.0381 3096 C:\Windows\System32\sxssrv.dll - ok
    00:00:24.0390 3096 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
    00:00:24.0390 3096 C:\Windows\System32\cdd.dll - ok
    00:00:24.0403 3096 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
    00:00:24.0404 3096 C:\Windows\System32\wininit.exe - ok
    00:00:24.0416 3096 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
    00:00:24.0416 3096 C:\Windows\System32\profapi.dll - ok
    00:00:24.0429 3096 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
    00:00:24.0429 3096 C:\Windows\System32\KBDUS.DLL - ok
    00:00:24.0441 3096 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
    00:00:24.0441 3096 C:\Windows\System32\RpcRtRemote.dll - ok
    00:00:24.0454 3096 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
    00:00:24.0454 3096 C:\Windows\System32\WlS0WndH.dll - ok
    00:00:24.0467 3096 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
    00:00:24.0467 3096 C:\Windows\System32\sxs.dll - ok
    00:00:24.0479 3096 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
    00:00:24.0479 3096 C:\Windows\System32\cryptbase.dll - ok
    00:00:24.0491 3096 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
    00:00:24.0491 3096 C:\Windows\System32\apphelp.dll - ok
    00:00:24.0504 3096 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
    00:00:24.0504 3096 C:\Windows\System32\services.exe - ok
    00:00:24.0516 3096 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
    00:00:24.0516 3096 C:\Windows\System32\lsass.exe - ok
    00:00:24.0528 3096 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
    00:00:24.0528 3096 C:\Windows\System32\lsm.exe - ok
    00:00:24.0541 3096 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
    00:00:24.0541 3096 C:\Windows\System32\sspicli.dll - ok
    00:00:24.0554 3096 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
    00:00:24.0554 3096 C:\Windows\System32\sysntfy.dll - ok
    00:00:24.0567 3096 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
    00:00:24.0568 3096 C:\Windows\System32\scesrv.dll - ok
    00:00:24.0580 3096 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
    00:00:24.0580 3096 C:\Windows\System32\scext.dll - ok
    00:00:24.0592 3096 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
    00:00:24.0592 3096 C:\Windows\System32\secur32.dll - ok
    00:00:24.0605 3096 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
    00:00:24.0605 3096 C:\Windows\System32\sspisrv.dll - ok
    00:00:24.0618 3096 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
    00:00:24.0618 3096 C:\Windows\System32\wmsgapi.dll - ok
    00:00:24.0630 3096 [ 444430C44727B5F22B4DC17284798EBD ] C:\Windows\System32\lsasrv.dll
    00:00:24.0630 3096 C:\Windows\System32\lsasrv.dll - ok
    00:00:24.0642 3096 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
    00:00:24.0642 3096 C:\Windows\System32\srvcli.dll - ok
    00:00:24.0656 3096 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
    00:00:24.0656 3096 C:\Windows\System32\cryptdll.dll - ok
    00:00:24.0669 3096 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
    00:00:24.0669 3096 C:\Windows\System32\samsrv.dll - ok
    00:00:24.0681 3096 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
    00:00:24.0682 3096 C:\Windows\System32\wevtapi.dll - ok
    00:00:24.0696 3096 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
    00:00:24.0696 3096 C:\Windows\System32\authz.dll - ok
    00:00:24.0708 3096 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
    00:00:24.0708 3096 C:\Windows\System32\bcrypt.dll - ok
    00:00:24.0720 3096 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
    00:00:24.0721 3096 C:\Windows\System32\cngaudit.dll - ok
    00:00:24.0733 3096 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
    00:00:24.0734 3096 C:\Windows\System32\ncrypt.dll - ok
    00:00:24.0746 3096 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
    00:00:24.0746 3096 C:\Windows\System32\winlogon.exe - ok
    00:00:24.0758 3096 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
    00:00:24.0758 3096 C:\Windows\System32\msprivs.dll - ok
    00:00:24.0771 3096 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
    00:00:24.0771 3096 C:\Windows\System32\winsta.dll - ok
    00:00:24.0783 3096 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
    00:00:24.0783 3096 C:\Windows\System32\netjoin.dll - ok
    00:00:24.0795 3096 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
    00:00:24.0795 3096 C:\Windows\System32\kerberos.dll - ok
    00:00:24.0805 3096 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
    00:00:24.0805 3096 C:\Windows\System32\negoexts.dll - ok
    00:00:24.0816 3096 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
    00:00:24.0816 3096 C:\Windows\System32\cryptsp.dll - ok
    00:00:24.0824 3096 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
    00:00:24.0824 3096 C:\Windows\System32\mswsock.dll - ok
    00:00:24.0837 3096 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
    00:00:24.0837 3096 C:\Windows\System32\wship6.dll - ok
    00:00:24.0850 3096 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
    00:00:24.0850 3096 C:\Windows\System32\msv1_0.dll - ok
    00:00:24.0862 3096 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
    00:00:24.0863 3096 C:\Windows\System32\netlogon.dll - ok
    00:00:24.0874 3096 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
    00:00:24.0875 3096 C:\Windows\System32\dnsapi.dll - ok
    00:00:24.0887 3096 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
    00:00:24.0887 3096 C:\Windows\System32\logoncli.dll - ok
    00:00:24.0899 3096 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\System32\schannel.dll
    00:00:24.0900 3096 C:\Windows\System32\schannel.dll - ok
    00:00:24.0912 3096 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
    00:00:24.0912 3096 C:\Windows\System32\wdigest.dll - ok
    00:00:24.0926 3096 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
    00:00:24.0926 3096 C:\Windows\System32\rsaenh.dll - ok
    00:00:24.0937 3096 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
    00:00:24.0938 3096 C:\Windows\System32\pku2u.dll - ok
    00:00:24.0950 3096 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
    00:00:24.0950 3096 C:\Windows\System32\TSpkg.dll - ok
    00:00:24.0962 3096 [ 45DAF17CA094EB0A3E7A3955B31F03B6 ] C:\Windows\System32\LIVESSP.DLL
    00:00:24.0962 3096 C:\Windows\System32\LIVESSP.DLL - ok
    00:00:24.0975 3096 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
    00:00:24.0975 3096 C:\Windows\System32\bcryptprimitives.dll - ok
    00:00:24.0988 3096 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
    00:00:24.0988 3096 C:\Windows\System32\efslsaext.dll - ok
    00:00:25.0001 3096 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
    00:00:25.0001 3096 C:\Windows\System32\credssp.dll - ok
    00:00:25.0013 3096 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
    00:00:25.0013 3096 C:\Windows\System32\scecli.dll - ok
    00:00:25.0025 3096 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
    00:00:25.0025 3096 C:\Windows\System32\ubpm.dll - ok
    00:00:25.0037 3096 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
    00:00:25.0038 3096 C:\Windows\System32\svchost.exe - ok
    00:00:25.0052 3096 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
    00:00:25.0052 3096 C:\Windows\System32\umpnpmgr.dll - ok
    00:00:25.0062 3096 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
    00:00:25.0063 3096 C:\Windows\System32\devrtl.dll - ok
    00:00:25.0070 3096 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
    00:00:25.0070 3096 C:\Windows\System32\SPInf.dll - ok
    00:00:25.0083 3096 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
    00:00:25.0083 3096 C:\Windows\System32\userenv.dll - ok
    00:00:25.0096 3096 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
    00:00:25.0096 3096 C:\Windows\System32\gpapi.dll - ok
    00:00:25.0108 3096 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
    00:00:25.0108 3096 C:\Windows\System32\umpo.dll - ok
    00:00:25.0120 3096 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
    00:00:25.0120 3096 C:\Windows\System32\pcwum.dll - ok
    00:00:25.0133 3096 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
    00:00:25.0133 3096 C:\Windows\System32\powrprof.dll - ok
    00:00:25.0146 3096 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
    00:00:25.0146 3096 C:\Windows\System32\drivers\luafv.sys - ok
    00:00:25.0158 3096 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
    00:00:25.0158 3096 C:\Windows\System32\rpcss.dll - ok
    00:00:25.0170 3096 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
    00:00:25.0171 3096 C:\Windows\System32\RpcEpMap.dll - ok
    00:00:25.0183 3096 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
    00:00:25.0183 3096 C:\Windows\System32\WSHTCPIP.DLL - ok
    00:00:25.0196 3096 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
    00:00:25.0196 3096 C:\Windows\System32\wshqos.dll - ok
    00:00:25.0208 3096 [ EC98CA8298F67926FA50876348534B1D ] C:\Windows\System32\atiesrxx.exe
    00:00:25.0208 3096 C:\Windows\System32\atiesrxx.exe - ok
    00:00:25.0221 3096 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
    00:00:25.0221 3096 C:\Windows\System32\FirewallAPI.dll - ok
    00:00:25.0234 3096 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
    00:00:25.0234 3096 C:\Windows\System32\wtsapi32.dll - ok
    00:00:25.0246 3096 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
    00:00:25.0247 3096 C:\Windows\System32\version.dll - ok
    00:00:25.0259 3096 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
    00:00:25.0259 3096 C:\Windows\System32\LogonUI.exe - ok
    00:00:25.0271 3096 [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\System32\authui.dll
    00:00:25.0271 3096 C:\Windows\System32\authui.dll - ok
    00:00:25.0283 3096 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
    00:00:25.0283 3096 C:\Windows\System32\cryptui.dll - ok
    00:00:25.0296 3096 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
    00:00:25.0297 3096 C:\Windows\System32\wevtsvc.dll - ok
    00:00:25.0314 3096 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    00:00:25.0314 3096 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
    00:00:25.0322 3096 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
    00:00:25.0322 3096 C:\Windows\System32\shacct.dll - ok
    00:00:25.0330 3096 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
    00:00:25.0331 3096 C:\Windows\System32\samlib.dll - ok
    00:00:25.0343 3096 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
    00:00:25.0343 3096 C:\Windows\System32\propsys.dll - ok
    00:00:25.0356 3096 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
    00:00:25.0356 3096 C:\Windows\System32\uxtheme.dll - ok
    00:00:25.0368 3096 [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
    00:00:25.0368 3096 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
    00:00:25.0380 3096 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
    00:00:25.0381 3096 C:\Windows\System32\dui70.dll - ok
    00:00:25.0393 3096 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
    00:00:25.0393 3096 C:\Windows\System32\adtschema.dll - ok
    00:00:25.0405 3096 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
    00:00:25.0405 3096 C:\Windows\System32\duser.dll - ok
    00:00:25.0418 3096 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
    00:00:25.0418 3096 C:\Windows\System32\audiosrv.dll - ok
    00:00:25.0431 3096 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
    00:00:25.0431 3096 C:\Windows\System32\SndVolSSO.dll - ok
    00:00:25.0442 3096 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
    00:00:25.0443 3096 C:\Windows\System32\hid.dll - ok
    00:00:25.0457 3096 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
    00:00:25.0458 3096 C:\Windows\System32\MMDevAPI.dll - ok
    00:00:25.0468 3096 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
    00:00:25.0468 3096 C:\Windows\System32\dwmapi.dll - ok
    00:00:25.0481 3096 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
    00:00:25.0481 3096 C:\Windows\System32\xmllite.dll - ok
    00:00:25.0494 3096 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
    00:00:25.0494 3096 C:\Windows\System32\avrt.dll - ok
    00:00:25.0508 3096 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
    00:00:25.0508 3096 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
    00:00:25.0521 3096 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
    00:00:25.0521 3096 C:\Windows\System32\WUDFPlatform.dll - ok
    00:00:25.0534 3096 [ E12C4928B32ACE04610259647F072635 ] C:\Windows\System32\FntCache.dll
    00:00:25.0534 3096 C:\Windows\System32\FntCache.dll - ok
    00:00:25.0547 3096 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
    00:00:25.0547 3096 C:\Windows\System32\drivers\fltMgr.sys - ok
    00:00:25.0559 3096 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\System32\WindowsCodecs.dll
    00:00:25.0559 3096 C:\Windows\System32\WindowsCodecs.dll - ok
    00:00:25.0571 3096 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
    00:00:25.0572 3096 C:\Windows\System32\winbrand.dll - ok
    00:00:25.0580 3096 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
    00:00:25.0580 3096 C:\Windows\System32\PSHED.DLL - ok
    00:00:25.0592 3096 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
    00:00:25.0593 3096 C:\Windows\System32\VaultCredProvider.dll - ok
    00:00:25.0607 3096 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
    00:00:25.0607 3096 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
    00:00:25.0620 3096 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
    00:00:25.0620 3096 C:\Windows\System32\BioCredProv.dll - ok
    00:00:25.0633 3096 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
    00:00:25.0633 3096 C:\Windows\System32\credui.dll - ok
    00:00:25.0646 3096 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
    00:00:25.0647 3096 C:\Windows\System32\netapi32.dll - ok
    00:00:25.0658 3096 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
    00:00:25.0658 3096 C:\Windows\System32\vaultcli.dll - ok
    00:00:25.0671 3096 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
    00:00:25.0671 3096 C:\Windows\System32\winbio.dll - ok
    00:00:25.0684 3096 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
    00:00:25.0684 3096 C:\Windows\System32\netutils.dll - ok
    00:00:25.0698 3096 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
    00:00:25.0698 3096 C:\Windows\System32\samcli.dll - ok
    00:00:25.0710 3096 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
    00:00:25.0710 3096 C:\Windows\System32\wkscli.dll - ok
    00:00:25.0723 3096 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
    00:00:25.0723 3096 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
    00:00:25.0736 3096 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
    00:00:25.0736 3096 C:\Windows\System32\mmcss.dll - ok
    00:00:25.0750 3096 [ F598DCBF5B7171362A2418E27D73276B ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
    00:00:25.0750 3096 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
    00:00:25.0765 3096 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
    00:00:25.0765 3096 C:\Windows\System32\certCredProvider.dll - ok
    00:00:25.0776 3096 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
    00:00:25.0776 3096 C:\Windows\System32\rasapi32.dll - ok
    00:00:25.0789 3096 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
    00:00:25.0789 3096 C:\Windows\System32\rasplap.dll - ok
    00:00:25.0801 3096 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
    00:00:25.0801 3096 C:\Windows\System32\rasman.dll - ok
    00:00:25.0814 3096 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
    00:00:25.0814 3096 C:\Windows\System32\rtutils.dll - ok
    00:00:25.0826 3096 [ 15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll
    00:00:25.0826 3096 C:\Windows\System32\cscsvc.dll - ok
    00:00:25.0834 3096 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll
    00:00:25.0834 3096 C:\Windows\System32\PeerDist.dll - ok
    00:00:25.0847 3096 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
    00:00:25.0847 3096 C:\Windows\System32\gpsvc.dll - ok
    00:00:25.0860 3096 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
    00:00:25.0860 3096 C:\Windows\System32\taskschd.dll - ok
    00:00:25.0875 3096 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
    00:00:25.0875 3096 C:\Windows\System32\themeservice.dll - ok
    00:00:25.0885 3096 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
    00:00:25.0885 3096 C:\Windows\System32\mstask.dll - ok
    00:00:25.0898 3096 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
    00:00:25.0899 3096 C:\Windows\System32\profsvc.dll - ok
    00:00:25.0910 3096 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
    00:00:25.0910 3096 C:\Windows\System32\es.dll - ok
    00:00:25.0922 3096 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
    00:00:25.0923 3096 C:\Windows\System32\nlaapi.dll - ok
    00:00:25.0937 3096 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
    00:00:25.0937 3096 C:\Windows\System32\atl.dll - ok
    00:00:25.0949 3096 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
    00:00:25.0949 3096 C:\Windows\System32\dsrole.dll - ok
    00:00:25.0961 3096 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
    00:00:25.0962 3096 C:\Windows\System32\slc.dll - ok
    00:00:25.0974 3096 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
    00:00:25.0974 3096 C:\Windows\System32\comres.dll - ok
    00:00:25.0986 3096 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
    00:00:25.0987 3096 C:\Windows\System32\UXInit.dll - ok
    00:00:25.0999 3096 [ D63E32285C4031A4C9A1EA8BC1F21229 ] C:\Windows\System32\atieclxx.exe
    00:00:25.0999 3096 C:\Windows\System32\atieclxx.exe - ok
    00:00:26.0012 3096 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
    00:00:26.0012 3096 C:\Windows\System32\Sens.dll - ok
    00:00:26.0023 3096 [ D079246AF03C0090E0FEC1F7801BFC1E ] C:\Windows\System32\atiadlxx.dll
    00:00:26.0024 3096 C:\Windows\System32\atiadlxx.dll - ok
    00:00:26.0037 3096 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
    00:00:26.0037 3096 C:\Windows\System32\uxsms.dll - ok
    00:00:26.0050 3096 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
    00:00:26.0050 3096 C:\Windows\System32\drivers\lltdio.sys - ok
    00:00:26.0062 3096 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
    00:00:26.0062 3096 C:\Windows\System32\drivers\rspndr.sys - ok
    00:00:26.0074 3096 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
    00:00:26.0074 3096 C:\Windows\System32\IPHLPAPI.DLL - ok
    00:00:26.0088 3096 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
    00:00:26.0088 3096 C:\Windows\System32\lmhsvc.dll - ok
    00:00:26.0095 3096 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
    00:00:26.0095 3096 C:\Windows\System32\nrpsrv.dll - ok
    00:00:26.0107 3096 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
    00:00:26.0108 3096 C:\Windows\System32\winnsi.dll - ok
    00:00:26.0120 3096 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
    00:00:26.0120 3096 C:\Windows\System32\nsisvc.dll - ok
    00:00:26.0133 3096 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
    00:00:26.0133 3096 C:\Windows\System32\dhcpcore.dll - ok
    00:00:26.0145 3096 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
    00:00:26.0145 3096 C:\Windows\System32\dhcpcore6.dll - ok
    00:00:26.0159 3096 [ 505A327F8577625EF0C469914903170E ] C:\Windows\System32\atimuixx.dll
    00:00:26.0159 3096 C:\Windows\System32\atimuixx.dll - ok
    00:00:26.0172 3096 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
    00:00:26.0172 3096 C:\Windows\System32\dnsrslvr.dll - ok
    00:00:26.0184 3096 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
    00:00:26.0185 3096 C:\Windows\System32\FWPUCLNT.DLL - ok
    00:00:26.0198 3096 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
    00:00:26.0198 3096 C:\Windows\System32\dnsext.dll - ok
    00:00:26.0209 3096 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
    00:00:26.0209 3096 C:\Windows\System32\dhcpcsvc.dll - ok
    00:00:26.0222 3096 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
    00:00:26.0222 3096 C:\Windows\System32\shsvcs.dll - ok
    00:00:26.0234 3096 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
    00:00:26.0235 3096 C:\Windows\System32\dhcpcsvc6.dll - ok
    00:00:26.0247 3096 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
    00:00:26.0248 3096 C:\Windows\System32\imageres.dll - ok
    00:00:26.0260 3096 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
    00:00:26.0260 3096 C:\Windows\System32\schedsvc.dll - ok
    00:00:26.0272 3096 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
    00:00:26.0272 3096 C:\Windows\System32\ktmw32.dll - ok
    00:00:26.0285 3096 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
    00:00:26.0285 3096 C:\Windows\System32\fveapi.dll - ok
    00:00:26.0298 3096 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
    00:00:26.0298 3096 C:\Windows\System32\fvecerts.dll - ok
    00:00:26.0310 3096 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
    00:00:26.0310 3096 C:\Windows\System32\tbs.dll - ok
    00:00:26.0323 3096 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
    00:00:26.0323 3096 C:\Windows\System32\wiarpc.dll - ok
    00:00:26.0335 3096 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
    00:00:26.0335 3096 C:\Windows\System32\taskcomp.dll - ok
    00:00:26.0342 3096 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
    00:00:26.0342 3096 C:\Windows\System32\ntmarta.dll - ok
    00:00:26.0356 3096 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
    00:00:26.0356 3096 C:\Windows\System32\drivers\http.sys - ok
    00:00:26.0368 3096 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
    00:00:26.0368 3096 C:\Windows\System32\spoolsv.exe - ok
    00:00:26.0381 3096 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
    00:00:26.0382 3096 C:\Windows\System32\taskeng.exe - ok
    00:00:26.0393 3096 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
    00:00:26.0393 3096 C:\Windows\System32\BFE.DLL - ok
    00:00:26.0406 3096 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
    00:00:26.0406 3096 C:\Windows\System32\dllhost.exe - ok
    00:00:26.0420 3096 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
    00:00:26.0420 3096 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
    00:00:26.0432 3096 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
    00:00:26.0433 3096 C:\Windows\System32\IDStore.dll - ok
    00:00:26.0445 3096 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
    00:00:26.0446 3096 C:\Windows\System32\TSChannel.dll - ok
    00:00:26.0458 3096 [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe
    00:00:26.0458 3096 C:\Windows\System32\taskhost.exe - ok
    00:00:26.0471 3096 [ A3901CD2E276484003C2944F78BEB80E ] C:\Windows\System32\lpksetup.exe
    00:00:26.0471 3096 C:\Windows\System32\lpksetup.exe - ok
    00:00:26.0484 3096 [ 4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
    00:00:26.0484 3096 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
    00:00:26.0498 3096 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
    00:00:26.0499 3096 C:\Windows\System32\drivers\bowser.sys - ok
    00:00:26.0510 3096 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
    00:00:26.0510 3096 C:\Windows\System32\drivers\mpsdrv.sys - ok
    00:00:26.0523 3096 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
    00:00:26.0523 3096 C:\Windows\System32\drivers\mrxsmb.sys - ok
    00:00:26.0536 3096 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
    00:00:26.0536 3096 C:\Windows\System32\drivers\mrxsmb10.sys - ok
    00:00:26.0552 3096 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
    00:00:26.0552 3096 C:\Windows\System32\drivers\mrxsmb20.sys - ok
    00:00:26.0561 3096 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
    00:00:26.0561 3096 C:\Windows\System32\MPSSVC.dll - ok
    00:00:26.0573 3096 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
    00:00:26.0574 3096 C:\Windows\System32\rasadhlp.dll - ok
    00:00:26.0586 3096 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
    00:00:26.0586 3096 C:\Windows\System32\umb.dll - ok
    00:00:26.0593 3096 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
    00:00:26.0593 3096 C:\Windows\System32\localspl.dll - ok
    00:00:26.0607 3096 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
    00:00:26.0607 3096 C:\Windows\System32\spoolss.dll - ok
    00:00:26.0622 3096 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
    00:00:26.0622 3096 C:\Windows\System32\winspool.drv - ok
    00:00:26.0635 3096 [ D390D81293F69C5724263449ACA17AE6 ] C:\Windows\System32\CNCALB1.DLL
    00:00:26.0635 3096 C:\Windows\System32\CNCALB1.DLL - ok
    00:00:26.0648 3096 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
    00:00:26.0649 3096 C:\Windows\System32\PrintIsolationProxy.dll - ok
    00:00:26.0660 3096 [ 0389A3348F370E9B0DCF77E55B80281F ] C:\Windows\System32\CNMLMB1.DLL
    00:00:26.0660 3096 C:\Windows\System32\CNMLMB1.DLL - ok
    00:00:26.0673 3096 [ 915BC36C1F6BF3FAA55E2BC3CED08101 ] C:\Windows\System32\CNMNPPM.DLL
    00:00:26.0673 3096 C:\Windows\System32\CNMNPPM.DLL - ok
    00:00:26.0688 3096 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
    00:00:26.0688 3096 C:\Windows\System32\FXSMON.dll - ok
    00:00:26.0700 3096 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
    00:00:26.0701 3096 C:\Windows\System32\snmpapi.dll - ok
    00:00:26.0713 3096 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
    00:00:26.0713 3096 C:\Windows\System32\tcpmon.dll - ok
    00:00:26.0725 3096 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
    00:00:26.0726 3096 C:\Windows\System32\msxml6.dll - ok
    00:00:26.0738 3096 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
    00:00:26.0739 3096 C:\Windows\System32\wsnmp32.dll - ok
    00:00:26.0751 3096 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
    00:00:26.0751 3096 C:\Windows\System32\usbmon.dll - ok
    00:00:26.0763 3096 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
    00:00:26.0763 3096 C:\Windows\System32\wkssvc.dll - ok
    00:00:26.0775 3096 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
    00:00:26.0775 3096 C:\Windows\System32\WSDMon.dll - ok
    00:00:26.0788 3096 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
    00:00:26.0788 3096 C:\Windows\System32\WSDApi.dll - ok
    00:00:26.0801 3096 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\System32\dpx.dll
    00:00:26.0801 3096 C:\Windows\System32\dpx.dll - ok
    00:00:26.0813 3096 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
    00:00:26.0813 3096 C:\Windows\System32\webservices.dll - ok
    00:00:26.0828 3096 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
    00:00:26.0828 3096 C:\Windows\System32\wfapigp.dll - ok
    00:00:26.0839 3096 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
    00:00:26.0839 3096 C:\Windows\System32\fundisc.dll - ok
    00:00:26.0846 3096 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
    00:00:26.0846 3096 C:\Windows\System32\mpr.dll - ok
    00:00:26.0859 3096 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    00:00:26.0860 3096 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
    00:00:26.0873 3096 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
    00:00:26.0873 3096 C:\Windows\System32\drivers\parport.sys - ok
    00:00:26.0885 3096 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
    00:00:26.0885 3096 C:\Windows\System32\fdPnp.dll - ok
    00:00:26.0899 3096 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    00:00:26.0899 3096 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
    00:00:26.0911 3096 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
    00:00:26.0911 3096 C:\Windows\System32\userinit.exe - ok
    00:00:26.0923 3096 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
    00:00:26.0924 3096 C:\Windows\System32\mscms.dll - ok
    00:00:26.0936 3096 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
    00:00:26.0937 3096 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
    00:00:26.0950 3096 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
    00:00:26.0950 3096 C:\Windows\System32\MsCtfMonitor.dll - ok
    00:00:26.0962 3096 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\System32\comsvcs.dll
    00:00:26.0962 3096 C:\Windows\System32\comsvcs.dll - ok
    00:00:26.0975 3096 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
    00:00:26.0975 3096 C:\Windows\System32\msutb.dll - ok
    00:00:26.0987 3096 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
    00:00:26.0987 3096 C:\Windows\System32\pcasvc.dll - ok
    00:00:27.0000 3096 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
    00:00:27.0000 3096 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
    00:00:27.0013 3096 [ 50185186719134FA8F307D269106A51C ] C:\Program Files\AVG\AVG2013\avgidsagent.exe
    00:00:27.0013 3096 C:\Program Files\AVG\AVG2013\avgidsagent.exe - ok
    00:00:27.0025 3096 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
    00:00:27.0026 3096 C:\Windows\System32\HotStartUserAgent.dll - ok
    00:00:27.0039 3096 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
    00:00:27.0039 3096 C:\Windows\System32\snmptrap.exe - ok
    00:00:27.0051 3096 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
    00:00:27.0051 3096 C:\Windows\System32\PlaySndSrv.dll - ok
    00:00:27.0064 3096 [ 1F1EAD2698F7FB15317EE12757C81B47 ] C:\Windows\System32\spool\prtprocs\w32x86\CNMPDB1.DLL
    00:00:27.0064 3096 C:\Windows\System32\spool\prtprocs\w32x86\CNMPDB1.DLL - ok
    00:00:27.0076 3096 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\System32\msvcp100.dll
    00:00:27.0076 3096 C:\Windows\System32\msvcp100.dll - ok
    00:00:27.0092 3096 [ FC415B303B1ECF80B5F130A1F7203D02 ] C:\Windows\System32\win32spl.dll
    00:00:27.0092 3096 C:\Windows\System32\win32spl.dll - ok
    00:00:27.0096 3096 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\System32\msvcr100.dll
    00:00:27.0097 3096 C:\Windows\System32\msvcr100.dll - ok
    00:00:27.0110 3096 [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files\AVG\AVG2013\avgopensslx.dll
    00:00:27.0110 3096 C:\Program Files\AVG\AVG2013\avgopensslx.dll - ok
    00:00:27.0123 3096 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
    00:00:27.0123 3096 C:\Windows\System32\inetpp.dll - ok
    00:00:27.0136 3096 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
    00:00:27.0136 3096 C:\Windows\System32\iphlpsvc.dll - ok
    00:00:27.0149 3096 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
    00:00:27.0150 3096 C:\Windows\System32\esent.dll - ok
    00:00:27.0161 3096 [ A86F5616EACB7155998011CEFFFB52F6 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
    00:00:27.0161 3096 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
    00:00:27.0174 3096 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
    00:00:27.0174 3096 C:\Windows\System32\dwm.exe - ok
    00:00:27.0187 3096 [ A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll
    00:00:27.0187 3096 C:\Windows\System32\PeerDistSh.dll - ok
    00:00:27.0200 3096 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
    00:00:27.0200 3096 C:\Windows\System32\dwmredir.dll - ok
    00:00:27.0212 3096 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
    00:00:27.0212 3096 C:\Windows\System32\dwmcore.dll - ok
    00:00:27.0225 3096 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\System32\d3d10_1.dll
    00:00:27.0225 3096 C:\Windows\System32\d3d10_1.dll - ok
    00:00:27.0239 3096 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\System32\d3d10_1core.dll
    00:00:27.0239 3096 C:\Windows\System32\d3d10_1core.dll - ok
    00:00:27.0252 3096 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\System32\dxgi.dll
    00:00:27.0252 3096 C:\Windows\System32\dxgi.dll - ok
    00:00:27.0264 3096 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\System32\d3d11.dll
    00:00:27.0264 3096 C:\Windows\System32\d3d11.dll - ok
    00:00:27.0276 3096 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
    00:00:27.0276 3096 C:\Windows\System32\winmm.dll - ok
    00:00:27.0289 3096 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
    00:00:27.0289 3096 C:\Windows\System32\provsvc.dll - ok
    00:00:27.0302 3096 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
    00:00:27.0302 3096 C:\Windows\System32\cscapi.dll - ok
    00:00:27.0313 3096 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
    00:00:27.0313 3096 C:\Windows\explorer.exe - ok
    00:00:27.0326 3096 [ EE04D1EAA3093341C7E3070C33A82152 ] C:\Windows\System32\aticfx32.dll
    00:00:27.0326 3096 C:\Windows\System32\aticfx32.dll - ok
    00:00:27.0339 3096 [ 3A0977CB68AF13E2579E47EB8984056B ] C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    00:00:27.0339 3096 C:\Program Files\AVG\AVG2013\avgwdsvc.exe - ok
    00:00:27.0352 3096 [ B3ADC081829E4CA1D529C075209BD8FE ] C:\Windows\System32\atiuxpag.dll
    00:00:27.0356 3096 C:\Windows\System32\atiuxpag.dll - ok
    00:00:27.0367 3096 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
    00:00:27.0367 3096 C:\Windows\System32\sstpsvc.dll - ok
    00:00:27.0378 3096 [ B559197BF162E95498B7ABCCF04748E9 ] C:\Windows\System32\atidxx32.dll
    00:00:27.0379 3096 C:\Windows\System32\atidxx32.dll - ok
    00:00:27.0391 3096 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
    00:00:27.0391 3096 C:\Windows\System32\ExplorerFrame.dll - ok
    00:00:27.0404 3096 [ 71EA9078F6E1246B0BBD746C2999723F ] C:\Program Files\AVG\AVG2013\avgcfgx.dll
    00:00:27.0404 3096 C:\Program Files\AVG\AVG2013\avgcfgx.dll - ok
    00:00:27.0417 3096 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
    00:00:27.0417 3096 C:\Windows\System32\uDWM.dll - ok
    00:00:27.0429 3096 [ 43A9F4F75CD6AE062817CA2091807557 ] C:\Windows\System32\spool\drivers\w32x86\3\CNCARB1.DLL
    00:00:27.0429 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNCARB1.DLL - ok
    00:00:27.0442 3096 [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\System32\cryptnet.dll
    00:00:27.0442 3096 C:\Windows\System32\cryptnet.dll - ok
    00:00:27.0454 3096 [ 3897DFF247D9ED0006190349DE264E14 ] C:\Windows\System32\cryptsvc.dll
    00:00:27.0454 3096 C:\Windows\System32\cryptsvc.dll - ok
    00:00:27.0467 3096 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
    00:00:27.0467 3096 C:\Windows\System32\dps.dll - ok
    00:00:27.0479 3096 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
    00:00:27.0479 3096 C:\Windows\System32\EhStorShell.dll - ok
    00:00:27.0494 3096 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll
    00:00:27.0494 3096 C:\Windows\System32\cscui.dll - ok
    00:00:27.0506 3096 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll
    00:00:27.0506 3096 C:\Windows\System32\cscdll.dll - ok
    00:00:27.0519 3096 [ 490D5ADBC56297DB10BC57496C14C357 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
    00:00:27.0520 3096 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
    00:00:27.0534 3096 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
    00:00:27.0534 3096 C:\Windows\System32\ntshrui.dll - ok
    00:00:27.0545 3096 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
    00:00:27.0545 3096 C:\Windows\System32\vssapi.dll - ok
    00:00:27.0557 3096 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
    00:00:27.0557 3096 C:\Windows\System32\vsstrace.dll - ok
    00:00:27.0570 3096 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
    00:00:27.0570 3096 C:\Windows\System32\FDResPub.dll - ok
    00:00:27.0582 3096 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
    00:00:27.0582 3096 C:\Windows\System32\sfc.dll - ok
    00:00:27.0594 3096 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
    00:00:27.0594 3096 C:\Windows\System32\sfc_os.dll - ok
    00:00:27.0607 3096 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
    00:00:27.0607 3096 C:\Windows\System32\IconCodecService.dll - ok
    00:00:27.0615 3096 [ 54E0F4CCD6CE99A807459AF928DD64AC ] C:\Program Files\Canon\IJPLM\ijplmsvc.exe
    00:00:27.0615 3096 C:\Program Files\Canon\IJPLM\ijplmsvc.exe - ok
    00:00:27.0627 3096 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
    00:00:27.0628 3096 C:\Windows\System32\drivers\PEAuth.sys - ok
    00:00:27.0643 3096 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
    00:00:27.0643 3096 C:\Windows\System32\nlasvc.dll - ok
    00:00:27.0653 3096 [ B2D01290C0E0465ACA54C2088E947823 ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    00:00:27.0654 3096 C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
    00:00:27.0668 3096 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
    00:00:27.0668 3096 C:\Windows\System32\ncsi.dll - ok
    00:00:27.0679 3096 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
    00:00:27.0679 3096 C:\Windows\System32\winhttp.dll - ok
    00:00:27.0692 3096 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
    00:00:27.0692 3096 C:\Windows\System32\webio.dll - ok
    00:00:27.0705 3096 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
    00:00:27.0706 3096 C:\Windows\System32\ssdpapi.dll - ok
    00:00:27.0719 3096 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
    00:00:27.0719 3096 C:\Windows\System32\drivers\secdrv.sys - ok
    00:00:27.0731 3096 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
    00:00:27.0731 3096 C:\Windows\System32\drivers\srvnet.sys - ok
    00:00:27.0744 3096 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
    00:00:27.0744 3096 C:\Windows\System32\httpapi.dll - ok
    00:00:27.0757 3096 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
    00:00:27.0757 3096 C:\Windows\System32\wiaservc.dll - ok
    00:00:27.0769 3096 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
    00:00:27.0769 3096 C:\Windows\System32\drivers\tcpipreg.sys - ok
    00:00:27.0783 3096 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
    00:00:27.0783 3096 C:\Windows\System32\sysmain.dll - ok
    00:00:27.0796 3096 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
    00:00:27.0796 3096 C:\Windows\System32\wiatrace.dll - ok
    00:00:27.0808 3096 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
    00:00:27.0809 3096 C:\Windows\System32\trkwks.dll - ok
    00:00:27.0822 3096 [ B5BCC7A382A3CF9C0ECC26C1F3FF2E58 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
    00:00:27.0822 3096 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
    00:00:27.0835 3096 [ 5E7C103F8475C4289847D15E129C20F7 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    00:00:27.0835 3096 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
    00:00:27.0848 3096 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
    00:00:27.0848 3096 C:\Windows\System32\wbem\WMIsvc.dll - ok
    00:00:27.0861 3096 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
    00:00:27.0861 3096 C:\Windows\System32\wbemcomn.dll - ok
    00:00:27.0869 3096 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
    00:00:27.0869 3096 C:\Windows\System32\wbem\fastprox.dll - ok
    00:00:27.0882 3096 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
    00:00:27.0882 3096 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
    00:00:27.0894 3096 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
    00:00:27.0894 3096 C:\Windows\System32\ntdsapi.dll - ok
    00:00:27.0907 3096 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
    00:00:27.0908 3096 C:\Windows\System32\wbem\wbemprox.dll - ok
    00:00:27.0923 3096 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
    00:00:27.0923 3096 C:\Windows\System32\wbem\WinMgmtR.dll - ok
    00:00:27.0932 3096 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
    00:00:27.0934 3096 C:\Windows\System32\wbem\wbemcore.dll - ok
    00:00:27.0945 3096 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
    00:00:27.0945 3096 C:\Windows\System32\wbem\esscli.dll - ok
    00:00:27.0958 3096 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
    00:00:27.0959 3096 C:\Windows\System32\wbem\wbemsvc.dll - ok
    00:00:27.0971 3096 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
    00:00:27.0972 3096 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
    00:00:27.0984 3096 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
    00:00:27.0985 3096 C:\Windows\System32\SensApi.dll - ok
    00:00:27.0997 3096 [ 1FF6400CE6C54790B17E20C0B456799F ] C:\Program Files\AVG\AVG2013\avgwd.dll
    00:00:27.0997 3096 C:\Program Files\AVG\AVG2013\avgwd.dll - ok
    00:00:28.0009 3096 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
    00:00:28.0009 3096 C:\Windows\System32\wer.dll - ok
    00:00:28.0022 3096 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
    00:00:28.0022 3096 C:\Windows\System32\wbem\wmiutils.dll - ok
    00:00:28.0035 3096 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
    00:00:28.0035 3096 C:\Windows\System32\WinSCard.dll - ok
    00:00:28.0047 3096 [ 03B824C5A2AFB0C77F34201B4DED5462 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
    00:00:28.0047 3096 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
    00:00:28.0060 3096 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
    00:00:28.0060 3096 C:\Windows\System32\wbem\repdrvfs.dll - ok
    00:00:28.0074 3096 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
    00:00:28.0074 3096 C:\Windows\System32\drivers\srv2.sys - ok
    00:00:28.0086 3096 [ 67DABFB8EB4AFA87C558504D5FCD43C8 ] C:\Program Files\AVG\AVG2013\avgsecapix.dll
    00:00:28.0087 3096 C:\Program Files\AVG\AVG2013\avgsecapix.dll - ok
    00:00:28.0099 3096 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
    00:00:28.0099 3096 C:\Windows\System32\sqmapi.dll - ok
    00:00:28.0111 3096 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
    00:00:28.0112 3096 C:\Windows\System32\wdscore.dll - ok
    00:00:28.0120 3096 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
    00:00:28.0120 3096 C:\Windows\System32\drivers\srv.sys - ok
    00:00:28.0133 3096 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
    00:00:28.0135 3096 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
    00:00:28.0145 3096 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
    00:00:28.0145 3096 C:\Windows\System32\ncobjapi.dll - ok
    00:00:28.0158 3096 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
    00:00:28.0158 3096 C:\Windows\System32\msi.dll - ok
    00:00:28.0171 3096 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
    00:00:28.0171 3096 C:\Windows\System32\wbem\wbemess.dll - ok
    00:00:28.0183 3096 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
    00:00:28.0183 3096 C:\Windows\System32\netcfgx.dll - ok
    00:00:28.0195 3096 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
    00:00:28.0195 3096 C:\Windows\System32\nci.dll - ok
    00:00:28.0207 3096 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
    00:00:28.0207 3096 C:\Windows\System32\msxml3.dll - ok
    00:00:28.0220 3096 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
    00:00:28.0221 3096 C:\Windows\System32\srvsvc.dll - ok
    00:00:28.0233 3096 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
    00:00:28.0233 3096 C:\Windows\System32\browser.dll - ok
    00:00:28.0245 3096 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
    00:00:28.0245 3096 C:\Windows\System32\netmsg.dll - ok
    00:00:28.0258 3096 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
    00:00:28.0258 3096 C:\Windows\System32\hnetcfg.dll - ok
    00:00:28.0271 3096 [ DAF0C7D1F4E9B057C8151D0B92A6BDA5 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    00:00:28.0272 3096 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
    00:00:28.0285 3096 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
    00:00:28.0285 3096 C:\Windows\System32\sscore.dll - ok
    00:00:28.0297 3096 [ F65BEBE969C232F60C7A13B0F00FB52C ] C:\Program Files\AVG\AVG2013\avgwdwsc.dll
    00:00:28.0297 3096 C:\Program Files\AVG\AVG2013\avgwdwsc.dll - ok
    00:00:28.0309 3096 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
    00:00:28.0310 3096 C:\Windows\System32\clusapi.dll - ok
    00:00:28.0324 3096 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
    00:00:28.0324 3096 C:\Windows\System32\wscapi.dll - ok
    00:00:28.0335 3096 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
    00:00:28.0335 3096 C:\Windows\System32\resutils.dll - ok
    00:00:28.0347 3096 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
    00:00:28.0347 3096 C:\Windows\System32\netprofm.dll - ok
    00:00:28.0361 3096 [ E9501E93FC7A3E6FADB55A09227DF590 ] C:\Program Files\AVG\AVG2013\avgnsx.exe
    00:00:28.0361 3096 C:\Program Files\AVG\AVG2013\avgnsx.exe - ok
    00:00:28.0374 3096 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
    00:00:28.0374 3096 C:\Windows\System32\dssenh.dll - ok
    00:00:28.0387 3096 [ EC45360EF69F034D2D6F52AFE88EA88D ] C:\Program Files\AVG\AVG2013\avgemcx.exe
    00:00:28.0387 3096 C:\Program Files\AVG\AVG2013\avgemcx.exe - ok
    00:00:28.0400 3096 [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files\AVG\AVG2013\avgsched.dll
    00:00:28.0400 3096 C:\Program Files\AVG\AVG2013\avgsched.dll - ok
    00:00:28.0412 3096 [ F01DD7190E67A45BD1D5FA4A12A78AA7 ] C:\Program Files\AVG\AVG2013\avgkrnlapix.dll
    00:00:28.0412 3096 C:\Program Files\AVG\AVG2013\avgkrnlapix.dll - ok
    00:00:28.0425 3096 [ A6639BC625634614DC30392BD81C4001 ] C:\Program Files\AVG\AVG2013\avgidpsdkx.dll
    00:00:28.0425 3096 C:\Program Files\AVG\AVG2013\avgidpsdkx.dll - ok
    00:00:28.0438 3096 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
    00:00:28.0438 3096 C:\Windows\System32\ndiscapCfg.dll - ok
    00:00:28.0450 3096 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
    00:00:28.0450 3096 C:\Windows\System32\rascfg.dll - ok
    00:00:28.0462 3096 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
    00:00:28.0462 3096 C:\Windows\System32\mprapi.dll - ok
    00:00:28.0475 3096 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
    00:00:28.0475 3096 C:\Windows\System32\mprmsg.dll - ok
    00:00:28.0488 3096 [ AF31E7D2C385F647ADFD5F5736B3BA64 ] C:\Windows\System32\mshtml.dll
    00:00:28.0488 3096 C:\Windows\System32\mshtml.dll - ok
    00:00:28.0502 3096 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
    00:00:28.0502 3096 C:\Windows\System32\tcpipcfg.dll - ok
    00:00:28.0514 3096 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
    00:00:28.0514 3096 C:\Windows\System32\wshnetbs.dll - ok
    00:00:28.0526 3096 [ A51FA9427CFC53B8E4BD11A627C7E3BD ] C:\Program Files\Internet Explorer\sqmapi.dll
    00:00:28.0526 3096 C:\Program Files\Internet Explorer\sqmapi.dll - ok
    00:00:28.0539 3096 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\System32\hidserv.dll
    00:00:28.0539 3096 C:\Windows\System32\hidserv.dll - ok
    00:00:28.0552 3096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
    00:00:28.0552 3096 C:\Windows\System32\wdi.dll - ok
    00:00:28.0564 3096 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
    00:00:28.0564 3096 C:\Windows\System32\npmproxy.dll - ok
    00:00:28.0577 3096 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
    00:00:28.0577 3096 C:\Windows\System32\wpdbusenum.dll - ok
    00:00:28.0589 3096 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
    00:00:28.0589 3096 C:\Windows\System32\diagperf.dll - ok
    00:00:28.0604 3096 [ EACFDF31921F51C097629F1F3C9129B4 ] C:\Windows\System32\appinfo.dll
    00:00:28.0604 3096 C:\Windows\System32\appinfo.dll - ok
    00:00:28.0615 3096 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
    00:00:28.0615 3096 C:\Windows\System32\perftrack.dll - ok
    00:00:28.0623 3096 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
    00:00:28.0623 3096 C:\Windows\System32\PortableDeviceApi.dll - ok
    00:00:28.0636 3096 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
    00:00:28.0637 3096 C:\Windows\System32\pnpts.dll - ok
    00:00:28.0649 3096 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
    00:00:28.0649 3096 C:\Windows\System32\radardt.dll - ok
    00:00:28.0661 3096 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
    00:00:28.0662 3096 C:\Windows\System32\Apphlpdm.dll - ok
    00:00:28.0675 3096 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
    00:00:28.0675 3096 C:\Windows\System32\aepic.dll - ok
    00:00:28.0689 3096 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
    00:00:28.0689 3096 C:\Windows\System32\wdiasqmmodule.dll - ok
    00:00:28.0702 3096 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
    00:00:28.0703 3096 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
    00:00:28.0715 3096 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    00:00:28.0715 3096 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
    00:00:28.0731 3096 [ 867C301E8B790040AE9CF6486E8041DF ] C:\Windows\System32\drivers\WUDFRd.sys
    00:00:28.0731 3096 C:\Windows\System32\drivers\WUDFRd.sys - ok
    00:00:28.0741 3096 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
    00:00:28.0742 3096 C:\Windows\System32\drivers\WUDFPf.sys - ok
    00:00:28.0754 3096 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
    00:00:28.0755 3096 C:\Windows\System32\WUDFSvc.dll - ok
    00:00:28.0767 3096 [ 61E6487189D68BD8D6D68A4CD4290846 ] C:\Windows\System32\lpksetupproxyserv.dll
    00:00:28.0767 3096 C:\Windows\System32\lpksetupproxyserv.dll - ok
    00:00:28.0779 3096 [ 980B6A5F92B8DB235C4A26728C2BE732 ] C:\Windows\System32\WUDFHost.exe
    00:00:28.0780 3096 C:\Windows\System32\WUDFHost.exe - ok
    00:00:28.0792 3096 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
    00:00:28.0793 3096 C:\Windows\System32\runonce.exe - ok
    00:00:28.0805 3096 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe
    00:00:28.0805 3096 C:\Windows\servicing\TrustedInstaller.exe - ok
    00:00:28.0817 3096 [ A36F7A256E65D858A7039DB00ADEEBDD ] C:\Windows\System32\WUDFx.dll
    00:00:28.0817 3096 C:\Windows\System32\WUDFx.dll - ok
    00:00:28.0830 3096 [ 7ABBDC3B08950992D218FA1E52D52A96 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
    00:00:28.0830 3096 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
    00:00:28.0843 3096 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
    00:00:28.0843 3096 C:\Windows\System32\dbghelp.dll - ok
    00:00:28.0855 3096 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL
    00:00:28.0855 3096 C:\Windows\System32\WMVCORE.DLL - ok
    00:00:28.0869 3096 [ 5B3D1C528CD6674FF6BD1F6720F5A686 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll
    00:00:28.0870 3096 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll - ok
    00:00:28.0876 3096 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
    00:00:28.0876 3096 C:\Windows\System32\cmd.exe - ok
    00:00:28.0891 3096 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL
    00:00:28.0892 3096 C:\Windows\System32\WMASF.DLL - ok
    00:00:28.0903 3096 [ 3FA214B377B8711D859F950FDFEFF739 ] C:\Windows\System32\conhost.exe
    00:00:28.0904 3096 C:\Windows\System32\conhost.exe - ok
    00:00:28.0915 3096 [ 8896EF6DEBA34C5507A488729A1D3AF2 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
    00:00:28.0915 3096 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll - ok
    00:00:28.0928 3096 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\System32\PortableDeviceClassExtension.dll
    00:00:28.0929 3096 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
    00:00:28.0941 3096 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
    00:00:28.0941 3096 C:\Windows\System32\PortableDeviceTypes.dll - ok
    00:00:28.0954 3096 [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\System32\ieframe.dll
    00:00:28.0954 3096 C:\Windows\System32\ieframe.dll - ok
    00:00:28.0966 3096 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
    00:00:28.0967 3096 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
    00:00:28.0979 3096 [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\System32\shdocvw.dll
    00:00:28.0979 3096 C:\Windows\System32\shdocvw.dll - ok
    00:00:28.0993 3096 [ 4CCF86AAD1B67168FB51A477307EC288 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
    00:00:28.0993 3096 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll - ok
    00:00:29.0006 3096 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll
    00:00:29.0006 3096 C:\Windows\System32\srclient.dll - ok
    00:00:29.0019 3096 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll
    00:00:29.0020 3096 C:\Windows\System32\spp.dll - ok
    00:00:29.0031 3096 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\System32\sxsstore.dll
    00:00:29.0031 3096 C:\Windows\System32\sxsstore.dll - ok
    00:00:29.0044 3096 [ C9B89E87CB6D87FA4CC3F04EBC9F3D1C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
    00:00:29.0044 3096 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll - ok
    00:00:29.0057 3096 [ 665748B8F1770EFE09AC75D8EC020100 ] C:\Windows\servicing\CbsApi.dll
    00:00:29.0058 3096 C:\Windows\servicing\CbsApi.dll - ok
    00:00:29.0070 3096 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\System32\HelpPaneProxy.dll
    00:00:29.0070 3096 C:\Windows\System32\HelpPaneProxy.dll - ok
    00:00:29.0083 3096 [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\Al\AppData\Local\Temp\7CD0EFEC-5648-4A71-94B0-04818109DCB1.exe
    00:00:29.0084 3096 C:\Users\Al\AppData\Local\Temp\7CD0EFEC-5648-4A71-94B0-04818109DCB1.exe - ok
    00:00:29.0097 3096 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
    00:00:29.0097 3096 C:\Windows\System32\timedate.cpl - ok
    00:00:29.0109 3096 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
    00:00:29.0109 3096 C:\Windows\System32\actxprxy.dll - ok
    00:00:29.0122 3096 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
    00:00:29.0122 3096 C:\Windows\System32\linkinfo.dll - ok
    00:00:29.0129 3096 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
    00:00:29.0129 3096 C:\Windows\System32\msiltcfg.dll - ok
    00:00:29.0143 3096 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
    00:00:29.0143 3096 C:\Windows\System32\msftedit.dll - ok
    00:00:29.0158 3096 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\System32\msls31.dll
    00:00:29.0158 3096 C:\Windows\System32\msls31.dll - ok
    00:00:29.0168 3096 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
    00:00:29.0168 3096 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
    00:00:29.0180 3096 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\System32\gameux.dll
    00:00:29.0180 3096 C:\Windows\System32\gameux.dll - ok
    00:00:29.0193 3096 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
    00:00:29.0193 3096 C:\Windows\System32\aeevts.dll - ok
    00:00:29.0206 3096 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    00:00:29.0206 3096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
    00:00:29.0220 3096 [ 3D24A66867ECE2A70223A83A1B18248D ] C:\Program Files\AVG\AVG2013\avgui.exe
    00:00:29.0220 3096 C:\Program Files\AVG\AVG2013\avgui.exe - ok
    00:00:29.0232 3096 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
    00:00:29.0232 3096 C:\Windows\System32\thumbcache.dll - ok
    00:00:29.0244 3096 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
    00:00:29.0244 3096 C:\Windows\System32\networkexplorer.dll - ok
    00:00:29.0257 3096 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
    00:00:29.0257 3096 C:\Windows\System32\riched20.dll - ok
    00:00:29.0270 3096 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\System32\mfc100u.dll
    00:00:29.0271 3096 C:\Windows\System32\mfc100u.dll - ok
    00:00:29.0282 3096 [ 6EE74128721DF48D8230628EBFC831D5 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    00:00:29.0282 3096 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
    00:00:29.0295 3096 [ 7B59D1D1F458B322A722E95554BB591E ] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
    00:00:29.0295 3096 C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE - ok
    00:00:29.0309 3096 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
    00:00:29.0309 3096 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
    00:00:29.0321 3096 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
    00:00:29.0321 3096 C:\Windows\System32\msimg32.dll - ok
    00:00:29.0334 3096 [ 6705D86C9BCF2D3EABBFE64B7C1A9CC6 ] C:\Program Files\Canon\Solution Menu EX\CCL.DLL
    00:00:29.0334 3096 C:\Program Files\Canon\Solution Menu EX\CCL.DLL - ok
    00:00:29.0347 3096 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Program Files\Canon\Solution Menu EX\mfc80u.dll
    00:00:29.0347 3096 C:\Program Files\Canon\Solution Menu EX\mfc80u.dll - ok
    00:00:29.0360 3096 [ 225518F190EDBC37CA32197A3E94B498 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
    00:00:29.0360 3096 C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
    00:00:29.0373 3096 [ 4DDCA76E20F4A263F7D59F55D5A00071 ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
    00:00:29.0373 3096 C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
    00:00:29.0380 3096 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
    00:00:29.0380 3096 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
    00:00:29.0394 3096 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\System32\mfc100enu.dll
    00:00:29.0394 3096 C:\Windows\System32\mfc100enu.dll - ok
    00:00:29.0407 3096 [ A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
    00:00:29.0408 3096 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
    00:00:29.0421 3096 [ DC5ECEA062C0633346B6D199FA2B578D ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
    00:00:29.0421 3096 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
    00:00:29.0438 3096 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
    00:00:29.0438 3096 C:\Windows\System32\DeviceCenter.dll - ok
    00:00:29.0446 3096 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
    00:00:29.0446 3096 C:\Windows\System32\wdmaud.drv - ok
    00:00:29.0458 3096 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
    00:00:29.0458 3096 C:\Windows\System32\ksuser.dll - ok
    00:00:29.0472 3096 [ B1F6F05AB4E8A9467F731810693F03DF ] C:\Program Files\Canon\Solution Menu EX\CNSEMLNG.DLL
    00:00:29.0472 3096 C:\Program Files\Canon\Solution Menu EX\CNSEMLNG.DLL - ok
    00:00:29.0485 3096 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\System32\UIAnimation.dll
    00:00:29.0485 3096 C:\Windows\System32\UIAnimation.dll - ok
    00:00:29.0500 3096 [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files\AVG\AVG2013\avgidpmx.dll
    00:00:29.0500 3096 C:\Program Files\AVG\AVG2013\avgidpmx.dll - ok
    00:00:29.0512 3096 [ 163A95975E1D8819E653AA3E961371CA ] C:\Windows\twain_32.dll
    00:00:29.0513 3096 C:\Windows\twain_32.dll - ok
    00:00:29.0525 3096 [ 28444FF7740D83F6B3414F4E1DA7709C ] C:\Windows\twain_32\MX430 series\CISDS.ds
    00:00:29.0525 3096 C:\Windows\twain_32\MX430 series\CISDS.ds - ok
    00:00:29.0538 3096 [ 0503D60AFCED7CB601C7CA70C08E8CAC ] C:\Windows\twain_32\wiatwain.ds
    00:00:29.0538 3096 C:\Windows\twain_32\wiatwain.ds - ok
    00:00:29.0550 3096 [ 80279007CAB3549A5999348BD0C23732 ] C:\Windows\System32\wiadss.dll
    00:00:29.0550 3096 C:\Windows\System32\wiadss.dll - ok
    00:00:29.0563 3096 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
    00:00:29.0563 3096 C:\Windows\System32\drprov.dll - ok
    00:00:29.0576 3096 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
    00:00:29.0576 3096 C:\Windows\System32\ntlanman.dll - ok
    00:00:29.0589 3096 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
    00:00:29.0589 3096 C:\Windows\System32\davclnt.dll - ok
    00:00:29.0602 3096 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
    00:00:29.0602 3096 C:\Windows\System32\davhlpr.dll - ok
    00:00:29.0614 3096 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
    00:00:29.0614 3096 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
    00:00:29.0627 3096 [ 7F2B144BC3EAAC5AC55332A206152C38 ] C:\Program Files\Real\RealPlayer\Update\setu3270.dll
    00:00:29.0628 3096 C:\Program Files\Real\RealPlayer\Update\setu3270.dll - ok
    00:00:29.0634 3096 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\System32\sti.dll
    00:00:29.0635 3096 C:\Windows\System32\sti.dll - ok
    00:00:29.0648 3096 [ 06BFAF5D2B8B5B8F960EBC1AE050752E ] C:\Program Files\Real\RealPlayer\realjbox.exe
    00:00:29.0648 3096 C:\Program Files\Real\RealPlayer\realjbox.exe - ok
    00:00:29.0661 3096 [ 8A48305D3E81C513DAC27690B5AA7FC0 ] C:\Program Files\Real\RealPlayer\realplay.exe
    00:00:29.0661 3096 C:\Program Files\Real\RealPlayer\realplay.exe - ok
    00:00:29.0674 3096 [ D5A34D6244FDB9656E1067CEDAB2EF9A ] C:\Program Files\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL
    00:00:29.0674 3096 C:\Program Files\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL - ok
    00:00:29.0687 3096 [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files\AVG\AVG2013\avglngx.dll
    00:00:29.0688 3096 C:\Program Files\AVG\AVG2013\avglngx.dll - ok
    00:00:29.0701 3096 [ B80B70609797F944517186DDAC174A50 ] C:\Program Files\AVG\AVG2013\avguires.dll
    00:00:29.0701 3096 C:\Program Files\AVG\AVG2013\avguires.dll - ok
    00:00:29.0715 3096 [ 730E90935150048A4E5F392FCDD49DA3 ] C:\Program Files\AVG\AVG2013\avgapps.dll
    00:00:29.0715 3096 C:\Program Files\AVG\AVG2013\avgapps.dll - ok
    00:00:29.0728 3096 [ 69538BBCB891652BC1D5BDEBECF4D429 ] C:\Program Files\Real\RealPlayer\rpwa3260.dll
    00:00:29.0728 3096 C:\Program Files\Real\RealPlayer\rpwa3260.dll - ok
    00:00:29.0741 3096 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
    00:00:29.0741 3096 C:\Windows\System32\stobject.dll - ok
    00:00:29.0754 3096 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
    00:00:29.0755 3096 C:\Windows\System32\batmeter.dll - ok
    00:00:29.0766 3096 [ 813054A7D425ABD32C4F8289EC649D40 ] C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL
    00:00:29.0766 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL - ok
    00:00:29.0780 3096 [ 0EF2917EFD6D96E4C9CF121738CF5409 ] C:\Program Files\Canon\Easy-PhotoPrint EX\msvcr80.dll
    00:00:29.0780 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\msvcr80.dll - ok
    00:00:29.0792 3096 [ 72E3384F6E3B20E8DB771E13F77CF4B2 ] C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZMME.DLL
    00:00:29.0793 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZMME.DLL - ok
    00:00:29.0806 3096 [ 8D25A3BF9D0005D264F105414AE2CDE6 ] C:\Program Files\Canon\Easy-PhotoPrint EX\msvcp80.dll
    00:00:29.0806 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\msvcp80.dll - ok
    00:00:29.0819 3096 [ 42705632FCCA1E25F127AB831A01DA79 ] C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL
    00:00:29.0819 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL - ok
    00:00:29.0832 3096 [ D7F96640C368054F8C98212BC46A0BDA ] C:\Program Files\Canon\Easy-PhotoPrint EX\LEJES.DLL
    00:00:29.0832 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\LEJES.DLL - ok
    00:00:29.0845 3096 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
    00:00:29.0845 3096 C:\Windows\System32\prnfldr.dll - ok
    00:00:29.0858 3096 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
    00:00:29.0858 3096 C:\Windows\System32\fdProxy.dll - ok
    00:00:29.0872 3096 [ 3020061F00DDDBF813128162DDE96260 ] C:\Windows\System32\spool\drivers\w32x86\3\CNMDRB1.DLL
    00:00:29.0872 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNMDRB1.DLL - ok
    00:00:29.0884 3096 [ 25E3484970A838B203CD99319541F90A ] C:\Windows\System32\spool\drivers\w32x86\3\CNMUIB1.DLL
    00:00:29.0884 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNMUIB1.DLL - ok
    00:00:29.0892 3096 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
    00:00:29.0892 3096 C:\Windows\System32\DXP.dll - ok
    00:00:29.0904 3096 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
    00:00:29.0904 3096 C:\Windows\System32\Syncreg.dll - ok
    00:00:29.0917 3096 [ 640A476C8867AEAAD8FF9F59A61AFE2F ] C:\Windows\System32\PrintIsolationHost.exe
    00:00:29.0917 3096 C:\Windows\System32\PrintIsolationHost.exe - ok
    00:00:29.0929 3096 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
    00:00:29.0929 3096 C:\Windows\ehome\ehSSO.dll - ok
    00:00:29.0943 3096 [ 1596868426E3CF4DF99F562AA543E0A7 ] C:\Windows\System32\spool\drivers\w32x86\3\CNMCPB1.DLL
    00:00:29.0943 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNMCPB1.DLL - ok
    00:00:29.0956 3096 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
    00:00:29.0956 3096 C:\Windows\System32\netshell.dll - ok
    00:00:29.0968 3096 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\System32\icm32.dll
    00:00:29.0968 3096 C:\Windows\System32\icm32.dll - ok
    00:00:29.0981 3096 [ D038E318A85DD3B1712EF7738B25D979 ] C:\Windows\System32\spool\drivers\w32x86\3\CNMBS3B1.DLL
    00:00:29.0981 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNMBS3B1.DLL - ok
    00:00:29.0996 3096 [ A7934B26A096F39B15960E0A56C1C8C4 ] C:\Windows\System32\bidispl.dll
    00:00:29.0996 3096 C:\Windows\System32\bidispl.dll - ok
    00:00:30.0007 3096 [ 5E7ACBF5953EBEA883111F2D83AED3AB ] C:\Windows\System32\spool\drivers\w32x86\3\CNMFUB1.DLL
    00:00:30.0007 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNMFUB1.DLL - ok
    00:00:30.0019 3096 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
    00:00:30.0020 3096 C:\Windows\System32\AltTab.dll - ok
    00:00:30.0033 3096 [ B8989C55EEC489689ED648DA2097CECB ] C:\Windows\System32\spool\drivers\w32x86\3\CNMEIB1.DLL
    00:00:30.0033 3096 C:\Windows\System32\spool\drivers\w32x86\3\CNMEIB1.DLL - ok
    00:00:30.0045 3096 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
    00:00:30.0046 3096 C:\Windows\System32\WPDShServiceObj.dll - ok
    00:00:30.0058 3096 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
    00:00:30.0058 3096 C:\Windows\System32\SearchIndexer.exe - ok
    00:00:30.0071 3096 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
    00:00:30.0072 3096 C:\Windows\System32\pnidui.dll - ok
    00:00:30.0083 3096 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
    00:00:30.0083 3096 C:\Windows\System32\tquery.dll - ok
    00:00:30.0096 3096 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
    00:00:30.0096 3096 C:\Windows\System32\QUTIL.DLL - ok
    00:00:30.0108 3096 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
    00:00:30.0108 3096 C:\Windows\System32\mssrch.dll - ok
    00:00:30.0124 3096 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll
    00:00:30.0124 3096 C:\Windows\System32\cscobj.dll - ok
    00:00:30.0133 3096 [ A5FD8327EF259825E4F55AD995565E46 ] C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE
    00:00:30.0134 3096 C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE - ok
    00:00:30.0142 3096 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
    00:00:30.0142 3096 C:\Windows\System32\msidle.dll - ok
    00:00:30.0156 3096 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
    00:00:30.0156 3096 C:\Windows\System32\srchadmin.dll - ok
    00:00:30.0167 3096 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
    00:00:30.0167 3096 C:\Windows\System32\netman.dll - ok
    00:00:30.0180 3096 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
    00:00:30.0180 3096 C:\Windows\System32\mssprxy.dll - ok
    00:00:30.0193 3096 [ FB0C5D32B21571BD9A6D960028DF653E ] C:\Program Files\Canon\MP Navigator EX 5.1\mpnex51.exe
    00:00:30.0193 3096 C:\Program Files\Canon\MP Navigator EX 5.1\mpnex51.exe - ok
    00:00:30.0206 3096 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
    00:00:30.0206 3096 C:\Windows\System32\rasdlg.dll - ok
    00:00:30.0218 3096 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
    00:00:30.0218 3096 C:\Windows\System32\dot3api.dll - ok
    00:00:30.0230 3096 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
    00:00:30.0231 3096 C:\Windows\System32\en-US\tquery.dll.mui - ok
    00:00:30.0243 3096 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
    00:00:30.0243 3096 C:\Windows\System32\eappcfg.dll - ok
    00:00:30.0255 3096 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
    00:00:30.0255 3096 C:\Windows\System32\wlanhlp.dll - ok
    00:00:30.0268 3096 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
    00:00:30.0268 3096 C:\Windows\System32\onex.dll - ok
    00:00:30.0281 3096 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
    00:00:30.0281 3096 C:\Windows\System32\wlanapi.dll - ok
    00:00:30.0293 3096 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
    00:00:30.0293 3096 C:\Windows\System32\wlanutil.dll - ok
    00:00:30.0306 3096 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
    00:00:30.0307 3096 C:\Windows\System32\eappprxy.dll - ok
    00:00:30.0319 3096 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
    00:00:30.0319 3096 C:\Windows\System32\ActionCenter.dll - ok
    00:00:30.0331 3096 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
    00:00:30.0331 3096 C:\Windows\System32\WWanAPI.dll - ok
    00:00:30.0344 3096 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
    00:00:30.0344 3096 C:\Windows\System32\wwapi.dll - ok
    00:00:30.0357 3096 [ 929988D1FA9CF94BDDC0E86E1BD29BF4 ] C:\Program Files\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
    00:00:30.0357 3096 C:\Program Files\Canon\IJ Manual\Easy Guide Viewer\cmview.exe - ok
    00:00:30.0369 3096 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
    00:00:30.0370 3096 C:\Windows\System32\QAGENT.DLL - ok
    00:00:30.0382 3096 [ 58F5C421DA4DE765A2501220094B1085 ] C:\Program Files\Canon\Speed Dial Utility\sdutil.exe
    00:00:30.0382 3096 C:\Program Files\Canon\Speed Dial Utility\sdutil.exe - ok
    00:00:30.0396 3096 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
    00:00:30.0396 3096 C:\Windows\System32\bthprops.cpl - ok
    00:00:30.0405 3096 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\System32\webcheck.dll
    00:00:30.0406 3096 C:\Windows\System32\webcheck.dll - ok
    00:00:30.0417 3096 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
    00:00:30.0417 3096 C:\Windows\System32\mlang.dll - ok
    00:00:30.0430 3096 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
    00:00:30.0430 3096 C:\Windows\System32\SyncCenter.dll - ok
    00:00:30.0442 3096 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
    00:00:30.0442 3096 C:\Windows\System32\imapi2.dll - ok
    00:00:30.0455 3096 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
    00:00:30.0456 3096 C:\Windows\System32\hgcpl.dll - ok
    00:00:30.0467 3096 [ C717D9B9C7B86D0D1641992F7BB19C47 ] C:\Program Files\Canon\Easy-WebPrint EX\ewpexdl.dll
    00:00:30.0468 3096 C:\Program Files\Canon\Easy-WebPrint EX\ewpexdl.dll - ok
    00:00:30.0481 3096 [ 70694A8314330B33F12C7838C1B0CC73 ] C:\Program Files\Canon\Easy-WebPrint EX\ewpexdl.exe
    00:00:30.0481 3096 C:\Program Files\Canon\Easy-WebPrint EX\ewpexdl.exe - ok
    00:00:30.0494 3096 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
    00:00:30.0495 3096 C:\Windows\System32\FXSST.dll - ok
    00:00:30.0507 3096 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
    00:00:30.0507 3096 C:\Windows\System32\FXSAPI.dll - ok
    00:00:30.0519 3096 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
    00:00:30.0520 3096 C:\Windows\System32\FXSRESM.dll - ok
    00:00:30.0532 3096 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
    00:00:30.0532 3096 C:\Windows\System32\FXSSVC.exe - ok
    00:00:30.0545 3096 [ A7D777DFCA71A00F938A3AEE2BD7E290 ] C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
    00:00:30.0545 3096 C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE - ok
    00:00:30.0552 3096 ============================================================
    00:00:30.0552 3096 Scan finished
    00:00:30.0552 3096 ============================================================
    00:00:30.0582 3180 Detected object count: 0
    00:00:30.0582 3180 Actual detected object count: 0
    00:03:39.0299 3244 Deinitialize success



    23:56:54.0704 2932 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
    23:56:54.0742 2932 ============================================================
    23:56:54.0742 2932 Current date / time: 2013/07/27 23:56:54.0742
    23:56:54.0742 2932 SystemInfo:
    23:56:54.0742 2932
    23:56:54.0743 2932 OS Version: 6.1.7601 ServicePack: 1.0
    23:56:54.0743 2932 Product type: Workstation
    23:56:54.0743 2932 ComputerName: AL-PC
    23:56:54.0743 2932 UserName: Al
    23:56:54.0743 2932 Windows directory: C:\Windows
    23:56:54.0743 2932 System windows directory: C:\Windows
    23:56:54.0744 2932 Processor architecture: Intel x86
    23:56:54.0744 2932 Number of processors: 2
    23:56:54.0744 2932 Page size: 0x1000
    23:56:54.0744 2932 Boot type: Normal boot
    23:56:54.0744 2932 ============================================================
    23:56:56.0620 2932 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x3C538, SectorsPerTrack: 0x3B, TracksPerCylinder: 0x43, Type 'K0', Flags 0x00000050
    23:56:56.0633 2932 Drive \Device\Harddisk2\DR2 - Size: 0x3D800000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    23:56:56.0637 2932 ============================================================
    23:56:56.0638 2932 \Device\Harddisk0\DR0:
    23:56:56.0638 2932 MBR partitions:
    23:56:56.0638 2932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    23:56:56.0638 2932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
    23:56:56.0638 2932 \Device\Harddisk2\DR2:
    23:56:56.0640 2932 MBR partitions:
    23:56:56.0640 2932 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x1EBFE0
    23:56:56.0640 2932 ============================================================
    23:56:56.0682 2932 C: <-> \Device\Harddisk0\DR0\Partition2
    23:56:56.0682 2932 ============================================================
    23:56:56.0682 2932 Initialize success
    23:56:56.0683 2932 ============================================================
    23:57:31.0686 2292 Deinitialize success

  10. #10
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Glad to hear things are better! Lets go ahead and check for any leftovers.

    1.
    Please download Malwarebytes Anti-Malware [img=http://img233.imageshack.us/img233/7729/mbamicontw5.gif] and save it to your desktop.
    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.[/*]
    • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode. [/*]
    • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.[/*]
    • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.[/*]


    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

    • After completing the scan, a log report will open in Notepad.[/*]
    • The log is automatically saved and can be viewed by clicking the Logs tab .[/*]
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.[/*]
    • Exit Malwarebytes when done.[/*]


    Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

    2.
    I'd like us to scan your machine with ESET OnlineScan
    1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the
        icon on your desktop.
    4. Check "YES, I accept the Terms of Use."
    5. Click the Start button.
    6. Accept any security warnings from your browser.
    7. Under scan settings, check "Scan Archives" and "Remove found threats"
    8. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, click List Threats
    11. Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Click the Back button.
    13. Click the Finish button.


    Things to include in your next reply::
    MBAM log
    Eset log
    How is your machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




Page 1 of 2 12 LastLast