Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Will only start from boot menu [Solved]

Started by 750steve , Sep 30 2012 06:28 PM

This topic is locked

#1
750steve

Posted 30 September 2012 - 06:28 PM

Member

Member
174 posts

MBAM Quick Scan found a few things. I asked it to remove them which it seems to have done, however, i cannot perform a full scan or my PC freezes with MBAM or Avast!. The PC will still only boot through the boot menu if i select the correct drive.

Thanks for your help in advance

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.30.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Stevie :: STEVIE-PC [administrator]

01/10/2012 01:12:18
mbam-log-2012-10-01 (01-12-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225954
Time elapsed: 4 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Marissa\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Marissa\AppData\Local\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Marissa\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.

(end)

OTL.txt (scanned all users)

OTL logfile created on: 01/10/2012 02:13:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stevie\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 57.62% Memory free
6.49 Gb Paging File | 5.07 Gb Available in Paging File | 78.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.55 Gb Total Space | 7.28 Gb Free Space | 12.02% Space Free | Partition Type: NTFS
Drive D: | 237.39 Gb Total Space | 140.11 Gb Free Space | 59.02% Space Free | Partition Type: NTFS
Drive J: | 1.90 Gb Total Space | 1.09 Gb Free Space | 57.24% Space Free | Partition Type: FAT

Computer Name: STEVIE-PC | User Name: Stevie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/01 02:08:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
PRC - [2012/09/08 02:18:25 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/08/28 20:57:26 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012/08/21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2007/06/07 17:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\O2\bin\sprtsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/09/08 02:18:24 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/08/28 20:57:26 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV:64bit: - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/18 03:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/08 02:18:25 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/28 20:57:26 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2010/09/24 17:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/07 17:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\O2\bin\sprtsvc.exe -- (sprtsvc_O2)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 10:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 10:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 10:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 10:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 10:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 10:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011/07/13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2009/08/18 04:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/12/26 03:46:26 | 000,340,992 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wg111v2.sys -- (RTL8187)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmood...tC&cr=941833473
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...tC&cr=941833473
IE - HKLM\..\SearchScopes\{596CB429-7AA9-30B4-A2C5-66DE26D70A3C}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000184d625dca
IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..\SearchScopes\{271486CB-3C99-40D1-8755-EB7A2444F5F1}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Arccosine"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.6
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.8

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Stevie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AutocompletePro\[email protected] [2010/08/10 00:16:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/26 00:25:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/08 02:18:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/08 02:18:22 | 000,000,000 | ---D | M]

[2010/01/24 14:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Extensions
[2012/05/02 08:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions
[2011/03/25 00:14:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions\[email protected]
[2012/05/01 02:14:52 | 000,019,920 | ---- | M] () (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions\[email protected]
[2012/09/08 02:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/08 02:18:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/08 02:18:25 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/25 20:35:20 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/01/02 22:19:26 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml
[2012/08/29 07:50:19 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/25 20:35:20 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/04/25 20:35:20 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/08/29 07:50:19 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/25 20:35:20 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/10/17 13:54:54 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [Welcome Center] C:\Windows\SysWow64\OobeFldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [Welcome Center] C:\Windows\SysWow64\OobeFldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..Trusted Domains: northernbank.co.uk ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites)
O15 - HKU\S-1-5-21-1889034545-1651259220-1048121959-1000\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E9FFF8-EDEF-432B-A88D-1990AA5CDE16}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{270139D7-B3D5-4664-83DA-E1A566FE4B41}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{bf2bdaca-08e4-11df-a77e-001aa09237ef}\Shell - "" = AutoRun
O33 - MountPoints2\{bf2bdaca-08e4-11df-a77e-001aa09237ef}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/01 02:08:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
[2012/10/01 01:11:00 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{55D1E0CF-0BB2-4F68-9A75-00366273A4C0}
[2012/09/21 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\Stevie\Desktop\GPz Turbo Engine Rebuild
[2012/09/08 02:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/07/03 21:51:15 | 003,085,984 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe
[2010/12/17 20:55:23 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe

========== Files - Modified Within 30 Days ==========

[2012/10/01 02:10:37 | 001,551,558 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/01 02:10:37 | 000,596,970 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/01 02:10:36 | 000,005,332 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/01 02:08:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
[2012/10/01 02:04:40 | 000,000,632 | RHS- | M] () -- C:\Users\Stevie\ntuser.pol
[2012/10/01 02:03:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/01 02:03:49 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/01 01:46:23 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 01:46:23 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 01:30:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/01 01:11:47 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/30 22:24:00 | 000,144,444 | ---- | M] () -- C:\Users\Stevie\Desktop\head surface.JPG
[2012/09/29 18:42:23 | 000,179,485 | ---- | M] () -- C:\Users\Stevie\Desktop\DSC01392.JPG
[2012/09/29 18:42:08 | 000,182,766 | ---- | M] () -- C:\Users\Stevie\Desktop\DSC01391.JPG
[2012/09/29 18:41:55 | 000,182,681 | ---- | M] () -- C:\Users\Stevie\Desktop\DSC01390.JPG
[2012/09/24 00:10:16 | 000,120,836 | ---- | M] () -- C:\Users\Stevie\Desktop\PA1223752.jpg
[2012/09/24 00:10:05 | 000,130,076 | ---- | M] () -- C:\Users\Stevie\Desktop\PA1224198.jpg
[2012/09/24 00:09:51 | 000,197,922 | ---- | M] () -- C:\Users\Stevie\Desktop\wsb2012crescentgsxr7.jpg
[2012/09/24 00:09:39 | 000,190,551 | ---- | M] () -- C:\Users\Stevie\Desktop\634762398746245129R06_Sun_Sykes_GB44575.jpg
[2012/09/24 00:09:28 | 000,094,132 | ---- | M] () -- C:\Users\Stevie\Desktop\Checa---Saturday-3.jpg
[2012/09/24 00:09:16 | 000,141,845 | ---- | M] () -- C:\Users\Stevie\Desktop\R12_Sun_Sykes_GB45268.jpg
[2012/09/24 00:09:04 | 000,194,087 | ---- | M] () -- C:\Users\Stevie\Desktop\634833861294151991Jorge-Lorenzo-Misano.jpg
[2012/09/23 21:43:30 | 000,774,642 | ---- | M] () -- C:\Users\Stevie\Desktop\GPz Turbo Technical Training Manual.pdf
[2012/09/08 08:00:52 | 000,002,048 | ---- | M] () -- C:\Users\Stevie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/03 09:48:59 | 000,056,230 | ---- | M] () -- C:\Users\Stevie\Desktop\3319446_120903_044755_3848.png
[2012/09/01 17:43:38 | 000,093,599 | ---- | M] () -- C:\Users\Stevie\Desktop\Ikon Shock Dimensions.pdf
[2012/09/01 17:24:53 | 000,268,544 | ---- | M] () -- C:\Users\Stevie\Desktop\Ikon Kawasaki List.pdf

========== Files Created - No Company Name ==========

[2012/09/30 22:24:00 | 000,144,444 | ---- | C] () -- C:\Users\Stevie\Desktop\head surface.JPG
[2012/09/29 18:41:09 | 000,182,766 | ---- | C] () -- C:\Users\Stevie\Desktop\DSC01391.JPG
[2012/09/29 18:41:09 | 000,182,681 | ---- | C] () -- C:\Users\Stevie\Desktop\DSC01390.JPG
[2012/09/29 18:41:09 | 000,179,485 | ---- | C] () -- C:\Users\Stevie\Desktop\DSC01392.JPG
[2012/09/23 23:57:35 | 000,120,836 | ---- | C] () -- C:\Users\Stevie\Desktop\PA1223752.jpg
[2012/09/23 23:57:15 | 000,130,076 | ---- | C] () -- C:\Users\Stevie\Desktop\PA1224198.jpg
[2012/09/23 23:54:26 | 000,197,922 | ---- | C] () -- C:\Users\Stevie\Desktop\wsb2012crescentgsxr7.jpg
[2012/09/23 23:52:49 | 000,190,551 | ---- | C] () -- C:\Users\Stevie\Desktop\634762398746245129R06_Sun_Sykes_GB44575.jpg
[2012/09/23 23:52:09 | 000,094,132 | ---- | C] () -- C:\Users\Stevie\Desktop\Checa---Saturday-3.jpg
[2012/09/23 23:51:41 | 000,141,845 | ---- | C] () -- C:\Users\Stevie\Desktop\R12_Sun_Sykes_GB45268.jpg
[2012/09/23 23:50:34 | 000,194,087 | ---- | C] () -- C:\Users\Stevie\Desktop\634833861294151991Jorge-Lorenzo-Misano.jpg
[2012/09/23 21:44:19 | 000,774,642 | ---- | C] () -- C:\Users\Stevie\Desktop\GPz Turbo Technical Training Manual.pdf
[2012/09/03 09:48:59 | 000,056,230 | ---- | C] () -- C:\Users\Stevie\Desktop\3319446_120903_044755_3848.png
[2012/09/01 17:43:56 | 000,093,599 | ---- | C] () -- C:\Users\Stevie\Desktop\Ikon Shock Dimensions.pdf
[2012/09/01 17:25:28 | 000,268,544 | ---- | C] () -- C:\Users\Stevie\Desktop\Ikon Kawasaki List.pdf
[2011/09/29 20:00:49 | 000,001,456 | ---- | C] () -- C:\Users\Stevie\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/21 21:48:02 | 000,098,304 | -H-- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/01/27 03:38:50 | 000,000,085 | -H-- | C] () -- C:\Windows\FI_Tool.INI
[2010/01/31 17:08:02 | 000,000,632 | RHS- | C] () -- C:\Users\Stevie\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 15:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Extras.txt

OTL Extras logfile created on: 01/10/2012 02:13:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stevie\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 57.62% Memory free
6.49 Gb Paging File | 5.07 Gb Available in Paging File | 78.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.55 Gb Total Space | 7.28 Gb Free Space | 12.02% Space Free | Partition Type: NTFS
Drive D: | 237.39 Gb Total Space | 140.11 Gb Free Space | 59.02% Space Free | Partition Type: NTFS
Drive J: | 1.90 Gb Total Space | 1.09 Gb Free Space | 57.24% Space Free | Partition Type: FAT

Computer Name: STEVIE-PC | User Name: Stevie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{105CA221-9CE1-4784-85AE-34AE373DE9D8}" = lport=445 | protocol=6 | dir=in | app=system |
"{199B8BEA-1A49-437B-8D19-F0971722DEEE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30B573F8-0262-4E3C-AFC1-FB1302DEAD72}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{361CC61B-EFD1-4EF9-B982-251C17E7A7D9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F8B41B0-608A-410C-9A11-91BADEFBDDE3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{48731C69-C83C-427C-AE00-28B87973DDFC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50E3371C-6CDD-48D9-ACF4-21DAE92B3A9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5BC3F29E-D61D-48B7-9599-10B84A5B000A}" = rport=137 | protocol=17 | dir=out | app=system |
"{718B50CF-89AB-4F51-8232-308FD933F876}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7280DF25-0DA3-4716-A6B7-BCAF5673CAC5}" = rport=138 | protocol=17 | dir=out | app=system |
"{8272899D-CDD1-41BF-AD00-4778143317A9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84D98BC8-AC56-4909-8EFB-8BF77FE0565F}" = lport=137 | protocol=17 | dir=in | app=system |
"{8E74F4AA-85A0-4C22-8FA8-860906C00E02}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9B5356CA-0081-435A-9B64-264A4AA9C4B4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A2FC6ED0-900F-4996-B9F4-CBAFB68F9B30}" = rport=139 | protocol=6 | dir=out | app=system |
"{A32FC9B3-0D59-4FA1-A333-A680515A10E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A84C174D-FE3B-48E2-B1F9-990ACDA7D0AA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AD1478C6-0C48-474B-92C9-24E26129E5F1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B3AE074D-EB2F-495D-833A-3F642EAA3287}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBACF925-DB59-40B5-928C-271B371150FB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{BDEAC07B-D4B7-4E64-9B69-E7213909F16E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C5F2F781-2971-4F14-B83A-5FA2A531937A}" = lport=138 | protocol=17 | dir=in | app=system |
"{CB52EE6B-136A-4A7D-A3E8-4FFED0C52F69}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEF3DA18-ECA6-4A50-A304-02CF3E1F311D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E0F8331A-5930-460D-8D78-428A625A8727}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E2B4F070-200E-4416-84C2-48A5CA2AE19D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E5D487A9-99CC-4E7B-86D7-CC271F069308}" = rport=445 | protocol=6 | dir=out | app=system |
"{FFBF6E31-18B0-4D41-9F21-6FA02AA99E78}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022E245A-1CB3-43B1-9980-E0C433C25E1A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{06581473-95FA-489B-9605-A6696FD2A63C}" = protocol=6 | dir=in | app=c:\program files (x86)\o2\agent\bin\bcont_nm.exe |
"{0B0D0CAA-5635-431D-B17F-DF28213AE85D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0B7A5342-83C0-4C28-9806-206548B1B7B0}" = protocol=58 | dir=in | [email protected],-28545 |
"{13782116-9812-488A-B90D-895978AE491D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B36F24B-823E-4EF8-8995-D385251E8570}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1D8FE708-2D2D-46E3-9165-C47C13807448}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{207FAD99-267E-490E-89EA-4D3A26CA6A37}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\supportsoft\bin\ssrc.exe |
"{2C7C2984-A275-4A41-A2EF-8DC7EC4D1CCF}" = protocol=58 | dir=out | [email protected],-28546 |
"{34B2F1A1-C60E-48BA-9CC7-29848D3DE34B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43DA00C4-F2B1-435D-83A7-FDF8F6697471}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50EEB5E2-7F44-4AFE-ADA1-9D8AB1E1E292}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{521EC5A1-4722-4DD6-B9C5-FA80BFF38E04}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E0BAE48-DD75-4B3B-8892-5FFCC98AF57F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{74FF33EE-00B7-40F4-8C55-EBCFA301AD79}" = protocol=1 | dir=out | [email protected],-28544 |
"{75949415-9D31-4A69-ABAE-09CCFC06D161}" = protocol=17 | dir=in | app=c:\program files (x86)\o2\agent\bin\bcont.exe |
"{78319D8F-0B46-4E0C-ADA2-AE037B8D8BB7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{79A54329-6E64-4C8C-BAD8-9CD24057468F}" = protocol=6 | dir=out | app=system |
"{835B4634-B974-4BEA-BF6E-B9AEFA395B5F}" = protocol=1 | dir=in | [email protected],-28543 |
"{8C9B47F2-C4A5-40DD-A2BC-D8A03E742138}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F72EC5A-66AE-4996-8497-A1B3466773A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94DE09FD-2A25-4B0A-AE73-20E72F035FB0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{999003D8-CFE0-44EB-ABF9-A49311D1BD4C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AA73257D-FB79-4753-ABE1-8F22CBDDC7FA}" = protocol=17 | dir=in | app=d:\utorrent\utorrent.exe |
"{ABD566E6-A29A-41F8-A76D-2AC8AF19DCC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AF9F7E25-A1D8-4B5E-8802-E4E873E093E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B34E9C28-5FF5-4B73-841D-B8E2CE8F28AA}" = protocol=6 | dir=in | app=c:\program files (x86)\o2\agent\bin\bcont.exe |
"{B4EEBBEE-C651-4DB0-940B-8DD906CEFDFE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B87301C5-5C42-4816-B7B5-0DEC5E47D6D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B92BB1CF-5069-4CDF-A6FA-61483A85548D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CFD5E584-0A6D-4E47-8EC8-C838D1C77749}" = protocol=17 | dir=in | app=c:\program files (x86)\o2\agent\bin\bcont_nm.exe |
"{D05260D4-CF9B-4A8A-88B6-F235194EE4C1}" = protocol=6 | dir=in | app=d:\utorrent\utorrent.exe |
"{D869D96C-ED4D-4D26-BBBF-D46FA1D7B37C}" = protocol=6 | dir=in | app=c:\program files (x86)\o2\bin\wificfg.exe |
"{E3BDC439-249C-4D6A-9CF7-50D3D581BF6D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4E71B0B-9716-4BF4-8D3D-DCDA93461BA7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8131111-5B42-4EFE-8A32-EBD4BBAFAA8D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E9AD2FEB-94F5-4439-8B7B-E8DC22882D79}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\supportsoft\bin\ssrc.exe |
"{ED26F063-9963-4EF6-906F-FFFDE06314F6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F7910691-A0ED-4A5C-96A7-83B9D8FB51F7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F8385B91-5493-4E0F-9346-400B8ADF2534}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FE107C5A-F72B-4DE1-A325-51982A565226}" = protocol=17 | dir=in | app=c:\program files (x86)\o2\bin\wificfg.exe |
"{FF1576F9-63C1-400C-96E1-6DBCF31B81AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1EE63DA3-74F2-4743-9783-FB760BE8F61A}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{24CE5823-22D5-4042-AC0C-671FB6B5EEA3}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 7\nero home\nerohome.exe |
"TCP Query User{2971B259-E9DF-4EC8-BB60-92B8D329C1E0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{544ADA3D-8172-4FF9-966F-1F4F047ECAF0}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{C887E384-0DEF-4EF4-A065-70CE2EE5F525}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{26F4EAF6-E005-46A1-8312-E999F6561CD2}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{41F8D45B-EE05-4506-B3CD-ABC9C1F62D3A}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{5978735C-F1EC-4285-89EC-562CDAB1DFD3}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{F5BE8359-33BC-42C0-AEB4-58B6BD2241A9}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{F7B08500-282E-4BA9-8F4E-16AB9624EEBB}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NMMS11" = Nero 11 Mini Repack
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1" = Paint XP version 1.1
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3F7D6F1F-AE40-46E7-95E4-9B2242A6EC6D}_is1" = Hawke ChairGun Pro 1.0.4f
"{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}" = O2 Broadband Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D29159F-227D-45B9-BD70-94564CE259BD}" = O2InstV2Win7UpdateV1
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FCE7F6A7-4AE6-4926-A15F-7B4EF6881438}_is1" = Hawke ChairGun Pro 1.0.5a
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AutocompletePro2_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FI_Tool" = Kawasaki FI Calibration Tool
"Foxit Reader" = Foxit Reader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 en-GB)" = Mozilla Firefox 15.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"SpywareBlaster_is1" = SpywareBlaster 4.6
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1889034545-1651259220-1048121959-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30/09/2012 20:17:25 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 30/09/2012 20:24:05 | Computer Name = Stevie-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 30/09/2012 20:28:09 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 30/09/2012 20:28:09 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 30/09/2012 20:48:57 | Computer Name = Stevie-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 30/09/2012 20:55:28 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 30/09/2012 20:55:28 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 30/09/2012 21:10:33 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 30/09/2012 21:10:33 | Computer Name = Stevie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

[ Media Center Events ]
Error - 08/09/2010 05:30:42 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 10:30:42 - Error connecting to the internet. 10:30:42 - Unable
to contact server..

Error - 08/09/2010 05:31:12 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 10:31:11 - Error connecting to the internet. 10:31:11 - Unable
to contact server..

Error - 07/10/2010 02:24:05 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 07:24:05 - Error connecting to the internet. 07:24:05 - Unable
to contact server..

Error - 07/10/2010 02:24:36 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 07:24:34 - Error connecting to the internet. 07:24:34 - Unable
to contact server..

Error - 07/10/2010 03:25:25 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 08:25:25 - Error connecting to the internet. 08:25:25 - Unable
to contact server..

Error - 07/10/2010 03:25:55 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 08:25:54 - Error connecting to the internet. 08:25:54 - Unable
to contact server..

Error - 07/10/2010 04:26:44 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 09:26:44 - Error connecting to the internet. 09:26:44 - Unable
to contact server..

Error - 07/10/2010 04:27:14 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 09:27:13 - Error connecting to the internet. 09:27:13 - Unable
to contact server..

Error - 07/10/2010 05:28:04 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 10:28:04 - Error connecting to the internet. 10:28:04 - Unable
to contact server..

Error - 07/10/2010 05:28:34 | Computer Name = Stevie-PC | Source = MCUpdate | ID = 0
Description = 10:28:33 - Error connecting to the internet. 10:28:33 - Unable
to contact server..

[ OSession Events ]
Error - 23/01/2011 11:26:34 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23/01/2011 11:26:52 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/05/2011 14:05:46 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/05/2011 14:06:20 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24/06/2011 18:01:07 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24/06/2011 18:01:17 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30/09/2011 17:33:04 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30/09/2011 17:33:26 | Computer Name = Stevie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 30/09/2012 21:06:08 | Computer Name = Stevie-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%5

Error - 30/09/2012 21:06:08 | Computer Name = Stevie-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%5

Error - 30/09/2012 21:06:08 | Computer Name = Stevie-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 30/09/2012 21:06:09 | Computer Name = Stevie-PC | Source = PNRPSvc | ID = 102
Description =

Error - 30/09/2012 21:06:09 | Computer Name = Stevie-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%5

Error - 30/09/2012 21:06:09 | Computer Name = Stevie-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%5

Error - 30/09/2012 21:06:48 | Computer Name = Stevie-PC | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 30/09/2012 21:06:48 | Computer Name = Stevie-PC | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 30/09/2012 21:06:48 | Computer Name = Stevie-PC | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 30/09/2012 21:06:49 | Computer Name = Stevie-PC | Source = WMPNetworkSvc | ID = 866314
Description =

< End of report >

Edited by 750steve, 01 October 2012 - 04:18 AM.

#2
750steve

Posted 16 October 2012 - 07:39 PM

Member

Topic Starter
Member
174 posts

Fresh OTL log.............when running this a box appeared telling me there was no disc inserted, i needed to close it about 5 times

OTL logfile created on: 17/10/2012 02:31:17 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stevie\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 63.45% Memory free
6.49 Gb Paging File | 5.25 Gb Available in Paging File | 80.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.55 Gb Total Space | 6.47 Gb Free Space | 10.68% Space Free | Partition Type: NTFS
Drive D: | 237.39 Gb Total Space | 140.11 Gb Free Space | 59.02% Space Free | Partition Type: NTFS
Drive J: | 1.90 Gb Total Space | 1.03 Gb Free Space | 53.94% Space Free | Partition Type: FAT

Computer Name: STEVIE-PC | User Name: Stevie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 00:52:36 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/09 12:30:20 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/10/01 02:08:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
PRC - [2012/08/21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2010/07/29 01:40:56 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2007/06/07 17:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\O2\bin\sprtsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/14 00:52:35 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/09 12:30:20 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV:64bit: - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/18 03:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 00:52:35 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/09 12:30:20 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2010/09/24 17:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/07 17:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\O2\bin\sprtsvc.exe -- (sprtsvc_O2)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 10:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 10:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 10:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 10:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 10:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 10:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011/07/13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2009/08/18 04:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/12/26 03:46:26 | 000,340,992 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wg111v2.sys -- (RTL8187)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmood...tC&cr=941833473
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...tC&cr=941833473
IE - HKLM\..\SearchScopes\{596CB429-7AA9-30B4-A2C5-66DE26D70A3C}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000184d625dca
IE - HKCU\..\SearchScopes\{271486CB-3C99-40D1-8755-EB7A2444F5F1}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Arccosine"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.6
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.8

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Stevie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AutocompletePro\[email protected] [2010/08/10 00:16:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/26 00:25:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/14 00:52:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/14 00:52:32 | 000,000,000 | ---D | M]

[2010/01/24 14:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Extensions
[2012/05/02 08:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions
[2011/03/25 00:14:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions\[email protected]
[2012/05/01 02:14:52 | 000,019,920 | ---- | M] () (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions\[email protected]
[2012/10/14 00:52:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/14 00:52:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/14 00:52:36 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/25 20:35:20 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/01/02 22:19:26 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml
[2012/08/29 07:50:19 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/25 20:35:20 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/04/25 20:35:20 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 00:52:35 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/25 20:35:20 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/10/17 13:54:54 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\RunOnce: [JavaInstallRetry] C:\Users\Stevie\AppData\LocalLow\Sun\Java\JRERunOnce.exe (Oracle Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: northernbank.co.uk ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites)
O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E9FFF8-EDEF-432B-A88D-1990AA5CDE16}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{270139D7-B3D5-4664-83DA-E1A566FE4B41}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{bf2bdaca-08e4-11df-a77e-001aa09237ef}\Shell - "" = AutoRun
O33 - MountPoints2\{bf2bdaca-08e4-11df-a77e-001aa09237ef}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/16 01:17:34 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{B135C4C4-5092-4C00-8871-21C70A59D701}
[2012/10/15 01:16:59 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{3B6DD81F-EA80-4D6B-AB1F-C5C9D4C6AF5F}
[2012/10/14 16:51:14 | 000,000,000 | ---D | C] -- C:\Users\Stevie\Desktop\Ebay Zephyr
[2012/10/14 00:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/07 13:13:54 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{46DD2F9D-2245-4D4B-AE71-36345FDFD28E}
[2012/10/07 12:16:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/10/01 13:11:25 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{6AE9FAD6-97EA-4D82-81F1-B5791B099044}
[2012/10/01 02:08:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
[2012/10/01 01:11:00 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{55D1E0CF-0BB2-4F68-9A75-00366273A4C0}
[2012/09/21 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\Stevie\Desktop\GPz Turbo Engine Rebuild
[2011/07/03 21:51:15 | 003,085,984 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe
[2010/12/17 20:55:23 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe

========== Files - Modified Within 30 Days ==========

[2012/10/17 02:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/16 00:30:49 | 000,000,632 | RHS- | M] () -- C:\Users\Stevie\ntuser.pol
[2012/10/15 22:41:58 | 001,655,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/15 22:41:58 | 000,651,390 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/15 22:41:58 | 000,005,332 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/15 22:36:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/15 22:36:21 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/15 22:32:33 | 000,109,452 | ---- | M] () -- C:\Users\Stevie\Desktop\photo 1.JPG
[2012/10/14 21:56:24 | 000,118,380 | ---- | M] () -- C:\Users\Stevie\Desktop\DSC01417.JPG
[2012/10/14 21:56:05 | 000,114,845 | ---- | M] () -- C:\Users\Stevie\Desktop\DSC01418.JPG
[2012/10/14 21:55:45 | 000,105,643 | ---- | M] () -- C:\Users\Stevie\Desktop\DSC01416.JPG
[2012/10/14 02:15:32 | 000,002,048 | ---- | M] () -- C:\Users\Stevie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/06 20:35:32 | 000,069,540 | ---- | M] () -- C:\Users\Stevie\Desktop\voucherJPG.JPG
[2012/10/05 21:01:00 | 000,090,046 | ---- | M] () -- C:\Users\Stevie\Desktop\Yokes.JPG
[2012/10/01 02:08:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
[2012/10/01 01:46:23 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 01:46:23 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 01:11:47 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/30 22:24:00 | 000,144,444 | ---- | M] () -- C:\Users\Stevie\Desktop\head surface.JPG
[2012/09/24 00:10:16 | 000,120,836 | ---- | M] () -- C:\Users\Stevie\Desktop\PA1223752.jpg
[2012/09/24 00:10:05 | 000,130,076 | ---- | M] () -- C:\Users\Stevie\Desktop\PA1224198.jpg
[2012/09/24 00:09:51 | 000,197,922 | ---- | M] () -- C:\Users\Stevie\Desktop\wsb2012crescentgsxr7.jpg
[2012/09/24 00:09:39 | 000,190,551 | ---- | M] () -- C:\Users\Stevie\Desktop\634762398746245129R06_Sun_Sykes_GB44575.jpg
[2012/09/24 00:09:28 | 000,094,132 | ---- | M] () -- C:\Users\Stevie\Desktop\Checa---Saturday-3.jpg
[2012/09/24 00:09:16 | 000,141,845 | ---- | M] () -- C:\Users\Stevie\Desktop\R12_Sun_Sykes_GB45268.jpg
[2012/09/24 00:09:04 | 000,194,087 | ---- | M] () -- C:\Users\Stevie\Desktop\634833861294151991Jorge-Lorenzo-Misano.jpg
[2012/09/23 21:43:30 | 000,774,642 | ---- | M] () -- C:\Users\Stevie\Desktop\GPz Turbo Technical Training Manual.pdf

========== Files Created - No Company Name ==========

[2012/10/15 22:23:00 | 000,109,452 | ---- | C] () -- C:\Users\Stevie\Desktop\photo 1.JPG
[2012/10/14 21:54:56 | 000,118,380 | ---- | C] () -- C:\Users\Stevie\Desktop\DSC01417.JPG
[2012/10/14 21:54:56 | 000,114,845 | ---- | C] () -- C:\Users\Stevie\Desktop\DSC01418.JPG
[2012/10/14 21:54:56 | 000,105,643 | ---- | C] () -- C:\Users\Stevie\Desktop\DSC01416.JPG
[2012/10/06 20:34:54 | 000,069,540 | ---- | C] () -- C:\Users\Stevie\Desktop\voucherJPG.JPG
[2012/10/05 21:01:00 | 000,090,046 | ---- | C] () -- C:\Users\Stevie\Desktop\Yokes.JPG
[2012/09/30 22:24:00 | 000,144,444 | ---- | C] () -- C:\Users\Stevie\Desktop\head surface.JPG
[2012/09/23 23:57:35 | 000,120,836 | ---- | C] () -- C:\Users\Stevie\Desktop\PA1223752.jpg
[2012/09/23 23:57:15 | 000,130,076 | ---- | C] () -- C:\Users\Stevie\Desktop\PA1224198.jpg
[2012/09/23 23:54:26 | 000,197,922 | ---- | C] () -- C:\Users\Stevie\Desktop\wsb2012crescentgsxr7.jpg
[2012/09/23 23:52:49 | 000,190,551 | ---- | C] () -- C:\Users\Stevie\Desktop\634762398746245129R06_Sun_Sykes_GB44575.jpg
[2012/09/23 23:52:09 | 000,094,132 | ---- | C] () -- C:\Users\Stevie\Desktop\Checa---Saturday-3.jpg
[2012/09/23 23:51:41 | 000,141,845 | ---- | C] () -- C:\Users\Stevie\Desktop\R12_Sun_Sykes_GB45268.jpg
[2012/09/23 23:50:34 | 000,194,087 | ---- | C] () -- C:\Users\Stevie\Desktop\634833861294151991Jorge-Lorenzo-Misano.jpg
[2012/09/23 21:44:19 | 000,774,642 | ---- | C] () -- C:\Users\Stevie\Desktop\GPz Turbo Technical Training Manual.pdf
[2011/09/29 20:00:49 | 000,001,456 | ---- | C] () -- C:\Users\Stevie\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/21 21:48:02 | 000,098,304 | -H-- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/01/27 03:38:50 | 000,000,085 | -H-- | C] () -- C:\Windows\FI_Tool.INI
[2010/01/31 17:08:02 | 000,000,632 | RHS- | C] () -- C:\Users\Stevie\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 15:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010/01/27 23:28:18 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\.myibay
[2010/12/20 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\Blitware
[2011/01/21 00:46:13 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/31 14:52:05 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/14 11:37:31 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\Facebook
[2011/01/25 23:18:45 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\Foxit Software
[2010/01/24 13:36:38 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\GrabPro
[2010/01/24 14:20:12 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\Notepad++
[2010/12/17 22:27:36 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\Orbit
[2010/11/14 11:46:00 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/10/07 10:30:01 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\uTorrent
[2011/07/09 17:12:17 | 000,000,000 | ---D | M] -- C:\Users\Stevie\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

#3
emeraldnzl

Posted 18 October 2012 - 05:00 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello 750steve,

Sorry for the delay.

Note: Please just paste your logs into the forum without tags. The quote tags can confuse as we often use them in the fix process.

Now

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Next

Please download and run ListParts by Farbar (for 32-bit system)

Please download and run ListParts64 by Farbar (for 64-bit system)

Click on Scan button.

Scan result will open in Notepad.

Post post the log (Result.txt) in your next reply.

So when you return please post
Log.txt
Result.txt

#4
750steve

Posted 18 October 2012 - 05:35 PM

Member

Topic Starter
Member
174 posts

Thank you for your help, here are the TDSkiller scan results. 2 suspicious, no malicious

I had to boot from the hard drive in the boot menu

00:19:50.0588 2748 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
00:19:50.0869 2748 ============================================================
00:19:50.0869 2748 Current date / time: 2012/10/19 00:19:50.0869
00:19:50.0869 2748 SystemInfo:
00:19:50.0869 2748
00:19:50.0869 2748 OS Version: 6.1.7600 ServicePack: 0.0
00:19:50.0869 2748 Product type: Workstation
00:19:50.0869 2748 ComputerName: STEVIE-PC
00:19:50.0869 2748 UserName: Stevie
00:19:50.0869 2748 Windows directory: C:\Windows
00:19:50.0869 2748 System windows directory: C:\Windows
00:19:50.0869 2748 Running under WOW64
00:19:50.0869 2748 Processor architecture: Intel x64
00:19:50.0869 2748 Number of processors: 2
00:19:50.0869 2748 Page size: 0x1000
00:19:50.0869 2748 Boot type: Normal boot
00:19:50.0869 2748 ============================================================
00:19:52.0897 2748 BG loaded
00:20:05.0533 2748 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
00:20:05.0798 2748 Drive \Device\Harddisk3\DR3 - Size: 0x79F00000 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:20:05.0814 2748 ============================================================
00:20:05.0814 2748 \Device\Harddisk0\DR0:
00:20:05.0830 2748 MBR partitions:
00:20:05.0830 2748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x32000
00:20:05.0830 2748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4D800, BlocksNum 0x7918000
00:20:05.0830 2748 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7965800, BlocksNum 0x1DAC8800
00:20:05.0830 2748 \Device\Harddisk3\DR3:
00:20:05.0830 2748 MBR partitions:
00:20:05.0830 2748 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x6, StartLBA 0x177, BlocksNum 0x3CF689
00:20:05.0830 2748 ============================================================
00:20:05.0908 2748 C: <-> \Device\Harddisk0\DR0\Partition2
00:20:06.0064 2748 D: <-> \Device\Harddisk0\DR0\Partition3
00:20:06.0064 2748 ============================================================
00:20:06.0064 2748 Initialize success
00:20:06.0064 2748 ============================================================
00:22:01.0492 3500 ============================================================
00:22:01.0492 3500 Scan started
00:22:01.0492 3500 Mode: Manual; SigCheck; TDLFS;
00:22:01.0492 3500 ============================================================
00:22:02.0912 3500 ================ Scan system memory ========================
00:22:02.0912 3500 System memory - ok
00:22:02.0912 3500 ================ Scan services =============================
00:22:03.0036 3500 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:22:03.0146 3500 1394ohci - ok
00:22:03.0161 3500 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:22:03.0177 3500 ACPI - ok
00:22:03.0192 3500 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:22:03.0224 3500 AcpiPmi - ok
00:22:03.0333 3500 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:22:03.0348 3500 AdobeFlashPlayerUpdateSvc - ok
00:22:03.0395 3500 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:22:03.0426 3500 adp94xx - ok
00:22:03.0426 3500 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:22:03.0442 3500 adpahci - ok
00:22:03.0458 3500 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:22:03.0473 3500 adpu320 - ok
00:22:03.0489 3500 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:22:03.0551 3500 AeLookupSvc - ok
00:22:03.0582 3500 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys
00:22:03.0614 3500 AFD - ok
00:22:03.0629 3500 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:22:03.0645 3500 agp440 - ok
00:22:03.0660 3500 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:22:03.0692 3500 ALG - ok
00:22:03.0692 3500 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:22:03.0707 3500 aliide - ok
00:22:03.0754 3500 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:22:03.0785 3500 AMD External Events Utility - ok
00:22:03.0801 3500 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:22:03.0816 3500 amdide - ok
00:22:03.0832 3500 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:22:03.0848 3500 AmdK8 - ok
00:22:03.0863 3500 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:22:03.0894 3500 AmdPPM - ok
00:22:03.0894 3500 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
00:22:03.0910 3500 amdsata - ok
00:22:03.0926 3500 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:22:03.0941 3500 amdsbs - ok
00:22:03.0941 3500 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
00:22:03.0957 3500 amdxata - ok
00:22:03.0972 3500 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
00:22:04.0019 3500 AppID - ok
00:22:04.0035 3500 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:22:04.0097 3500 AppIDSvc - ok
00:22:04.0113 3500 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
00:22:04.0144 3500 Appinfo - ok
00:22:04.0269 3500 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:22:04.0269 3500 Apple Mobile Device - ok
00:22:04.0300 3500 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
00:22:04.0331 3500 AppMgmt - ok
00:22:04.0347 3500 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:22:04.0362 3500 arc - ok
00:22:04.0378 3500 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:22:04.0394 3500 arcsas - ok
00:22:04.0440 3500 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
00:22:04.0674 3500 aswFsBlk - ok
00:22:04.0721 3500 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:22:04.0737 3500 aswMonFlt - ok
00:22:04.0768 3500 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
00:22:04.0784 3500 aswRdr - ok
00:22:04.0815 3500 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:22:04.0846 3500 aswSnx - ok
00:22:04.0862 3500 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:22:04.0877 3500 aswSP - ok
00:22:04.0893 3500 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:22:04.0908 3500 aswTdi - ok
00:22:04.0955 3500 aswUpdSv - ok
00:22:04.0971 3500 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:22:05.0049 3500 AsyncMac - ok
00:22:05.0064 3500 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:22:05.0080 3500 atapi - ok
00:22:05.0220 3500 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:22:05.0298 3500 atikmdag - ok
00:22:05.0330 3500 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:22:05.0376 3500 AudioEndpointBuilder - ok
00:22:05.0392 3500 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:22:05.0439 3500 AudioSrv - ok
00:22:05.0486 3500 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:22:05.0501 3500 avast! Antivirus - ok
00:22:05.0517 3500 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:22:05.0548 3500 AxInstSV - ok
00:22:05.0579 3500 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:22:05.0610 3500 b06bdrv - ok
00:22:05.0626 3500 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:22:05.0657 3500 b57nd60a - ok
00:22:05.0673 3500 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:22:05.0704 3500 BDESVC - ok
00:22:05.0720 3500 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:22:05.0766 3500 Beep - ok
00:22:05.0798 3500 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
00:22:05.0860 3500 BITS - ok
00:22:05.0876 3500 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:22:05.0891 3500 blbdrive - ok
00:22:05.0954 3500 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:22:05.0985 3500 Bonjour Service - ok
00:22:06.0016 3500 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:22:06.0032 3500 bowser - ok
00:22:06.0047 3500 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:22:06.0078 3500 BrFiltLo - ok
00:22:06.0110 3500 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:22:06.0125 3500 BrFiltUp - ok
00:22:06.0141 3500 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
00:22:06.0203 3500 Browser - ok
00:22:06.0219 3500 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:22:06.0234 3500 Brserid - ok
00:22:06.0250 3500 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:22:06.0281 3500 BrSerWdm - ok
00:22:06.0297 3500 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:22:06.0312 3500 BrUsbMdm - ok
00:22:06.0328 3500 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:22:06.0359 3500 BrUsbSer - ok
00:22:06.0375 3500 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:22:06.0406 3500 BTHMODEM - ok
00:22:06.0422 3500 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:22:06.0468 3500 bthserv - ok
00:22:06.0484 3500 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:22:06.0531 3500 cdfs - ok
00:22:06.0546 3500 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:22:06.0562 3500 cdrom - ok
00:22:06.0578 3500 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
00:22:06.0624 3500 CertPropSvc - ok
00:22:06.0640 3500 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:22:06.0656 3500 circlass - ok
00:22:06.0687 3500 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:22:06.0702 3500 CLFS - ok
00:22:06.0749 3500 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:22:06.0765 3500 clr_optimization_v2.0.50727_32 - ok
00:22:06.0812 3500 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:22:06.0827 3500 clr_optimization_v2.0.50727_64 - ok
00:22:06.0905 3500 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:22:06.0921 3500 clr_optimization_v4.0.30319_32 - ok
00:22:06.0936 3500 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:22:06.0936 3500 clr_optimization_v4.0.30319_64 - ok
00:22:06.0968 3500 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:22:06.0999 3500 CmBatt - ok
00:22:07.0014 3500 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:22:07.0030 3500 cmdide - ok
00:22:07.0046 3500 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
00:22:07.0061 3500 CNG - ok
00:22:07.0077 3500 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:22:07.0092 3500 Compbatt - ok
00:22:07.0092 3500 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:22:07.0124 3500 CompositeBus - ok
00:22:07.0124 3500 COMSysApp - ok
00:22:07.0139 3500 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:22:07.0155 3500 crcdisk - ok
00:22:07.0186 3500 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:22:07.0233 3500 CryptSvc - ok
00:22:07.0264 3500 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
00:22:07.0295 3500 CSC - ok
00:22:07.0326 3500 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
00:22:07.0358 3500 CscService - ok
00:22:07.0389 3500 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:22:07.0451 3500 DcomLaunch - ok
00:22:07.0467 3500 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:22:07.0514 3500 defragsvc - ok
00:22:07.0545 3500 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:22:07.0576 3500 DfsC - ok
00:22:07.0607 3500 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
00:22:07.0623 3500 Dhcp - ok
00:22:07.0654 3500 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:22:07.0701 3500 discache - ok
00:22:07.0716 3500 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:22:07.0716 3500 Disk - ok
00:22:07.0748 3500 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:22:07.0779 3500 Dnscache - ok
00:22:07.0810 3500 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
00:22:07.0872 3500 dot3svc - ok
00:22:07.0888 3500 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
00:22:07.0935 3500 DPS - ok
00:22:07.0950 3500 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:22:07.0982 3500 drmkaud - ok
00:22:08.0028 3500 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:22:08.0060 3500 DXGKrnl - ok
00:22:08.0091 3500 [ 416A2007878ED1D6FC5DDDB9E1F6DB3E ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
00:22:08.0122 3500 e1express - ok
00:22:08.0138 3500 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:22:08.0184 3500 EapHost - ok
00:22:08.0294 3500 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:22:08.0372 3500 ebdrv - ok
00:22:08.0387 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
00:22:08.0403 3500 EFS - ok
00:22:08.0465 3500 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:22:08.0496 3500 ehRecvr - ok
00:22:08.0528 3500 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:22:08.0543 3500 ehSched - ok
00:22:08.0574 3500 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:22:08.0606 3500 elxstor - ok
00:22:08.0621 3500 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:22:08.0637 3500 ErrDev - ok
00:22:08.0684 3500 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:22:08.0715 3500 EventSystem - ok
00:22:08.0746 3500 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:22:08.0793 3500 exfat - ok
00:22:08.0808 3500 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:22:08.0840 3500 fastfat - ok
00:22:08.0886 3500 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
00:22:08.0918 3500 Fax - ok
00:22:08.0933 3500 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:22:08.0964 3500 fdc - ok
00:22:08.0964 3500 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:22:09.0011 3500 fdPHost - ok
00:22:09.0011 3500 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:22:09.0042 3500 FDResPub - ok
00:22:09.0074 3500 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:22:09.0089 3500 FileInfo - ok
00:22:09.0089 3500 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:22:09.0136 3500 Filetrace - ok
00:22:09.0167 3500 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:22:09.0183 3500 flpydisk - ok
00:22:09.0198 3500 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:22:09.0214 3500 FltMgr - ok
00:22:09.0261 3500 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
00:22:09.0292 3500 FontCache - ok
00:22:09.0323 3500 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:22:09.0339 3500 FontCache3.0.0.0 - ok
00:22:09.0354 3500 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:22:09.0370 3500 FsDepends - ok
00:22:09.0401 3500 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:22:09.0417 3500 fssfltr - ok
00:22:09.0542 3500 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:22:09.0573 3500 fsssvc - ok
00:22:09.0604 3500 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:22:09.0620 3500 Fs_Rec - ok
00:22:09.0651 3500 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:22:09.0682 3500 fvevol - ok
00:22:09.0682 3500 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:22:09.0698 3500 gagp30kx - ok
00:22:09.0729 3500 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:22:09.0744 3500 GEARAspiWDM - ok
00:22:09.0776 3500 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
00:22:09.0807 3500 gpsvc - ok
00:22:09.0822 3500 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:22:09.0838 3500 hcw85cir - ok
00:22:09.0885 3500 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:22:09.0916 3500 HdAudAddService - ok
00:22:09.0932 3500 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:22:09.0947 3500 HDAudBus - ok
00:22:09.0978 3500 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:22:09.0994 3500 HidBatt - ok
00:22:10.0010 3500 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:22:10.0041 3500 HidBth - ok
00:22:10.0056 3500 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:22:10.0088 3500 HidIr - ok
00:22:10.0103 3500 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:22:10.0150 3500 hidserv - ok
00:22:10.0166 3500 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:22:10.0181 3500 HidUsb - ok
00:22:10.0197 3500 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:22:10.0244 3500 hkmsvc - ok
00:22:10.0259 3500 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:22:10.0290 3500 HomeGroupListener - ok
00:22:10.0306 3500 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:22:10.0337 3500 HomeGroupProvider - ok
00:22:10.0353 3500 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
00:22:10.0368 3500 HpSAMD - ok
00:22:10.0400 3500 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:22:10.0446 3500 HTTP - ok
00:22:10.0462 3500 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:22:10.0462 3500 hwpolicy - ok
00:22:10.0493 3500 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:22:10.0509 3500 i8042prt - ok
00:22:10.0524 3500 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
00:22:10.0556 3500 iaStorV - ok
00:22:10.0602 3500 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:22:10.0634 3500 idsvc - ok
00:22:10.0634 3500 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:22:10.0649 3500 iirsp - ok
00:22:10.0696 3500 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
00:22:10.0758 3500 IKEEXT - ok
00:22:10.0774 3500 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
00:22:10.0790 3500 intelide - ok
00:22:10.0821 3500 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:22:10.0836 3500 intelppm - ok
00:22:10.0852 3500 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:22:10.0914 3500 IPBusEnum - ok
00:22:10.0930 3500 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:22:10.0977 3500 IpFilterDriver - ok
00:22:10.0977 3500 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:22:10.0992 3500 IPMIDRV - ok
00:22:11.0008 3500 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:22:11.0070 3500 IPNAT - ok
00:22:11.0133 3500 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:22:11.0164 3500 iPod Service - ok
00:22:11.0180 3500 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:22:11.0211 3500 IRENUM - ok
00:22:11.0226 3500 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
00:22:11.0242 3500 isapnp - ok
00:22:11.0273 3500 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:22:11.0289 3500 iScsiPrt - ok
00:22:11.0289 3500 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:22:11.0304 3500 kbdclass - ok
00:22:11.0320 3500 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:22:11.0351 3500 kbdhid - ok
00:22:11.0351 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
00:22:11.0382 3500 KeyIso - ok
00:22:11.0382 3500 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:22:11.0398 3500 KSecDD - ok
00:22:11.0429 3500 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:22:11.0445 3500 KSecPkg - ok
00:22:11.0460 3500 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:22:11.0507 3500 ksthunk - ok
00:22:11.0538 3500 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:22:11.0585 3500 KtmRm - ok
00:22:11.0616 3500 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:22:11.0648 3500 LanmanServer - ok
00:22:11.0663 3500 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:22:11.0710 3500 LanmanWorkstation - ok
00:22:11.0710 3500 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:22:11.0757 3500 lltdio - ok
00:22:11.0788 3500 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:22:11.0835 3500 lltdsvc - ok
00:22:11.0850 3500 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:22:11.0897 3500 lmhosts - ok
00:22:11.0913 3500 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:22:11.0928 3500 LSI_FC - ok
00:22:11.0944 3500 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:22:11.0960 3500 LSI_SAS - ok
00:22:11.0975 3500 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:22:11.0991 3500 LSI_SAS2 - ok
00:22:11.0991 3500 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:22:12.0006 3500 LSI_SCSI - ok
00:22:12.0022 3500 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:22:12.0053 3500 luafv - ok
00:22:12.0069 3500 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:22:12.0084 3500 Mcx2Svc - ok
00:22:12.0100 3500 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:22:12.0116 3500 megasas - ok
00:22:12.0131 3500 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:22:12.0147 3500 MegaSR - ok
00:22:12.0225 3500 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:22:12.0240 3500 Microsoft Office Groove Audit Service - ok
00:22:12.0256 3500 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:22:12.0318 3500 MMCSS - ok
00:22:12.0318 3500 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:22:12.0365 3500 Modem - ok
00:22:12.0396 3500 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:22:12.0412 3500 monitor - ok
00:22:12.0428 3500 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:22:12.0443 3500 mouclass - ok
00:22:12.0459 3500 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:22:12.0459 3500 mouhid - ok
00:22:12.0474 3500 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:22:12.0490 3500 mountmgr - ok
00:22:12.0568 3500 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:22:12.0568 3500 MozillaMaintenance - ok
00:22:12.0599 3500 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
00:22:12.0615 3500 mpio - ok
00:22:12.0615 3500 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:22:12.0662 3500 mpsdrv - ok
00:22:12.0677 3500 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:22:12.0708 3500 MRxDAV - ok
00:22:12.0740 3500 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:22:12.0755 3500 mrxsmb - ok
00:22:12.0802 3500 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:22:12.0833 3500 mrxsmb10 - ok
00:22:12.0864 3500 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:22:12.0880 3500 mrxsmb20 - ok
00:22:12.0896 3500 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
00:22:12.0911 3500 msahci - ok
00:22:12.0911 3500 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
00:22:12.0927 3500 msdsm - ok
00:22:12.0958 3500 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:22:12.0974 3500 MSDTC - ok
00:22:12.0989 3500 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:22:13.0036 3500 Msfs - ok
00:22:13.0036 3500 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:22:13.0083 3500 mshidkmdf - ok
00:22:13.0098 3500 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
00:22:13.0114 3500 msisadrv - ok
00:22:13.0130 3500 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:22:13.0176 3500 MSiSCSI - ok
00:22:13.0192 3500 msiserver - ok
00:22:13.0208 3500 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:22:13.0254 3500 MSKSSRV - ok
00:22:13.0270 3500 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:22:13.0301 3500 MSPCLOCK - ok
00:22:13.0317 3500 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:22:13.0348 3500 MSPQM - ok
00:22:13.0364 3500 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:22:13.0395 3500 MsRPC - ok
00:22:13.0410 3500 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:22:13.0410 3500 mssmbios - ok
00:22:13.0426 3500 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:22:13.0488 3500 MSTEE - ok
00:22:13.0488 3500 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:22:13.0520 3500 MTConfig - ok
00:22:13.0535 3500 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:22:13.0551 3500 Mup - ok
00:22:13.0582 3500 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
00:22:13.0613 3500 napagent - ok
00:22:13.0660 3500 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:22:13.0691 3500 NativeWifiP - ok
00:22:13.0754 3500 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
00:22:13.0769 3500 NBVol - ok
00:22:13.0800 3500 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
00:22:13.0816 3500 NBVolUp - ok
00:22:13.0847 3500 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
00:22:13.0878 3500 NDIS - ok
00:22:13.0894 3500 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:22:13.0925 3500 NdisCap - ok
00:22:13.0941 3500 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:22:13.0972 3500 NdisTapi - ok
00:22:13.0988 3500 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:22:14.0034 3500 Ndisuio - ok
00:22:14.0050 3500 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:22:14.0097 3500 NdisWan - ok
00:22:14.0112 3500 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:22:14.0144 3500 NDProxy - ok
00:22:14.0159 3500 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:22:14.0190 3500 NetBIOS - ok
00:22:14.0206 3500 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:22:14.0268 3500 NetBT - ok
00:22:14.0268 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
00:22:14.0284 3500 Netlogon - ok
00:22:14.0315 3500 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:22:14.0362 3500 Netman - ok
00:22:14.0393 3500 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:22:14.0440 3500 netprofm - ok
00:22:14.0471 3500 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:22:14.0487 3500 NetTcpPortSharing - ok
00:22:14.0502 3500 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:22:14.0518 3500 nfrd960 - ok
00:22:14.0549 3500 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:22:14.0596 3500 NlaSvc - ok
00:22:14.0612 3500 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:22:14.0643 3500 Npfs - ok
00:22:14.0674 3500 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:22:14.0721 3500 nsi - ok
00:22:14.0721 3500 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:22:14.0752 3500 nsiproxy - ok
00:22:14.0799 3500 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:22:14.0846 3500 Ntfs - ok
00:22:14.0846 3500 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:22:14.0892 3500 Null - ok
00:22:14.0892 3500 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
00:22:14.0908 3500 nvraid - ok
00:22:14.0939 3500 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
00:22:14.0955 3500 nvstor - ok
00:22:14.0970 3500 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
00:22:14.0986 3500 nv_agp - ok
00:22:15.0064 3500 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:22:15.0080 3500 odserv - ok
00:22:15.0095 3500 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:22:15.0111 3500 ohci1394 - ok
00:22:15.0158 3500 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:22:15.0173 3500 ose - ok
00:22:15.0204 3500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:22:15.0236 3500 p2pimsvc - ok
00:22:15.0251 3500 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:22:15.0282 3500 p2psvc - ok
00:22:15.0314 3500 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:22:15.0329 3500 Parport - ok
00:22:15.0345 3500 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:22:15.0360 3500 partmgr - ok
00:22:15.0376 3500 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:22:15.0407 3500 PcaSvc - ok
00:22:15.0423 3500 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
00:22:15.0438 3500 pci - ok
00:22:15.0438 3500 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
00:22:15.0454 3500 pciide - ok
00:22:15.0470 3500 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:22:15.0485 3500 pcmcia - ok
00:22:15.0501 3500 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:22:15.0516 3500 pcw - ok
00:22:15.0532 3500 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:22:15.0579 3500 PEAUTH - ok
00:22:15.0626 3500 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:22:15.0672 3500 PeerDistSvc - ok
00:22:15.0735 3500 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:22:15.0750 3500 PerfHost - ok
00:22:15.0797 3500 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
00:22:15.0875 3500 pla - ok
00:22:15.0922 3500 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:22:15.0938 3500 PlugPlay - ok
00:22:15.0969 3500 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:22:16.0000 3500 PNRPAutoReg - ok
00:22:16.0016 3500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:22:16.0031 3500 PNRPsvc - ok
00:22:16.0062 3500 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:22:16.0109 3500 PolicyAgent - ok
00:22:16.0140 3500 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:22:16.0172 3500 Power - ok
00:22:16.0203 3500 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:22:16.0250 3500 PptpMiniport - ok
00:22:16.0265 3500 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:22:16.0296 3500 Processor - ok
00:22:16.0328 3500 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
00:22:16.0390 3500 ProfSvc - ok
00:22:16.0406 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
00:22:16.0421 3500 ProtectedStorage - ok
00:22:16.0437 3500 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:22:16.0484 3500 Psched - ok
00:22:16.0515 3500 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:22:16.0562 3500 ql2300 - ok
00:22:16.0577 3500 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:22:16.0593 3500 ql40xx - ok
00:22:16.0608 3500 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:22:16.0640 3500 QWAVE - ok
00:22:16.0640 3500 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:22:16.0671 3500 QWAVEdrv - ok
00:22:16.0686 3500 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:22:16.0733 3500 RasAcd - ok
00:22:16.0764 3500 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:22:16.0796 3500 RasAgileVpn - ok
00:22:16.0827 3500 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:22:16.0874 3500 RasAuto - ok
00:22:16.0889 3500 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:22:16.0920 3500 Rasl2tp - ok
00:22:16.0936 3500 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
00:22:16.0983 3500 RasMan - ok
00:22:16.0998 3500 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:22:17.0045 3500 RasPppoe - ok
00:22:17.0061 3500 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:22:17.0092 3500 RasSstp - ok
00:22:17.0108 3500 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:22:17.0170 3500 rdbss - ok
00:22:17.0170 3500 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:22:17.0186 3500 rdpbus - ok
00:22:17.0201 3500 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:22:17.0248 3500 RDPCDD - ok
00:22:17.0264 3500 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:22:17.0279 3500 RDPDR - ok
00:22:17.0279 3500 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:22:17.0326 3500 RDPENCDD - ok
00:22:17.0357 3500 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:22:17.0388 3500 RDPREFMP - ok
00:22:17.0404 3500 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:22:17.0451 3500 RDPWD - ok
00:22:17.0466 3500 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:22:17.0482 3500 rdyboost - ok
00:22:17.0498 3500 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:22:17.0544 3500 RemoteAccess - ok
00:22:17.0576 3500 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:22:17.0622 3500 RemoteRegistry - ok
00:22:17.0638 3500 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:22:17.0700 3500 RpcEptMapper - ok
00:22:17.0716 3500 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:22:17.0732 3500 RpcLocator - ok
00:22:17.0763 3500 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
00:22:17.0794 3500 RpcSs - ok
00:22:17.0825 3500 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:22:17.0872 3500 rspndr - ok
00:22:17.0903 3500 [ A48B769DEC76629BD1A021D33C257B17 ] RTL8187 C:\Windows\system32\DRIVERS\wg111v2.sys
00:22:17.0919 3500 RTL8187 - ok
00:22:17.0950 3500 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
00:22:17.0966 3500 s3cap - ok
00:22:17.0981 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
00:22:17.0997 3500 SamSs - ok
00:22:18.0012 3500 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
00:22:18.0028 3500 sbp2port - ok
00:22:18.0059 3500 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:22:18.0106 3500 SCardSvr - ok
00:22:18.0122 3500 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:22:18.0168 3500 scfilter - ok
00:22:18.0215 3500 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
00:22:18.0262 3500 Schedule - ok
00:22:18.0293 3500 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:22:18.0324 3500 SCPolicySvc - ok
00:22:18.0340 3500 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:22:18.0371 3500 SDRSVC - ok
00:22:18.0387 3500 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:22:18.0434 3500 secdrv - ok
00:22:18.0449 3500 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
00:22:18.0512 3500 seclogon - ok
00:22:18.0527 3500 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:22:18.0558 3500 SENS - ok
00:22:18.0558 3500 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:22:18.0590 3500 SensrSvc - ok
00:22:18.0605 3500 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:22:18.0621 3500 Serenum - ok
00:22:18.0636 3500 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:22:18.0652 3500 Serial - ok
00:22:18.0668 3500 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:22:18.0683 3500 sermouse - ok
00:22:18.0714 3500 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
00:22:18.0746 3500 SessionEnv - ok
00:22:18.0761 3500 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:22:18.0792 3500 sffdisk - ok
00:22:18.0808 3500 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:22:18.0824 3500 sffp_mmc - ok
00:22:18.0855 3500 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:22:18.0870 3500 sffp_sd - ok
00:22:18.0886 3500 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:22:18.0902 3500 sfloppy - ok
00:22:18.0933 3500 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:22:18.0980 3500 SharedAccess - ok
00:22:19.0011 3500 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:22:19.0042 3500 ShellHWDetection - ok
00:22:19.0058 3500 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:22:19.0073 3500 SiSRaid2 - ok
00:22:19.0089 3500 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:22:19.0104 3500 SiSRaid4 - ok
00:22:19.0136 3500 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:22:19.0182 3500 Smb - ok
00:22:19.0198 3500 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:22:19.0214 3500 SNMPTRAP - ok
00:22:19.0214 3500 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:22:19.0229 3500 spldr - ok
00:22:19.0276 3500 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
00:22:19.0323 3500 Spooler - ok
00:22:19.0401 3500 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
00:22:19.0479 3500 sppsvc - ok
00:22:19.0510 3500 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:22:19.0541 3500 sppuinotify - ok
00:22:19.0619 3500 [ 539D0391B680E6FDF5D9004F42902B1B ] sprtsvc_O2 C:\Program Files (x86)\O2\bin\sprtsvc.exe
00:22:19.0635 3500 sprtsvc_O2 - ok
00:22:19.0682 3500 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:22:19.0697 3500 srv - ok
00:22:19.0713 3500 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:22:19.0728 3500 srv2 - ok
00:22:19.0775 3500 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:22:19.0791 3500 srvnet - ok
00:22:19.0806 3500 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:22:19.0853 3500 SSDPSRV - ok
00:22:19.0884 3500 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:22:19.0916 3500 SstpSvc - ok
00:22:19.0947 3500 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:22:19.0947 3500 stexstor - ok
00:22:19.0994 3500 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
00:22:20.0025 3500 stisvc - ok
00:22:20.0056 3500 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
00:22:20.0072 3500 storflt - ok
00:22:20.0087 3500 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
00:22:20.0103 3500 storvsc - ok
00:22:20.0165 3500 [ AE9369E60118BB81202B160D6B2CC5C2 ] SupportSoft RemoteAssist C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
00:22:20.0181 3500 SupportSoft RemoteAssist - ok
00:22:20.0196 3500 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:22:20.0212 3500 swenum - ok
00:22:20.0321 3500 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:22:20.0337 3500 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
00:22:20.0337 3500 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
00:22:20.0368 3500 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:22:20.0446 3500 swprv - ok
00:22:20.0493 3500 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
00:22:20.0540 3500 SysMain - ok
00:22:20.0555 3500 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:22:20.0586 3500 TabletInputService - ok
00:22:20.0618 3500 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
00:22:20.0664 3500 TapiSrv - ok
00:22:20.0696 3500 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:22:20.0742 3500 TBS - ok
00:22:20.0805 3500 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:22:20.0852 3500 Tcpip - ok
00:22:20.0883 3500 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:22:20.0914 3500 TCPIP6 - ok
00:22:20.0945 3500 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:22:20.0976 3500 tcpipreg - ok
00:22:20.0992 3500 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:22:21.0039 3500 TDPIPE - ok
00:22:21.0054 3500 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:22:21.0086 3500 TDTCP - ok
00:22:21.0101 3500 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:22:21.0148 3500 tdx - ok
00:22:21.0148 3500 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:22:21.0164 3500 TermDD - ok
00:22:21.0210 3500 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
00:22:21.0273 3500 TermService - ok
00:22:21.0288 3500 [ 45B3E14C535C9CC862A969511464B352 ] Themes C:\Windows\system32\themeservice.dll
00:22:21.0288 3500 Themes ( UnsignedFile.Multi.Generic ) - warning
00:22:21.0288 3500 Themes - detected UnsignedFile.Multi.Generic (1)
00:22:21.0304 3500 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:22:21.0351 3500 THREADORDER - ok
00:22:21.0351 3500 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:22:21.0398 3500 TrkWks - ok
00:22:21.0429 3500 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:22:21.0444 3500 TrustedInstaller - ok
00:22:21.0460 3500 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:22:21.0507 3500 tssecsrv - ok
00:22:21.0538 3500 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:22:21.0585 3500 tunnel - ok
00:22:21.0600 3500 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:22:21.0616 3500 uagp35 - ok
00:22:21.0632 3500 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:22:21.0678 3500 udfs - ok
00:22:21.0710 3500 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:22:21.0725 3500 UI0Detect - ok
00:22:21.0741 3500 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
00:22:21.0756 3500 uliagpkx - ok
00:22:21.0772 3500 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:22:21.0788 3500 umbus - ok
00:22:21.0803 3500 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:22:21.0834 3500 UmPass - ok
00:22:21.0850 3500 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
00:22:21.0881 3500 UmRdpService - ok
00:22:21.0912 3500 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:22:21.0959 3500 upnphost - ok
00:22:21.0990 3500 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:22:22.0006 3500 USBAAPL64 - ok
00:22:22.0037 3500 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:22:22.0068 3500 usbccgp - ok
00:22:22.0068 3500 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
00:22:22.0100 3500 usbcir - ok
00:22:22.0100 3500 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:22:22.0115 3500 usbehci - ok
00:22:22.0131 3500 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:22:22.0162 3500 usbhub - ok
00:22:22.0178 3500 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:22:22.0193 3500 usbohci - ok
00:22:22.0224 3500 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:22:22.0240 3500 usbprint - ok
00:22:22.0256 3500 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:22:22.0287 3500 usbscan - ok
00:22:22.0287 3500 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:22:22.0302 3500 USBSTOR - ok
00:22:22.0318 3500 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:22:22.0334 3500 usbuhci - ok
00:22:22.0365 3500 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:22:22.0396 3500 UxSms - ok
00:22:22.0412 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
00:22:22.0427 3500 VaultSvc - ok
00:22:22.0443 3500 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
00:22:22.0458 3500 vdrvroot - ok
00:22:22.0474 3500 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
00:22:22.0505 3500 vds - ok
00:22:22.0521 3500 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:22:22.0536 3500 vga - ok
00:22:22.0552 3500 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:22:22.0599 3500 VgaSave - ok
00:22:22.0599 3500 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
00:22:22.0614 3500 vhdmp - ok
00:22:22.0630 3500 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
00:22:22.0646 3500 viaide - ok
00:22:22.0661 3500 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
00:22:22.0677 3500 vmbus - ok
00:22:22.0692 3500 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
00:22:22.0724 3500 VMBusHID - ok
00:22:22.0724 3500 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
00:22:22.0739 3500 volmgr - ok
00:22:22.0755 3500 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:22:22.0770 3500 volmgrx - ok
00:22:22.0786 3500 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
00:22:22.0802 3500 volsnap - ok
00:22:22.0833 3500 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:22:22.0848 3500 vsmraid - ok
00:22:22.0911 3500 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
00:22:22.0958 3500 VSS - ok
00:22:22.0973 3500 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:22:22.0989 3500 vwifibus - ok
00:22:23.0020 3500 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:22:23.0067 3500 W32Time - ok
00:22:23.0082 3500 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:22:23.0098 3500 WacomPen - ok
00:22:23.0098 3500 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:22:23.0145 3500 WANARP - ok
00:22:23.0145 3500 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:22:23.0176 3500 Wanarpv6 - ok
00:22:23.0255 3500 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:22:23.0286 3500 WatAdminSvc - ok
00:22:23.0333 3500 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
00:22:23.0380 3500 wbengine - ok
00:22:23.0395 3500 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:22:23.0427 3500 WbioSrvc - ok
00:22:23.0442 3500 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:22:23.0473 3500 wcncsvc - ok
00:22:23.0489 3500 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:22:23.0520 3500 WcsPlugInService - ok
00:22:23.0536 3500 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:22:23.0551 3500 Wd - ok
00:22:23.0583 3500 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:22:23.0598 3500 Wdf01000 - ok
00:22:23.0614 3500 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:22:23.0645 3500 WdiServiceHost - ok
00:22:23.0645 3500 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:22:23.0676 3500 WdiSystemHost - ok
00:22:23.0707 3500 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
00:22:23.0739 3500 WebClient - ok
00:22:23.0770 3500 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:22:23.0817 3500 Wecsvc - ok
00:22:23.0817 3500 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:22:23.0863 3500 wercplsupport - ok
00:22:23.0879 3500 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:22:23.0926 3500 WerSvc - ok
00:22:23.0941 3500 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:22:23.0973 3500 WfpLwf - ok
00:22:23.0988 3500 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:22:24.0004 3500 WIMMount - ok
00:22:24.0004 3500 WinHttpAutoProxySvc - ok
00:22:24.0051 3500 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:22:24.0097 3500 Winmgmt - ok
00:22:24.0144 3500 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
00:22:24.0222 3500 WinRM - ok
00:22:24.0269 3500 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:22:24.0285 3500 WinUsb - ok
00:22:24.0331 3500 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:22:24.0363 3500 Wlansvc - ok
00:22:24.0441 3500 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:22:24.0441 3500 wlcrasvc - ok
00:22:24.0534 3500 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:22:24.0565 3500 wlidsvc - ok
00:22:24.0597 3500 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:22:24.0612 3500 WmiAcpi - ok
00:22:24.0628 3500 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:22:24.0659 3500 wmiApSrv - ok
00:22:24.0690 3500 WMPNetworkSvc - ok
00:22:24.0721 3500 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:22:24.0737 3500 WPCSvc - ok
00:22:24.0753 3500 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:22:24.0784 3500 WPDBusEnum - ok
00:22:24.0799 3500 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:22:24.0846 3500 ws2ifsl - ok
00:22:24.0846 3500 WSearch - ok
00:22:24.0909 3500 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
00:22:24.0987 3500 wuauserv - ok
00:22:25.0002 3500 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:22:25.0049 3500 WudfPf - ok
00:22:25.0065 3500 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:22:25.0096 3500 WUDFRd - ok
00:22:25.0127 3500 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:22:25.0174 3500 wudfsvc - ok
00:22:25.0205 3500 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:22:25.0236 3500 WwanSvc - ok
00:22:25.0252 3500 ================ Scan global ===============================
00:22:25.0267 3500 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:22:25.0314 3500 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
00:22:25.0314 3500 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
00:22:25.0345 3500 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:22:25.0377 3500 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:22:25.0377 3500 [Global] - ok
00:22:25.0377 3500 ================ Scan MBR ==================================
00:22:25.0392 3500 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:22:25.0579 3500 \Device\Harddisk0\DR0 - ok
00:22:25.0595 3500 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
00:22:25.0907 3500 \Device\Harddisk3\DR3 - ok
00:22:25.0907 3500 ================ Scan VBR ==================================
00:22:25.0907 3500 [ 1FC2341BECC00D09D610A88FC167E453 ] \Device\Harddisk0\DR0\Partition1
00:22:25.0907 3500 \Device\Harddisk0\DR0\Partition1 - ok
00:22:25.0938 3500 [ DCBD7AA55F219EA68D9C46F0925AD754 ] \Device\Harddisk0\DR0\Partition2
00:22:25.0938 3500 \Device\Harddisk0\DR0\Partition2 - ok
00:22:25.0969 3500 [ 8C9A843B126339A06B2540AAA6CC9783 ] \Device\Harddisk0\DR0\Partition3
00:22:25.0969 3500 \Device\Harddisk0\DR0\Partition3 - ok
00:22:25.0969 3500 [ 21A4E5F4FA3C301D280E18C46B92F4C9 ] \Device\Harddisk3\DR3\Partition1
00:22:25.0969 3500 \Device\Harddisk3\DR3\Partition1 - ok
00:22:25.0969 3500 ================ Scan active images ========================
00:22:25.0969 3500 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
00:22:25.0969 3500 C:\Windows\System32\drivers\atapi.sys - ok
00:22:25.0985 3500 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
00:22:25.0985 3500 C:\Windows\System32\drivers\crashdmp.sys - ok
00:22:25.0985 3500 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
00:22:25.0985 3500 C:\Windows\System32\drivers\Dumpata.sys - ok
00:22:25.0985 3500 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
00:22:25.0985 3500 C:\Windows\System32\drivers\dumpfve.sys - ok
00:22:25.0985 3500 [ 83D2D75E1EFB81B3450C18131443F7DB ] C:\Windows\System32\drivers\cdrom.sys
00:22:25.0985 3500 C:\Windows\System32\drivers\cdrom.sys - ok
00:22:26.0001 3500 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] C:\Windows\System32\drivers\aswSnx.sys
00:22:26.0001 3500 C:\Windows\System32\drivers\aswSnx.sys - ok
00:22:26.0001 3500 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
00:22:26.0001 3500 C:\Windows\System32\drivers\beep.sys - ok
00:22:26.0001 3500 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
00:22:26.0001 3500 C:\Windows\System32\drivers\null.sys - ok
00:22:26.0001 3500 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
00:22:26.0001 3500 C:\Windows\System32\drivers\RDPCDD.sys - ok
00:22:26.0016 3500 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
00:22:26.0016 3500 C:\Windows\System32\drivers\RDPENCDD.sys - ok
00:22:26.0016 3500 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
00:22:26.0016 3500 C:\Windows\System32\drivers\vga.sys - ok
00:22:26.0016 3500 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
00:22:26.0016 3500 C:\Windows\System32\drivers\videoprt.sys - ok
00:22:26.0016 3500 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
00:22:26.0016 3500 C:\Windows\System32\drivers\watchdog.sys - ok
00:22:26.0032 3500 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
00:22:26.0032 3500 C:\Windows\System32\drivers\RDPREFMP.sys - ok
00:22:26.0032 3500 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
00:22:26.0032 3500 C:\Windows\System32\drivers\msfs.sys - ok
00:22:26.0032 3500 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
00:22:26.0032 3500 C:\Windows\System32\drivers\npfs.sys - ok
00:22:26.0032 3500 [ 0CA6FE26ACC7FFEE1BD0463F40835F32 ] C:\Windows\System32\drivers\tdi.sys
00:22:26.0032 3500 C:\Windows\System32\drivers\tdi.sys - ok
00:22:26.0032 3500 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] C:\Windows\System32\drivers\tdx.sys
00:22:26.0032 3500 C:\Windows\System32\drivers\tdx.sys - ok
00:22:26.0047 3500 [ C3EC420451AC5300A22190AE38418FBA ] C:\Windows\System32\drivers\aswTdi.sys
00:22:26.0047 3500 C:\Windows\System32\drivers\aswTdi.sys - ok
00:22:26.0047 3500 [ 6EF20DDF3172E97D69F596FB90602F29 ] C:\Windows\System32\drivers\afd.sys
00:22:26.0047 3500 C:\Windows\System32\drivers\afd.sys - ok
00:22:26.0047 3500 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] C:\Windows\System32\drivers\aswRdr2.sys
00:22:26.0047 3500 C:\Windows\System32\drivers\aswRdr2.sys - ok
00:22:26.0047 3500 [ 9162B273A44AB9DCE5B44362731D062A ] C:\Windows\System32\drivers\netbt.sys
00:22:26.0047 3500 C:\Windows\System32\drivers\netbt.sys - ok
00:22:26.0063 3500 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
00:22:26.0063 3500 C:\Windows\System32\drivers\wfplwf.sys - ok
00:22:26.0063 3500 [ EE992183BD8EAEFD9973F352E587A299 ] C:\Windows\System32\drivers\pacer.sys
00:22:26.0063 3500 C:\Windows\System32\drivers\pacer.sys - ok
00:22:26.0063 3500 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
00:22:26.0063 3500 C:\Windows\System32\drivers\netbios.sys - ok
00:22:26.0063 3500 [ C448651339196C0E869A355171875522 ] C:\Windows\System32\drivers\termdd.sys
00:22:26.0063 3500 C:\Windows\System32\drivers\termdd.sys - ok
00:22:26.0063 3500 [ 47CA49400643EFFD3F1C9A27E1D69324 ] C:\Windows\System32\drivers\wanarp.sys
00:22:26.0063 3500 C:\Windows\System32\drivers\wanarp.sys - ok
00:22:26.0079 3500 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
00:22:26.0079 3500 C:\Windows\System32\drivers\mssmbios.sys - ok
00:22:26.0079 3500 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
00:22:26.0079 3500 C:\Windows\System32\drivers\nsiproxy.sys - ok
00:22:26.0079 3500 [ 3BAC8142102C15D59A87757C1D41DCE5 ] C:\Windows\System32\drivers\rdbss.sys
00:22:26.0079 3500 C:\Windows\System32\drivers\rdbss.sys - ok
00:22:26.0079 3500 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
00:22:26.0079 3500 C:\Windows\System32\drivers\discache.sys - ok
00:22:26.0094 3500 [ 4A6173C2279B498CD8F57CAE504564CB ] C:\Windows\System32\drivers\csc.sys
00:22:26.0094 3500 C:\Windows\System32\drivers\csc.sys - ok
00:22:26.0094 3500 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
00:22:26.0094 3500 C:\Windows\System32\drivers\blbdrive.sys - ok
00:22:26.0094 3500 [ 9C253CE7311CA60FC11C774692A13208 ] C:\Windows\System32\drivers\dfsc.sys
00:22:26.0094 3500 C:\Windows\System32\drivers\dfsc.sys - ok
00:22:26.0094 3500 [ 9A49D80D65451AF22913AEF772CC3DA9 ] C:\Windows\System32\drivers\aswSP.sys
00:22:26.0094 3500 C:\Windows\System32\drivers\aswSP.sys - ok
00:22:26.0094 3500 [ 3836171A2CDF3AF8EF10856DB9835A70 ] C:\Windows\System32\drivers\tunnel.sys
00:22:26.0094 3500 C:\Windows\System32\drivers\tunnel.sys - ok
00:22:26.0110 3500 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
00:22:26.0110 3500 C:\Windows\System32\drivers\intelppm.sys - ok
00:22:26.0110 3500 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
00:22:26.0110 3500 C:\Windows\System32\smss.exe - ok
00:22:26.0110 3500 [ 678084C231715CB38A23D7326D6839BA ] C:\Windows\System32\ntdll.dll
00:22:26.0110 3500 C:\Windows\System32\ntdll.dll - ok
00:22:26.0110 3500 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] C:\Windows\System32\drivers\atikmdag.sys
00:22:26.0110 3500 C:\Windows\System32\drivers\atikmdag.sys - ok
00:22:26.0125 3500 [ 1633B9ABF52784A1331476397A48CBEF ] C:\Windows\System32\drivers\dxgkrnl.sys
00:22:26.0125 3500 C:\Windows\System32\drivers\dxgkrnl.sys - ok
00:22:26.0125 3500 [ 3238B9078E0766AB5E62DC737A809ADB ] C:\Windows\System32\drivers\dxgmms1.sys
00:22:26.0125 3500 C:\Windows\System32\drivers\dxgmms1.sys - ok
00:22:26.0125 3500 [ 416A2007878ED1D6FC5DDDB9E1F6DB3E ] C:\Windows\System32\drivers\e1e6032e.sys
00:22:26.0125 3500 C:\Windows\System32\drivers\e1e6032e.sys - ok
00:22:26.0125 3500 [ A91291136D1E70966645252F6B828711 ] C:\Windows\System32\drivers\usbport.sys
00:22:26.0125 3500 C:\Windows\System32\drivers\usbport.sys - ok
00:22:26.0141 3500 [ 81FB2216D3A60D1284455D511797DB3D ] C:\Windows\System32\drivers\usbuhci.sys
00:22:26.0141 3500 C:\Windows\System32\drivers\usbuhci.sys - ok
00:22:26.0141 3500 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] C:\Windows\System32\drivers\usbehci.sys
00:22:26.0141 3500 C:\Windows\System32\drivers\usbehci.sys - ok
00:22:26.0141 3500 [ 0A49913402747A0B67DE940FB42CBDBB ] C:\Windows\System32\drivers\hdaudbus.sys
00:22:26.0141 3500 C:\Windows\System32\drivers\hdaudbus.sys - ok
00:22:26.0141 3500 [ D765D19CD8EF61F650C384F62FAC00AB ] C:\Windows\System32\drivers\fdc.sys
00:22:26.0141 3500 C:\Windows\System32\drivers\fdc.sys - ok
00:22:26.0141 3500 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
00:22:26.0141 3500 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
00:22:26.0157 3500 [ F26B3A86F6FA87CA360B879581AB4123 ] C:\Windows\System32\drivers\CompositeBus.sys
00:22:26.0157 3500 C:\Windows\System32\drivers\CompositeBus.sys - ok
00:22:26.0157 3500 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
00:22:26.0157 3500 C:\Windows\System32\drivers\agilevpn.sys - ok
00:22:26.0157 3500 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
00:22:26.0157 3500 C:\Windows\System32\drivers\ndistapi.sys - ok
00:22:26.0157 3500 [ 87A6E852A22991580D6D39ADC4790463 ] C:\Windows\System32\drivers\rasl2tp.sys
00:22:26.0157 3500 C:\Windows\System32\drivers\rasl2tp.sys - ok
00:22:26.0172 3500 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] C:\Windows\System32\drivers\ndiswan.sys
00:22:26.0172 3500 C:\Windows\System32\drivers\ndiswan.sys - ok
00:22:26.0172 3500 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
00:22:26.0172 3500 C:\Windows\System32\drivers\raspppoe.sys - ok
00:22:26.0172 3500 [ 27CC19E81BA5E3403C48302127BDA717 ] C:\Windows\System32\drivers\raspptp.sys
00:22:26.0172 3500 C:\Windows\System32\drivers\raspptp.sys - ok
00:22:26.0172 3500 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
00:22:26.0172 3500 C:\Windows\System32\drivers\rassstp.sys - ok
00:22:26.0172 3500 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
00:22:26.0172 3500 C:\Windows\System32\drivers\rdpbus.sys - ok
00:22:26.0188 3500 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
00:22:26.0188 3500 C:\Windows\System32\drivers\kbdclass.sys - ok
00:22:26.0188 3500 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
00:22:26.0188 3500 C:\Windows\System32\drivers\mouclass.sys - ok
00:22:26.0188 3500 [ 5C7AF4A20F5BF67042B2E613D123D111 ] C:\Windows\System32\drivers\ks.sys
00:22:26.0188 3500 C:\Windows\System32\drivers\ks.sys - ok
00:22:26.0188 3500 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
00:22:26.0188 3500 C:\Windows\System32\drivers\swenum.sys - ok
00:22:26.0203 3500 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] C:\Windows\System32\drivers\umbus.sys
00:22:26.0203 3500 C:\Windows\System32\drivers\umbus.sys - ok
00:22:26.0203 3500 [ 4C9042B8DF86C1E8E6240C218B99B39B ] C:\Windows\System32\drivers\usbhub.sys
00:22:26.0203 3500 C:\Windows\System32\drivers\usbhub.sys - ok
00:22:26.0203 3500 [ 8B7F8E882A649D81CEA1EDE9BBB68FFF ] C:\Windows\System32\autochk.exe
00:22:26.0203 3500 C:\Windows\System32\autochk.exe - ok
00:22:26.0203 3500 [ 659B74FB74B86228D6338D643CD3E3CF ] C:\Windows\System32\drivers\ndproxy.sys
00:22:26.0203 3500 C:\Windows\System32\drivers\ndproxy.sys - ok
00:22:26.0219 3500 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
00:22:26.0219 3500 C:\Windows\System32\drivers\drmk.sys - ok
00:22:26.0219 3500 [ 6410F6F415B2A5A9037224C41DA8BF12 ] C:\Windows\System32\drivers\HdAudio.sys
00:22:26.0219 3500 C:\Windows\System32\drivers\HdAudio.sys - ok
00:22:26.0219 3500 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
00:22:26.0219 3500 C:\Windows\System32\drivers\ksthunk.sys - ok
00:22:26.0219 3500 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
00:22:26.0219 3500 C:\Windows\System32\drivers\portcls.sys - ok
00:22:26.0219 3500 [ 685FEC2407FC121EB937CB658B3C0F35 ] C:\Windows\System32\drivers\hidclass.sys
00:22:26.0219 3500 C:\Windows\System32\drivers\hidclass.sys - ok
00:22:26.0235 3500 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
00:22:26.0235 3500 C:\Windows\System32\drivers\hidparse.sys - ok
00:22:26.0235 3500 [ B3BF6B5B50006DEF50B66306D99FCF6F ] C:\Windows\System32\drivers\hidusb.sys
00:22:26.0235 3500 C:\Windows\System32\drivers\hidusb.sys - ok
00:22:26.0235 3500 [ 63C8D74BED9F80F4DD0AA7A3101EB639 ] C:\Windows\System32\drivers\usbd.sys
00:22:26.0235 3500 C:\Windows\System32\drivers\usbd.sys - ok
00:22:26.0235 3500 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
00:22:26.0235 3500 C:\Windows\System32\drivers\mouhid.sys - ok
00:22:26.0250 3500 [ A48B769DEC76629BD1A021D33C257B17 ] C:\Windows\System32\drivers\wg111v2.sys
00:22:26.0250 3500 C:\Windows\System32\drivers\wg111v2.sys - ok
00:22:26.0250 3500 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
00:22:26.0250 3500 C:\Windows\System32\difxapi.dll - ok
00:22:26.0250 3500 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
00:22:26.0250 3500 C:\Windows\System32\psapi.dll - ok
00:22:26.0250 3500 [ 2A46451EE42BCD2C842D8AA4923FAC16 ] C:\Windows\System32\oleaut32.dll
00:22:26.0250 3500 C:\Windows\System32\oleaut32.dll - ok
00:22:26.0250 3500 [ 7319BB10FA1F86E49E3DCF4136F6C957 ] C:\Windows\System32\msvcrt.dll
00:22:26.0250 3500 C:\Windows\System32\msvcrt.dll - ok
00:22:26.0266 3500 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
00:22:26.0266 3500 C:\Windows\System32\advapi32.dll - ok
00:22:26.0266 3500 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
00:22:26.0266 3500 C:\Windows\System32\msctf.dll - ok
00:22:26.0266 3500 [ AC8F79017C5C1FB316930EDEAD0AF517 ] C:\Windows\System32\ole32.dll
00:22:26.0266 3500 C:\Windows\System32\ole32.dll - ok
00:22:26.0266 3500 [ F94B8644F3AFE040EC6E1B6FBC9EFAA9 ] C:\Windows\System32\comdlg32.dll
00:22:26.0266 3500 C:\Windows\System32\comdlg32.dll - ok
00:22:26.0281 3500 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
00:22:26.0281 3500 C:\Windows\System32\normaliz.dll - ok
00:22:26.0281 3500 [ 5F2BDCA5FA0F20A6F452CF0EE2A2B18C ] C:\Windows\System32\usp10.dll
00:22:26.0281 3500 C:\Windows\System32\usp10.dll - ok
00:22:26.0281 3500 [ 51F1A71EF8185B959A6E06D98E489287 ] C:\Windows\System32\iertutil.dll
00:22:26.0281 3500 C:\Windows\System32\iertutil.dll - ok
00:22:26.0281 3500 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
00:22:26.0281 3500 C:\Windows\System32\clbcatq.dll - ok
00:22:26.0281 3500 [ DDBD24DC04DA5FD0EDF45CF72B7C01E2 ] C:\Windows\System32\kernel32.dll
00:22:26.0281 3500 C:\Windows\System32\kernel32.dll - ok
00:22:26.0297 3500 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
00:22:26.0297 3500 C:\Windows\System32\nsi.dll - ok
00:22:26.0297 3500 [ 7083F463788CB34FCC42F565D56F89E8 ] C:\Windows\System32\ws2_32.dll
00:22:26.0297 3500 C:\Windows\System32\ws2_32.dll - ok
00:22:26.0297 3500 [ E5CBF5F8623BBD1DB7B8148A66F6EBA4 ] C:\Windows\System32\Wldap32.dll
00:22:26.0297 3500 C:\Windows\System32\Wldap32.dll - ok
00:22:26.0297 3500 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
00:22:26.0297 3500 C:\Windows\System32\imm32.dll - ok
00:22:26.0297 3500 [ 15BDC173EB5FA4F92B67D9FFB269A6EA ] C:\Windows\System32\shlwapi.dll
00:22:26.0297 3500 C:\Windows\System32\shlwapi.dll - ok
00:22:26.0313 3500 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
00:22:26.0313 3500 C:\Windows\System32\lpk.dll - ok
00:22:26.0313 3500 [ 6A4EA4C29FBF78112AE20013FB71E9C1 ] C:\Windows\System32\setupapi.dll
00:22:26.0313 3500 C:\Windows\System32\setupapi.dll - ok
00:22:26.0313 3500 [ E1B1255D3A4B3367FE4E9C71E62E3B5A ] C:\Windows\System32\gdi32.dll
00:22:26.0313 3500 C:\Windows\System32\gdi32.dll - ok
00:22:26.0313 3500 [ 48C903068B6BDAB5EF650B9CBEE85295 ] C:\Windows\System32\rpcrt4.dll
00:22:26.0313 3500 C:\Windows\System32\rpcrt4.dll - ok
00:22:26.0313 3500 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
00:22:26.0313 3500 C:\Windows\System32\sechost.dll - ok
00:22:26.0328 3500 [ 5A45CA615944C38CC7D30A0785B631A1 ] C:\Windows\System32\urlmon.dll
00:22:26.0328 3500 C:\Windows\System32\urlmon.dll - ok
00:22:26.0328 3500 [ CA34F2478B2B0EA172CFC8A97B2DC4C5 ] C:\Windows\System32\shell32.dll
00:22:26.0328 3500 C:\Windows\System32\shell32.dll - ok
00:22:26.0328 3500 [ 271E8FB1354AA205A214F280A6766E30 ] C:\Windows\System32\wininet.dll
00:22:26.0328 3500 C:\Windows\System32\wininet.dll - ok
00:22:26.0328 3500 [ 2C353B6CE0C8D03225CAA2AF33B68D79 ] C:\Windows\System32\user32.dll
00:22:26.0328 3500 C:\Windows\System32\user32.dll - ok
00:22:26.0344 3500 [ A655878D5E5F1D14B006313CBB58A041 ] C:\Windows\System32\imagehlp.dll
00:22:26.0344 3500 C:\Windows\System32\imagehlp.dll - ok
00:22:26.0344 3500 [ 5229D844C3625A988D15192428097B70 ] C:\Windows\System32\wintrust.dll
00:22:26.0344 3500 C:\Windows\System32\wintrust.dll - ok
00:22:26.0344 3500 [ 15B740D94BAD25467A297E75124D7EE2 ] C:\Windows\System32\crypt32.dll
00:22:26.0344 3500 C:\Windows\System32\crypt32.dll - ok
00:22:26.0344 3500 [ 080D3820DA6C046BE82FC8B45A893E83 ] C:\Windows\System32\drivers\USBSTOR.SYS
00:22:26.0344 3500 C:\Windows\System32\drivers\USBSTOR.SYS - ok
00:22:26.0359 3500 [ 08B1BDCDF896D38C6E820B9B155E7A17 ] C:\Windows\System32\KernelBase.dll
00:22:26.0359 3500 C:\Windows\System32\KernelBase.dll - ok
00:22:26.0359 3500 [ D05E03C1B2824236531F5E37334B6A8A ] C:\Windows\System32\cfgmgr32.dll
00:22:26.0359 3500 C:\Windows\System32\cfgmgr32.dll - ok
00:22:26.0359 3500 [ BC052EFAD10ACA1AD69545B629F50D99 ] C:\Windows\System32\comctl32.dll
00:22:26.0359 3500 C:\Windows\System32\comctl32.dll - ok
00:22:26.0359 3500 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
00:22:26.0359 3500 C:\Windows\System32\devobj.dll - ok
00:22:26.0359 3500 [ 98FB7DD3B28A92E3C0E5B4BD9D63EF01 ] C:\Windows\System32\msasn1.dll
00:22:26.0359 3500 C:\Windows\System32\msasn1.dll - ok
00:22:26.0375 3500 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
00:22:26.0375 3500 C:\Windows\SysWOW64\normaliz.dll - ok
00:22:26.0375 3500 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
00:22:26.0375 3500 C:\Windows\System32\drivers\dxapi.sys - ok
00:22:26.0375 3500 [ B4F75A848859C8F7D8E87186A8C097ED ] C:\Windows\System32\win32k.sys
00:22:26.0375 3500 C:\Windows\System32\win32k.sys - ok
00:22:26.0375 3500 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
00:22:26.0375 3500 C:\Windows\System32\csrss.exe - ok
00:22:26.0375 3500 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
00:22:26.0375 3500 C:\Windows\System32\basesrv.dll - ok
00:22:26.0391 3500 [ 0D7598360DF6C8637E6D678C20B5C47C ] C:\Windows\System32\csrsrv.dll
00:22:26.0391 3500 C:\Windows\System32\csrsrv.dll - ok
00:22:26.0391 3500 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\System32\winsrv.dll
00:22:26.0391 3500 C:\Windows\System32\winsrv.dll - ok
00:22:26.0391 3500 [ B26AFB54A534D634523C4FB66765B026 ] C:\Windows\System32\drivers\usbccgp.sys
00:22:26.0391 3500 C:\Windows\System32\drivers\usbccgp.sys - ok
00:22:26.0391 3500 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] C:\Windows\System32\drivers\kbdhid.sys
00:22:26.0391 3500 C:\Windows\System32\drivers\kbdhid.sys - ok
00:22:26.0406 3500 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
00:22:26.0406 3500 C:\Windows\System32\drivers\monitor.sys - ok
00:22:26.0406 3500 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
00:22:26.0406 3500 C:\Windows\System32\sxssrv.dll - ok
00:22:26.0406 3500 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
00:22:26.0406 3500 C:\Windows\System32\tsddd.dll - ok
00:22:26.0406 3500 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
00:22:26.0406 3500 C:\Windows\System32\wininit.exe - ok
00:22:26.0406 3500 [ 100BDF2F89D6056CEE900BB6156DA737 ] C:\Windows\System32\cdd.dll
00:22:26.0406 3500 C:\Windows\System32\cdd.dll - ok
00:22:26.0422 3500 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
00:22:26.0422 3500 C:\Windows\System32\profapi.dll - ok
00:22:26.0422 3500 [ F4389DA7DBDA2E7D292D360CF8E400C7 ] C:\Windows\System32\RpcRtRemote.dll
00:22:26.0422 3500 C:\Windows\System32\RpcRtRemote.dll - ok
00:22:26.0422 3500 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
00:22:26.0422 3500 C:\Windows\System32\KBDUK.DLL - ok
00:22:26.0422 3500 [ 456C92A9D8DB51B9938A6234BBC65FC9 ] C:\Windows\System32\sxs.dll
00:22:26.0422 3500 C:\Windows\System32\sxs.dll - ok
00:22:26.0422 3500 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
00:22:26.0422 3500 C:\Windows\System32\WlS0WndH.dll - ok
00:22:26.0437 3500 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
00:22:26.0437 3500 C:\Windows\System32\cryptbase.dll - ok
00:22:26.0437 3500 [ 01A465AC251BCCF6037DF2EF28AA4292 ] C:\Windows\System32\apphelp.dll
00:22:26.0437 3500 C:\Windows\System32\apphelp.dll - ok
00:22:26.0437 3500 [ DA3E2A6FA9660CC75B471530CE88453A ] C:\Windows\System32\winlogon.exe
00:22:26.0437 3500 C:\Windows\System32\winlogon.exe - ok
00:22:26.0437 3500 [ 0793F40B9B8A1BDD266296409DBD91EA ] C:\Windows\System32\lsass.exe
00:22:26.0437 3500 C:\Windows\System32\lsass.exe - ok
00:22:26.0437 3500 [ 04FCA22B77A2E37332CC8226187AF87B ] C:\Windows\System32\lsm.exe
00:22:26.0437 3500 C:\Windows\System32\lsm.exe - ok
00:22:26.0453 3500 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
00:22:26.0453 3500 C:\Windows\System32\services.exe - ok
00:22:26.0453 3500 [ 18367866684A72C5188D50AC1174F1B7 ] C:\Windows\System32\sspisrv.dll
00:22:26.0453 3500 C:\Windows\System32\sspisrv.dll - ok
00:22:26.0453 3500 [ D8C88512BA9544AE1CC2034F50ECFA12 ] C:\Windows\System32\winsta.dll
00:22:26.0453 3500 C:\Windows\System32\winsta.dll - ok
00:22:26.0453 3500 [ 55F45DD65AF0536D23775439FFAF551F ] C:\Windows\System32\lsasrv.dll
00:22:26.0453 3500 C:\Windows\System32\lsasrv.dll - ok
00:22:26.0469 3500 [ 2A0EA951A326C2E78AF86E2F9704327E ] C:\Windows\System32\sspicli.dll
00:22:26.0469 3500 C:\Windows\System32\sspicli.dll - ok
00:22:26.0469 3500 [ B160ADAEFC76031D92C4FBAC0918B033 ] C:\Windows\System32\samsrv.dll
00:22:26.0469 3500 C:\Windows\System32\samsrv.dll - ok
00:22:26.0469 3500 [ 941AF3C8B0DE1B359BE22DD3288A8C8E ] C:\Windows\System32\scesrv.dll
00:22:26.0469 3500 C:\Windows\System32\scesrv.dll - ok
00:22:26.0469 3500 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
00:22:26.0469 3500 C:\Windows\System32\scext.dll - ok
00:22:26.0469 3500 [ 9F5225F41D5474A651384C088D9FF502 ] C:\Windows\System32\secur32.dll
00:22:26.0469 3500 C:\Windows\System32\secur32.dll - ok
00:22:26.0484 3500 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
00:22:26.0484 3500 C:\Windows\System32\sysntfy.dll - ok
00:22:26.0484 3500 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
00:22:26.0484 3500 C:\Windows\System32\wmsgapi.dll - ok
00:22:26.0484 3500 [ D23371AB9607651937C7641A38CD52BC ] C:\Windows\System32\srvcli.dll
00:22:26.0484 3500 C:\Windows\System32\srvcli.dll - ok
00:22:26.0484 3500 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
00:22:26.0484 3500 C:\Windows\System32\cryptdll.dll - ok
00:22:26.0500 3500 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
00:22:26.0500 3500 C:\Windows\System32\wevtapi.dll - ok
00:22:26.0500 3500 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
00:22:26.0500 3500 C:\Windows\System32\authz.dll - ok
00:22:26.0500 3500 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
00:22:26.0500 3500 C:\Windows\System32\cngaudit.dll - ok
00:22:26.0500 3500 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
00:22:26.0500 3500 C:\Windows\System32\bcrypt.dll - ok
00:22:26.0500 3500 [ 2E8C52A0EC788D90FA35D9507D828771 ] C:\Windows\System32\ncrypt.dll
00:22:26.0500 3500 C:\Windows\System32\ncrypt.dll - ok
00:22:26.0515 3500 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
00:22:26.0515 3500 C:\Windows\System32\msprivs.dll - ok
00:22:26.0515 3500 [ B561B451320B0B40908A8BFD81705262 ] C:\Windows\System32\netjoin.dll
00:22:26.0515 3500 C:\Windows\System32\netjoin.dll - ok
00:22:26.0515 3500 [ EFC5353E4F513DEF55ED7B7872363957 ] C:\Windows\System32\atmfd.dll
00:22:26.0515 3500 C:\Windows\System32\atmfd.dll - ok
00:22:26.0515 3500 [ 96772B584BD0E667CD7741EF96284ACB ] C:\Windows\System32\kerberos.dll
00:22:26.0515 3500 C:\Windows\System32\kerberos.dll - ok
00:22:26.0531 3500 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
00:22:26.0531 3500 C:\Windows\System32\negoexts.dll - ok
00:22:26.0531 3500 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
00:22:26.0531 3500 C:\Windows\System32\cryptsp.dll - ok
00:22:26.0531 3500 [ FC76FE3C1E1FDB761244D4F74EF560FD ] C:\Windows\System32\mswsock.dll
00:22:26.0531 3500 C:\Windows\System32\mswsock.dll - ok
00:22:26.0531 3500 [ FA4DB05923DDDEDE3196ABD09AE0F1E9 ] C:\Windows\System32\msv1_0.dll
00:22:26.0531 3500 C:\Windows\System32\msv1_0.dll - ok
00:22:26.0531 3500 [ 956D030D375F207B22FB111E06EF9C35 ] C:\Windows\System32\netlogon.dll
00:22:26.0531 3500 C:\Windows\System32\netlogon.dll - ok
00:22:26.0547 3500 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
00:22:26.0547 3500 C:\Windows\System32\wship6.dll - ok
00:22:26.0547 3500 [ E247E7DEB20C0CF0801A8AC39E9CE1DF ] C:\Windows\System32\dnsapi.dll
00:22:26.0547 3500 C:\Windows\System32\dnsapi.dll - ok
00:22:26.0547 3500 [ 8CE22E63F08613036DF8C7B00FBDF36B ] C:\Windows\System32\logoncli.dll
00:22:26.0547 3500 C:\Windows\System32\logoncli.dll - ok
00:22:26.0547 3500 [ 426A455CACD1261D05D158CA8AD8EF2E ] C:\Windows\System32\schannel.dll
00:22:26.0547 3500 C:\Windows\System32\schannel.dll - ok
00:22:26.0547 3500 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
00:22:26.0547 3500 C:\Windows\System32\wdigest.dll - ok
00:22:26.0562 3500 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
00:22:26.0562 3500 C:\Windows\System32\rsaenh.dll - ok
00:22:26.0562 3500 [ 0DEFD5FBF801DD8F83BC0ED09861A8EC ] C:\Windows\System32\TSpkg.dll
00:22:26.0562 3500 C:\Windows\System32\TSpkg.dll - ok
00:22:26.0562 3500 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
00:22:26.0562 3500 C:\Windows\System32\pku2u.dll - ok
00:22:26.0562 3500 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
00:22:26.0562 3500 C:\Windows\System32\LIVESSP.DLL - ok
00:22:26.0578 3500 [ DA090E97E57DCB48888015B5D3C749CD ] C:\Windows\System32\bcryptprimitives.dll
00:22:26.0578 3500 C:\Windows\System32\bcryptprimitives.dll - ok
00:22:26.0578 3500 [ 9301B8810B2DA4EB6AD55DB75FC1E339 ] C:\Windows\System32\credssp.dll
00:22:26.0578 3500 C:\Windows\System32\credssp.dll - ok
00:22:26.0578 3500 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
00:22:26.0578 3500 C:\Windows\System32\efslsaext.dll - ok
00:22:26.0578 3500 [ 398712DDDAEFB85EDF61DF6A07B65C79 ] C:\Windows\System32\scecli.dll
00:22:26.0578 3500 C:\Windows\System32\scecli.dll - ok
00:22:26.0593 3500 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
00:22:26.0593 3500 C:\Windows\System32\ubpm.dll - ok
00:22:26.0593 3500 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
00:22:26.0593 3500 C:\Windows\System32\svchost.exe - ok
00:22:26.0593 3500 [ 98B1721B8718164293B9701B98C52D77 ] C:\Windows\System32\umpnpmgr.dll
00:22:26.0593 3500 C:\Windows\System32\umpnpmgr.dll - ok
00:22:26.0593 3500 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
00:22:26.0593 3500 C:\Windows\System32\SPInf.dll - ok
00:22:26.0593 3500 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
00:22:26.0593 3500 C:\Windows\System32\devrtl.dll - ok
00:22:26.0609 3500 [ 0776CF79590BDEF0A2728B0B9A813B96 ] C:\Windows\System32\userenv.dll
00:22:26.0609 3500 C:\Windows\System32\userenv.dll - ok
00:22:26.0609 3500 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
00:22:26.0609 3500 C:\Windows\System32\gpapi.dll - ok
00:22:26.0609 3500 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
00:22:26.0609 3500 C:\Windows\System32\pcwum.dll - ok
00:22:26.0609 3500 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
00:22:26.0609 3500 C:\Windows\System32\umpo.dll - ok
00:22:26.0609 3500 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
00:22:26.0609 3500 C:\Windows\System32\powrprof.dll - ok
00:22:26.0625 3500 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
00:22:26.0625 3500 C:\Windows\System32\drivers\luafv.sys - ok
00:22:26.0625 3500 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] C:\Windows\System32\drivers\aswFsBlk.sys
00:22:26.0625 3500 C:\Windows\System32\drivers\aswFsBlk.sys - ok
00:22:26.0625 3500 [ AA9FDE3D630160B47DAB21BF8250111C ] C:\Windows\System32\drivers\aswMonFlt.sys
00:22:26.0625 3500 C:\Windows\System32\drivers\aswMonFlt.sys - ok
00:22:26.0625 3500 [ 7CADC74271DD6461C452C271B30BD378 ] C:\Windows\System32\drivers\WUDFPf.sys
00:22:26.0625 3500 C:\Windows\System32\drivers\WUDFPf.sys - ok
00:22:26.0640 3500 [ 7266972E86890E2B30C0C322E906B027 ] C:\Windows\System32\rpcss.dll
00:22:26.0640 3500 C:\Windows\System32\rpcss.dll - ok
00:22:26.0640 3500 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
00:22:26.0640 3500 C:\Windows\System32\RpcEpMap.dll - ok
00:22:26.0640 3500 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
00:22:26.0640 3500 C:\Windows\System32\wshqos.dll - ok
00:22:26.0640 3500 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
00:22:26.0640 3500 C:\Windows\System32\WSHTCPIP.DLL - ok
00:22:26.0640 3500 [ D696F317BD465A602566F8E1DCCE15F7 ] C:\Windows\System32\atiesrxx.exe
00:22:26.0640 3500 C:\Windows\System32\atiesrxx.exe - ok
00:22:26.0656 3500 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
00:22:26.0656 3500 C:\Windows\System32\FirewallAPI.dll - ok
00:22:26.0656 3500 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
00:22:26.0656 3500 C:\Windows\System32\wtsapi32.dll - ok
00:22:26.0656 3500 [ 93E6A39B1DB898F7C949FA5567E774CF ] C:\Windows\System32\LogonUI.exe
00:22:26.0656 3500 C:\Windows\System32\LogonUI.exe - ok
00:22:26.0656 3500 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
00:22:26.0656 3500 C:\Windows\System32\version.dll - ok
00:22:26.0671 3500 [ 99ABDA9C92EC76CBAF52F00239D909C9 ] C:\Windows\System32\wevtsvc.dll
00:22:26.0671 3500 C:\Windows\System32\wevtsvc.dll - ok
00:22:26.0671 3500 [ 07721A77180EDD4D39CCB865BF63C7FD ] C:\Windows\System32\audiosrv.dll
00:22:26.0671 3500 C:\Windows\System32\audiosrv.dll - ok
00:22:26.0671 3500 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
00:22:26.0671 3500 C:\Windows\System32\avrt.dll - ok
00:22:26.0671 3500 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
00:22:26.0671 3500 C:\Windows\System32\mmcss.dll - ok
00:22:26.0671 3500 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
00:22:26.0671 3500 C:\Windows\System32\wlansvc.dll - ok
00:22:26.0687 3500 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
00:22:26.0687 3500 C:\Windows\System32\adtschema.dll - ok
00:22:26.0687 3500 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
00:22:26.0687 3500 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
00:22:26.0687 3500 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
00:22:26.0687 3500 C:\Windows\System32\MMDevAPI.dll - ok
00:22:26.0687 3500 [ B27EA141A7E748B607600A8551A44D5A ] C:\Windows\System32\propsys.dll
00:22:26.0687 3500 C:\Windows\System32\propsys.dll - ok
00:22:26.0687 3500 [ D152EBC32A23069F8AA1D1F24B15E3F9 ] C:\Windows\System32\audiodg.exe
00:22:26.0687 3500 C:\Windows\System32\audiodg.exe - ok
00:22:26.0703 3500 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
00:22:26.0703 3500 C:\Windows\System32\ntmarta.dll - ok
00:22:26.0703 3500 [ 873FBF927C06E5CEE04DEC617502F8FD ] C:\Windows\System32\cscsvc.dll
00:22:26.0703 3500 C:\Windows\System32\cscsvc.dll - ok
00:22:26.0703 3500 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
00:22:26.0703 3500 C:\Windows\System32\PeerDist.dll - ok
00:22:26.0703 3500 [ FE5AB4525BC2EC68B9119A6E5D40128B ] C:\Windows\System32\gpsvc.dll
00:22:26.0703 3500 C:\Windows\System32\gpsvc.dll - ok
00:22:26.0718 3500 [ 86E3822A34D454032D8E88C72AE8CF2D ] C:\Windows\System32\nlaapi.dll
00:22:26.0718 3500 C:\Windows\System32\nlaapi.dll - ok
00:22:26.0718 3500 [ 45B3E14C535C9CC862A969511464B352 ] C:\Windows\System32\themeservice.dll
00:22:26.0718 3500 C:\Windows\System32\themeservice.dll - ok
00:22:26.0718 3500 [ F381975E1F4346DE875CB07339CE8D3A ] C:\Windows\System32\profsvc.dll
00:22:26.0718 3500 C:\Windows\System32\profsvc.dll - ok
00:22:26.0718 3500 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
00:22:26.0718 3500 C:\Windows\System32\atl.dll - ok
00:22:26.0718 3500 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
00:22:26.0718 3500 C:\Windows\System32\dsrole.dll - ok
00:22:26.0734 3500 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
00:22:26.0734 3500 C:\Windows\System32\slc.dll - ok
00:22:26.0734 3500 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
00:22:26.0734 3500 C:\Windows\System32\es.dll - ok
00:22:26.0734 3500 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
00:22:26.0734 3500 C:\Windows\System32\comres.dll - ok
00:22:26.0734 3500 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
00:22:26.0734 3500 C:\Windows\System32\Sens.dll - ok
00:22:26.0749 3500 [ BCF0A980D21711E47D0803BDB0E99CAD ] C:\Windows\System32\authui.dll
00:22:26.0749 3500 C:\Windows\System32\authui.dll - ok
00:22:26.0749 3500 [ DBA90306A721FB922FDACED9E9728C28 ] C:\Windows\System32\cryptui.dll
00:22:26.0749 3500 C:\Windows\System32\cryptui.dll - ok
00:22:26.0749 3500 [ 113921FC4A80A3DDF646852998B836D0 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll
00:22:26.0749 3500 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll - ok
00:22:26.0749 3500 [ DC57BAF15064ECB79F6D2CCF352E1D88 ] C:\Windows\System32\taskschd.dll
00:22:26.0749 3500 C:\Windows\System32\taskschd.dll - ok
00:22:26.0749 3500 [ F66A12ACF2B2DB8C73A2C180F562E3EC ] C:\Windows\System32\mstask.dll
00:22:26.0749 3500 C:\Windows\System32\mstask.dll - ok
00:22:26.0765 3500 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
00:22:26.0765 3500 C:\Windows\System32\netprofm.dll - ok
00:22:26.0765 3500 [ 37B68E458C0BC255DF2FB7454D0798D3 ] C:\Windows\System32\WUDFPlatform.dll
00:22:26.0765 3500 C:\Windows\System32\WUDFPlatform.dll - ok
00:22:26.0765 3500 [ F7866AF72ABBAF84B1FA5AA195378C59 ] C:\Windows\System32\drivers\fltMgr.sys
00:22:26.0765 3500 C:\Windows\System32\drivers\fltMgr.sys - ok
00:22:26.0765 3500 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
00:22:26.0765 3500 C:\Windows\System32\PSHED.DLL - ok
00:22:26.0781 3500 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
00:22:26.0781 3500 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
00:22:26.0781 3500 [ 84F8C8B9FB1F12532999D25F5DD7E77C ] C:\Windows\System32\shacct.dll
00:22:26.0781 3500 C:\Windows\System32\shacct.dll - ok
00:22:26.0781 3500 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
00:22:26.0781 3500 C:\Windows\System32\samlib.dll - ok
00:22:26.0781 3500 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
00:22:26.0781 3500 C:\Windows\System32\uxsms.dll - ok
00:22:26.0781 3500 [ B551D6637AA0E132C18AC6E504F7B79B ] C:\Windows\System32\WUDFSvc.dll
00:22:26.0781 3500 C:\Windows\System32\WUDFSvc.dll - ok
00:22:26.0796 3500 [ 0486B811C6F42FDFB5E544A6CA25D16A ] C:\Windows\System32\uxtheme.dll
00:22:26.0796 3500 C:\Windows\System32\uxtheme.dll - ok
00:22:26.0796 3500 [ 01F92AA50D03D67A88579D496311B4B6 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\GdiPlus.dll
00:22:26.0796 3500 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\GdiPlus.dll - ok
00:22:26.0796 3500 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] C:\Windows\System32\drivers\fssfltr.sys
00:22:26.0796 3500 C:\Windows\System32\drivers\fssfltr.sys - ok
00:22:26.0796 3500 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
00:22:26.0796 3500 C:\Windows\System32\drivers\lltdio.sys - ok
00:22:26.0812 3500 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
00:22:26.0812 3500 C:\Windows\System32\drivers\nwifi.sys - ok
00:22:26.0812 3500 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] C:\Windows\System32\drivers\ndisuio.sys
00:22:26.0812 3500 C:\Windows\System32\drivers\ndisuio.sys - ok
00:22:26.0812 3500 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
00:22:26.0812 3500 C:\Windows\System32\drivers\rspndr.sys - ok
00:22:26.0812 3500 [ 57FE2CFC2F25C200499D5D934EA24EB5 ] C:\Windows\System32\IPHLPAPI.DLL
00:22:26.0812 3500 C:\Windows\System32\IPHLPAPI.DLL - ok
00:22:26.0827 3500 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
00:22:26.0827 3500 C:\Windows\System32\lmhsvc.dll - ok
00:22:26.0827 3500 [ FD5BA198F7190DFE9BE1947EB8710396 ] C:\Windows\System32\nrpsrv.dll
00:22:26.0827 3500 C:\Windows\System32\nrpsrv.dll - ok
00:22:26.0827 3500 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
00:22:26.0827 3500 C:\Windows\System32\nsisvc.dll - ok
00:22:26.0827 3500 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
00:22:26.0827 3500 C:\Windows\System32\winnsi.dll - ok
00:22:26.0827 3500 [ CE3B9562D997F69B330D181A8875960F ] C:\Windows\System32\dhcpcore.dll
00:22:26.0827 3500 C:\Windows\System32\dhcpcore.dll - ok
00:22:26.0843 3500 [ 85CF424C74A1D5EC33533E1DBFF9920A ] C:\Windows\System32\dnsrslvr.dll
00:22:26.0843 3500 C:\Windows\System32\dnsrslvr.dll - ok
00:22:26.0843 3500 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
00:22:26.0843 3500 C:\Windows\System32\eapsvc.dll - ok
00:22:26.0843 3500 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
00:22:26.0843 3500 C:\Windows\System32\keyiso.dll - ok
00:22:26.0843 3500 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
00:22:26.0843 3500 C:\Windows\System32\dui70.dll - ok
00:22:26.0859 3500 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
00:22:26.0859 3500 C:\Windows\System32\duser.dll - ok
00:22:26.0859 3500 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
00:22:26.0859 3500 C:\Windows\System32\winmm.dll - ok
00:22:26.0859 3500 [ B2E3D4BB3389817FB5E4CD9378BC8791 ] C:\Windows\System32\SndVolSSO.dll
00:22:26.0859 3500 C:\Windows\System32\SndVolSSO.dll - ok
00:22:26.0859 3500 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
00:22:26.0859 3500 C:\Windows\System32\hid.dll - ok
00:22:26.0859 3500 [ 30F9BACA07F8251D7DD1805A9E919CE0 ] C:\Windows\System32\wdmaud.drv
00:22:26.0859 3500 C:\Windows\System32\wdmaud.drv - ok
00:22:26.0874 3500 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
00:22:26.0874 3500 C:\Windows\System32\ksuser.dll - ok
00:22:26.0874 3500 [ 982F5395AD181179320083A4FA7E7CA8 ] C:\Windows\System32\eapphost.dll
00:22:26.0874 3500 C:\Windows\System32\eapphost.dll - ok
00:22:26.0874 3500 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
00:22:26.0874 3500 C:\Windows\System32\FWPUCLNT.DLL - ok
00:22:26.0874 3500 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
00:22:26.0874 3500 C:\Windows\System32\dhcpcsvc.dll - ok
00:22:26.0874 3500 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
00:22:26.0874 3500 C:\Windows\System32\dnsext.dll - ok
00:22:26.0890 3500 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
00:22:26.0890 3500 C:\Windows\System32\dhcpcsvc6.dll - ok
00:22:26.0890 3500 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
00:22:26.0890 3500 C:\Windows\System32\dhcpcore6.dll - ok
00:22:26.0890 3500 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
00:22:26.0890 3500 C:\Windows\System32\dwmapi.dll - ok
00:22:26.0890 3500 [ D6F630C1FD7F436316093AE500363B19 ] C:\Windows\System32\xmllite.dll
00:22:26.0890 3500 C:\Windows\System32\xmllite.dll - ok
00:22:26.0905 3500 [ 81D64E8D70E5FBF9F7ABF2D41154F54D ] C:\Windows\System32\AudioSes.dll
00:22:26.0905 3500 C:\Windows\System32\AudioSes.dll - ok
00:22:26.0905 3500 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
00:22:26.0905 3500 C:\Windows\System32\midimap.dll - ok
00:22:26.0905 3500 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
00:22:26.0905 3500 C:\Windows\System32\msacm32.dll - ok
00:22:26.0905 3500 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
00:22:26.0905 3500 C:\Windows\System32\msacm32.drv - ok
00:22:26.0905 3500 [ EA99F234843BBDDA1ABD2767111ADE25 ] C:\Windows\System32\WindowsCodecs.dll
00:22:26.0905 3500 C:\Windows\System32\WindowsCodecs.dll - ok
00:22:26.0921 3500 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
00:22:26.0921 3500 C:\Windows\System32\WMALFXGFXDSP.dll - ok
00:22:26.0921 3500 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
00:22:26.0921 3500 C:\Windows\System32\mfplat.dll - ok
00:22:26.0921 3500 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
00:22:26.0921 3500 C:\Windows\System32\l3codeca.acm - ok
00:22:26.0921 3500 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
00:22:26.0921 3500 C:\Windows\System32\AudioEng.dll - ok
00:22:26.0921 3500 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
00:22:26.0921 3500 C:\Windows\System32\AUDIOKSE.dll - ok
00:22:26.0937 3500 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
00:22:26.0937 3500 C:\Windows\System32\VaultCredProvider.dll - ok
00:22:26.0937 3500 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
00:22:26.0937 3500 C:\Windows\System32\winbrand.dll - ok
00:22:26.0937 3500 [ 2A381A9740165D7A1405148B6DFB3E38 ] C:\Windows\System32\SmartcardCredentialProvider.dll
00:22:26.0937 3500 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
00:22:26.0937 3500 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
00:22:26.0937 3500 C:\Windows\System32\BioCredProv.dll - ok
00:22:26.0952 3500 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
00:22:26.0952 3500 C:\Windows\System32\winbio.dll - ok
00:22:26.0952 3500 [ 97D38371502AA797DB14EB1FA5FCE4CD ] C:\Windows\System32\credui.dll
00:22:26.0952 3500 C:\Windows\System32\credui.dll - ok
00:22:26.0952 3500 [ 1C10772935D67F74ABDFE542ECE7551D ] C:\Windows\System32\netapi32.dll
00:22:26.0952 3500 C:\Windows\System32\netapi32.dll - ok
00:22:26.0952 3500 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
00:22:26.0952 3500 C:\Windows\System32\vaultcli.dll - ok
00:22:26.0968 3500 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
00:22:26.0968 3500 C:\Windows\System32\certCredProvider.dll - ok
00:22:26.0968 3500 [ 4C8C2F987FC397DCE98874D6C9C0736A ] C:\Windows\System32\netutils.dll
00:22:26.0968 3500 C:\Windows\System32\netutils.dll - ok
00:22:26.0968 3500 [ A87205FE194B239D8D96E4972B779CC1 ] C:\Windows\System32\samcli.dll
00:22:26.0968 3500 C:\Windows\System32\samcli.dll - ok
00:22:26.0968 3500 [ B33CBD1A8C2A33121321D0FEBD7DD870 ] C:\Windows\System32\wkscli.dll
00:22:26.0968 3500 C:\Windows\System32\wkscli.dll - ok
00:22:26.0968 3500 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
00:22:26.0968 3500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
00:22:26.0983 3500 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
00:22:26.0983 3500 C:\Windows\System32\rasplap.dll - ok
00:22:26.0983 3500 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
00:22:26.0983 3500 C:\Windows\System32\rasapi32.dll - ok
00:22:26.0983 3500 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
00:22:26.0983 3500 C:\Windows\System32\rasman.dll - ok
00:22:26.0983 3500 [ F5A61F0A0030C80DF319B0C14A4C8885 ] C:\Windows\System32\rtutils.dll
00:22:26.0983 3500 C:\Windows\System32\rtutils.dll - ok
00:22:26.0983 3500 [ AF28348ED585539C4A33A4341FF23696 ] C:\Windows\System32\oleacc.dll
00:22:26.0983 3500 C:\Windows\System32\oleacc.dll - ok
00:22:26.0999 3500 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
00:22:26.0999 3500 C:\Windows\System32\UIAutomationCore.dll - ok
00:22:26.0999 3500 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
00:22:26.0999 3500 C:\Windows\System32\UXInit.dll - ok
00:22:26.0999 3500 [ 2017BFE87CAB3D7EF632CFD2AA08D3F0 ] C:\Windows\System32\umb.dll
00:22:26.0999 3500 C:\Windows\System32\umb.dll - ok
00:22:26.0999 3500 [ 48A31B7CF046702059A86836DC21D786 ] C:\Windows\System32\wlanmsm.dll
00:22:26.0999 3500 C:\Windows\System32\wlanmsm.dll - ok
00:22:27.0015 3500 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
00:22:27.0015 3500 C:\Windows\System32\wlansec.dll - ok
00:22:27.0015 3500 [ 00000000000000000000000000000000 ] C:\Windows\System32\imageres.dll
00:22:27.0015 3500 C:\Windows\System32\imageres.dll - ok
00:22:27.0015 3500 [ D2B0D1C2BE5ECA80387F7CB8626DCAFE ] C:\Windows\System32\onex.dll
00:22:27.0015 3500 C:\Windows\System32\onex.dll - ok
00:22:27.0015 3500 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
00:22:27.0015 3500 C:\Windows\System32\eappprxy.dll - ok
00:22:27.0015 3500 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
00:22:27.0015 3500 C:\Windows\System32\eappcfg.dll - ok
00:22:27.0030 3500 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
00:22:27.0030 3500 C:\Windows\System32\l2gpstore.dll - ok
00:22:27.0030 3500 [ 22E7431E7DAE8463AF94A79A054276E5 ] C:\Windows\System32\WinSCard.dll
00:22:27.0030 3500 C:\Windows\System32\WinSCard.dll - ok
00:22:27.0030 3500 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
00:22:27.0030 3500 C:\Windows\System32\wlanutil.dll - ok
00:22:27.0030 3500 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
00:22:27.0030 3500 C:\Windows\System32\wlgpclnt.dll - ok
00:22:27.0030 3500 [ C0AE5127F1803CDCDD5AC6CEC593FEC6 ] C:\Windows\System32\msxml6.dll
00:22:27.0030 3500 C:\Windows\System32\msxml6.dll - ok
00:22:27.0046 3500 [ 04AC21E821F259845BD7367CEE057290 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:22:27.0046 3500 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
00:22:27.0046 3500 [ 5ED76A46EFF78575F99D3BF3302889CF ] C:\Windows\SysWOW64\ntdll.dll
00:22:27.0046 3500 C:\Windows\SysWOW64\ntdll.dll - ok
00:22:27.0046 3500 [ 23D0CE89D5A6C87DFA023839FE7F4C37 ] C:\Windows\System32\atieclxx.exe
00:22:27.0046 3500 C:\Windows\System32\atieclxx.exe - ok
00:22:27.0046 3500 [ 8F6D9A20F1FB06F0602A7D5A82840DBF ] C:\Windows\System32\netcfgx.dll
00:22:27.0046 3500 C:\Windows\System32\netcfgx.dll - ok
00:22:27.0061 3500 [ 81D93344A7FF90C1802A021727813E9F ] C:\Windows\System32\atiadlxx.dll
00:22:27.0061 3500 C:\Windows\System32\atiadlxx.dll - ok
00:22:27.0061 3500 [ ADFDF57DC62AE66FE47D5AD1C838131B ] C:\Windows\System32\wow64.dll
00:22:27.0061 3500 C:\Windows\System32\wow64.dll - ok
00:22:27.0061 3500 [ E9727C5B096B0722BEBEE269ED841F37 ] C:\Windows\System32\wow64win.dll
00:22:27.0061 3500 C:\Windows\System32\wow64win.dll - ok
00:22:27.0061 3500 [ C0A718C7421975E8D25FF78271A8F54A ] C:\Windows\System32\wow64cpu.dll
00:22:27.0061 3500 C:\Windows\System32\wow64cpu.dll - ok
00:22:27.0077 3500 [ 4EA99F1644627B1EBAD99D0B93CDEE1C ] C:\Windows\SysWOW64\kernel32.dll
00:22:27.0077 3500 C:\Windows\SysWOW64\kernel32.dll - ok
00:22:27.0077 3500 [ 2BF12696F4AC8AFCFC06EAD6F8D2DB4C ] C:\Windows\SysWOW64\KernelBase.dll
00:22:27.0077 3500 C:\Windows\SysWOW64\KernelBase.dll - ok
00:22:27.0077 3500 [ E46D48A7FE961401F1CBF85531CDF05D ] C:\Windows\SysWOW64\msvcrt.dll
00:22:27.0077 3500 C:\Windows\SysWOW64\msvcrt.dll - ok
00:22:27.0077 3500 [ DAAE8A9B8C0ACC7F858454132553C30D ] C:\Windows\SysWOW64\ws2_32.dll
00:22:27.0077 3500 C:\Windows\SysWOW64\ws2_32.dll - ok
00:22:27.0077 3500 [ 90385551B6B3793E949DF310A11D64E7 ] C:\Windows\SysWOW64\rpcrt4.dll
00:22:27.0077 3500 C:\Windows\SysWOW64\rpcrt4.dll - ok
00:22:27.0093 3500 [ 46856447F0EBF2F7B2473660B056B419 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
00:22:27.0093 3500 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
00:22:27.0093 3500 [ 061E11A56CDCAB73188E216280C05D66 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
00:22:27.0093 3500 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
00:22:27.0093 3500 [ 3C1EE2FFFCBEF877934EFDF3A5C3BCB1 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
00:22:27.0093 3500 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
00:22:27.0093 3500 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
00:22:27.0093 3500 C:\Windows\SysWOW64\cryptbase.dll - ok
00:22:27.0108 3500 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
00:22:27.0108 3500 C:\Windows\SysWOW64\nsi.dll - ok
00:22:27.0108 3500 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
00:22:27.0108 3500 C:\Windows\SysWOW64\sechost.dll - ok
00:22:27.0108 3500 [ BFB4DB4681256116F69209C8D05032E0 ] C:\Windows\SysWOW64\sspicli.dll
00:22:27.0108 3500 C:\Windows\SysWOW64\sspicli.dll - ok
00:22:27.0108 3500 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
00:22:27.0108 3500 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
00:22:27.0108 3500 [ 861C4346F9281DC0380DE72C8D55D6BE ] C:\Windows\SysWOW64\user32.dll
00:22:27.0108 3500 C:\Windows\SysWOW64\user32.dll - ok
00:22:27.0124 3500 [ FBE1E0B9EF53B5BB7C36763AA6A685CF ] C:\Windows\SysWOW64\gdi32.dll
00:22:27.0124 3500 C:\Windows\SysWOW64\gdi32.dll - ok
00:22:27.0124 3500 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
00:22:27.0124 3500 C:\Windows\SysWOW64\lpk.dll - ok
00:22:27.0124 3500 [ 0BA19F3198C40AC4E8CC66EE02EDA6C6 ] C:\Windows\SysWOW64\usp10.dll
00:22:27.0124 3500 C:\Windows\SysWOW64\usp10.dll - ok
00:22:27.0124 3500 [ 0C65FA8214D6F8378D1D3BA1CA46AF0A ] C:\Windows\SysWOW64\advapi32.dll
00:22:27.0124 3500 C:\Windows\SysWOW64\advapi32.dll - ok
00:22:27.0124 3500 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
00:22:27.0124 3500 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
00:22:27.0139 3500 [ 1D716EB7BCC07F5B1EF442B13A5FDDFE ] C:\Program Files\AVAST Software\Avast\ashBase.dll
00:22:27.0139 3500 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
00:22:27.0139 3500 [ 42A6DC8B861EF5BD6AF8DC2CBD7DF321 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
00:22:27.0139 3500 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
00:22:27.0139 3500 [ 0DE3069D6E09BA262856EF31C941BEFE ] C:\Windows\SysWOW64\imm32.dll
00:22:27.0139 3500 C:\Windows\SysWOW64\imm32.dll - ok
00:22:27.0139 3500 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
00:22:27.0139 3500 C:\Windows\SysWOW64\psapi.dll - ok
00:22:27.0155 3500 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
00:22:27.0155 3500 C:\Windows\SysWOW64\version.dll - ok
00:22:27.0155 3500 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
00:22:27.0155 3500 C:\Windows\SysWOW64\wsock32.dll - ok
00:22:27.0155 3500 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
00:22:27.0155 3500 C:\Windows\SysWOW64\msctf.dll - ok
00:22:27.0155 3500 [ 79C7CFAEA6879A8C1A1E8B5FFE8983AA ] C:\Windows\SysWOW64\dbghelp.dll
00:22:27.0155 3500 C:\Windows\SysWOW64\dbghelp.dll - ok
00:22:27.0171 3500 [ 4CC47E4FEA86625FD5419D864E6A16D1 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
00:22:27.0171 3500 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
00:22:27.0171 3500 [ 7E118D66ECACCF3299F732ED0F3CE467 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
00:22:27.0171 3500 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
00:22:27.0171 3500 [ ADD9D33D685DFADDFAD5AFB42CF31A70 ] C:\Windows\SysWOW64\cscapi.dll
00:22:27.0171 3500 C:\Windows\SysWOW64\cscapi.dll - ok
00:22:27.0171 3500 [ C3DBF7DFF5A38136E26BADB7AB4E2972 ] C:\Windows\SysWOW64\netapi32.dll
00:22:27.0171 3500 C:\Windows\SysWOW64\netapi32.dll - ok
00:22:27.0171 3500 [ C6BB27D9A8AC13D4A44486F528B5C884 ] C:\Windows\SysWOW64\netutils.dll
00:22:27.0171 3500 C:\Windows\SysWOW64\netutils.dll - ok
00:22:27.0186 3500 [ 89D840773C9C4358A5031DCC860449EC ] C:\Windows\SysWOW64\srvcli.dll
00:22:27.0186 3500 C:\Windows\SysWOW64\srvcli.dll - ok
00:22:27.0186 3500 [ 7AD12703039056D2A0815F85960E1FA1 ] C:\Windows\SysWOW64\wkscli.dll
00:22:27.0186 3500 C:\Windows\SysWOW64\wkscli.dll - ok
00:22:27.0186 3500 [ DEA2847BFCD2BCCE777C27DB47A69EB8 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
00:22:27.0186 3500 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
00:22:27.0186 3500 [ 2566C94919F8F46215E38F3357011EBF ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
00:22:27.0186 3500 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
00:22:27.0202 3500 [ 3C1513365EFF8D185C5BB2BDEBBE5D3A ] C:\Program Files\AVAST Software\Avast\aswAux.dll
00:22:27.0202 3500 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
00:22:27.0202 3500 [ 3079F9345ED39D0E9DA1D5E8CC407235 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
00:22:27.0202 3500 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
00:22:27.0202 3500 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] C:\Windows\System32\shsvcs.dll
00:22:27.0202 3500 C:\Windows\System32\shsvcs.dll - ok
00:22:27.0202 3500 [ 1D445E0FD43BE0F81C07DFFBF6AB92EC ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
00:22:27.0202 3500 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
00:22:27.0217 3500 [ 662E62F776A508CA4C997F7DA8007769 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
00:22:27.0217 3500 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
00:22:27.0217 3500 [ E2C2D8C982316C8ABF800C6CE3F28FAB ] C:\Windows\SysWOW64\ole32.dll
00:22:27.0217 3500 C:\Windows\SysWOW64\ole32.dll - ok
00:22:27.0217 3500 [ 3A2CF698443EAD2C14CF528B4F2A51A0 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
00:22:27.0217 3500 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
00:22:27.0217 3500 [ C5DBD35CF4EB0CB8E72A7B6DA2EDEA51 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
00:22:27.0217 3500 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
00:22:27.0217 3500 [ 0F84219E9FC89D4FEC963F78E4983E0B ] C:\Program Files\AVAST Software\Avast\aswDld.dll
00:22:27.0217 3500 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
00:22:27.0233 3500 [ 35BD2AABE21E86D760D4FB93225D8BB4 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
00:22:27.0233 3500 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
00:22:27.0233 3500 [ 3B3AD17FAAA838CC0368F0947B5D43DB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
00:22:27.0233 3500 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
00:22:27.0233 3500 [ 1B38A0F123FCF1546FACEAF1EFAFAA00 ] C:\Windows\System32\fveapi.dll
00:22:27.0233 3500 C:\Windows\System32\fveapi.dll - ok
00:22:27.0233 3500 [ F037DB14CF6165C62F4A64D12A25B07C ] C:\Windows\SysWOW64\shlwapi.dll
00:22:27.0233 3500 C:\Windows\SysWOW64\shlwapi.dll - ok
00:22:27.0249 3500 [ E702ED19C332C1F12C1403D100E2F4F3 ] C:\Windows\SysWOW64\cfgmgr32.dll
00:22:27.0249 3500 C:\Windows\SysWOW64\cfgmgr32.dll - ok
00:22:27.0249 3500 [ E30E5BB0DBA49EFE5BBBAFEA440CFBD9 ] C:\Windows\SysWOW64\wtsapi32.dll
00:22:27.0249 3500 C:\Windows\SysWOW64\wtsapi32.dll - ok
00:22:27.0249 3500 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
00:22:27.0249 3500 C:\Windows\System32\fvecerts.dll - ok
00:22:27.0249 3500 [ 624D0F5FF99428BB90A5B8A4123E918E ] C:\Windows\System32\schedsvc.dll
00:22:27.0249 3500 C:\Windows\System32\schedsvc.dll - ok
00:22:27.0249 3500 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
00:22:27.0249 3500 C:\Windows\System32\tbs.dll - ok
00:22:27.0264 3500 [ 6C0BD9D59C7E97DEE2FB3407D17BF697 ] C:\Windows\SysWOW64\RpcRtRemote.dll
00:22:27.0264 3500 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
00:22:27.0264 3500 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
00:22:27.0264 3500 C:\Windows\System32\ktmw32.dll - ok
00:22:27.0264 3500 [ 705C210EFC5564BE49EB026BD7AFF27A ] C:\Windows\SysWOW64\oleaut32.dll
00:22:27.0264 3500 C:\Windows\SysWOW64\oleaut32.dll - ok
00:22:27.0264 3500 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
00:22:27.0264 3500 C:\Windows\SysWOW64\wscisvif.dll - ok
00:22:27.0280 3500 [ 1869C1A8ABB6D3E0B7FA81EE4346DC14 ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswEngin.dll
00:22:27.0280 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswEngin.dll - ok
00:22:27.0280 3500 [ 374B26395852A9092BDE2E4C8D4D0C8D ] C:\Windows\SysWOW64\wscapi.dll
00:22:27.0280 3500 C:\Windows\SysWOW64\wscapi.dll - ok
00:22:27.0280 3500 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
00:22:27.0280 3500 C:\Windows\System32\drivers\fastfat.sys - ok
00:22:27.0280 3500 [ 2935740E9E6B71C6D28CDA78E2ECDABD ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswCmnIS.dll
00:22:27.0280 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswCmnIS.dll - ok
00:22:27.0280 3500 [ 9AB833956EB46BA28FAE9611569AB921 ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswCmnOS.dll
00:22:27.0280 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswCmnOS.dll - ok
00:22:27.0295 3500 [ AA11564CF8C3A8C70D707135264703A8 ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswCmnBS.dll
00:22:27.0295 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswCmnBS.dll - ok
00:22:27.0295 3500 [ 9AE6FE1CBC6D3654D1BE931B331176EC ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswRep.dll
00:22:27.0295 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswRep.dll - ok
00:22:27.0295 3500 [ 45551558282528DD5AD76606D51E6F09 ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswScan.dll
00:22:27.0295 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswScan.dll - ok
00:22:27.0295 3500 [ 6F870133450801AAAF72AAB95AB58F95 ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswFiDb.dll
00:22:27.0295 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswFiDb.dll - ok
00:22:27.0311 3500 [ 1B547066D0A6CD40EB3BAAC6A9C7E7A9 ] C:\Windows\System32\taskcomp.dll
00:22:27.0311 3500 C:\Windows\System32\taskcomp.dll - ok
00:22:27.0311 3500 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] C:\Windows\System32\drivers\http.sys
00:22:27.0311 3500 C:\Windows\System32\drivers\http.sys - ok
00:22:27.0311 3500 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] C:\Windows\System32\spoolsv.exe
00:22:27.0311 3500 C:\Windows\System32\spoolsv.exe - ok
00:22:27.0311 3500 [ 9F2E0EE5A4184E012E1B1D30F6FBB9FC ] C:\Program Files\AVAST Software\Avast\defs\12101501\algo.dll
00:22:27.0311 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\algo.dll - ok
00:22:27.0327 3500 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] C:\Windows\System32\drivers\srvnet.sys
00:22:27.0327 3500 C:\Windows\System32\drivers\srvnet.sys - ok
00:22:27.0327 3500 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
00:22:27.0327 3500 C:\Windows\SysWOW64\fltLib.dll - ok
00:22:27.0327 3500 [ E73F21A566A81CD30CB63E8F006056BE ] C:\Windows\SysWOW64\secur32.dll
00:22:27.0327 3500 C:\Windows\SysWOW64\secur32.dll - ok
00:22:27.0327 3500 [ AE5FF948400A51B040F999BF04290373 ] C:\Windows\SysWOW64\winsta.dll
00:22:27.0327 3500 C:\Windows\SysWOW64\winsta.dll - ok
00:22:27.0342 3500 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
00:22:27.0342 3500 C:\Windows\System32\wiarpc.dll - ok
00:22:27.0342 3500 [ 545DE96D552AEDCDE95D1C86BDC9B95B ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
00:22:27.0342 3500 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
00:22:27.0342 3500 [ D7BF4E050440CF0B7B2A2596F0F370F3 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
00:22:27.0342 3500 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
00:22:27.0342 3500 [ 37DAD7CA011038616E067C8F62029FD0 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
00:22:27.0342 3500 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
00:22:27.0342 3500 [ 8122EE05F327EF470670E2CDDFFEB929 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
00:22:27.0342 3500 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
00:22:27.0358 3500 [ EFFA04908678EF527EA32B2E2EE6EC93 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
00:22:27.0358 3500 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
00:22:27.0358 3500 [ A5905C582C88AE8D56834CE4A3627FD1 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
00:22:27.0358 3500 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
00:22:27.0358 3500 [ 9207F1A1440EAF18BE0D0C1D487E4F02 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
00:22:27.0358 3500 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
00:22:27.0358 3500 [ 4509D54DF9276534AC433F80E8392206 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
00:22:27.0358 3500 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
00:22:27.0373 3500 [ 9B1B3C9FC4011CB5A6C6423ABEEB3793 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
00:22:27.0373 3500 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
00:22:27.0373 3500 [ 19D20159708E152267E53B66677A4995 ] C:\Windows\System32\drivers\bowser.sys
00:22:27.0373 3500 C:\Windows\System32\drivers\bowser.sys - ok
00:22:27.0373 3500 [ 040D62A9D8AD28922632137ACDD984F2 ] C:\Windows\System32\drivers\mrxsmb.sys
00:22:27.0373 3500 C:\Windows\System32\drivers\mrxsmb.sys - ok
00:22:27.0373 3500 [ F0067552F8F9B33D7C59403AB808A3CB ] C:\Windows\System32\drivers\mrxsmb10.sys
00:22:27.0373 3500 C:\Windows\System32\drivers\mrxsmb10.sys - ok
00:22:27.0389 3500 [ 3C142D31DE9F2F193218A53FE2632051 ] C:\Windows\System32\drivers\mrxsmb20.sys
00:22:27.0389 3500 C:\Windows\System32\drivers\mrxsmb20.sys - ok
00:22:27.0389 3500 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
00:22:27.0389 3500 C:\Windows\System32\dllhost.exe - ok
00:22:27.0389 3500 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] C:\Windows\System32\drivers\srv2.sys
00:22:27.0389 3500 C:\Windows\System32\drivers\srv2.sys - ok
00:22:27.0389 3500 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] C:\Windows\System32\wkssvc.dll
00:22:27.0389 3500 C:\Windows\System32\wkssvc.dll - ok
00:22:27.0389 3500 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
00:22:27.0389 3500 C:\Windows\System32\IDStore.dll - ok
00:22:27.0405 3500 [ BC052EFAD10ACA1AD69545B629F50D99 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll
00:22:27.0405 3500 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll - ok
00:22:27.0405 3500 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
00:22:27.0405 3500 C:\Windows\System32\AtBroker.exe - ok
00:22:27.0405 3500 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
00:22:27.0405 3500 C:\Windows\System32\mpr.dll - ok
00:22:27.0405 3500 [ 6F8F1376A13114CC10C0E69274F5A4DE ] C:\Windows\System32\userinit.exe
00:22:27.0405 3500 C:\Windows\System32\userinit.exe - ok
00:22:27.0405 3500 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
00:22:27.0405 3500 C:\Windows\System32\dwm.exe - ok
00:22:27.0420 3500 [ EF184066A851E7838D5BF8C8FAE66CC4 ] C:\Windows\System32\dwmredir.dll
00:22:27.0420 3500 C:\Windows\System32\dwmredir.dll - ok
00:22:27.0420 3500 [ 9D8AB964CE511AF81207DF0E1205184C ] C:\Windows\System32\dwmcore.dll
00:22:27.0420 3500 C:\Windows\System32\dwmcore.dll - ok
00:22:27.0420 3500 [ C5148DDA65E361A78F6372CCA637A5EE ] C:\Windows\System32\d3d10_1.dll
00:22:27.0420 3500 C:\Windows\System32\d3d10_1.dll - ok
00:22:27.0420 3500 [ 7C0C964394EEEC9720388CD5DA1F5323 ] C:\Windows\System32\d3d10_1core.dll
00:22:27.0420 3500 C:\Windows\System32\d3d10_1core.dll - ok
00:22:27.0436 3500 [ D95DB5C915C001F78709C17285109BDC ] C:\Windows\System32\dxgi.dll
00:22:27.0436 3500 C:\Windows\System32\dxgi.dll - ok
00:22:27.0436 3500 [ 9AAAEC8DAC27AA17B053E6352AD233AE ] C:\Windows\explorer.exe
00:22:27.0436 3500 C:\Windows\explorer.exe - ok
00:22:27.0436 3500 [ 0F3B5AA11D6003C851D6A9D2450DC9E1 ] C:\Windows\System32\atidxx64.dll
00:22:27.0436 3500 C:\Windows\System32\atidxx64.dll - ok
00:22:27.0436 3500 [ 1C27E145EC99F20BC1B13FD98165A83F ] C:\Windows\System32\ExplorerFrame.dll
00:22:27.0436 3500 C:\Windows\System32\ExplorerFrame.dll - ok
00:22:27.0436 3500 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
00:22:27.0436 3500 C:\Windows\System32\uDWM.dll - ok
00:22:27.0451 3500 [ C58687487F15A3C14B6A18416F055A5B ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
00:22:27.0451 3500 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
00:22:27.0451 3500 [ A38A290E27AFE18D7D5F3CFD33FEF47D ] C:\Windows\System32\msi.dll
00:22:27.0451 3500 C:\Windows\System32\msi.dll - ok
00:22:27.0451 3500 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
00:22:27.0451 3500 C:\Windows\System32\EhStorShell.dll - ok
00:22:27.0451 3500 [ 659B7036757FEEBDC4FA2D724B0C858A ] C:\Windows\System32\cscui.dll
00:22:27.0451 3500 C:\Windows\System32\cscui.dll - ok
00:22:27.0467 3500 [ 5B840D903BA3B8E066B47F1221786FD0 ] C:\Windows\System32\cscdll.dll
00:22:27.0467 3500 C:\Windows\System32\cscdll.dll - ok
00:22:27.0467 3500 [ BFEBE1E4B301F44CEA7C1B4021BD0264 ] C:\Windows\System32\cscapi.dll
00:22:27.0467 3500 C:\Windows\System32\cscapi.dll - ok
00:22:27.0467 3500 [ 0DFBB6B13ACFBDEE0E7DF0FD145614AC ] C:\Windows\System32\ntshrui.dll
00:22:27.0467 3500 C:\Windows\System32\ntshrui.dll - ok
00:22:27.0467 3500 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
00:22:27.0467 3500 C:\Windows\System32\IconCodecService.dll - ok
00:22:27.0467 3500 [ 6AB6D4DF10EC784CF4A66CBFAF417A11 ] C:\Windows\System32\runonce.exe
00:22:27.0467 3500 C:\Windows\System32\runonce.exe - ok
00:22:27.0483 3500 [ 169F916EFEAA44487E65305B7D2D754B ] C:\Windows\SysWOW64\runonce.exe
00:22:27.0483 3500 C:\Windows\SysWOW64\runonce.exe - ok
00:22:27.0483 3500 [ 4B8DD8541C0E26602005DD0137333615 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
00:22:27.0483 3500 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll - ok
00:22:27.0483 3500 [ 94FBC06F294D58D02361918418F996E3 ] C:\Windows\System32\browser.dll
00:22:27.0483 3500 C:\Windows\System32\browser.dll - ok
00:22:27.0483 3500 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] C:\Windows\System32\drivers\srv.sys
00:22:27.0483 3500 C:\Windows\System32\drivers\srv.sys - ok
00:22:27.0498 3500 [ 81F1D04D4D0E433099365127375FD501 ] C:\Windows\System32\srvsvc.dll
00:22:27.0498 3500 C:\Windows\System32\srvsvc.dll - ok
00:22:27.0498 3500 [ 4EAE37133B78A26A84EA1649D9B21A1E ] C:\Windows\System32\clusapi.dll
00:22:27.0498 3500 C:\Windows\System32\clusapi.dll - ok
00:22:27.0498 3500 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
00:22:27.0498 3500 C:\Windows\System32\netmsg.dll - ok
00:22:27.0498 3500 [ 836892094209E5D9CF403B4CF2829B5C ] C:\Windows\System32\sscore.dll
00:22:27.0498 3500 C:\Windows\System32\sscore.dll - ok
00:22:27.0498 3500 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
00:22:27.0498 3500 C:\Windows\System32\resutils.dll - ok
00:22:27.0514 3500 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:22:27.0514 3500 C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:22:27.0514 3500 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
00:22:27.0514 3500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
00:22:27.0514 3500 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
00:22:27.0514 3500 C:\Windows\System32\rasadhlp.dll - ok
00:22:27.0514 3500 [ 13F03B7C59D28C82F6B689FF90003471 ] C:\Windows\System32\localspl.dll
00:22:27.0514 3500 C:\Windows\System32\localspl.dll - ok
00:22:27.0529 3500 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
00:22:27.0529 3500 C:\Windows\System32\spoolss.dll - ok
00:22:27.0529 3500 [ F401929EE0CC92BFE7F15161CA535383 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:22:27.0529 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
00:22:27.0529 3500 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
00:22:27.0529 3500 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
00:22:27.0529 3500 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:22:27.0529 3500 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:22:27.0545 3500 [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
00:22:27.0545 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
00:22:27.0545 3500 [ 53A6FFB9FFF5C3E64B64E9B68C31D4E5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
00:22:27.0545 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
00:22:27.0545 3500 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
00:22:27.0545 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
00:22:27.0545 3500 [ 8679917A54A08CE5B923A2D0A511BABD ] C:\Windows\SysWOW64\shell32.dll
00:22:27.0545 3500 C:\Windows\SysWOW64\shell32.dll - ok
00:22:27.0561 3500 [ 0D75A1CFD1215875C8DD0BB9AFF4695C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
00:22:27.0561 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
00:22:27.0561 3500 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12101501\ArPot.dll
00:22:27.0561 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\ArPot.dll - ok
00:22:27.0561 3500 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
00:22:27.0561 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
00:22:27.0561 3500 [ 285AC1245590372A88B75144A8656A5F ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
00:22:27.0561 3500 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
00:22:27.0576 3500 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
00:22:27.0576 3500 C:\Windows\SysWOW64\uxtheme.dll - ok
00:22:27.0576 3500 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
00:22:27.0576 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
00:22:27.0576 3500 [ 26A634B2E0FD87F23541AD13A503CA72 ] C:\Windows\SysWOW64\winmm.dll
00:22:27.0576 3500 C:\Windows\SysWOW64\winmm.dll - ok
00:22:27.0576 3500 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
00:22:27.0576 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
00:22:27.0592 3500 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12101501\exts.dll
00:22:27.0592 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\exts.dll - ok
00:22:27.0592 3500 [ 41323AB614A2B66AD77B1121D24AC895 ] C:\Windows\SysWOW64\setupapi.dll
00:22:27.0592 3500 C:\Windows\SysWOW64\setupapi.dll - ok
00:22:27.0592 3500 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
00:22:27.0592 3500 C:\Windows\SysWOW64\cryptsp.dll - ok
00:22:27.0592 3500 [ 11A41F17527ED75D6B758FDD7F4FD00D ] C:\Windows\SysWOW64\mswsock.dll
00:22:27.0592 3500 C:\Windows\SysWOW64\mswsock.dll - ok
00:22:27.0592 3500 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
00:22:27.0592 3500 C:\Windows\SysWOW64\rsaenh.dll - ok
00:22:27.0607 3500 [ F787D427F7EB96FBA1E495600BB8CD30 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
00:22:27.0607 3500 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
00:22:27.0607 3500 [ 045DB4EAB4FBD23210E85ECC3F464A2E ] C:\Windows\SysWOW64\nlaapi.dll
00:22:27.0607 3500 C:\Windows\SysWOW64\nlaapi.dll - ok
00:22:27.0607 3500 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
00:22:27.0607 3500 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
00:22:27.0607 3500 [ 62390F4ACE9E2B63E3CA26B7F7497897 ] C:\Windows\SysWOW64\dnsapi.dll
00:22:27.0607 3500 C:\Windows\SysWOW64\dnsapi.dll - ok
00:22:27.0607 3500 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
00:22:27.0607 3500 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
00:22:27.0623 3500 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
00:22:27.0623 3500 C:\Windows\SysWOW64\NapiNSP.dll - ok
00:22:27.0623 3500 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
00:22:27.0623 3500 C:\Windows\SysWOW64\pnrpnsp.dll - ok
00:22:27.0623 3500 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
00:22:27.0623 3500 C:\Windows\SysWOW64\winrnr.dll - ok
00:22:27.0623 3500 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
00:22:27.0623 3500 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
00:22:27.0639 3500 [ 6095266CAAF5E75F394CFD4844CC4C25 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
00:22:27.0639 3500 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
00:22:27.0639 3500 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
00:22:27.0639 3500 C:\Windows\SysWOW64\winnsi.dll - ok
00:22:27.0639 3500 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
00:22:27.0639 3500 C:\Windows\SysWOW64\clbcatq.dll - ok
00:22:27.0639 3500 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
00:22:27.0639 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
00:22:27.0639 3500 [ 6C9C05D5344B9AB80E9180FC859BC45A ] C:\Windows\SysWOW64\devobj.dll
00:22:27.0639 3500 C:\Windows\SysWOW64\devobj.dll - ok
00:22:27.0654 3500 [ 158117F3CF278F01C6F24E89E2141E81 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
00:22:27.0654 3500 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
00:22:27.0654 3500 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
00:22:27.0654 3500 C:\Windows\SysWOW64\rasadhlp.dll - ok
00:22:27.0654 3500 [ 4130D86B0642EFCBB65AD6B2C9BD022E ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
00:22:27.0654 3500 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
00:22:27.0654 3500 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
00:22:27.0654 3500 C:\Windows\SysWOW64\security.dll - ok
00:22:27.0670 3500 [ D3788D91530CFA005BD516189A4C676E ] C:\Windows\SysWOW64\wininet.dll
00:22:27.0670 3500 C:\Windows\SysWOW64\wininet.dll - ok
00:22:27.0670 3500 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
00:22:27.0670 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
00:22:27.0670 3500 [ 217557259182C86A6D3ADE11BC42B74A ] C:\Windows\SysWOW64\iertutil.dll
00:22:27.0670 3500 C:\Windows\SysWOW64\iertutil.dll - ok
00:22:27.0670 3500 [ 3BF5881CB3D3402ADE70BE9E96E18C67 ] C:\Windows\SysWOW64\urlmon.dll
00:22:27.0670 3500 C:\Windows\SysWOW64\urlmon.dll - ok
00:22:27.0685 3500 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
00:22:27.0685 3500 C:\Windows\SysWOW64\profapi.dll - ok
00:22:27.0685 3500 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
00:22:27.0685 3500 C:\Windows\SysWOW64\ntmarta.dll - ok
00:22:27.0685 3500 [ BFA70A99AD1434263F2DFBBA103BDEF8 ] C:\Windows\SysWOW64\Wldap32.dll
00:22:27.0685 3500 C:\Windows\SysWOW64\Wldap32.dll - ok
00:22:27.0685 3500 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
00:22:27.0685 3500 C:\Windows\SysWOW64\wscproxystub.dll - ok
00:22:27.0701 3500 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
00:22:27.0701 3500 C:\Windows\SysWOW64\wship6.dll - ok
00:22:27.0701 3500 [ 87F664BF0B8728382D03B2126127DC98 ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswAR.dll
00:22:27.0701 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswAR.dll - ok
00:22:27.0701 3500 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12101501\aswRawFS.dll
00:22:27.0701 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\aswRawFS.dll - ok
00:22:27.0701 3500 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
00:22:27.0701 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
00:22:27.0701 3500 [ 3B7D8EAE5E44CBDA4CD772720594F116 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
00:22:27.0701 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
00:22:27.0717 3500 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
00:22:27.0717 3500 C:\Windows\SysWOW64\dnssd.dll - ok
00:22:27.0717 3500 [ 9C0DC1DAAD14D443DD5A0D1EE78D775E ] C:\Windows\SysWOW64\userenv.dll
00:22:27.0717 3500 C:\Windows\SysWOW64\userenv.dll - ok
00:22:27.0717 3500 [ B0BF87F9E247BB0621BCE59EB8CD113F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
00:22:27.0717 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
00:22:27.0717 3500 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
00:22:27.0717 3500 C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:22:27.0732 3500 [ 1B399CC9E24C9D65CEBA5A807C4036D7 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
00:22:27.0732 3500 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
00:22:27.0732 3500 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
00:22:27.0732 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
00:22:27.0732 3500 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
00:22:27.0732 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
00:22:27.0732 3500 [ 28DDEEEC44E988657B732CF404D504CB ] C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:22:27.0732 3500 C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe - ok
00:22:27.0732 3500 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] C:\Windows\System32\dps.dll
00:22:27.0732 3500 C:\Windows\System32\dps.dll - ok
00:22:27.0748 3500 [ 2B460CA1AC9A2249C92E54E39A8ACF42 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
00:22:27.0748 3500 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
00:22:27.0748 3500 [ 742AA02BD9FA3492C9E525BBD427D87D ] C:\Windows\SysWOW64\samcli.dll
00:22:27.0748 3500 C:\Windows\SysWOW64\samcli.dll - ok
00:22:27.0748 3500 [ 02CDEB5D8B3DD5F6770DEFFBBC0CFAD0 ] C:\Windows\System32\winspool.drv
00:22:27.0748 3500 C:\Windows\System32\winspool.drv - ok
00:22:27.0748 3500 [ E6B5DE86ABF68D7D67E451C29287B5C5 ] C:\Windows\SysWOW64\crypt32.dll
00:22:27.0748 3500 C:\Windows\SysWOW64\crypt32.dll - ok
00:22:27.0763 3500 [ 4C04900AA8C323F5D4C316A89E976849 ] C:\Windows\SysWOW64\msasn1.dll
00:22:27.0763 3500 C:\Windows\SysWOW64\msasn1.dll - ok
00:22:27.0763 3500 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
00:22:27.0763 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
00:22:27.0763 3500 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
00:22:27.0763 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
00:22:27.0763 3500 [ F8090992723D55F6A2A8238F0D152149 ] C:\Windows\SysWOW64\wintrust.dll
00:22:27.0763 3500 C:\Windows\SysWOW64\wintrust.dll - ok
00:22:27.0779 3500 [ 8C57411B66282C01533CB776F98AD384 ] C:\Windows\System32\cryptsvc.dll
00:22:27.0779 3500 C:\Windows\System32\cryptsvc.dll - ok
00:22:27.0779 3500 [ A261AD1FDC6D6A658A82B81AF81B215F ] C:\Windows\System32\vssapi.dll
00:22:27.0779 3500 C:\Windows\System32\vssapi.dll - ok
00:22:27.0779 3500 [ CC9BBCFC715FBEDF7AE476106FE653E9 ] C:\Windows\SysWOW64\winhttp.dll
00:22:27.0779 3500 C:\Windows\SysWOW64\winhttp.dll - ok
00:22:27.0779 3500 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
00:22:27.0779 3500 C:\Windows\System32\vsstrace.dll - ok
00:22:27.0779 3500 [ 4FB96AACF2F05C7357546BECD7678863 ] C:\Windows\SysWOW64\webio.dll
00:22:27.0779 3500 C:\Windows\SysWOW64\webio.dll - ok
00:22:27.0795 3500 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
00:22:27.0795 3500 C:\Windows\SysWOW64\wevtapi.dll - ok
00:22:27.0795 3500 [ 4262220B609AD082CE66914172597A96 ] C:\Windows\SysWOW64\webservices.dll
00:22:27.0795 3500 C:\Windows\SysWOW64\webservices.dll - ok
00:22:27.0795 3500 [ 7C5567A00456F3A3A07800EBB3F351C4 ] C:\Windows\SysWOW64\d2d1.dll
00:22:27.0795 3500 C:\Windows\SysWOW64\d2d1.dll - ok
00:22:27.0795 3500 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
00:22:27.0795 3500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
00:22:27.0810 3500 [ 45406FFD87F6BA4345B018E303A64FF1 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\wlidcli.dll
00:22:27.0810 3500 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\wlidcli.dll - ok
00:22:27.0810 3500 [ 4D59A5B6EF0AF6F9FDF3D157534380AF ] C:\Windows\SysWOW64\oleacc.dll
00:22:27.0810 3500 C:\Windows\SysWOW64\oleacc.dll - ok
00:22:27.0810 3500 [ 3C33562F4FAE3D58E47F662DCE07675E ] C:\Windows\SysWOW64\WinSCard.dll
00:22:27.0810 3500 C:\Windows\SysWOW64\WinSCard.dll - ok
00:22:27.0810 3500 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] C:\Windows\System32\nlasvc.dll
00:22:27.0810 3500 C:\Windows\System32\nlasvc.dll - ok
00:22:27.0810 3500 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
00:22:27.0810 3500 C:\Windows\System32\drivers\PEAuth.sys - ok
00:22:27.0826 3500 [ 107F279517E2A04DB4AC1B1FAF1D573B ] C:\Windows\System32\ncsi.dll
00:22:27.0826 3500 C:\Windows\System32\ncsi.dll - ok
00:22:27.0826 3500 [ 0BF0C2A72F2CB0BA4382C392D3E331AF ] C:\Windows\System32\winhttp.dll
00:22:27.0826 3500 C:\Windows\System32\winhttp.dll - ok
00:22:27.0826 3500 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
00:22:27.0826 3500 C:\Windows\System32\drivers\secdrv.sys - ok
00:22:27.0826 3500 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
00:22:27.0826 3500 C:\Windows\System32\aepic.dll - ok
00:22:27.0841 3500 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
00:22:27.0841 3500 C:\Windows\System32\pcasvc.dll - ok
00:22:27.0841 3500 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
00:22:27.0841 3500 C:\Windows\System32\sfc.dll - ok
00:22:27.0841 3500 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
00:22:27.0841 3500 C:\Windows\System32\sfc_os.dll - ok
00:22:27.0841 3500 [ 3941179CA038E14640DEAF30A92A6F30 ] C:\Windows\System32\webio.dll
00:22:27.0841 3500 C:\Windows\System32\webio.dll - ok
00:22:27.0841 3500 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
00:22:27.0841 3500 C:\Windows\System32\ssdpapi.dll - ok
00:22:27.0857 3500 [ 539D0391B680E6FDF5D9004F42902B1B ] C:\Program Files (x86)\O2\bin\sprtsvc.exe
00:22:27.0857 3500 C:\Program Files (x86)\O2\bin\sprtsvc.exe - ok
00:22:27.0857 3500 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] C:\Windows\System32\wiaservc.dll
00:22:27.0857 3500 C:\Windows\System32\wiaservc.dll - ok
00:22:27.0857 3500 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
00:22:27.0857 3500 C:\Windows\System32\wiatrace.dll - ok
00:22:27.0857 3500 [ 5F856156F709DF40B42D36AE8A0F0695 ] C:\Windows\SysWOW64\msxml6.dll
00:22:27.0857 3500 C:\Windows\SysWOW64\msxml6.dll - ok
00:22:27.0873 3500 [ 4F7929CF9F4D7BC0A3086619659C2449 ] C:\Program Files (x86)\O2\bin\sprtsched.dll
00:22:27.0873 3500 C:\Program Files (x86)\O2\bin\sprtsched.dll - ok
00:22:27.0873 3500 [ 0A27E09EF67C8601D5922E7C13620825 ] C:\Program Files (x86)\O2\bin\sprtfod.dll
00:22:27.0873 3500 C:\Program Files (x86)\O2\bin\sprtfod.dll - ok
00:22:27.0873 3500 [ DDDC336BF8D60E7D5C3F60E026D26C96 ] C:\Program Files (x86)\O2\bin\sprtsync.dll
00:22:27.0873 3500 C:\Program Files (x86)\O2\bin\sprtsync.dll - ok
00:22:27.0873 3500 [ 26EAEE08CAF82AA7F03C5020F51DA541 ] C:\Windows\SysWOW64\propsys.dll
00:22:27.0873 3500 C:\Windows\SysWOW64\propsys.dll - ok
00:22:27.0873 3500 [ C2FA196F8DD651F04E120C7214F18FD1 ] C:\Program Files (x86)\O2\bin\libeay32.dll
00:22:27.0873 3500 C:\Program Files (x86)\O2\bin\libeay32.dll - ok
00:22:27.0888 3500 [ 61E02CC3184B63FAFE0B83EAC8B3B8EF ] C:\Windows\SysWOW64\winspool.drv
00:22:27.0888 3500 C:\Windows\SysWOW64\winspool.drv - ok
00:22:27.0888 3500 [ AE9369E60118BB81202B160D6B2CC5C2 ] C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe
00:22:27.0888 3500 C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe - ok
00:22:27.0888 3500 [ 68238EEFAD8FF737469C12E8D21A66F9 ] C:\Program Files (x86)\Common Files\SupportSoft\bin\msvcp60.dll
00:22:27.0888 3500 C:\Program Files (x86)\Common Files\SupportSoft\bin\msvcp60.dll - ok
00:22:27.0888 3500 [ 33212F09437DE21433156CF038D63821 ] C:\Program Files (x86)\Common Files\SupportSoft\bin\vnchooks.dll
00:22:27.0888 3500 C:\Program Files (x86)\Common Files\SupportSoft\bin\vnchooks.dll - ok
00:22:27.0904 3500 [ 76D078AF6F587B162D50210F761EB9ED ] C:\Windows\System32\drivers\tcpipreg.sys
00:22:27.0904 3500 C:\Windows\System32\drivers\tcpipreg.sys - ok
00:22:27.0904 3500 [ 3C1284516A62078FB68F768DE4F1A7BE ] C:\Windows\System32\sysmain.dll
00:22:27.0904 3500 C:\Windows\System32\sysmain.dll - ok
00:22:27.0904 3500 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:22:27.0904 3500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
00:22:27.0904 3500 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
00:22:27.0904 3500 C:\Windows\System32\wbem\WMIsvc.dll - ok
00:22:27.0904 3500 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
00:22:27.0904 3500 C:\Windows\System32\trkwks.dll - ok
00:22:27.0919 3500 [ FAF9BA81FB0543CB4B7EFFD24CFA815F ] C:\Windows\System32\wbemcomn.dll
00:22:27.0919 3500 C:\Windows\System32\wbemcomn.dll - ok
00:22:27.0919 3500 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
00:22:27.0919 3500 C:\Windows\System32\aeevts.dll - ok
00:22:27.0919 3500 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
00:22:27.0919 3500 C:\Windows\System32\wbem\WinMgmtR.dll - ok
00:22:27.0919 3500 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
00:22:27.0919 3500 C:\Windows\System32\wbem\fastprox.dll - ok
00:22:27.0935 3500 [ A7582A70802D5B9F28ED3940F6A3E9ED ] C:\Windows\System32\wbem\WmiDcPrv.dll
00:22:27.0935 3500 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
00:22:27.0935 3500 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
00:22:27.0935 3500 C:\Windows\System32\ntdsapi.dll - ok
00:22:27.0935 3500 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
00:22:27.0935 3500 C:\Windows\System32\wbem\wbemprox.dll - ok
00:22:27.0935 3500 [ C02E3CE20E7776C922B5C8938350B5F1 ] C:\Windows\SysWOW64\apphelp.dll
00:22:27.0935 3500 C:\Windows\SysWOW64\apphelp.dll - ok
00:22:27.0935 3500 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
00:22:27.0935 3500 C:\Windows\SysWOW64\regsvr32.exe - ok
00:22:27.0951 3500 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
00:22:27.0951 3500 C:\Windows\SysWOW64\es.dll - ok
00:22:27.0951 3500 [ CA4D2EB78DACAE26516757384390BCC6 ] C:\Program Files (x86)\Common Files\SupportSoft\bin\sprtlisten.exe
00:22:27.0951 3500 C:\Program Files (x86)\Common Files\SupportSoft\bin\sprtlisten.exe - ok
00:22:27.0951 3500 [ 3B9665D4B8C587A6014B9B8DFF5974A0 ] C:\Windows\System32\wbem\wbemcore.dll
00:22:27.0951 3500 C:\Windows\System32\wbem\wbemcore.dll - ok
00:22:27.0951 3500 [ 2BC1A0568CB27F7A3EB94DEEC1F04F5A ] C:\Program Files (x86)\O2\bin\sprthelper.exe
00:22:27.0951 3500 C:\Program Files (x86)\O2\bin\sprthelper.exe - ok
00:22:27.0966 3500 [ 62D6C0C69ADFB00C3EB9A0CC81F39EE6 ] C:\Windows\SysWOW64\WinSATAPI.dll
00:22:27.0966 3500 C:\Windows\SysWOW64\WinSATAPI.dll - ok
00:22:27.0966 3500 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
00:22:27.0966 3500 C:\Windows\SysWOW64\dwmapi.dll - ok
00:22:27.0966 3500 [ DD76301614636306414EFA94A9AC5A03 ] C:\Windows\SysWOW64\dxgi.dll
00:22:27.0966 3500 C:\Windows\SysWOW64\dxgi.dll - ok
00:22:27.0966 3500 [ EDB57065790B62EF83BE117AD3EDFDE2 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
00:22:27.0966 3500 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll - ok
00:22:27.0982 3500 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
00:22:27.0982 3500 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
00:22:27.0982 3500 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
00:22:27.0982 3500 C:\Windows\SysWOW64\Wpc.dll - ok
00:22:27.0982 3500 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
00:22:27.0982 3500 C:\Windows\SysWOW64\slc.dll - ok
00:22:27.0982 3500 [ 1CEDFE91F527858CACA1B08B04666BC0 ] C:\Windows\SysWOW64\wbem\fastprox.dll
00:22:27.0982 3500 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
00:22:27.0982 3500 [ 33CC7FFA41F6157592E1578BD253F30E ] C:\Windows\System32\PrintIsolationProxy.dll
00:22:27.0982 3500 C:\Windows\System32\PrintIsolationProxy.dll - ok
00:22:27.0997 3500 [ 20BEB8C403C6E28C9B13644787F5177D ] C:\Windows\System32\FXSMON.dll
00:22:27.0997 3500 C:\Windows\System32\FXSMON.dll - ok
00:22:27.0997 3500 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
00:22:27.0997 3500 C:\Windows\System32\hpz3lw71.dll - ok
00:22:27.0997 3500 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
00:22:27.0997 3500 C:\Windows\System32\tcpmon.dll - ok
00:22:27.0997 3500 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
00:22:27.0997 3500 C:\Windows\System32\snmpapi.dll - ok
00:22:27.0997 3500 [ AD7C70077D4C81558E909D34EF6B995E ] C:\Windows\System32\wsnmp32.dll
00:22:27.0997 3500 C:\Windows\System32\wsnmp32.dll - ok
00:22:28.0013 3500 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
00:22:28.0013 3500 C:\Windows\System32\usbmon.dll - ok
00:22:28.0013 3500 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
00:22:28.0013 3500 C:\Windows\System32\WSDMon.dll - ok
00:22:28.0013 3500 [ 05FE4A30177E858B51F5E1E970FE9925 ] C:\Windows\System32\WSDApi.dll
00:22:28.0013 3500 C:\Windows\System32\WSDApi.dll - ok
00:22:28.0013 3500 [ A3EA403D2B74C5F71B7E8B3DAE92DE1E ] C:\Windows\System32\webservices.dll
00:22:28.0013 3500 C:\Windows\System32\webservices.dll - ok
00:22:28.0013 3500 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
00:22:28.0013 3500 C:\Windows\System32\fdPnp.dll - ok
00:22:28.0029 3500 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
00:22:28.0029 3500 C:\Windows\System32\fundisc.dll - ok
00:22:28.0029 3500 [ 7EDB2BF840ECB14D6E6B11C035708719 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
00:22:28.0029 3500 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
00:22:28.0029 3500 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
00:22:28.0029 3500 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
00:22:28.0029 3500 [ 79A37AE3806851CB445C475D527CF685 ] C:\Windows\System32\win32spl.dll
00:22:28.0029 3500 C:\Windows\System32\win32spl.dll - ok
00:22:28.0044 3500 [ 17EAB1AEA937EFFCD107EFBA94FEDB34 ] C:\Windows\System32\inetpp.dll
00:22:28.0044 3500 C:\Windows\System32\inetpp.dll - ok
00:22:28.0044 3500 [ 96F3F676B4D0DF4DA9C4081358C4662F ] C:\Windows\SysWOW64\wbemcomn.dll
00:22:28.0044 3500 C:\Windows\SysWOW64\wbemcomn.dll - ok
00:22:28.0044 3500 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
00:22:28.0044 3500 C:\Windows\SysWOW64\ntdsapi.dll - ok
00:22:28.0044 3500 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
00:22:28.0044 3500 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
00:22:28.0060 3500 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
00:22:28.0060 3500 C:\Windows\System32\wbem\esscli.dll - ok
00:22:28.0060 3500 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
00:22:28.0060 3500 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
00:22:28.0060 3500 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
00:22:28.0060 3500 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
00:22:28.0075 3500 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
00:22:28.0075 3500 C:\Windows\System32\wbem\wbemsvc.dll - ok
00:22:28.0075 3500 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
00:22:28.0075 3500 C:\Windows\System32\wbem\wmiutils.dll - ok
00:22:28.0075 3500 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
00:22:28.0075 3500 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
00:22:28.0091 3500 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
00:22:28.0091 3500 C:\Windows\System32\wbem\repdrvfs.dll - ok
00:22:28.0091 3500 [ 82BC97E5793DEF69691AAD5AB953A200 ] C:\Windows\System32\wbem\WmiPrvSD.dll
00:22:28.0091 3500 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
00:22:28.0091 3500 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
00:22:28.0091 3500 C:\Windows\System32\ncobjapi.dll - ok
00:22:28.0107 3500 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
00:22:28.0107 3500 C:\Windows\System32\wbem\wbemess.dll - ok
00:22:28.0107 3500 [ 64D757051B5B273E55C93E4503EA4F3E ] C:\Windows\System32\wbem\WmiPrvSE.exe
00:22:28.0107 3500 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
00:22:28.0107 3500 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
00:22:28.0107 3500 C:\Windows\System32\msiltcfg.dll - ok
00:22:28.0122 3500 [ 691C8DFB208227F0CBB5C0897C742ACE ] C:\Windows\SysWOW64\WindowsCodecs.dll
00:22:28.0122 3500 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
00:22:28.0122 3500 [ EE24C42561D40F7AD7C2A7A460287090 ] C:\Windows\System32\wbem\cimwin32.dll
00:22:28.0122 3500 C:\Windows\System32\wbem\cimwin32.dll - ok
00:22:28.0122 3500 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
00:22:28.0122 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
00:22:28.0122 3500 [ 5D89D063A4CB036C258685C8E057E768 ] C:\Windows\System32\framedynos.dll
00:22:28.0122 3500 C:\Windows\System32\framedynos.dll - ok
00:22:28.0138 3500 [ 88781403D232AF2BE781AC12856BC533 ] C:\Windows\System32\Wpc.dll
00:22:28.0138 3500 C:\Windows\System32\Wpc.dll - ok
00:22:28.0138 3500 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
00:22:28.0138 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
00:22:28.0138 3500 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll
00:22:28.0138 3500 C:\Windows\System32\wbem\wbemdisp.dll - ok
00:22:28.0138 3500 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
00:22:28.0138 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
00:22:28.0153 3500 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
00:22:28.0153 3500 C:\Windows\SysWOW64\linkinfo.dll - ok
00:22:28.0153 3500 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
00:22:28.0153 3500 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok
00:22:28.0153 3500 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
00:22:28.0153 3500 C:\Windows\SysWOW64\msimg32.dll - ok
00:22:28.0153 3500 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
00:22:28.0153 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
00:22:28.0169 3500 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
00:22:28.0169 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
00:22:28.0169 3500 [ 079FC5AAA9963057548DF29F069EC406 ] C:\Windows\AppPatch\AcGenral.dll
00:22:28.0169 3500 C:\Windows\AppPatch\AcGenral.dll - ok
00:22:28.0169 3500 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
00:22:28.0169 3500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
00:22:28.0169 3500 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
00:22:28.0169 3500 C:\Windows\System32\SensApi.dll - ok
00:22:28.0185 3500 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
00:22:28.0185 3500 C:\Windows\SysWOW64\msacm32.dll - ok
00:22:28.0200 3500 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
00:22:28.0200 3500 C:\Windows\SysWOW64\sfc.dll - ok
00:22:28.0200 3500 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
00:22:28.0200 3500 C:\Windows\SysWOW64\sfc_os.dll - ok
00:22:28.0200 3500 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
00:22:28.0200 3500 C:\Windows\System32\wer.dll - ok
00:22:28.0200 3500 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
00:22:28.0200 3500 C:\Windows\SysWOW64\mpr.dll - ok
00:22:28.0216 3500 [ BD669749EAEFF96773B5F8D0A43E0068 ] C:\Windows\SysWOW64\msxml3.dll
00:22:28.0216 3500 C:\Windows\SysWOW64\msxml3.dll - ok
00:22:28.0216 3500 [ 85C3AB8341F13E94B16FE9A69582A42F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
00:22:28.0216 3500 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
00:22:28.0216 3500 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
00:22:28.0216 3500 C:\Windows\System32\hidserv.dll - ok
00:22:28.0216 3500 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
00:22:28.0216 3500 C:\Windows\System32\wdi.dll - ok
00:22:28.0216 3500 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
00:22:28.0216 3500 C:\Windows\SysWOW64\samlib.dll - ok
00:22:28.0231 3500 [ 2E57DDF2880A7E52E76F41C7E96D327B ] C:\Windows\System32\wpdbusenum.dll
00:22:28.0231 3500 C:\Windows\System32\wpdbusenum.dll - ok
00:22:28.0231 3500 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
00:22:28.0231 3500 C:\Windows\System32\aelupsvc.dll - ok
00:22:28.0231 3500 [ CC532E5812B1ED7C24AFDAA8EFB8DBF3 ] C:\Windows\System32\gpedit.dll
00:22:28.0231 3500 C:\Windows\System32\gpedit.dll - ok
00:22:28.0231 3500 [ 99829F5F2B0742CEEE5DD82FBE2E6FAF ] C:\Windows\System32\msxml3.dll
00:22:28.0231 3500 C:\Windows\System32\msxml3.dll - ok
00:22:28.0231 3500 [ BF591B5C2CC38314518467E883AE37C5 ] C:\Windows\SysWOW64\credssp.dll
00:22:28.0231 3500 C:\Windows\SysWOW64\credssp.dll - ok
00:22:28.0247 3500 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
00:22:28.0247 3500 C:\Windows\System32\perftrack.dll - ok
00:22:28.0247 3500 [ D891293880F2F00AB7BA959910300EF7 ] C:\Windows\System32\diagperf.dll
00:22:28.0247 3500 C:\Windows\System32\diagperf.dll - ok
00:22:28.0247 3500 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
00:22:28.0247 3500 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
00:22:28.0247 3500 [ 5DA7D8934F7AB0884A6A8FC02E8B2AA7 ] C:\Windows\System32\PortableDeviceApi.dll
00:22:28.0247 3500 C:\Windows\System32\PortableDeviceApi.dll - ok
00:22:28.0263 3500 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
00:22:28.0263 3500 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
00:22:28.0263 3500 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
00:22:28.0263 3500 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
00:22:28.0263 3500 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] C:\Windows\System32\drivers\WUDFRd.sys
00:22:28.0263 3500 C:\Windows\System32\drivers\WUDFRd.sys - ok
00:22:28.0263 3500 [ 8AE6DD9A6D246004DA047F704F0CC487 ] C:\Windows\SysWOW64\cmd.exe
00:22:28.0263 3500 C:\Windows\SysWOW64\cmd.exe - ok
00:22:28.0263 3500 [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
00:22:28.0263 3500 C:\Windows\System32\activeds.dll - ok
00:22:28.0278 3500 [ 95D498927F74ACA3593D653D42099915 ] C:\Windows\System32\WUDFHost.exe
00:22:28.0278 3500 C:\Windows\System32\WUDFHost.exe - ok
00:22:28.0278 3500 [ F0D1646162FB07476CCCF62EDB034B8B ] C:\Windows\System32\conhost.exe
00:22:28.0278 3500 C:\Windows\System32\conhost.exe - ok
00:22:28.0278 3500 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
00:22:28.0278 3500 C:\Windows\System32\Apphlpdm.dll - ok
00:22:28.0278 3500 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
00:22:28.0278 3500 C:\Windows\System32\pnpts.dll - ok
00:22:28.0278 3500 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
00:22:28.0278 3500 C:\Windows\System32\radardt.dll - ok
00:22:28.0294 3500 [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
00:22:28.0294 3500 C:\Windows\System32\adsldpc.dll - ok
00:22:28.0294 3500 [ 65AF044B5570D355124DCD1E099AA98F ] C:\Windows\System32\wdiasqmmodule.dll
00:22:28.0294 3500 C:\Windows\System32\wdiasqmmodule.dll - ok
00:22:28.0294 3500 [ 518A0FD2A0E7BE84589659A948B1FBD6 ] C:\Windows\System32\WUDFx.dll
00:22:28.0294 3500 C:\Windows\System32\WUDFx.dll - ok
00:22:28.0294 3500 [ CFCD1926E8B007E0BD3D1936F445F7D3 ] C:\Windows\System32\dsuiext.dll
00:22:28.0294 3500 C:\Windows\System32\dsuiext.dll - ok
00:22:28.0309 3500 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
00:22:28.0309 3500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
00:22:28.0309 3500 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
00:22:28.0309 3500 C:\Windows\SysWOW64\winbrand.dll - ok
00:22:28.0309 3500 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
00:22:28.0309 3500 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
00:22:28.0309 3500 [ FBD30F8878346CC2743FE11E46E48D50 ] C:\Windows\System32\dssec.dll
00:22:28.0309 3500 C:\Windows\System32\dssec.dll - ok
00:22:28.0309 3500 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
00:22:28.0309 3500 C:\Windows\System32\dssenh.dll - ok
00:22:28.0325 3500 [ 1369DF1AA12A11876B41627099923EDB ] C:\Windows\System32\dfscli.dll
00:22:28.0325 3500 C:\Windows\System32\dfscli.dll - ok
00:22:28.0325 3500 [ 9AA6F803C9BD4A0EC2B0BF1EB458C821 ] C:\Windows\System32\WMVCORE.DLL
00:22:28.0325 3500 C:\Windows\System32\WMVCORE.DLL - ok
00:22:28.0325 3500 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
00:22:28.0325 3500 C:\Windows\System32\NapiNSP.dll - ok
00:22:28.0325 3500 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
00:22:28.0325 3500 C:\Windows\System32\winrnr.dll - ok
00:22:28.0341 3500 [ F0F079A8A947FCFBF8275BE7EC1A35AE ] C:\Windows\SysWOW64\ieframe.dll
00:22:28.0341 3500 C:\Windows\SysWOW64\ieframe.dll - ok
00:22:28.0341 3500 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
00:22:28.0341 3500 C:\Windows\System32\pnrpnsp.dll - ok
00:22:28.0341 3500 [ 1737183424D10E716D4035C5CA2ECAB4 ] C:\Windows\System32\cryptnet.dll
00:22:28.0341 3500 C:\Windows\System32\cryptnet.dll - ok
00:22:28.0341 3500 [ E07B77C3BDC82A024E294FB67ABFEDA0 ] C:\Windows\SysWOW64\shdocvw.dll
00:22:28.0341 3500 C:\Windows\SysWOW64\shdocvw.dll - ok
00:22:28.0341 3500 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
00:22:28.0341 3500 C:\Windows\System32\WMASF.DLL - ok
00:22:28.0356 3500 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
00:22:28.0356 3500 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
00:22:28.0356 3500 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
00:22:28.0356 3500 C:\Windows\System32\PortableDeviceTypes.dll - ok
00:22:28.0356 3500 [ 64E6A44177ACF348D68255A37F4723DA ] C:\Windows\System32\cabinet.dll
00:22:28.0356 3500 C:\Windows\System32\cabinet.dll - ok
00:22:28.0356 3500 [ D2033210D4DA9E9CE7670DFF45D7101B ] C:\Users\Stevie\AppData\Local\Temp\055FFBB7-7566-4E82-80B6-28C772885256.exe
00:22:28.0356 3500 C:\Users\Stevie\AppData\Local\Temp\055FFBB7-7566-4E82-80B6-28C772885256.exe - ok
00:22:28.0372 3500 [ 11CDF138552BFEC115B60ED6DC3ACEB6 ] C:\Windows\SysWOW64\devrtl.dll
00:22:28.0372 3500 C:\Windows\SysWOW64\devrtl.dll - ok
00:22:28.0372 3500 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
00:22:28.0372 3500 C:\Windows\System32\ie4uinit.exe - ok
00:22:28.0372 3500 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
00:22:28.0372 3500 C:\Windows\System32\iedkcs32.dll - ok
00:22:28.0372 3500 [ C3C32FE6F59BF9863C924C7ED7328834 ] C:\Windows\System32\timedate.cpl
00:22:28.0372 3500 C:\Windows\System32\timedate.cpl - ok
00:22:28.0387 3500 [ 1E4BDDBD5A63059A97063339B4F8986F ] C:\Windows\System32\actxprxy.dll
00:22:28.0387 3500 C:\Windows\System32\actxprxy.dll - ok
00:22:28.0387 3500 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WINDOW~3\MESSEN~1\msgslang.dll
00:22:28.0387 3500 C:\PROGRA~2\WINDOW~3\MESSEN~1\msgslang.dll - ok
00:22:28.0387 3500 [ 14F5C0DB4B2C47874D6C937A5A1B367C ] C:\Windows\System32\gameux.dll
00:22:28.0387 3500 C:\Windows\System32\gameux.dll - ok
00:22:28.0387 3500 [ 46EDD0A6B42BA5D2044FA0909BE4BE95 ] C:\Windows\System32\msftedit.dll
00:22:28.0387 3500 C:\Windows\System32\msftedit.dll - ok
00:22:28.0387 3500 [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
00:22:28.0387 3500 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
00:22:28.0403 3500 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\54993562.sys
00:22:28.0403 3500 C:\Windows\System32\drivers\54993562.sys - ok
00:22:28.0403 3500 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
00:22:28.0403 3500 C:\Windows\System32\msls31.dll - ok
00:22:28.0403 3500 [ 5E7A2CF7719161C5E6C0E47D67AD45AE ] C:\Windows\SysWOW64\vbscript.dll
00:22:28.0403 3500 C:\Windows\SysWOW64\vbscript.dll - ok
00:22:28.0403 3500 [ B5D4429FBBF86A05AC2E3A247E32E97F ] C:\Windows\SysWOW64\wshom.ocx
00:22:28.0403 3500 C:\Windows\SysWOW64\wshom.ocx - ok
00:22:28.0403 3500 [ 1C9289324B5558AA5A59FB98359B3FD7 ] C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe
00:22:28.0403 3500 C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe - ok
00:22:28.0419 3500 [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
00:22:28.0419 3500 C:\Windows\SysWOW64\scrrun.dll - ok
00:22:28.0419 3500 [ 07DD9DCD1CC2840751A1F8772F3C0195 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
00:22:28.0419 3500 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
00:22:28.0419 3500 [ ACCBA604D34842844133A731F8045B32 ] C:\Windows\SysWOW64\sxs.dll
00:22:28.0419 3500 C:\Windows\SysWOW64\sxs.dll - ok
00:22:28.0419 3500 [ AB0A8849029B4CE1109BA4E86481AB4F ] C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe
00:22:28.0419 3500 C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe - ok
00:22:28.0434 3500 [ 89F37FFA37B28807B1E7628BE13664C5 ] C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe
00:22:28.0434 3500 C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe - ok
00:22:28.0434 3500 [ AE6AF014B616F53BA762F0BCFD8F7F21 ] C:\Windows\SysWOW64\msi.dll
00:22:28.0434 3500 C:\Windows\SysWOW64\msi.dll - ok
00:22:28.0434 3500 [ 0F6652951129F283C72E1A5A951FF948 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDRES.DLL
00:22:28.0434 3500 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDRES.DLL - ok
00:22:28.0434 3500 [ 17A7998CB5DA92020A291B85FF7B3681 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
00:22:28.0434 3500 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
00:22:28.0450 3500 [ FBE8EBF528DC49B3DEB186CA9545D97E ] C:\Windows\System32\shdocvw.dll
00:22:28.0450 3500 C:\Windows\System32\shdocvw.dll - ok
00:22:28.0450 3500 [ BB7481A1306823D1B6592263F1AB8DD7 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
00:22:28.0450 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
00:22:28.0450 3500 [ BEF8BE93965EC65C51D70030B9B6B058 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
00:22:28.0450 3500 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
00:22:28.0450 3500 [ EB596E72F63B7C31BE8DF75FA8829B3F ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
00:22:28.0450 3500 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
00:22:28.0450 3500 [ 9AAADE86A4659A69CF5AA298C8AEEC22 ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
00:22:28.0450 3500 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
00:22:28.0465 3500 [ 53534F0BC0BEFFD60FC13864B3034984 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
00:22:28.0465 3500 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
00:22:28.0465 3500 [ A8524F6C3AFF774911BCA26AB8322602 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
00:22:28.0465 3500 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
00:22:28.0465 3500 [ EEF4EB5806A9B18F23CF797D9B9ADA8A ] C:\Windows\System32\browcli.dll
00:22:28.0465 3500 C:\Windows\System32\browcli.dll - ok
00:22:28.0465 3500 [ E1CF79243D8262F935366ADFA253A0C1 ] C:\Windows\System32\wmi.dll
00:22:28.0465 3500 C:\Windows\System32\wmi.dll - ok
00:22:28.0481 3500 [ B3EE7BD189C5925D4C0D2BBFCA00FDD1 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
00:22:28.0481 3500 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
00:22:28.0481 3500 [ 28142AAF1565736CE0E5D7EFCE3CC0F8 ] C:\Windows\System32\schedcli.dll
00:22:28.0481 3500 C:\Windows\System32\schedcli.dll - ok
00:22:28.0481 3500 [ E015E57CFB39A10923A191060809865A ] C:\Program Files\Microsoft Games\More Games\MoreGames.dll
00:22:28.0481 3500 C:\Program Files\Microsoft Games\More Games\MoreGames.dll - ok
00:22:28.0481 3500 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
00:22:28.0481 3500 C:\Windows\System32\security.dll - ok
00:22:28.0497 3500 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
00:22:28.0497 3500 C:\Windows\SysWOW64\rasapi32.dll - ok
00:22:28.0497 3500 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
00:22:28.0497 3500 C:\Windows\SysWOW64\rasman.dll - ok
00:22:28.0497 3500 [ 406F7B9C71B99872670EE9A8D52E2FE5 ] C:\Windows\SysWOW64\rtutils.dll
00:22:28.0497 3500 C:\Windows\SysWOW64\rtutils.dll - ok
00:22:28.0497 3500 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
00:22:28.0497 3500 C:\Windows\SysWOW64\SensApi.dll - ok
00:22:28.0512 3500 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\SysWOW64\PeerDist.dll
00:22:28.0512 3500 C:\Windows\SysWOW64\PeerDist.dll - ok
00:22:28.0512 3500 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
00:22:28.0512 3500 C:\Windows\SysWOW64\authz.dll - ok
00:22:28.0512 3500 [ FE130D15D71AC16EFFDF1397F2AF1653 ] C:\Windows\System32\esent.dll
00:22:28.0512 3500 C:\Windows\System32\esent.dll - ok
00:22:28.0512 3500 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
00:22:28.0512 3500 C:\Windows\System32\wersvc.dll - ok
00:22:28.0512 3500 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
00:22:28.0512 3500 C:\Windows\System32\linkinfo.dll - ok
00:22:28.0528 3500 [ DD76912E8D165C68659D9875256710A3 ] C:\Windows\System32\DeviceCenter.dll
00:22:28.0528 3500 C:\Windows\System32\DeviceCenter.dll - ok
00:22:28.0528 3500 [ C0F516A550B9FC6891909C5DB20F4EE7 ] C:\Program Files\mbam-setup.exe
00:22:28.0528 3500 C:\Program Files\mbam-setup.exe - ok
00:22:28.0528 3500 [ F468C806267D46B68DB7EB32FBF0A103 ] C:\Windows\System32\thumbcache.dll
00:22:28.0528 3500 C:\Windows\System32\thumbcache.dll - ok
00:22:28.0528 3500 [ 21012407E8C74AA72BBB485B0FC197FE ] C:\Windows\SysWOW64\taskschd.dll
00:22:28.0528 3500 C:\Windows\SysWOW64\taskschd.dll - ok
00:22:28.0528 3500 [ B47BC7138241E1B836384D5211AE34C8 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
00:22:28.0528 3500 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
00:22:28.0543 3500 [ B79648813868EAE2A5C9AC9A3243AB56 ] C:\Program Files (x86)\install_flash_player.exe
00:22:28.0543 3500 C:\Program Files (x86)\install_flash_player.exe - ok
00:22:28.0543 3500 [ 6EC594AB7EFA45EACDE65FD4040F53D9 ] C:\Windows\SysWOW64\riched20.dll
00:22:28.0543 3500 C:\Windows\SysWOW64\riched20.dll - ok
00:22:28.0543 3500 [ 8898C95862D03D16B2A06DB4DB6BB6B2 ] C:\Windows\SysWOW64\ExplorerFrame.dll
00:22:28.0543 3500 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
00:22:28.0543 3500 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
00:22:28.0543 3500 C:\Windows\SysWOW64\duser.dll - ok
00:22:28.0543 3500 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
00:22:28.0543 3500 C:\Windows\SysWOW64\dui70.dll - ok
00:22:28.0559 3500 [ 77BD0166102F3B9BB9499B2952C3BCFA ] C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
00:22:28.0559 3500 C:\Program Files (x86)\Windows Live\Mail\wlmail.exe - ok
00:22:28.0559 3500 [ 60CC15392FF14DCB9C29C69B3233741B ] C:\Windows\System32\stobject.dll
00:22:28.0559 3500 C:\Windows\System32\stobject.dll - ok
00:22:28.0559 3500 [ D3EAD1CF16BA729A7F7C9A5D94AA7C05 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
00:22:28.0559 3500 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll - ok
00:22:28.0559 3500 [ A223CF703E28CBD7E9E7982141FA403C ] C:\Windows\SysWOW64\comdlg32.dll
00:22:28.0559 3500 C:\Windows\SysWOW64\comdlg32.dll - ok
00:22:28.0575 3500 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
00:22:28.0575 3500 C:\Windows\SysWOW64\powrprof.dll - ok
00:22:28.0575 3500 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
00:22:28.0575 3500 C:\Windows\SysWOW64\oledlg.dll - ok
00:22:28.0575 3500 [ 6DCFADDA4F2A6D3396D13F0554D672E8 ] C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
00:22:28.0575 3500 C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe - ok
00:22:28.0575 3500 [ ACEB5E6F416223806421D8864FC0EEB4 ] C:\Program Files (x86)\Windows Live\Shared\uxcore.dll
00:22:28.0575 3500 C:\Program Files (x86)\Windows Live\Shared\uxcore.dll - ok
00:22:28.0590 3500 [ 21CF5C7D8D727DCC337A1D251B6135F4 ] C:\Windows\SysWOW64\schannel.dll
00:22:28.0590 3500 C:\Windows\SysWOW64\schannel.dll - ok
00:22:28.0590 3500 [ C5F549970AC071EA452E58B6422C94FA ] C:\Windows\SysWOW64\d3d10_1.dll
00:22:28.0590 3500 C:\Windows\SysWOW64\d3d10_1.dll - ok
00:22:28.0590 3500 [ 029E2A480CE2020DF097E535A2311712 ] C:\Windows\SysWOW64\d3d10_1core.dll
00:22:28.0590 3500 C:\Windows\SysWOW64\d3d10_1core.dll - ok
00:22:28.0590 3500 [ 1AA571774936717EE776DBED51E9EDF4 ] C:\Windows\SysWOW64\d3dx10_41.dll
00:22:28.0590 3500 C:\Windows\SysWOW64\d3dx10_41.dll - ok
00:22:28.0606 3500 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
00:22:28.0606 3500 C:\Windows\SysWOW64\bcrypt.dll - ok
00:22:28.0606 3500 [ C20FF1A17726C357461A7AC5B3BFC3AD ] C:\Windows\SysWOW64\ncrypt.dll
00:22:28.0606 3500 C:\Windows\SysWOW64\ncrypt.dll - ok
00:22:28.0606 3500 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
00:22:28.0606 3500 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
00:22:28.0606 3500 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
00:22:28.0606 3500 C:\Windows\SysWOW64\gpapi.dll - ok
00:22:28.0606 3500 [ 04D16553664796613FE98D441A0C35D7 ] C:\Windows\SysWOW64\cryptnet.dll
00:22:28.0606 3500 C:\Windows\SysWOW64\cryptnet.dll - ok
00:22:28.0621 3500 [ 9DBD149CAF43D2E7C874C5F40600825C ] C:\Program Files (x86)\Windows Live\Shared\wldcore.dll
00:22:28.0621 3500 C:\Program Files (x86)\Windows Live\Shared\wldcore.dll - ok
00:22:28.0621 3500 [ C0523FE101A30E3821604FE1CA1740D7 ] C:\Windows\SysWOW64\DWrite.dll
00:22:28.0621 3500 C:\Windows\SysWOW64\DWrite.dll - ok
00:22:28.0621 3500 [ EB24684437EC448D680A7CACBDE94C94 ] C:\Program Files (x86)\Windows Live\Shared\wlidux.dll
00:22:28.0621 3500 C:\Program Files (x86)\Windows Live\Shared\wlidux.dll - ok
00:22:28.0621 3500 [ 26D65E66AA43421BF9960EEC1075E36F ] C:\Program Files (x86)\Windows Live\Family Safety\en\fsui.dll.mui
00:22:28.0621 3500 C:\Program Files (x86)\Windows Live\Family Safety\en\fsui.dll.mui - ok
00:22:28.0637 3500 [ 56230760954DB0FAD383DC73EC42515C ] C:\Program Files (x86)\Windows Live\Shared\wlbici.dll
00:22:28.0637 3500 C:\Program Files (x86)\Windows Live\Shared\wlbici.dll - ok
00:22:28.0637 3500 [ DEF30CBEA881149C2AFFDF9A059FB759 ] C:\Windows\SysWOW64\cabinet.dll
00:22:28.0637 3500 C:\Windows\SysWOW64\cabinet.dll - ok
00:22:28.0637 3500 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
00:22:28.0637 3500 C:\Windows\SysWOW64\msiltcfg.dll - ok
00:22:28.0637 3500 [ FE943BAEECDF02E3D2789F0D77B21223 ] C:\Program Files (x86)\Windows Live\Family Safety\fsssvcps.dll
00:22:28.0637 3500 C:\Program Files (x86)\Windows Live\Family Safety\fsssvcps.dll - ok
00:22:28.0653 3500 [ 051C0A0CB8D729FD04D99E86268E51B6 ] C:\Program Files (x86)\Windows Live\Family Safety\fsuires.dll
00:22:28.0653 3500 C:\Program Files (x86)\Windows Live\Family Safety\fsuires.dll - ok
00:22:28.0653 3500 [ 24B1666FD14CC71C7B0679AC61625B90 ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
00:22:28.0653 3500 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe - ok
00:22:28.0653 3500 [ 82E53EC685889AD8CFB3AD812A906489 ] C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
00:22:28.0653 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe - ok
00:22:28.0653 3500 [ 8669082858669CAE0A86D2DA6068520F ] C:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe
00:22:28.0653 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe - ok
00:22:28.0668 3500 [ 30A1BE0940A16DB286F3BF68A88B0D2F ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe
00:22:28.0668 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe - ok
00:22:28.0668 3500 [ FA6204424CE3AA155375B40FC6075436 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXCodecHost.exe
00:22:28.0668 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXCodecHost.exe - ok
00:22:28.0668 3500 [ 685B7377B537CCEA1D82E426B534F18D ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
00:22:28.0668 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe - ok
00:22:28.0668 3500 [ 9CB27AE21BF0553BF20F571DD9E2C3A0 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
00:22:28.0668 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe - ok
00:22:28.0668 3500 [ 72B66DD61E1F0B4EACDD94C9EEABD576 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe
00:22:28.0684 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe - ok
00:22:28.0684 3500 [ EC355D725F120FCEA11FF66D7CA9CD31 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe
00:22:28.0684 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe - ok
00:22:28.0684 3500 [ 61E192507A228E2ED9124111FA6A8904 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe
00:22:28.0684 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe - ok
00:22:28.0684 3500 [ 45707F0E9DE261C54312D5D72357B282 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe
00:22:28.0684 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe - ok
00:22:28.0684 3500 [ 8B98D7AD261185F2FD11C4C8A788C943 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe
00:22:28.0684 3500 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe - ok
00:22:28.0699 3500 [ 5024C33EF0D7E14F5C33D74E33FCF6F2 ] C:\Program Files\AVAST Software\Avast\ashQuick.exe
00:22:28.0699 3500 C:\Program Files\AVAST Software\Avast\ashQuick.exe - ok
00:22:28.0699 3500 [ C7048646AD906020537DDB6AD4D03D35 ] C:\Program Files\AVAST Software\Avast\ashUpd.exe
00:22:28.0699 3500 C:\Program Files\AVAST Software\Avast\ashUpd.exe - ok
00:22:28.0699 3500 [ 18F395FF4099B378CD582EE3356F194C ] C:\Program Files\AVAST Software\Avast\aswAraSr.exe
00:22:28.0699 3500 C:\Program Files\AVAST Software\Avast\aswAraSr.exe - ok
00:22:28.0699 3500 [ 1DBB686AB287FE89026CD3775833974D ] C:\Program Files\AVAST Software\Avast\aswChLic.exe
00:22:28.0699 3500 C:\Program Files\AVAST Software\Avast\aswChLic.exe - ok
00:22:28.0715 3500 [ F42F2BCC3548E162341557601F546850 ] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe
00:22:28.0715 3500 C:\Program Files\AVAST Software\Avast\aswRegSvr.exe - ok
00:22:28.0715 3500 [ 3DA370BA851EA456FCB1F19D337DBCC9 ] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe
00:22:28.0715 3500 C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe - ok
00:22:28.0715 3500 [ 92B476DD52794881A4B91A5529C2706B ] C:\Program Files\AVAST Software\Avast\aswRunDll.exe
00:22:28.0715 3500 C:\Program Files\AVAST Software\Avast\aswRunDll.exe - ok
00:22:28.0715 3500 [ B174DE0DE6C9AA8AFFD3B926653E625F ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
00:22:28.0715 3500 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
00:22:28.0731 3500 [ BAD0D303EF0A519409C625738F3E10A3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
00:22:28.0731 3500 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
00:22:28.0731 3500 [ 3B8E2DB6DC1D0614D7A51977D61BD839 ] C:\Program Files\AVAST Software\Avast\sched.exe
00:22:28.0731 3500 C:\Program Files\AVAST Software\Avast\sched.exe - ok
00:22:28.0731 3500 [ E3E6D5B9644BED23492F2A8C1608AA69 ] C:\Program Files (x86)\iTunes\iTunes.exe
00:22:28.0731 3500 C:\Program Files (x86)\iTunes\iTunes.exe - ok
00:22:28.0731 3500 [ BE9E0733622E1C5DF93895BA6D757B6D ] C:\Program Files\AVAST Software\Avast\VisthAux.exe
00:22:28.0731 3500 C:\Program Files\AVAST Software\Avast\VisthAux.exe - ok
00:22:28.0746 3500 [ 34086F1DBB4065047EA3671CB70505CC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
00:22:28.0746 3500 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
00:22:28.0746 3500 [ 1A5E2ABF3277B8E3ECFC62A0CA352483 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
00:22:28.0746 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe - ok
00:22:28.0746 3500 [ E0D2F6BF46E6053193FAA3E294D657FF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
00:22:28.0746 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
00:22:28.0746 3500 [ 5C521F27BC47230A5E4D1CAEB3024734 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe
00:22:28.0746 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe - ok
00:22:28.0762 3500 [ 0DCF16B1449811EFA47AB52CAC84093C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:22:28.0762 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
00:22:28.0762 3500 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:22:28.0762 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
00:22:28.0762 3500 [ FF75FCD579534CDA3A438B9A595225E8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
00:22:28.0762 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe - ok
00:22:28.0762 3500 [ 594A3CF778FFA2EAB977CFD27EFB54AB ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\BackItUp.exe
00:22:28.0762 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\BackItUp.exe - ok
00:22:28.0777 3500 [ 86B6AC0FD2881B3D20B80F51C7152AE0 ] C:\Windows\System32\batmeter.dll
00:22:28.0777 3500 C:\Windows\System32\batmeter.dll - ok
00:22:28.0777 3500 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
00:22:28.0777 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
00:22:28.0777 3500 [ 3414F2BD52134525530321071D499358 ] C:\Windows\System32\networkexplorer.dll
00:22:28.0777 3500 C:\Windows\System32\networkexplorer.dll - ok
00:22:28.0777 3500 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
00:22:28.0777 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
00:22:28.0777 3500 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
00:22:28.0777 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
00:22:28.0793 3500 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
00:22:28.0793 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
00:22:28.0793 3500 [ 41E31912E5B6345AAFFC9C82D8980A97 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
00:22:28.0793 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
00:22:28.0793 3500 [ E2D1853679F5BCCDB9100D02AE8A0444 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
00:22:28.0793 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
00:22:28.0793 3500 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
00:22:28.0793 3500 C:\Windows\System32\UIAnimation.dll - ok
00:22:28.0809 3500 [ 3FBBF6092C4EF5F50302707063E853EF ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
00:22:28.0809 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
00:22:28.0809 3500 [ 3129AC158EA2682786939973420D5C0C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
00:22:28.0809 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
00:22:28.0809 3500 [ 57549093CA2C536855F7C04E8789679A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\XMPP.dll
00:22:28.0809 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
00:22:28.0809 3500 [ 651F169718CC46C8A9264880C538D5FF ] C:\Windows\System32\prnfldr.dll
00:22:28.0809 3500 C:\Windows\System32\prnfldr.dll - ok
00:22:28.0824 3500 [ E97605C01D6E8F5592769944C0F7540B ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
00:22:28.0824 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe - ok
00:22:28.0824 3500 [ 86241D6C49E91745A2DDE1B5D7F7FD39 ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCmd.exe
00:22:28.0824 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCmd.exe - ok
00:22:28.0824 3500 [ 3F7FB5779E9020D05DEA6AA895537FA0 ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe
00:22:28.0824 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe - ok
00:22:28.0824 3500 [ 3B2FE9E35E3B89207AA16EC0BB9D7EDE ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBSFtp.exe
00:22:28.0824 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBSFtp.exe - ok
00:22:28.0824 3500 [ 1DB97664A9DC013EB5C9D868E913E20D ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBSync.exe
00:22:28.0824 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBSync.exe - ok
00:22:28.0840 3500 [ BF6E8736936F68C2105AC43EED838964 ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBVSSTool_x32.exe
00:22:28.0840 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBVSSTool_x32.exe - ok
00:22:28.0840 3500 [ 6604D372E7DD0C6CAF7C50EADF13B5EE ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBVSSTool_x64.exe
00:22:28.0840 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBVSSTool_x64.exe - ok
00:22:28.0840 3500 [ 59508A5C77664000290B26F24B880785 ] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\Nfx.Oops.exe
00:22:28.0840 3500 C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\Nfx.Oops.exe - ok
00:22:28.0840 3500 [ 913C2E4A03201644FC986EDEB5F8A390 ] C:\Windows\System32\DXP.dll
00:22:28.0840 3500 C:\Windows\System32\DXP.dll - ok
00:22:28.0855 3500 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
00:22:28.0855 3500 C:\Windows\System32\Syncreg.dll - ok
00:22:28.0855 3500 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
00:22:28.0855 3500 C:\Windows\ehome\ehSSO.dll - ok
00:22:28.0855 3500 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
00:22:28.0855 3500 C:\Windows\System32\AltTab.dll - ok
00:22:28.0855 3500 [ 89D9685F59184F2D52BEE50E8298C8D9 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
00:22:28.0855 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
00:22:28.0871 3500 [ 9CB819197E6B2FD3DC0429E3DC1CCFDD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
00:22:28.0871 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
00:22:28.0871 3500 [ 618933C71F7750B932E84F0F040399A5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
00:22:28.0871 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
00:22:28.0871 3500 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
00:22:28.0871 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
00:22:28.0871 3500 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
00:22:28.0871 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
00:22:28.0887 3500 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:22:28.0887 3500 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
00:22:28.0887 3500 [ BAB44651AE5FEBB96F91A54574F9769A ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe
00:22:28.0887 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe - ok
00:22:28.0887 3500 [ 27CFFB1E41A2BE2A25957A679BD84E10 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
00:22:28.0887 3500 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
00:22:28.0887 3500 [ B45F2C4076ACFD9714037B7C69D90167 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:22:28.0887 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
00:22:28.0902 3500 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll
00:22:28.0902 3500 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
00:22:28.0902 3500 [ E0CD5872CA4552056C4C705361A6BB5A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
00:22:28.0902 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
00:22:28.0902 3500 [ 28F9344A4ADFE21D1BE8D05B2529DF4A ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
00:22:28.0902 3500 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
00:22:28.0902 3500 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
00:22:28.0902 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
00:22:28.0918 3500 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll
00:22:28.0918 3500 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
00:22:28.0918 3500 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
00:22:28.0918 3500 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
00:22:28.0918 3500 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
00:22:28.0918 3500 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
00:22:28.0918 3500 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:22:28.0918 3500 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
00:22:28.0933 3500 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
00:22:28.0933 3500 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
00:22:28.0933 3500 [ B1CA4AA760FF0DDFA1C38E95D19CFEFB ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
00:22:28.0933 3500 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
00:22:28.0933 3500 [ 0654195051D1024C005E7BE135A6FEE7 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
00:22:28.0933 3500 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
00:22:28.0933 3500 [ E7FE89F69C3CC65CAD3D1ADC5D6A9F41 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
00:22:28.0933 3500 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
00:22:28.0949 3500 [ FD4F95ABDE5603478C929B6CB0BDCFFF ] C:\Windows\System32\pnidui.dll
00:22:28.0949 3500 C:\Windows\System32\pnidui.dll - ok
00:22:28.0949 3500 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:22:28.0949 3500 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
00:22:28.0949 3500 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
00:22:28.0949 3500 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
00:22:28.0949 3500 [ D77B93504CAFE32D9051A241BDC21B33 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
00:22:28.0949 3500 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
00:22:28.0949 3500 [ A4865DD58110A6455921D9B4F2D6D991 ] C:\Program Files\AVAST Software\Avast\aswData.dll
00:22:28.0949 3500 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
00:22:28.0965 3500 [ 6DBFCD6270BC91EAEE1CCDFCB02E4378 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
00:22:28.0965 3500 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
00:22:28.0965 3500 [ C678F64DC988A4AACECDDB459FDB7A25 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
00:22:28.0965 3500 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
00:22:28.0965 3500 [ 7F8AFEECDA60AF811857759E56BFC8D7 ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroAudioRip.exe
00:22:28.0965 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroAudioRip.exe - ok
00:22:28.0965 3500 [ 4D7B9A861307749C8045E90E848BA5AA ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroCmd.exe
00:22:28.0965 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroCmd.exe - ok
00:22:28.0980 3500 [ 9CF808493775567FF379175523647224 ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroDiscMerge.exe
00:22:28.0980 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroDiscMerge.exe - ok
00:22:28.0980 3500 [ 1B2DA0E1F26E625B0E8B58AB0F903E1B ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroDiscMergeWrongDisc.exe
00:22:28.0980 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NeroDiscMergeWrongDisc.exe - ok
00:22:28.0980 3500 [ 840A19DF71D9DD73E90862A260EC03A8 ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NMDllHost.exe
00:22:28.0980 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\NMDllHost.exe - ok
00:22:28.0980 3500 [ 7F8AFEECDA60AF811857759E56BFC8D7 ] C:\Program Files (x86)\Nero\Nero 11\Nero Express\NeroAudioRip.exe
00:22:28.0980 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Express\NeroAudioRip.exe - ok
00:22:28.0996 3500 [ BB3A22F3EED85A12CFB2DD60D9F9B52F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
00:22:28.0996 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
00:22:28.0996 3500 [ D5369247B6C11EAE2C0650D8303E23B4 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
00:22:28.0996 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
00:22:28.0996 3500 [ A9AB99EE7D39725EAFEC82732D2B3271 ] C:\Program Files\iPod\bin\iPodService.exe
00:22:28.0996 3500 C:\Program Files\iPod\bin\iPodService.exe - ok
00:22:28.0996 3500 [ BFC43967D25EA76082B9369B619AE5A7 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
00:22:28.0996 3500 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
00:22:29.0011 3500 [ 5CB4174FB02E0BD4639B6EBDE31EC8E1 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
00:22:29.0011 3500 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
00:22:29.0011 3500 [ BD03C64C4B1F34D1F330BF6C4AC8113D ] C:\Windows\System32\QUTIL.DLL
00:22:29.0011 3500 C:\Windows\System32\QUTIL.DLL - ok
00:22:29.0011 3500 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
00:22:29.0011 3500 C:\Windows\System32\FXSST.dll - ok
00:22:29.0011 3500 [ 34E6D8C67E7FD7C917BECFECA326B168 ] C:\Windows\System32\FXSAPI.dll
00:22:29.0011 3500 C:\Windows\System32\FXSAPI.dll - ok
00:22:29.0027 3500 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
00:22:29.0027 3500 C:\Windows\System32\FXSRESM.dll - ok
00:22:29.0027 3500 [ 66920354B984D4A3848A84B4E66745EA ] C:\Windows\System32\netshell.dll
00:22:29.0027 3500 C:\Windows\System32\netshell.dll - ok
00:22:29.0027 3500 [ AB01C36BCC34CCFE5B0BB5FFB2605135 ] C:\Windows\System32\WPDShServiceObj.dll
00:22:29.0027 3500 C:\Windows\System32\WPDShServiceObj.dll - ok
00:22:29.0027 3500 [ 695106DF3C15A9EA30069CCECEEC2B66 ] C:\Program Files\AVAST Software\Avast\defs\12101501\uiext.dll
00:22:29.0027 3500 C:\Program Files\AVAST Software\Avast\defs\12101501\uiext.dll - ok
00:22:29.0027 3500 [ 92AAF75C3EB344A098DC026BC9DDF42A ] C:\Windows\System32\bthprops.cpl
00:22:29.0027 3500 C:\Windows\System32\bthprops.cpl - ok
00:22:29.0043 3500 [ C3C5B67FF98E1B175A744641E5F77CF9 ] C:\Windows\System32\cscobj.dll
00:22:29.0043 3500 C:\Windows\System32\cscobj.dll - ok
00:22:29.0043 3500 [ E229C85B1BE175B67162CDFDDD7E4D5C ] C:\Program Files (x86)\Nero\Nero 11\Nero Express\NeroExpress.exe
00:22:29.0043 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Express\NeroExpress.exe - ok
00:22:29.0043 3500 [ EFDEB286572A0E25DED02376AF272576 ] C:\Windows\System32\ieframe.dll
00:22:29.0043 3500 C:\Windows\System32\ieframe.dll - ok
00:22:29.0043 3500 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] C:\Windows\System32\FXSSVC.exe
00:22:29.0043 3500 C:\Windows\System32\FXSSVC.exe - ok
00:22:29.0043 3500 [ 2C5B8A680A90E96B1EC0D6DA0505E685 ] C:\Windows\System32\srchadmin.dll
00:22:29.0043 3500 C:\Windows\System32\srchadmin.dll - ok
00:22:29.0058 3500 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
00:22:29.0058 3500 C:\Windows\System32\netman.dll - ok
00:22:29.0058 3500 [ AD31942BDF3D594C404874613BC2FE4D ] C:\Windows\System32\SearchIndexer.exe
00:22:29.0058 3500 C:\Windows\System32\SearchIndexer.exe - ok
00:22:29.0058 3500 [ F87A7BB428E4AC68D348DF600F1EA1A2 ] C:\Windows\System32\tquery.dll
00:22:29.0058 3500 C:\Windows\System32\tquery.dll - ok
00:22:29.0058 3500 [ 21029085C3A8856E794F30DF261AC408 ] C:\Windows\System32\XPSSHHDR.dll
00:22:29.0058 3500 C:\Windows\System32\XPSSHHDR.dll - ok
00:22:29.0058 3500 [ 78A6501E4E37118C568A606623A275BB ] C:\Windows\System32\mssrch.dll
00:22:29.0058 3500 C:\Windows\System32\mssrch.dll - ok
00:22:29.0074 3500 [ C0DE9F616610BE344F2FF58009845100 ] C:\Windows\System32\xpssvcs.dll
00:22:29.0074 3500 C:\Windows\System32\xpssvcs.dll - ok
00:22:29.0074 3500 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
00:22:29.0074 3500 C:\Windows\System32\npmproxy.dll - ok
00:22:29.0074 3500 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
00:22:29.0074 3500 C:\Windows\System32\msidle.dll - ok
00:22:29.0074 3500 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
00:22:29.0074 3500 C:\Windows\System32\mssprxy.dll - ok
00:22:29.0089 3500 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
00:22:29.0089 3500 C:\Windows\System32\rasdlg.dll - ok
00:22:29.0089 3500 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
00:22:29.0089 3500 C:\Windows\System32\en-US\tquery.dll.mui - ok
00:22:29.0089 3500 [ 114429A77D935053E13A9BF98A8B8CA1 ] C:\Windows\System32\mprapi.dll
00:22:29.0089 3500 C:\Windows\System32\mprapi.dll - ok
00:22:29.0089 3500 [ 5140591F99808F0634640EE129C82F88 ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswScan.dll
00:22:29.0089 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswScan.dll - ok
00:22:29.0089 3500 [ BB68579E181956E37EB11F9083C01CF3 ] C:\Windows\System32\dot3api.dll
00:22:29.0089 3500 C:\Windows\System32\dot3api.dll - ok
00:22:29.0105 3500 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
00:22:29.0105 3500 C:\Windows\System32\wlanhlp.dll - ok
00:22:29.0105 3500 [ 840A19DF71D9DD73E90862A260EC03A8 ] C:\Program Files (x86)\Nero\Nero 11\Nero Express\NMDllHost.exe
00:22:29.0105 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Express\NMDllHost.exe - ok
00:22:29.0105 3500 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
00:22:29.0105 3500 C:\Windows\System32\wlanapi.dll - ok
00:22:29.0105 3500 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
00:22:29.0105 3500 C:\Windows\System32\hnetcfg.dll - ok
00:22:29.0121 3500 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
00:22:29.0121 3500 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
00:22:29.0121 3500 [ 06E6CF865943309D42B46339B323F814 ] C:\Program Files (x86)\Nero\Nero 11\Nero Recode\Nfx.Oops.exe
00:22:29.0121 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Recode\Nfx.Oops.exe - ok
00:22:29.0121 3500 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
00:22:29.0121 3500 C:\Windows\System32\WWanAPI.dll - ok
00:22:29.0121 3500 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
00:22:29.0121 3500 C:\Windows\System32\wwapi.dll - ok
00:22:29.0136 3500 [ 0B9F7D42D745038437FAE70D97F9AD5A ] C:\Windows\System32\QAGENT.DLL
00:22:29.0136 3500 C:\Windows\System32\QAGENT.DLL - ok
00:22:29.0136 3500 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
00:22:29.0136 3500 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
00:22:29.0136 3500 [ 785CB17D17C4D1F3B1961CC8F11299BD ] C:\Program Files (x86)\Nero\Nero 11\Nero Recode\NMTvWizard.exe
00:22:29.0136 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Recode\NMTvWizard.exe - ok
00:22:29.0136 3500 [ 9CBCDBB67F68C4A556C5DDB1E6397B4D ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswEngin.dll
00:22:29.0136 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswEngin.dll - ok
00:22:29.0136 3500 [ 9AB833956EB46BA28FAE9611569AB921 ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswCmnOS.dll
00:22:29.0136 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswCmnOS.dll - ok
00:22:29.0152 3500 [ 2935740E9E6B71C6D28CDA78E2ECDABD ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswCmnIS.dll
00:22:29.0152 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswCmnIS.dll - ok
00:22:29.0152 3500 [ 2DA1B51B946952D46E8254991114AE61 ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswCmnBS.dll
00:22:29.0152 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswCmnBS.dll - ok
00:22:29.0152 3500 [ 9AE6FE1CBC6D3654D1BE931B331176EC ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswRep.dll
00:22:29.0152 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswRep.dll - ok
00:22:29.0152 3500 [ 11F7DFEB15DECF3D4821154CF4FA7E4A ] C:\Program Files\AVAST Software\Avast\defs\12101802\aswFiDb.dll
00:22:29.0152 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\aswFiDb.dll - ok
00:22:29.0167 3500 [ 9BF014C20F91D97055532F2F5496E7BD ] C:\Program Files\Windows Media Player\wmpnetwk.exe
00:22:29.0167 3500 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
00:22:29.0167 3500 [ 13B64AFEBAB765F64990C548C8C0D557 ] C:\Program Files (x86)\Nero\Nero 11\Nero Recode\Recode.exe
00:22:29.0167 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Recode\Recode.exe - ok
00:22:29.0167 3500 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
00:22:29.0167 3500 C:\Windows\System32\wsock32.dll - ok
00:22:29.0167 3500 [ B9CE8D88101A766B9C5E188E04147468 ] C:\Program Files\AVAST Software\Avast\defs\12101802\algo.dll
00:22:29.0167 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\algo.dll - ok
00:22:29.0183 3500 [ 302B93586DFA480545C320EBA5BA6572 ] C:\Windows\System32\wmdrmdev.dll
00:22:29.0183 3500 C:\Windows\System32\wmdrmdev.dll - ok
00:22:29.0183 3500 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
00:22:29.0183 3500 C:\Windows\System32\drmv2clt.dll - ok
00:22:29.0183 3500 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12101802\exts.dll
00:22:29.0183 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\exts.dll - ok
00:22:29.0183 3500 [ F5E0ED9EFD58DCAB062D6988E27FA69D ] C:\Program Files (x86)\Nero\Nero 11\Nero Recode\RecodeCore.exe
00:22:29.0183 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Recode\RecodeCore.exe - ok
00:22:29.0199 3500 [ 3DEBA83ECDAF6ED2E72430D238803117 ] C:\Windows\System32\wmp.dll
00:22:29.0199 3500 C:\Windows\System32\wmp.dll - ok
00:22:29.0199 3500 [ 0585A2C2C6730C3446A6A2EADA480060 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
00:22:29.0199 3500 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
00:22:29.0199 3500 [ 60573C2FB1D9F13F7473257458A7964A ] C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NeroBRServer.exe
00:22:29.0199 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NeroBRServer.exe - ok
00:22:29.0199 3500 [ 83A6CF17B192B70BE8E86B165BB08EAA ] C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NeroVision.exe
00:22:29.0199 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NeroVision.exe - ok
00:22:29.0214 3500 [ 9E29BC11A70165635CC10D42E64CFEE1 ] C:\Windows\System32\upnp.dll
00:22:29.0214 3500 C:\Windows\System32\upnp.dll - ok
00:22:29.0214 3500 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
00:22:29.0214 3500 C:\Windows\System32\ssdpsrv.dll - ok
00:22:29.0214 3500 [ 606F1533644DE4D44CE4751EFD6FD0DB ] C:\Program Files\AVAST Software\Avast\defs\12101802\uiext.dll
00:22:29.0214 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\uiext.dll - ok
00:22:29.0214 3500 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12101802\ArPot.dll
00:22:29.0214 3500 C:\Program Files\AVAST Software\Avast\defs\12101802\ArPot.dll - ok
00:22:29.0214 3500 [ 550BF4ACD6FC3F41DC5A83EF31B9F9B4 ] C:\Windows\System32\wmploc.DLL
00:22:29.0214 3500 C:\Windows\System32\wmploc.DLL - ok
00:22:29.0230 3500 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
00:22:29.0230 3500 C:\Windows\System32\webcheck.dll - ok
00:22:29.0230 3500 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
00:22:29.0230 3500 C:\Windows\System32\mlang.dll - ok
00:22:29.0230 3500 [ E6F66F31422C44EDC00D9C9329E7DF60 ] C:\Windows\System32\SyncCenter.dll
00:22:29.0230 3500 C:\Windows\System32\SyncCenter.dll - ok
00:22:29.0230 3500 [ 8C680C0E6B3D6711B2B88AC82FE1804E ] C:\Windows\SysWOW64\MMDevAPI.dll
00:22:29.0230 3500 C:\Windows\SysWOW64\MMDevAPI.dll - ok
00:22:29.0245 3500 [ B24ABFAB2D541996A38905369D511953 ] C:\Windows\SysWOW64\wdmaud.drv
00:22:29.0245 3500 C:\Windows\SysWOW64\wdmaud.drv - ok
00:22:29.0245 3500 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
00:22:29.0245 3500 C:\Windows\SysWOW64\ksuser.dll - ok
00:22:29.0245 3500 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
00:22:29.0245 3500 C:\Windows\SysWOW64\avrt.dll - ok
00:22:29.0245 3500 [ AFBB5060A2DAD431A2EAEB2C86CFFE81 ] C:\Windows\SysWOW64\AudioSes.dll
00:22:29.0245 3500 C:\Windows\SysWOW64\AudioSes.dll - ok
00:22:29.0245 3500 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
00:22:29.0245 3500 C:\Windows\SysWOW64\msacm32.drv - ok
00:22:29.0261 3500 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
00:22:29.0261 3500 C:\Windows\SysWOW64\midimap.dll - ok
00:22:29.0261 3500 [ 1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\SysWOW64\l3codeca.acm
00:22:29.0261 3500 C:\Windows\SysWOW64\l3codeca.acm - ok
00:22:29.0261 3500 [ 7B18507DF57F7E44BD41F9B4C716E2C9 ] C:\Program Files (x86)\Nero\Nero 11\Nero Vision\Nfx.Oops.exe
00:22:29.0261 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Vision\Nfx.Oops.exe - ok
00:22:29.0261 3500 [ 2928BBB81F5D3F80C3D65B0701C230DC ] C:\Program Files\Internet Explorer\ieproxy.dll
00:22:29.0261 3500 C:\Program Files\Internet Explorer\ieproxy.dll - ok
00:22:29.0277 3500 [ 8B886A0AC14EAA8599142887991A5A2E ] C:\Windows\System32\imapi2.dll
00:22:29.0277 3500 C:\Windows\System32\imapi2.dll - ok
00:22:29.0277 3500 [ 06A7422224D9865A5613710A089987DF ] C:\Windows\System32\provsvc.dll
00:22:29.0277 3500 C:\Windows\System32\provsvc.dll - ok
00:22:29.0277 3500 [ F0AAB2A76A7AF04C70A818E96BAF3E64 ] C:\Windows\System32\hgcpl.dll
00:22:29.0277 3500 C:\Windows\System32\hgcpl.dll - ok
00:22:29.0277 3500 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
00:22:29.0277 3500 C:\Windows\System32\fdPHost.dll - ok
00:22:29.0277 3500 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
00:22:29.0277 3500 C:\Windows\System32\FDResPub.dll - ok
00:22:29.0292 3500 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
00:22:29.0292 3500 C:\Windows\System32\fdWSD.dll - ok
00:22:29.0292 3500 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
00:22:29.0292 3500 C:\Windows\System32\fdSSDP.dll - ok
00:22:29.0292 3500 [ 2D444C361F758D6CC4B2F51655ECF528 ] C:\Windows\System32\wmpps.dll
00:22:29.0292 3500 C:\Windows\System32\wmpps.dll - ok
00:22:29.0292 3500 [ 4509387963DF66A6401752A0C631F6E8 ] C:\Windows\System32\httpapi.dll
00:22:29.0292 3500 C:\Windows\System32\httpapi.dll - ok
00:22:29.0292 3500 [ DD37622A478EDFE1D43DF561A19C02DD ] C:\Windows\System32\wmpmde.dll
00:22:29.0292 3500 C:\Windows\System32\wmpmde.dll - ok
00:22:29.0308 3500 [ 840A19DF71D9DD73E90862A260EC03A8 ] C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NMDllHost.exe
00:22:29.0308 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NMDllHost.exe - ok
00:22:29.0308 3500 [ DB8BF64BE3932ADC407505D21C4F2C2C ] C:\Windows\System32\fdProxy.dll
00:22:29.0308 3500 C:\Windows\System32\fdProxy.dll - ok
00:22:29.0308 3500 [ 785CB17D17C4D1F3B1961CC8F11299BD ] C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NMTvWizard.exe
00:22:29.0308 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Vision\NMTvWizard.exe - ok
00:22:29.0323 3500 [ EC7EB038EA11E0D04214D143E0CB6002 ] C:\Windows\System32\WinSATAPI.dll
00:22:29.0323 3500 C:\Windows\System32\WinSATAPI.dll - ok
00:22:29.0323 3500 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
00:22:29.0323 3500 C:\Windows\System32\P2P.dll - ok
00:22:29.0323 3500 [ 046B2673767CA626E2CFB7FDF735E9E8 ] C:\Windows\System32\ListSvc.dll
00:22:29.0323 3500 C:\Windows\System32\ListSvc.dll - ok
00:22:29.0323 3500 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
00:22:29.0323 3500 C:\Windows\System32\p2pcollab.dll - ok
00:22:29.0323 3500 [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
00:22:29.0323 3500 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
00:22:29.0339 3500 [ 7B8F7848D3C65DD9589A4898CFF3757D ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcr80.dll
00:22:29.0339 3500 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcr80.dll - ok
00:22:29.0339 3500 [ 2BF5A09197251572A74C426EE3E35117 ] C:\Windows\System32\MSMPEG2ENC.DLL
00:22:29.0339 3500 C:\Windows\System32\MSMPEG2ENC.DLL - ok
00:22:29.0339 3500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
00:22:29.0339 3500 C:\Windows\System32\pnrpsvc.dll - ok
00:22:29.0339 3500 [ 15DDDCBCBA60C877449C361C718D3365 ] C:\Program Files (x86)\Nero\Nero 11\Nero Vision\SlideShw.exe
00:22:29.0339 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Vision\SlideShw.exe - ok
00:22:29.0355 3500 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
00:22:29.0355 3500 C:\Windows\System32\devenum.dll - ok
00:22:29.0355 3500 [ 0B0604BC02CA5F77A1F23C6B0D86AE8C ] C:\Windows\System32\msdmo.dll
00:22:29.0355 3500 C:\Windows\System32\msdmo.dll - ok
00:22:29.0355 3500 [ 57ADB09ED3617B042D155449490A9F76 ] C:\Program Files (x86)\Paint XP\mspaint.exe
00:22:29.0355 3500 C:\Program Files (x86)\Paint XP\mspaint.exe - ok
00:22:29.0355 3500 [ 1FB958E5C82D04361EDF45CBB0B1C831 ] C:\Program Files (x86)\Paint XP\mspaint98.exe
00:22:29.0355 3500 C:\Program Files (x86)\Paint XP\mspaint98.exe - ok
00:22:29.0355 3500 [ 4921B0B951F58EA0981B75E8EADEE382 ] C:\Program Files (x86)\Paint XP\unins000.exe
00:22:29.0355 3500 C:\Program Files (x86)\Paint XP\unins000.exe - ok
00:22:29.0370 3500 [ 48A6CA43A5C921C465F70D9B42B3EF1A ] C:\Program Files\Windows Portable Devices\sqmapi.dll
00:22:29.0370 3500 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
00:22:29.0370 3500 [ 4987E079A4530FA737A128BE54B63B12 ] C:\Windows\System32\QAGENTRT.DLL
00:22:29.0370 3500 C:\Windows\System32\QAGENTRT.DLL - ok
00:22:29.0370 3500 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
00:22:29.0370 3500 C:\Windows\System32\wbem\NCProv.dll - ok
00:22:29.0370 3500 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
00:22:29.0370 3500 C:\Windows\System32\fveui.dll - ok
00:22:29.0386 3500 [ 115CAA21C6A8F4DAB011F034887854F5 ] C:\Program Files (x86)\QuickTime\PictureViewer.exe
00:22:29.0386 3500 C:\Program Files (x86)\QuickTime\PictureViewer.exe - ok
00:22:29.0386 3500 [ AB1F1374CE30F0679263A05EF40AFDDC ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
00:22:29.0386 3500 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
00:22:29.0386 3500 [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
00:22:29.0386 3500 C:\Program Files\DVD Maker\DVDMaker.exe - ok
00:22:29.0386 3500 [ 4A826F98E1B0860840FE227D1A4FFC05 ] C:\Program Files\Windows Journal\Journal.exe
00:22:29.0386 3500 C:\Program Files\Windows Journal\Journal.exe - ok
00:22:29.0401 3500 [ 191592BA7CC7A22DA81F4BE1365E1317 ] C:\Program Files\Windows Journal\PDIALOG.exe
00:22:29.0401 3500 C:\Program Files\Windows Journal\PDIALOG.exe - ok
00:22:29.0401 3500 [ 72CC44039038032C5B19E15D9645EB68 ] C:\Program Files\Windows Mail\wab.exe
00:22:29.0401 3500 C:\Program Files\Windows Mail\wab.exe - ok
00:22:29.0401 3500 [ 1B60731B2D3B638777E6AF630CB01B17 ] C:\Program Files\Windows Mail\wabmig.exe
00:22:29.0401 3500 C:\Program Files\Windows Mail\wabmig.exe - ok
00:22:29.0401 3500 [ A576E5A113193FACFDC533FF2475530D ] C:\Program Files\Windows Mail\WinMail.exe
00:22:29.0401 3500 C:\Program Files\Windows Mail\WinMail.exe - ok
00:22:29.0401 3500 [ 8DAFCA68830623253EE98808E03C2B86 ] C:\Program Files\Windows Media Player\WMPDMC.exe
00:22:29.0401 3500 C:\Program Files\Windows Media Player\WMPDMC.exe - ok
00:22:29.0417 3500 [ CA07A30C2C0F45F4BE22381280A872DD ] C:\Program Files\Windows Media Player\wmplayer.exe
00:22:29.0417 3500 C:\Program Files\Windows Media Player\wmplayer.exe - ok
00:22:29.0417 3500 [ 9283138F2006BC9F6CBF5169D72B37C6 ] C:\Program Files\Windows Photo Viewer\ImagingDevices.exe
00:22:29.0417 3500 C:\Program Files\Windows Photo Viewer\ImagingDevices.exe - ok
00:22:29.0417 3500 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
00:22:29.0417 3500 C:\Windows\System32\upnphost.dll - ok
00:22:29.0417 3500 [ 53943CFBD1A38539F1EFAD8A08FBE796 ] C:\Program Files\WinRAR\Rar.exe
00:22:29.0417 3500 C:\Program Files\WinRAR\Rar.exe - ok
00:22:29.0433 3500 [ 8D764F0AF0B5405CFFB1710405632A08 ] C:\Program Files\WinRAR\Uninstall.exe
00:22:29.0433 3500 C:\Program Files\WinRAR\Uninstall.exe - ok
00:22:29.0433 3500 [ C589903B74EA1EF8EF4A3F0710334797 ] C:\Program Files\WinRAR\UnRAR.exe
00:22:29.0433 3500 C:\Program Files\WinRAR\UnRAR.exe - ok
00:22:29.0433 3500 [ A23A3C4630A214E156EE9E1E07E2BFB0 ] C:\Program Files\WinRAR\WinRAR.exe
00:22:29.0433 3500 C:\Program Files\WinRAR\WinRAR.exe - ok
00:22:29.0433 3500 [ 93C7B7A3E3051BBB9630E41425CFDB3C ] C:\Program Files (x86)\7-Zip\7z.exe
00:22:29.0433 3500 C:\Program Files (x86)\7-Zip\7z.exe - ok
00:22:29.0433 3500 [ 031C6782F2D50336FC2C72F8D14A4C13 ] C:\Windows\System32\wbem\wmiprov.dll
00:22:29.0433 3500 C:\Windows\System32\wbem\wmiprov.dll - ok
00:22:29.0448 3500 [ 00501883BC325205DF90E72263743361 ] C:\Program Files (x86)\7-Zip\7zFM.exe
00:22:29.0448 3500 C:\Program Files (x86)\7-Zip\7zFM.exe - ok
00:22:29.0448 3500 [ 3F317B59A522F0BC19AC1620BBEA0718 ] C:\Program Files (x86)\7-Zip\7zG.exe
00:22:29.0448 3500 C:\Program Files (x86)\7-Zip\7zG.exe - ok
00:22:29.0448 3500 [ 80F77070EAC548F4A5FB15E25FE6353D ] C:\Program Files (x86)\7-Zip\Uninstall.exe
00:22:29.0448 3500 C:\Program Files (x86)\7-Zip\Uninstall.exe - ok
00:22:29.0448 3500 [ 475DF5742BC3151428DAFFF449910FFE ] C:\Program Files (x86)\Adobe Media Player\Adobe Media Player.exe
00:22:29.0448 3500 C:\Program Files (x86)\Adobe Media Player\Adobe Media Player.exe - ok
00:22:29.0464 3500 [ 0ABDFB96F62D6D21294299E6ADB138AE ] C:\Program Files (x86)\Allok Video Joiner\Allok Video Joiner.exe
00:22:29.0464 3500 C:\Program Files (x86)\Allok Video Joiner\Allok Video Joiner.exe - ok
00:22:29.0464 3500 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
00:22:29.0464 3500 C:\Windows\System32\drprov.dll - ok
00:22:29.0464 3500 [ 7273921B6DDFEFF3A8567B9800C5673A ] C:\Windows\System32\ntlanman.dll
00:22:29.0464 3500 C:\Windows\System32\ntlanman.dll - ok
00:22:29.0464 3500 [ 73A1430ABA9119A2C25892EF9C3CB7A1 ] C:\Windows\System32\davclnt.dll
00:22:29.0464 3500 C:\Windows\System32\davclnt.dll - ok
00:22:29.0479 3500 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
00:22:29.0479 3500 C:\Windows\System32\davhlpr.dll - ok
00:22:29.0479 3500 [ 34EBD4FF6A24D86BB4716D6AFCC1A89B ] C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
00:22:29.0479 3500 C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe - ok
00:22:29.0479 3500 [ D939CFF50440465875259D2D12ED38EC ] C:\Program Files (x86)\AutocompletePro\AcRemoteUpdate.exe
00:22:29.0479 3500 C:\Program Files (x86)\AutocompletePro\AcRemoteUpdate.exe - ok
00:22:29.0479 3500 [ FDB8A7445724C2631A260D854F73B0E4 ] C:\Program Files (x86)\AutocompletePro\InstTracker.exe
00:22:29.0479 3500 C:\Program Files (x86)\AutocompletePro\InstTracker.exe - ok
00:22:29.0479 3500 [ 2BD2C41BB77BAE425EC52ABFC59151DC ] C:\Program Files (x86)\AutocompletePro\unins000.exe
00:22:29.0479 3500 C:\Program Files (x86)\AutocompletePro\unins000.exe - ok
00:22:29.0495 3500 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
00:22:29.0495 3500 C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
00:22:29.0495 3500 [ E529E2205B398D204314DCF2CABEB68A ] C:\Program Files (x86)\ChairGun3\ChairGun3.exe
00:22:29.0495 3500 C:\Program Files (x86)\ChairGun3\ChairGun3.exe - ok
00:22:29.0495 3500 [ 86841D517FA242AFA239007478E71BAC ] C:\Program Files (x86)\ChairGun3\unins000.exe
00:22:29.0495 3500 C:\Program Files (x86)\ChairGun3\unins000.exe - ok
00:22:29.0495 3500 [ EC8C030318CAD1352CA7DB7FCD07F3A4 ] C:\Program Files (x86)\ChairGun3\unins001.exe
00:22:29.0495 3500 C:\Program Files (x86)\ChairGun3\unins001.exe - ok
00:22:29.0511 3500 [ E871B2D9A7A8B63F3BE7DD0B58FBEA6E ] C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe
00:22:29.0511 3500 C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe - ok
00:22:29.0511 3500 [ D9699CEE84A398B73D1D1919802BC914 ] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
00:22:29.0511 3500 C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe - ok
00:22:29.0511 3500 [ AA5D73BB78595C4F52B0C1A1E9ABE218 ] C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
00:22:29.0511 3500 C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe - ok
00:22:29.0511 3500 [ BC03475EC281AA1E685388896ACADE8D ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
00:22:29.0511 3500 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
00:22:29.0526 3500 [ 4D7F2682D29B92A6251B17957AA0B985 ] C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
00:22:29.0526 3500 C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe - ok
00:22:29.0526 3500 [ 108F545B6C0853917F05C20A983D0A96 ] C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
00:22:29.0526 3500 C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe - ok
00:22:29.0526 3500 [ 0A9153FE672D620A8E8D921F2934749D ] C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
00:22:29.0526 3500 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe - ok
00:22:29.0526 3500 [ 262DCB4115B62B7953585EC3D9B6AA8D ] C:\Program Files (x86)\Mozilla Firefox\updater.exe
00:22:29.0526 3500 C:\Program Files (x86)\Mozilla Firefox\updater.exe - ok
00:22:29.0542 3500 [ B8CF6310958D4FF1AA9727003EC8F3F7 ] C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
00:22:29.0542 3500 C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe - ok
00:22:29.0542 3500 [ BDB0B6EF9B68267BF366BAED9721848F ] C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
00:22:29.0542 3500 C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe - ok
00:22:29.0542 3500 [ 4D7F2682D29B92A6251B17957AA0B985 ] C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:22:29.0542 3500 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe - ok
00:22:29.0542 3500 [ 6F7F4A2B237E2807208BD4B29B07F542 ] C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
00:22:29.0542 3500 C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe - ok
00:22:29.0557 3500 [ 7F8ED4C5D53C156773C9FDCC2D4349FA ] C:\Program Files (x86)\Nero\Uninstall.exe
00:22:29.0557 3500 C:\Program Files (x86)\Nero\Uninstall.exe - ok
00:22:29.0557 3500 [ 70920E6FB945640BAE35F9CC75F495B9 ] C:\Program Files (x86)\Notepad++\notepad++.exe
00:22:29.0557 3500 C:\Program Files (x86)\Notepad++\notepad++.exe - ok
00:22:29.0557 3500 [ 30DE2B629930F6C4B497BDD7D6B4383C ] C:\Program Files (x86)\Notepad++\uninstall.exe
00:22:29.0557 3500 C:\Program Files (x86)\Notepad++\uninstall.exe - ok
00:22:29.0557 3500 [ 7DFCCC67990B6DE7F30F553A4E4612A4 ] C:\Program Files (x86)\RocketDock\RocketDock.exe
00:22:29.0557 3500 C:\Program Files (x86)\RocketDock\RocketDock.exe - ok
00:22:29.0557 3500 [ 8629C189B102EB23B1C7C70515AFF8D1 ] C:\Program Files (x86)\RocketDock\unins000.exe
00:22:29.0557 3500 C:\Program Files (x86)\RocketDock\unins000.exe - ok
00:22:29.0573 3500 [ 1A113EB5F555F55A031BFACF6A57DC6E ] C:\Program Files (x86)\Safari\Safari.exe
00:22:29.0573 3500 C:\Program Files (x86)\Safari\Safari.exe - ok
00:22:29.0573 3500 [ EF7138738A42E668D74B0C38C559EB2A ] C:\Program Files (x86)\SpywareBlaster\sbautoupdate.exe
00:22:29.0573 3500 C:\Program Files (x86)\SpywareBlaster\sbautoupdate.exe - ok
00:22:29.0573 3500 [ 8BC4D1F6782A11980B9DA744F7D8A356 ] C:\Program Files (x86)\SpywareBlaster\sburlhelper.exe
00:22:29.0573 3500 C:\Program Files (x86)\SpywareBlaster\sburlhelper.exe - ok
00:22:29.0573 3500 [ 087309DEC72C1FE35973D47BDA9B43F6 ] C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
00:22:29.0573 3500 C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe - ok
00:22:29.0589 3500 [ AE13FB6BD8086465217F6A063EC3FCC3 ] C:\Program Files (x86)\SpywareBlaster\unins000.exe
00:22:29.0589 3500 C:\Program Files (x86)\SpywareBlaster\unins000.exe - ok
00:22:29.0589 3500 [ 5992835831A58D35ED60435EA15E51CA ] C:\Program Files (x86)\Windows Mail\wab.exe
00:22:29.0589 3500 C:\Program Files (x86)\Windows Mail\wab.exe - ok
00:22:29.0589 3500 [ 53A5EAFAAB88D5DBB24E6EEB5D9E0E12 ] C:\Program Files (x86)\Windows Mail\wabmig.exe
00:22:29.0589 3500 C:\Program Files (x86)\Windows Mail\wabmig.exe - ok
00:22:29.0589 3500 [ 2BF10B03F6845661ED8BD58A8CB34B2F ] C:\Program Files (x86)\Windows Mail\WinMail.exe
00:22:29.0589 3500 C:\Program Files (x86)\Windows Mail\WinMail.exe - ok
00:22:29.0604 3500 [ 7B27F19EEB01583E758594E50C6EA755 ] C:\Program Files (x86)\Windows Media Player\WMPDMC.exe
00:22:29.0604 3500 C:\Program Files (x86)\Windows Media Player\WMPDMC.exe - ok
00:22:29.0604 3500 [ A0F1DFC9E47B2524213AFF32E26BE92D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
00:22:29.0604 3500 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
00:22:29.0604 3500 [ 44131EEA626ABDBEF6631F72C007FC0E ] C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe
00:22:29.0604 3500 C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe - ok
00:22:29.0604 3500 [ 61276C207953FCF2275A64C1304C1428 ] C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\agcp.exe
00:22:29.0604 3500 C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\agcp.exe - ok
00:22:29.0604 3500 [ 4EA69F4D56840E7796A19AF36E710E6B ] C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\coregen.exe
00:22:29.0604 3500 C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\coregen.exe - ok
00:22:29.0620 3500 [ 29431C7A28278A9EBF4FEF38DB61D86B ] C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe
00:22:29.0620 3500 C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe - ok
00:22:29.0620 3500 [ 985FA44DED5748469D5AFE36A8C122BD ] C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
00:22:29.0620 3500 C:\Program Files (x86)\Windows Live\Mesh\MOE.exe - ok
00:22:29.0620 3500 [ 5DF19A45F9BCB2F3C7C14BCA2E931A39 ] C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
00:22:29.0620 3500 C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe - ok
00:22:29.0635 3500 [ 6EE227818F6A756126275905CA8C1B70 ] C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe
00:22:29.0635 3500 C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe - ok
00:22:29.0635 3500 [ 4E0D8C9F83B7FD82393F7D8CCC27E7AE ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.exe
00:22:29.0635 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.exe - ok
00:22:29.0635 3500 [ 4E0D8C9F83B7FD82393F7D8CCC27E7AE ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
00:22:29.0635 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe - ok
00:22:29.0635 3500 [ 4E0D8C9F83B7FD82393F7D8CCC27E7AE ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe
00:22:29.0635 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe - ok
00:22:29.0651 3500 [ 8A07EE1A9A98AA34F18372384BD86E5C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-killer.exe
00:22:29.0651 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-killer.exe - ok
00:22:29.0651 3500 [ 4E0D8C9F83B7FD82393F7D8CCC27E7AE ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe
00:22:29.0651 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe - ok
00:22:29.0651 3500 [ 4E0D8C9F83B7FD82393F7D8CCC27E7AE ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
00:22:29.0651 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe - ok
00:22:29.0651 3500 [ 4E0D8C9F83B7FD82393F7D8CCC27E7AE ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
00:22:29.0651 3500 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe - ok
00:22:29.0651 3500 [ 36D6C014D2A2FC40D39382568C6E6BB9 ] C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\SecurDisc\NeroSecurDiscViewer.exe
00:22:29.0667 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\SecurDisc\NeroSecurDiscViewer.exe - ok
00:22:29.0667 3500 [ 36D6C014D2A2FC40D39382568C6E6BB9 ] C:\Program Files (x86)\Nero\Nero 11\Nero Express\SecurDisc\NeroSecurDiscViewer.exe
00:22:29.0667 3500 C:\Program Files (x86)\Nero\Nero 11\Nero Express\SecurDisc\NeroSecurDiscViewer.exe - ok
00:22:29.0667 3500 [ E610FDEB5BD10F6E625EED2B83692027 ] C:\Program Files (x86)\QuickTime\QTSystem\ExportController.exe
00:22:29.0667 3500 C:\Program Files (x86)\QuickTime\QTSystem\ExportController.exe - ok
00:22:29.0667 3500 [ 8964148056B3848AA2CB587E9D137890 ] C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeUpdateHelper.exe
00:22:29.0667 3500 C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeUpdateHelper.exe - ok
00:22:29.0682 3500 [ FF4F229BC63A0E9A7583B39663D9C59B ] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\arh.exe
00:22:29.0682 3500 C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\arh.exe - ok
00:22:29.0682 3500 [ 4F6561767A37C057C45EDBF70AD1CA47 ] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\LogTransport2.exe
00:22:29.0682 3500 C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\LogTransport2.exe - ok
00:22:29.0682 3500 [ E89205F985CEBFF718BCB8872F217C81 ] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
00:22:29.0682 3500 C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe - ok
00:22:29.0682 3500 [ 667DF3DA7231EA0D4D84153C0668A4BC ] C:\Program Files\O2\Utilities\Recovery Tool 7.4.20.3.exe
00:22:29.0682 3500 C:\Program Files\O2\Utilities\Recovery Tool 7.4.20.3.exe - ok
00:22:29.0682 3500 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:22:29.0682 3500 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok
00:22:29.0698 3500 [ 680FD03AE6DA6D512BD5CDCBF7D3DD55 ] C:\Program Files\Windows Live\Mesh\wlcrdpsystem.exe
00:22:29.0698 3500 C:\Program Files\Windows Live\Mesh\wlcrdpsystem.exe - ok
00:22:29.0698 3500 [ 0694C1066A6788904081CB8F466E14EA ] C:\Program Files\Windows Live\Mesh\wlcrdpuser.exe
00:22:29.0698 3500 C:\Program Files\Windows Live\Mesh\wlcrdpuser.exe - ok
00:22:29.0698 3500 [ 69B3DD328BFD5E97929734AC1EE5375E ] C:\Program Files\Windows Live\Mesh\WLRemoteClient.exe
00:22:29.0698 3500 C:\Program Files\Windows Live\Mesh\WLRemoteClient.exe - ok
00:22:29.0698 3500 [ 6DEC79D51F08EB735728D428D17AAA85 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
00:22:29.0698 3500 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
00:22:29.0713 3500 [ 1FC2DCBD9E87B64FEC35C56BD1EE3C50 ] C:\Program Files\WinRAR\Formats\ace32loader.exe
00:22:29.0713 3500 C:\Program Files\WinRAR\Formats\ace32loader.exe - ok
00:22:29.0713 3500 [ 1B7AB479BAEEC5F2B25399139BBEA279 ] C:\Program Files (x86)\Adobe\Acrobat_com\Acrobat_com.exe
00:22:29.0713 3500 C:\Program Files (x86)\Adobe\Acrobat_com\Acrobat_com.exe - ok
00:22:29.0713 3500 [ 5E1FEBDA2F32F941A76B80C9741E256E ] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Adobe3DAndVideoServer.exe
00:22:29.0713 3500 C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Adobe3DAndVideoServer.exe - ok
00:22:29.0713 3500 [ FF4F229BC63A0E9A7583B39663D9C59B ] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\arh.exe
00:22:29.0713 3500 C:\Program Files (x86)\Adobe\Adobe Bridge CS5\arh.exe - ok
00:22:29.0729 3500 [ A10693D85AE0015DE9E033C3D7783907 ] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
00:22:29.0729 3500 C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe - ok
00:22:29.0729 3500 [ 0091E93FA1228D8C05AEE6AD375EAEB5 ] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\bridgeproxy.exe
00:22:29.0729 3500 C:\Program Files (x86)\Adobe\Adobe Bridge CS5\bridgeproxy.exe - ok
00:22:29.0729 3500 [ 84CCA7B4118D27787529AC1FED81608D ] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\LogTransport2.exe
00:22:29.0729 3500 C:\Program Files (x86)\Adobe\Adobe Bridge CS5\LogTransport2.exe - ok
00:22:29.0729 3500 [ F79D1356750B29255DD27EC1244288F3 ] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
00:22:29.0729 3500 C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe - ok
00:22:29.0745 3500 [ FF4F229BC63A0E9A7583B39663D9C59B ] C:\Program Files (x86)\Adobe\Adobe Device Central CS5\arh.exe
00:22:29.0745 3500 C:\Program Files (x86)\Adobe\Adobe Device Central CS5\arh.exe - ok
00:22:29.0745 3500 [ 17BCF928D9183CBEDDF95BAA4B83AD27 ] C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe
00:22:29.0745 3500 C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe - ok
00:22:29.0745 3500 [ 84CCA7B4118D27787529AC1FED81608D ] C:\Program Files (x86)\Adobe\Adobe Device Central CS5\LogTransport2.exe
00:22:29.0745 3500 C:\Program Files (x86)\Adobe\Adobe Device Central CS5\LogTransport2.exe - ok
00:22:29.0745 3500 [ 43AE11549419FC2A94F99A613F8F9BF5 ] C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe
00:22:29.0745 3500 C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe - ok
00:22:29.0760 3500 [ FF4F229BC63A0E9A7583B39663D9C59B ] C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\arh.exe
00:22:29.0760 3500 C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\arh.exe - ok
00:22:29.0760 3500 [ 119BAB6352BFCFE07D591606575D5688 ] C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Replace.exe
00:22:29.0760 3500 C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Replace.exe - ok
00:22:29.0760 3500 [ 6408EB1E2016FDDD68151F7DA031EADD ] C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\XManCommand.exe
00:22:29.0760 3500 C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\XManCommand.exe - ok
00:22:29.0760 3500 [ 47FAE63BEEEECCADDDC33C0CCC40DB08 ] C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe
00:22:29.0760 3500 C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe - ok
00:22:29.0776 3500 [ FF4F229BC63A0E9A7583B39663D9C59B ] C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\arh.exe
00:22:29.0776 3500 C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\arh.exe - ok
00:22:29.0776 3500 [ 84CCA7B4118D27787529AC1FED81608D ] C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\LogTransport2.exe
00:22:29.0776 3500 C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\LogTransport2.exe - ok
00:22:29.0776 3500 [ 3C24B7FA0F5BC9C0EE2042345FE01206 ] C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe
00:22:29.0776 3500 C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe - ok
00:22:29.0776 3500 [ 92F20DB7F34302C1F9C69A332B11995A ] C:\Program Files (x86)\ChairGun3\Addin\FillCalc.exe
00:22:29.0776 3500 C:\Program Files (x86)\ChairGun3\Addin\FillCalc.exe - ok
00:22:29.0791 3500 [ E64E7956E28F57BF138796922C116505 ] C:\Program Files (x86)\ChairGun3\Addin\MDRF.exe
00:22:29.0791 3500 C:\Program Files (x86)\ChairGun3\Addin\MDRF.exe - ok
00:22:29.0791 3500 [ 65241C6C60E1CD7C75B0366D7F96C9D3 ] C:\Program Files (x86)\ChairGun3\Addin\TargetGen.exe
00:22:29.0791 3500 C:\Program Files (x86)\ChairGun3\Addin\TargetGen.exe - ok
00:22:29.0791 3500 [ 705A004553C2499F81C0EF19CFD70255 ] C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
00:22:29.0791 3500 C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe - ok
00:22:29.0791 3500 [ 355C4A751883EF73850F74D7EF97FBCB ] C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
00:22:29.0791 3500 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe - ok
00:22:29.0807 3500 [ D368094F4ED2D281AB3931E4A85BA95A ] C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
00:22:29.0807 3500 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe - ok
00:22:29.0807 3500 [ C886F2D01813B12B1F359C35AFA3B1F2 ] C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
00:22:29.0807 3500 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe - ok
00:22:29.0807 3500 [ 3C8D190643B7E5C50E36B0E2C1FA96CA ] C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
00:22:29.0807 3500 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe - ok
00:22:29.0807 3500 [ 28E872D631CE96553C2A80654AD55FFC ] C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
00:22:29.0807 3500 C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe - ok
00:22:29.0807 3500 [ B29BBFF357146C81FE46F0ADF242439A ] C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe
00:22:29.0807 3500 C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe - ok
00:22:29.0823 3500 [ 11702D608F76B033903972C96DF39AC9 ] C:\Program Files (x86)\K-Lite Codec Pack\Filters\ac3config.exe
00:22:29.0823 3500 C:\Program Files (x86)\K-Lite Codec Pack\Filters\ac3config.exe - ok
00:22:29.0823 3500 [ FDCC30B692B051D2467E82E2C4824982 ] C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
00:22:29.0823 3500 C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe - ok
00:22:29.0823 3500 [ 52950AC9E2B481453082F096120E355A ] C:\Program Files (x86)\K-Lite Codec Pack\Real\mpclauncher.exe
00:22:29.0823 3500 C:\Program Files (x86)\K-Lite Codec Pack\Real\mpclauncher.exe - ok
00:22:29.0823 3500 [ 52950AC9E2B481453082F096120E355A ] C:\Program Files (x86)\K-Lite Codec Pack\Real\settings.exe
00:22:29.0823 3500 C:\Program Files (x86)\K-Lite Codec Pack\Real\settings.exe - ok
00:22:29.0838 3500 [ 52950AC9E2B481453082F096120E355A ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
00:22:29.0838 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe - ok
00:22:29.0838 3500 [ 2DE739EE8D8CECD077287D8ECE8216BC ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe
00:22:29.0838 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe - ok
00:22:29.0838 3500 [ 30929CC15AF8ED85AAE99A6620D72C3F ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphedit.exe
00:22:29.0838 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphedit.exe - ok
00:22:29.0838 3500 [ D9E3610A3DEBDAE7204430A41E57D815 ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
00:22:29.0838 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe - ok
00:22:29.0854 3500 [ 487AF46145B81C5BC54873E764F93636 ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe
00:22:29.0854 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe - ok
00:22:29.0854 3500 [ AFD4F735108A24D5112AC1FD661BEC8B ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe
00:22:29.0854 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe - ok
00:22:29.0854 3500 [ 08457294C7E98C5D3E5EE8CDC25FA537 ] C:\Program Files (x86)\Microsoft Office\Office12\ACCICONS.EXE
00:22:29.0854 3500 C:\Program Files (x86)\Microsoft Office\Office12\ACCICONS.EXE - ok
00:22:29.0854 3500 [ 2DD574F00DC391B361FB0BC79C9C63DA ] C:\Program Files (x86)\Microsoft Office\Office12\CLVIEW.EXE
00:22:29.0854 3500 C:\Program Files (x86)\Microsoft Office\Office12\CLVIEW.EXE - ok
00:22:29.0854 3500 [ 4044100DD33A4728EB609238D5368ED0 ] C:\Program Files (x86)\Microsoft Office\Office12\CNFNOT32.EXE
00:22:29.0854 3500 C:\Program Files (x86)\Microsoft Office\Office12\CNFNOT32.EXE - ok
00:22:29.0869 3500 [ 7F7A4D4CFCA8F2F52845A7C3CAAC00B6 ] C:\Program Files (x86)\Microsoft Office\Office12\DRAT.EXE
00:22:29.0869 3500 C:\Program Files (x86)\Microsoft Office\Office12\DRAT.EXE - ok
00:22:29.0869 3500 [ C316A56A8417A38F800482DE46026DBC ] C:\Program Files (x86)\Microsoft Office\Office12\DSSM.EXE
00:22:29.0869 3500 C:\Program Files (x86)\Microsoft Office\Office12\DSSM.EXE - ok
00:22:29.0869 3500 [ 24F550155BE440C899DA926CD499E6CD ] C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
00:22:29.0869 3500 C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE - ok
00:22:29.0869 3500 [ 8A13A8E0F77CC9B6491458D6048B945E ] C:\Program Files (x86)\Microsoft Office\Office12\excelcnv.exe
00:22:29.0869 3500 C:\Program Files (x86)\Microsoft Office\Office12\excelcnv.exe - ok
00:22:29.0885 3500 [ 2D926A2063C8019ACF162E14D6398C93 ] C:\Program Files (x86)\Microsoft Office\Office12\GRAPH.EXE
00:22:29.0885 3500 C:\Program Files (x86)\Microsoft Office\Office12\GRAPH.EXE - ok
00:22:29.0885 3500 [ 50BD5E267657BE1090FB667B7A4500CE ] C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
00:22:29.0885 3500 C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE - ok
00:22:29.0885 3500 [ 123271BD5237AB991DC5C21FDF8835EB ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:22:29.0885 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe - ok
00:22:29.0885 3500 [ 630D84629B5941F5DE2CB2694203E146 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveClean.exe
00:22:29.0885 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveClean.exe - ok
00:22:29.0901 3500 [ FBB0419B72B09079A5686FDBB38FDE2C ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMigrator.exe
00:22:29.0901 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMigrator.exe - ok
00:22:29.0901 3500 [ 891634FB137EA69EB617D1FF3103AF85 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveStdURLLauncher.exe
00:22:29.0901 3500 C:\Program Files (x86)\Microsoft Office\Office12\GrooveStdURLLauncher.exe - ok
00:22:29.0901 3500 [ 896B636046EA825F9676AECDDC042F38 ] C:\Program Files (x86)\Microsoft Office\Office12\INFOPATH.EXE
00:22:29.0901 3500 C:\Program Files (x86)\Microsoft Office\Office12\INFOPATH.EXE - ok
00:22:29.0901 3500 [ C9815BF2727A4C32202347F22B275A7D ] C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
00:22:29.0901 3500 C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE - ok
00:22:29.0916 3500 [ A23D1D59160B59D29006117EE0722EC2 ] C:\Program Files (x86)\Microsoft Office\Office12\MSOHTMED.EXE
00:22:29.0916 3500 C:\Program Files (x86)\Microsoft Office\Office12\MSOHTMED.EXE - ok
00:22:29.0916 3500 [ C9E047B2E51FA5C5A2443EE0ADB7AC2B ] C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE
00:22:29.0916 3500 C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE - ok
00:22:29.0916 3500 [ 743B98526635713FF793165F8BDCED3E ] C:\Program Files (x86)\Microsoft Office\Office12\MSQRY32.EXE
00:22:29.0916 3500 C:\Program Files (x86)\Microsoft Office\Office12\MSQRY32.EXE - ok
00:22:29.0916 3500 [ 98FF8F02E89A6E8005AB9EB01DC221EA ] C:\Program Files (x86)\Microsoft Office\Office12\MSTORDB.EXE
00:22:29.0916 3500 C:\Program Files (x86)\Microsoft Office\Office12\MSTORDB.EXE - ok
00:22:29.0932 3500 [ 196506408EEBAAE7A50AEC996BA875FD ] C:\Program Files (x86)\Microsoft Office\Office12\MSTORE.EXE
00:22:29.0932 3500 C:\Program Files (x86)\Microsoft Office\Office12\MSTORE.EXE - ok
00:22:29.0932 3500 [ 602F7A721C4E684CA16629CC4587FF9D ] C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE
00:22:29.0932 3500 C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE - ok
00:22:29.0932 3500 [ 7BFCDB133CB2915019074E5BF687A63E ] C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
00:22:29.0932 3500 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE - ok
00:22:29.0932 3500 [ 32C26797AB646074A2BB562F9D10ADB5 ] C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
00:22:29.0932 3500 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - ok
00:22:29.0932 3500 [ 0E5398084278E4CD84DDB0A2B646548D ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
00:22:29.0932 3500 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE - ok
00:22:29.0947 3500 [ B0DB4C35C028CCC350069AA8297847F2 ] C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
00:22:29.0947 3500 C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE - ok
00:22:29.0947 3500 [ 253196F332982648598EE590A41AF908 ] C:\Program Files (x86)\Microsoft Office\Office12\PPTVIEW.EXE
00:22:29.0947 3500 C:\Program Files (x86)\Microsoft Office\Office12\PPTVIEW.EXE - ok
00:22:29.0947 3500 [ D63B0569E61BBF9DF44A17C1C971C248 ] C:\Program Files (x86)\Microsoft Office\Office12\REGFORM.EXE
00:22:29.0947 3500 C:\Program Files (x86)\Microsoft Office\Office12\REGFORM.EXE - ok
00:22:29.0947 3500 [ F06B250E8D4BCD08D5C57C704977B965 ] C:\Program Files (x86)\Microsoft Office\Office12\SCANOST.EXE
00:22:29.0947 3500 C:\Program Files (x86)\Microsoft Office\Office12\SCANOST.EXE - ok
00:22:29.0963 3500 [ C0B56CD91664DFDEC855BCE3216AFDCD ] C:\Program Files (x86)\Microsoft Office\Office12\SCANPST.EXE
00:22:29.0963 3500 C:\Program Files (x86)\Microsoft Office\Office12\SCANPST.EXE - ok
00:22:29.0963 3500 [ 60987D7DA4E8877CB232546F89D703EB ] C:\Program Files (x86)\Microsoft Office\Office12\SELFCERT.EXE
00:22:29.0963 3500 C:\Program Files (x86)\Microsoft Office\Office12\SELFCERT.EXE - ok
00:22:29.0963 3500 [ 779C69CD81306FD2C7D8D8148A9B688E ] C:\Program Files (x86)\Microsoft Office\Office12\SETLANG.EXE
00:22:29.0963 3500 C:\Program Files (x86)\Microsoft Office\Office12\SETLANG.EXE - ok
00:22:29.0963 3500 [ B5028AB607B5206C76C7BD1CDEDBA072 ] C:\Program Files (x86)\Microsoft Office\Office12\VPREVIEW.EXE
00:22:29.0963 3500 C:\Program Files (x86)\Microsoft Office\Office12\VPREVIEW.EXE - ok
00:22:29.0979 3500 [ 2DB55B5ED8E8CD26597FDA3455535B4B ] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
00:22:29.0979 3500 C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE - ok
00:22:29.0979 3500 [ 8ED296F0D0A8F659F1370D14B47327A1 ] C:\Program Files (x86)\Microsoft Office\Office12\Wordconv.exe
00:22:29.0979 3500 C:\Program Files (x86)\Microsoft Office\Office12\Wordconv.exe - ok
00:22:29.0979 3500 [ F2421A85BF8ED3EE9DFBA9063F39FED6 ] C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
00:22:29.0979 3500 C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe - ok
00:22:29.0979 3500 [ 0FAD4B26B524B1341834A9A563171D4B ] C:\Program Files (x86)\Notepad++\updater\GUP.exe
00:22:29.0979 3500 C:\Program Files (x86)\Notepad++\updater\GUP.exe - ok
00:22:29.0994 3500 [ 9B5812E24F04AEACECF0DFD4FC85ABAA ] C:\Program Files (x86)\O2\bin\sdckillw.exe
00:22:29.0994 3500 C:\Program Files (x86)\O2\bin\sdckillw.exe - ok
00:22:29.0994 3500 [ 2E73DF74A297EE6B91C4F57B9BD84317 ] C:\Program Files (x86)\O2\bin\sprtcmd.exe
00:22:29.0994 3500 C:\Program Files (x86)\O2\bin\sprtcmd.exe - ok
00:22:29.0994 3500 [ B69C20B18FB229188E5D05571FF54B04 ] C:\Program Files (x86)\O2\bin\ssClearCache.exe
00:22:29.0994 3500 C:\Program Files (x86)\O2\bin\ssClearCache.exe - ok
00:22:29.0994 3500 [ 09C7621E5CF07015B06A034E7E862509 ] C:\Program Files (x86)\O2\bin\tgshell.exe
00:22:29.0994 3500 C:\Program Files (x86)\O2\bin\tgshell.exe - ok
00:22:29.0994 3500 [ 93BE04D689DD35CEDEAB60182D45855A ] C:\Program Files (x86)\O2\bin\wificfg.exe
00:22:29.0994 3500 C:\Program Files (x86)\O2\bin\wificfg.exe - ok
00:22:30.0010 3500 [ EC704D0D0B44C4CCF00278A167ADFFB8 ] C:\Program Files (x86)\O2_Installer\SmartAccess\bcont.exe
00:22:30.0010 3500 C:\Program Files (x86)\O2_Installer\SmartAccess\bcont.exe - ok
00:22:30.0010 3500 [ 4203D23CE3437C118A1217BC4CC94CAB ] C:\Program Files (x86)\O2_Installer\SmartAccess\bcont_nm.exe
00:22:30.0010 3500 C:\Program Files (x86)\O2_Installer\SmartAccess\bcont_nm.exe - ok
00:22:30.0010 3500 [ CDFB2599F476838B986F9A36259144E7 ] C:\Program Files (x86)\RACE\FI_Tool\FI_Tool.exe
00:22:30.0010 3500 C:\Program Files (x86)\RACE\FI_Tool\FI_Tool.exe - ok
00:22:30.0010 3500 [ 732B81BF35B20C63ED94A67A4C7F9ECA ] C:\Program Files (x86)\RACE\FI_Tool\Setup.exe
00:22:30.0010 3500 C:\Program Files (x86)\RACE\FI_Tool\Setup.exe - ok
00:22:30.0025 3500 [ E8DAA0B7989B7D4DC11541A0C8919D20 ] C:\Program Files (x86)\RocketDock\Tools\Debug.exe
00:22:30.0025 3500 C:\Program Files (x86)\RocketDock\Tools\Debug.exe - ok
00:22:30.0025 3500 [ B82AAA726515572389B145BCF725D214 ] C:\Program Files (x86)\RocketDock\Tools\LanguageID Finder.exe
00:22:30.0025 3500 C:\Program Files (x86)\RocketDock\Tools\LanguageID Finder.exe - ok
00:22:30.0025 3500 [ 14D31B9CC7BD7AE2FDFFC7EE4D6DCD08 ] C:\Program Files (x86)\Safari\Apple Application Support\APSDaemon.exe
00:22:30.0025 3500 C:\Program Files (x86)\Safari\Apple Application Support\APSDaemon.exe - ok
00:22:30.0025 3500 [ 571760DC88110587EA050645C01EC300 ] C:\Program Files (x86)\Safari\Apple Application Support\defaults.exe
00:22:30.0025 3500 C:\Program Files (x86)\Safari\Apple Application Support\defaults.exe - ok
00:22:30.0041 3500 [ BB3A22F3EED85A12CFB2DD60D9F9B52F ] C:\Program Files (x86)\Safari\Apple Application Support\distnoted.exe
00:22:30.0041 3500 C:\Program Files (x86)\Safari\Apple Application Support\distnoted.exe - ok
00:22:30.0041 3500 [ D14F15DC003A9E5D9DA9100E5C117C6E ] C:\Program Files (x86)\Safari\Apple Application Support\plutil.exe
00:22:30.0041 3500 C:\Program Files (x86)\Safari\Apple Application Support\plutil.exe - ok
00:22:30.0041 3500 [ 2D322383B45CF3726675FC887A657160 ] C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
00:22:30.0041 3500 C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe - ok
00:22:30.0041 3500 [ 03B74E75DB028587B97F605791679CE9 ] C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
00:22:30.0041 3500 C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe - ok
00:22:30.0057 3500 [ 74D8FD426969F4651E6828A2BFE08132 ] C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
00:22:30.0057 3500 C:\Program Files (x86)\VideoLAN\VLC\vlc.exe - ok
00:22:30.0057 3500 [ D28CF84A1CD2E6D9BF91C50C589EE437 ] C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
00:22:30.0057 3500 C:\Program Files (x86)\Windows Live\Companion\companionuser.exe - ok
00:22:30.0057 3500 [ A28574E9659180AF96C8178FC1D722D8 ] C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
00:22:30.0057 3500 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe - ok
00:22:30.0057 3500 [ 39BFD86634004B7C0D3FD81D2CBB8F92 ] C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
00:22:30.0057 3500 C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe - ok
00:22:30.0072 3500 [ 568C250FF9A2F64CF957C5788790A97E ] C:\Program Files (x86)\Nero\Nero 11\Nero ControlCenter\NCC.exe
00:22:30.0072 3500 C:\Program Files (x86)\Nero\Nero 11\Nero ControlCenter\NCC.exe - ok
00:22:30.0072 3500 [ 85B079C3BF638513CCC65561A8C61568 ] C:\Program Files (x86)\Nero\Nero 11\Nero ControlCenter\NCChelper.exe
00:22:30.0072 3500 C:\Program Files (x86)\Nero\Nero 11\Nero ControlCenter\NCChelper.exe - ok
00:22:30.0072 3500 [ 152CE096B5D4AF52863E0F32B5762C46 ] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Required\AdobeQTServer.exe
00:22:30.0072 3500 C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Required\AdobeQTServer.exe - ok
00:22:30.0072 3500 [ 72B49E87CC763354F72C28B3A820FBFD ] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Required\Droplet Template.exe
00:22:30.0072 3500 C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Required\Droplet Template.exe - ok
00:22:30.0088 3500 [ 4039D8744917FB86B8B5BBA6D4DECAEC ] C:\Program Files\Common Files\Apple\Internet Services\AppleOutlookDAVConfig64.exe
00:22:30.0088 3500 C:\Program Files\Common Files\Apple\Internet Services\AppleOutlookDAVConfig64.exe - ok
00:22:30.0088 3500 [ 9CDBE9DD470F422D9598B3DAA5F12CA7 ] C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE
00:22:30.0088 3500 C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE - ok
00:22:30.0088 3500 [ B5730345EEC7D1374462CA119EA14030 ] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
00:22:30.0088 3500 C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE - ok
00:22:30.0088 3500 [ F03CD3C73A4D56421C60E6F2A40A9EF2 ] C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe
00:22:30.0088 3500 C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe - ok
00:22:30.0088 3500 [ 84FF6C209447A056E22A29806BFA2C96 ] C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe
00:22:30.0088 3500 C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe - ok
00:22:30.0103 3500 [ 9C391396C5AD78114ACCD0A02AD93B0A ] C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe
00:22:30.0103 3500 C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe - ok
00:22:30.0103 3500 [ C7DE4414D5F6F9373F913CB86262D512 ] C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
00:22:30.0103 3500 C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe - ok
00:22:30.0103 3500 [ 9FCA314E02437C35C4A8571EAE8B3421 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
00:22:30.0103 3500 C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
00:22:30.0103 3500 [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
00:22:30.0103 3500 C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
00:22:30.0119 3500 [ 2DC0C4DE960A20BC2840D72E7B98A144 ] C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
00:22:30.0119 3500 C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe - ok
00:22:30.0119 3500 [ 7D7677D3E17614F69B27B9EB9A8EFE5E ] C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
00:22:30.0119 3500 C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe - ok
00:22:30.0119 3500 [ FCECAE9C1BB750167E5E10E767F0D618 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE
00:22:30.0119 3500 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE - ok
00:22:30.0119 3500 [ B83BE5A0D09A0C978BA7CAA8294CF493 ] C:\Program Files\O2\Utilities\O2 Static IP Tool\StaticIPtool.exe
00:22:30.0119 3500 C:\Program Files\O2\Utilities\O2 Static IP Tool\StaticIPtool.exe - ok
00:22:30.0135 3500 [ 72B49E87CC763354F72C28B3A820FBFD ] C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Required\Droplet Template.exe
00:22:30.0135 3500 C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Required\Droplet Template.exe - ok
00:22:30.0135 3500 [ 0561B0B6442F596548C1FE9CB885DF83 ] C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe
00:22:30.0135 3500 C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe - ok
00:22:30.0135 3500 [ 959916B1FD6E00DE3DA9D21BC002B12A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\defaults.exe
00:22:30.0135 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\defaults.exe - ok
00:22:30.0135 3500 [ 162300B276417BB4D3B7E841A12FD900 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\plutil.exe
00:22:30.0135 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\plutil.exe - ok
00:22:30.0150 3500 [ 4D31C9E3DD6F5B75399C097EE4F439B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
00:22:30.0150 3500 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe - ok
00:22:30.0150 3500 [ 59BF4C18D8C939F0B171C2382D9FE39E ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleOutlookDAVConfig.exe
00:22:30.0150 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleOutlookDAVConfig.exe - ok
00:22:30.0150 3500 [ 9D23E61698E33BC4BA1E5B87F3A51410 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
00:22:30.0150 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe - ok
00:22:30.0150 3500 [ A8F49B6C14C6874176BC8697E19AD38F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
00:22:30.0150 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe - ok
00:22:30.0166 3500 [ 70E3F0F595B9E3D55D125B1A9D0BD73D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
00:22:30.0166 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe - ok
00:22:30.0166 3500 [ AE4D4954A370233E672331E46008F36A ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe
00:22:30.0166 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe - ok
00:22:30.0166 3500 [ 490AFE9936155466526202C56BD9605E ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
00:22:30.0166 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe - ok
00:22:30.0166 3500 [ B32184BCBEA2D9E4EF1F695F28BC8ABA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\MobileDocuments.exe
00:22:30.0166 3500 C:\Program Files (x86)\Common Files\Apple\Internet Services\MobileDocuments.exe - ok
00:22:30.0181 3500 [ BBDA0063D9A400A56004DD939F8E8F5F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
00:22:30.0181 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe - ok
00:22:30.0181 3500 [ 00E4CE45FD1C5DE4122221D44289F4AC ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
00:22:30.0181 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe - ok
00:22:30.0181 3500 [ BE8A3F3E3D2F5EC026541CC90218D5FE ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileSync.exe
00:22:30.0181 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileSync.exe - ok
00:22:30.0181 3500 [ 883CA484DA676156571E603792BADBDC ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncMapiInterfaceHelper_x64.exe
00:22:30.0181 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncMapiInterfaceHelper_x64.exe - ok
00:22:30.0197 3500 [ 3166AA52E66A47957B1A1E2CFD940B60 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.exe
00:22:30.0197 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.exe - ok
00:22:30.0197 3500 [ A6EF6B22BA7ED63138CF382E03A40572 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
00:22:30.0197 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe - ok
00:22:30.0197 3500 [ 7C74E9250CC6EEDE9FB7D9EDC49A60AE ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.DotMacSync.client.exe
00:22:30.0197 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.DotMacSync.client.exe - ok
00:22:30.0197 3500 [ 519CF8130CBCE3B3624788D09CA0BC5D ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.exe
00:22:30.0197 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.exe - ok
00:22:30.0213 3500 [ 74BF72B3AF4E17B8100A2C9A8DDACDAD ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe
00:22:30.0213 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe - ok
00:22:30.0213 3500 [ 50E5AFF4F116EA5ED9E3D8C8B8C0FD8F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe
00:22:30.0213 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe - ok
00:22:30.0213 3500 [ 6861C45B83B299D23495B4B9940B5788 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.exe
00:22:30.0213 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.exe - ok
00:22:30.0213 3500 [ 725A9DF66E482B69B27FD9600EEEECBC ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.exe
00:22:30.0213 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.exe - ok
00:22:30.0228 3500 [ 188C39E8758021D57909F9152FC6405B ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.google.ContactSync.client.exe
00:22:30.0228 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.google.ContactSync.client.exe - ok
00:22:30.0228 3500 [ B00038D80ACB611B6E04F9F5A54DC7E5 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.exe
00:22:30.0228 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.exe - ok
00:22:30.0228 3500 [ 7EA66CD80946BF3C255E85D15EF3F984 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe
00:22:30.0228 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe - ok
00:22:30.0228 3500 [ A4B793845AA7F2AB9FDFD4C4F3D07EAA ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\Mingler.exe
00:22:30.0228 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\Mingler.exe - ok
00:22:30.0244 3500 [ 1FF92BC45F4B80151EC6AF730AD6DB40 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeOutlookAddInTool.exe
00:22:30.0244 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeOutlookAddInTool.exe - ok
00:22:30.0244 3500 [ 055A2EFBE9A33F13984388B544682780 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exe
00:22:30.0244 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exe - ok
00:22:30.0244 3500 [ 26EDA611CE7202F72A441DC2BB3879AC ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncDiagnostics.exe
00:22:30.0244 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncDiagnostics.exe - ok
00:22:30.0244 3500 [ FAE71DE418801C235E9913D417DD8E68 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\syncli.exe
00:22:30.0244 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\syncli.exe - ok
00:22:30.0259 3500 [ 38788CC2605A06ACE57A07F07971D999 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncPlanObserver.exe
00:22:30.0259 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncPlanObserver.exe - ok
00:22:30.0259 3500 [ 164474C8CCEC7281F0FA0274309F1249 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
00:22:30.0259 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe - ok
00:22:30.0259 3500 [ 552D341D5A3DF2AD6A34F104A3B11D67 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncUIHandler.exe
00:22:30.0259 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncUIHandler.exe - ok
00:22:30.0259 3500 [ E4CF8A8A2F5EB37A2AD81AD18695D1FA ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\upgradedb.exe
00:22:30.0259 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\upgradedb.exe - ok
00:22:30.0275 3500 [ 6B856F36BF39C0789826FBD0B9EBD527 ] C:\Program Files (x86)\Common Files\Java\Java Update\jaucheck.exe
00:22:30.0275 3500 C:\Program Files (x86)\Common Files\Java\Java Update\jaucheck.exe - ok
00:22:30.0275 3500 [ 37195C4ADED891DD880193A8A9B33628 ] C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe
00:22:30.0275 3500 C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe - ok
00:22:30.0275 3500 [ 5DFE72B9F1FF669070FC032090B7B982 ] C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
00:22:30.0275 3500 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe - ok
00:22:30.0275 3500 [ 165A7E878F7D6C7FBF4B0869D5224FAB ] C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE
00:22:30.0275 3500 C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE - ok
00:22:30.0291 3500 [ FF8E3E68F2FCC5F515EC1F3D0A546903 ] C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE
00:22:30.0291 3500 C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE - ok
00:22:30.0291 3500 [ A87236E214F6D42A65F5DEDAC816AEC8 ] C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE
00:22:30.0291 3500 C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE - ok
00:22:30.0291 3500 [ 98EE585737E8EFA903A26E71ADFB1FA0 ] C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe
00:22:30.0291 3500 C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe - ok
00:22:30.0291 3500 [ D6FFCEC898117390DA7F008B9463C65F ] C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe
00:22:30.0291 3500 C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe - ok
00:22:30.0306 3500 [ 2DC64A3446C8C6E020E781456B46573D ] C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
00:22:30.0306 3500 C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe - ok
00:22:30.0306 3500 [ A3D9528E228DDD9A404E5EF4295AE35F ] C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe
00:22:30.0306 3500 C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe - ok
00:22:30.0306 3500 [ 371E896D818784934BD1456296B99CBE ] C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\OINFOP12.EXE
00:22:30.0306 3500 C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\OINFOP12.EXE - ok
00:22:30.0306 3500 [ 15345961CCA6A61EE3786F0CE3D88CD1 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ACECNFLT.EXE
00:22:30.0306 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ACECNFLT.EXE - ok
00:22:30.0322 3500 [ C46CE3C24EFC2F2BF7DD3044AA35C864 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSE7.EXE
00:22:30.0322 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSE7.EXE - ok
00:22:30.0322 3500 [ 13BD3153788CD2B2507707CF4CFFFAD3 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOICONS.EXE
00:22:30.0322 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOICONS.EXE - ok
00:22:30.0322 3500 [ D62AF8D56065619E3189563099185C45 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE
00:22:30.0322 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE - ok
00:22:30.0322 3500 [ 785F487A64950F3CB8E9F16253BA3B7B ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE
00:22:30.0322 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE - ok
00:22:30.0337 3500 [ 9E7C3FA7B1A462A09D4153CED41FEB61 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE
00:22:30.0337 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE - ok
00:22:30.0337 3500 [ F73920A7A3C9A915294C1E739CE29441 ] C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe
00:22:30.0337 3500 C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe - ok
00:22:30.0337 3500 [ 5A432A042DAE460ABE7199B758E8606C ] C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
00:22:30.0337 3500 C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE - ok
00:22:30.0337 3500 [ 17DA828A5DAC16B32A8D2BD84CCEE3F5 ] C:\Program Files (x86)\Java\jre6\bin\java-rmi.exe
00:22:30.0337 3500 C:\Program Files (x86)\Java\jre6\bin\java-rmi.exe - ok
00:22:30.0353 3500 [ AAFFDD6F750C1FDF5308572D02962E52 ] C:\Program Files (x86)\Java\jre6\bin\java.exe
00:22:30.0353 3500 C:\Program Files (x86)\Java\jre6\bin\java.exe - ok
00:22:30.0353 3500 [ DED3A46587F677DFB18C51B0BF6B292F ] C:\Program Files (x86)\Java\jre6\bin\javacpl.exe
00:22:30.0353 3500 C:\Program Files (x86)\Java\jre6\bin\javacpl.exe - ok
00:22:30.0353 3500 [ 647203A4393BA299C1F006EE485ECAD5 ] C:\Program Files (x86)\Java\jre6\bin\javaw.exe
00:22:30.0353 3500 C:\Program Files (x86)\Java\jre6\bin\javaw.exe - ok
00:22:30.0353 3500 [ 3DDE8AD1955FAFBDD54ACF1B795A4022 ] C:\Program Files (x86)\Java\jre6\bin\javaws.exe
00:22:30.0353 3500 C:\Program Files (x86)\Java\jre6\bin\javaws.exe - ok
00:22:30.0353 3500 [ 09D15E730931CA006EFB5ABCD0E11004 ] C:\Program Files (x86)\Java\jre6\bin\jbroker.exe
00:22:30.0353 3500 C:\Program Files (x86)\Java\jre6\bin\jbroker.exe - ok
00:22:30.0369 3500 [ 81F28AE4151D7D9A2B18759974C29722 ] C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe
00:22:30.0369 3500 C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe - ok
00:22:30.0369 3500 [ DE5D05FD449798EF88CC34AD4B1E7F85 ] C:\Program Files (x86)\Java\jre6\bin\jqs.exe
00:22:30.0369 3500 C:\Program Files (x86)\Java\jre6\bin\jqs.exe - ok
00:22:30.0369 3500 [ D026796118592E2BCB9C71D635F21F0F ] C:\Program Files (x86)\Java\jre6\bin\jqsnotify.exe
00:22:30.0369 3500 C:\Program Files (x86)\Java\jre6\bin\jqsnotify.exe - ok
00:22:30.0369 3500 [ B160E2AC1A0EE17EC41456A160D032C4 ] C:\Program Files (x86)\Java\jre6\bin\keytool.exe
00:22:30.0369 3500 C:\Program Files (x86)\Java\jre6\bin\keytool.exe - ok
00:22:30.0384 3500 [ 38636B9C2252D57137C0AEF4D71F7657 ] C:\Program Files (x86)\Java\jre6\bin\kinit.exe
00:22:30.0384 3500 C:\Program Files (x86)\Java\jre6\bin\kinit.exe - ok
00:22:30.0384 3500 [ E1A6B56124DC857BA5E308DE3037722E ] C:\Program Files (x86)\Java\jre6\bin\klist.exe
00:22:30.0384 3500 C:\Program Files (x86)\Java\jre6\bin\klist.exe - ok
00:22:30.0384 3500 [ 8D1281EDCF1A013948749ED1770457FC ] C:\Program Files (x86)\Java\jre6\bin\ktab.exe
00:22:30.0384 3500 C:\Program Files (x86)\Java\jre6\bin\ktab.exe - ok
00:22:30.0384 3500 [ 6B8CED171FB1A1C23DA91393236143F7 ] C:\Program Files (x86)\Java\jre6\bin\orbd.exe
00:22:30.0384 3500 C:\Program Files (x86)\Java\jre6\bin\orbd.exe - ok
00:22:30.0384 3500 [ C8BB1F434383929E5605644D3AF74A74 ] C:\Program Files (x86)\Java\jre6\bin\pack200.exe
00:22:30.0384 3500 C:\Program Files (x86)\Java\jre6\bin\pack200.exe - ok
00:22:30.0400 3500 [ B85379B463AE74D3292C3D2B48E72AEC ] C:\Program Files (x86)\Java\jre6\bin\policytool.exe
00:22:30.0400 3500 C:\Program Files (x86)\Java\jre6\bin\policytool.exe - ok
00:22:30.0400 3500 [ F3F741BA76921A41610018E053902C4A ] C:\Program Files (x86)\Java\jre6\bin\rmid.exe
00:22:30.0400 3500 C:\Program Files (x86)\Java\jre6\bin\rmid.exe - ok
00:22:30.0400 3500 [ 7856363399715E9A13A3EAADEA9FEF25 ] C:\Program Files (x86)\Java\jre6\bin\rmiregistry.exe
00:22:30.0400 3500 C:\Program Files (x86)\Java\jre6\bin\rmiregistry.exe - ok
00:22:30.0400 3500 [ 1CB292CD590EA345FEA7E7FF7E7B1DA0 ] C:\Program Files (x86)\Java\jre6\bin\servertool.exe
00:22:30.0400 3500 C:\Program Files (x86)\Java\jre6\bin\servertool.exe - ok
00:22:30.0415 3500 [ FDCC5DF96C5E2B3724DFC075A8E7A814 ] C:\Program Files (x86)\Java\jre6\bin\ssvagent.exe
00:22:30.0415 3500 C:\Program Files (x86)\Java\jre6\bin\ssvagent.exe - ok
00:22:30.0415 3500 [ CFA12579909EC1582D83AC20674F785D ] C:\Program Files (x86)\Java\jre6\bin\tnameserv.exe
00:22:30.0415 3500 C:\Program Files (x86)\Java\jre6\bin\tnameserv.exe - ok
00:22:30.0415 3500 [ 2915335CCC0AA8448E9150BCF4412585 ] C:\Program Files (x86)\Java\jre6\bin\unpack200.exe
00:22:30.0415 3500 C:\Program Files (x86)\Java\jre6\bin\unpack200.exe - ok
00:22:30.0415 3500 [ 60CAE1FA4888ED41B41AEE91C774E4A2 ] C:\Windows\System32\taskeng.exe
00:22:30.0415 3500 C:\Windows\System32\taskeng.exe - ok
00:22:30.0431 3500 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
00:22:30.0431 3500 C:\Windows\System32\TSChannel.dll - ok
00:22:30.0431 3500 [ 0D51765A14B45EB5C9FD8158E64A14FB ] C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
00:22:30.0431 3500 C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe - ok
00:22:30.0431 3500 [ 4D11BF25F8C42C1D2C2F7DCBBACE3873 ] C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
00:22:30.0431 3500 C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe - ok
00:22:30.0431 3500 [ E62F8C879F6CE332B8ADCE134065BC88 ] C:\Program Files (x86)\Java\jre7\bin\java.exe
00:22:30.0431 3500 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
00:22:30.0447 3500 [ FC34650CC8721ED09E334CE47E677E9C ] C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
00:22:30.0447 3500 C:\Program Files (x86)\Java\jre7\bin\javacpl.exe - ok
00:22:30.0447 3500 [ 5BD255C0051A41738FCB67F3A0C68DCA ] C:\Program Files (x86)\Java\jre7\bin\javaw.exe
00:22:30.0447 3500 C:\Program Files (x86)\Java\jre7\bin\javaw.exe - ok
00:22:30.0447 3500 [ BABCB7BF8C7210A666546A8B34F7BC54 ] C:\Program Files (x86)\Java\jre7\bin\javaws.exe
00:22:30.0447 3500 C:\Program Files (x86)\Java\jre7\bin\javaws.exe - ok
00:22:30.0447 3500 [ E54D965A9AC21CFCB2F8024285A6A725 ] C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
00:22:30.0447 3500 C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe - ok
00:22:30.0447 3500 [ A12175F063302CD68F8FC6D572D7E5FD ] C:\Program Files (x86)\Java\jre7\bin\jqs.exe
00:22:30.0447 3500 C:\Program Files (x86)\Java\jre7\bin\jqs.exe - ok
00:22:30.0462 3500 [ 85C401432ED258B173E7C451BDCF5172 ] C:\Program Files (x86)\Java\jre7\bin\keytool.exe
00:22:30.0462 3500 C:\Program Files (x86)\Java\jre7\bin\keytool.exe - ok
00:22:30.0462 3500 [ 2862F19BA68D4FFD2E6964F417B881B5 ] C:\Program Files (x86)\Java\jre7\bin\kinit.exe
00:22:30.0462 3500 C:\Program Files (x86)\Java\jre7\bin\kinit.exe - ok
00:22:30.0462 3500 [ 2744278DB1C6171A4827A6C89C65E733 ] C:\Program Files (x86)\Java\jre7\bin\klist.exe
00:22:30.0462 3500 C:\Program Files (x86)\Java\jre7\bin\klist.exe - ok
00:22:30.0462 3500 [ D118BE48CB0FD7B0CED7269D7C76A13B ] C:\Program Files (x86)\Java\jre7\bin\ktab.exe
00:22:30.0462 3500 C:\Program Files (x86)\Java\jre7\bin\ktab.exe - ok
00:22:30.0478 3500 [ 08CE583546E725B450186D2932F2A0CF ] C:\Program Files (x86)\Java\jre7\bin\orbd.exe
00:22:30.0478 3500 C:\Program Files (x86)\Java\jre7\bin\orbd.exe - ok
00:22:30.0478 3500 [ 03B3824252F80DEE89DF3B610B7796F7 ] C:\Program Files (x86)\Java\jre7\bin\pack200.exe
00:22:30.0478 3500 C:\Program Files (x86)\Java\jre7\bin\pack200.exe - ok
00:22:30.0478 3500 [ D418994FAB5C304C5434688C430B2A72 ] C:\Program Files (x86)\Java\jre7\bin\policytool.exe
00:22:30.0478 3500 C:\Program Files (x86)\Java\jre7\bin\policytool.exe - ok
00:22:30.0478 3500 [ 8E3D946A449B3570F807A851FEC6C494 ] C:\Program Files (x86)\Java\jre7\bin\rmid.exe
00:22:30.0478 3500 C:\Program Files (x86)\Java\jre7\bin\rmid.exe - ok
00:22:30.0493 3500 [ 76697A7A731C152F1CEFE9DD73D154AB ] C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
00:22:30.0493 3500 C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe - ok
00:22:30.0493 3500 [ 560FBBFB22922AC20E7895B3029D8411 ] C:\Program Files (x86)\Java\jre7\bin\servertool.exe
00:22:30.0493 3500 C:\Program Files (x86)\Java\jre7\bin\servertool.exe - ok
00:22:30.0493 3500 [ 6A2DA23E5123C83C69EA987D847F354A ] C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
00:22:30.0493 3500 C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe - ok
00:22:30.0493 3500 [ 1F085C2E6E9280A33B122A0A93E09376 ] C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
00:22:30.0493 3500 C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe - ok
00:22:30.0493 3500 [ 8580BBB2C3DDE04C548C370D3DC4E5B6 ] C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
00:22:30.0493 3500 C:\Program Files (x86)\Java\jre7\bin\unpack200.exe - ok
00:22:30.0509 3500 [ 1D2D5AE6E9FBA20135DB38C025C36398 ] C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\gdsmux.exe
00:22:30.0509 3500 C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\gdsmux.exe - ok
00:22:30.0509 3500 [ AADAA7F305C03FD13E29DBD65FBF2130 ] C:\Program Files (x86)\K-Lite Codec Pack\Real\Update_OB\upgrdhlp.exe
00:22:30.0509 3500 C:\Program Files (x86)\K-Lite Codec Pack\Real\Update_OB\upgrdhlp.exe - ok
00:22:30.0509 3500 [ 2D7C1F659699D6DA65E1F9B70B84C2C4 ] C:\Program Files (x86)\K-Lite Codec Pack\Tools\gspot\gspot.exe
00:22:30.0509 3500 C:\Program Files (x86)\K-Lite Codec Pack\Tools\gspot\gspot.exe - ok
00:22:30.0509 3500 [ 72398E351C9093D53D54B3186FE66E93 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\ONELEV.EXE
00:22:30.0509 3500 C:\Program Files (x86)\Microsoft Office\Office12\1033\ONELEV.EXE - ok
00:22:30.0525 3500 [ EC704D0D0B44C4CCF00278A167ADFFB8 ] C:\Program Files (x86)\O2\agent\bin\bcont.exe
00:22:30.0525 3500 C:\Program Files (x86)\O2\agent\bin\bcont.exe - ok
00:22:30.0525 3500 [ 4203D23CE3437C118A1217BC4CC94CAB ] C:\Program Files (x86)\O2\agent\bin\bcont_nm.exe
00:22:30.0525 3500 C:\Program Files (x86)\O2\agent\bin\bcont_nm.exe - ok
00:22:30.0525 3500 [ 4FE7D81DD04847D0D742E4AAC5E45170 ] C:\Program Files (x86)\O2_Installer\SmartAccess\bin\wificfg.exe
00:22:30.0525 3500 C:\Program Files (x86)\O2_Installer\SmartAccess\bin\wificfg.exe - ok
00:22:30.0525 3500 [ 25AF77100FCDCFB759151CF9535ADD42 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe
00:22:30.0525 3500 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe - ok
00:22:30.0540 3500 [ D138519D63EBDA79B90FF2872783D91F ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe
00:22:30.0540 3500 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe - ok
00:22:30.0540 3500 [ C28D390F80B69BFEE2F0C8BD4434ED6F ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
00:22:30.0540 3500 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe - ok
00:22:30.0540 3500 [ 381D45DB6961581D21923BAD3322BD8C ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE
00:22:30.0540 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE - ok
00:22:30.0540 3500 [ DDDE8A72CCECAC1B61F57B04363CE4D8 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE
00:22:30.0540 3500 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE - ok
00:22:30.0556 3500 [ F5443547CAAC20AA334A88817579270F ] C:\Program Files (x86)\Common Files\Windows Live\.cache\207d7f6a1cb70ed1b\DXSETUP.exe
00:22:30.0556 3500 C:\Program Files (x86)\Common Files\Windows Live\.cache\207d7f6a1cb70ed1b\DXSETUP.exe - ok
00:22:30.0556 3500 [ DC5AFC9E6DBB2C866F7AFABCFB1A8E39 ] C:\Program Files (x86)\Common Files\Windows Live\.cache\aca9e6b51ccc19d01\bingbarsetup.exe
00:22:30.0556 3500 C:\Program Files (x86)\Common Files\Windows Live\.cache\aca9e6b51ccc19d01\bingbarsetup.exe - ok
00:22:30.0556 3500 [ DDCE338BB173B32024679D61FB4F2BA6 ] C:\Program Files (x86)\Common Files\Windows Live\.cache\cc12c0521cd1c1603\DXSETUP.exe
00:22:30.0556 3500 C:\Program Files (x86)\Common Files\Windows Live\.cache\cc12c0521cd1c1603\DXSETUP.exe - ok
00:22:30.0556 3500 [ A0EE8879A17B1D4B00B37D294AF106D0 ] C:\Program Files (x86)\Common Files\Windows Live\.cache\cc95ac011cd1c1604\MeshBetaRemover.exe
00:22:30.0556 3500 C:\Program Files (x86)\Common Files\Windows Live\.cache\cc95ac011cd1c1604\MeshBetaRemover.exe - ok
00:22:30.0571 3500 [ 3F442906B29B552F1C9FEC1E221D90B7 ] C:\Program Files (x86)\O2_Installer\sscommon\software\dpinst\dpinst.exe
00:22:30.0571 3500 C:\Program Files (x86)\O2_Installer\sscommon\software\dpinst\dpinst.exe - ok
00:22:30.0571 3500 [ 0F4441358CFAA282922FBCF90717E8BA ] C:\Program Files\Common Files\Adobe\Linguistics\5.0\ImportUserDictTool\ImportUserDict.exe
00:22:30.0571 3500 C:\Program Files\Common Files\Adobe\Linguistics\5.0\ImportUserDictTool\ImportUserDict.exe - ok
00:22:30.0571 3500 [ 515C964A6132739E4098C4D3D7E18916 ] C:\Program Files (x86)\Common Files\Adobe\Linguistics\5.0\ImportUserDictTool\ImportUserDict.exe
00:22:30.0571 3500 C:\Program Files (x86)\Common Files\Adobe\Linguistics\5.0\ImportUserDictTool\ImportUserDict.exe - ok
00:22:30.0571 3500 [ 1A7C4597FAEB3D37D7EDACCF35ECE99E ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
00:22:30.0571 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe - ok
00:22:30.0587 3500 [ 7799B56B627F4775BC644C75845698A4 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Setup.exe
00:22:30.0587 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Setup.exe - ok
00:22:30.0587 3500 [ FC2849975B77454ABE700D55AD5E7E7D ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\TokenGenerator64.exe
00:22:30.0587 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\TokenGenerator64.exe - ok
00:22:30.0587 3500 [ BF1FBAC92711DA084ADF1ECE7462F20A ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\AAM Registration Notifier.exe
00:22:30.0587 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\AAM Registration Notifier.exe - ok
00:22:30.0587 3500 [ C8F5157A0360B1B86C9E2A311CABD786 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\adobe_licutil.exe
00:22:30.0587 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\adobe_licutil.exe - ok
00:22:30.0603 3500 [ DE93885641D5C4F7EA7563A08137B218 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
00:22:30.0603 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe - ok
00:22:30.0603 3500 [ D131ACA2C91919531ED2459140D50FAF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAMLauncher.exe
00:22:30.0603 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAMLauncher.exe - ok
00:22:30.0603 3500 [ B616140028BD9B4893968BED66A827AE ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\Adobe Application Manager (Updater).exe
00:22:30.0603 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\Adobe Application Manager (Updater).exe - ok
00:22:30.0603 3500 [ E022FF68EE3EF9002C44B21152D8F9C6 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\LogTransport2.exe
00:22:30.0603 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\LogTransport2.exe - ok
00:22:30.0618 3500 [ F7F200BE2D16CE2A0269856FC1A53090 ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
00:22:30.0618 3500 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe - ok
00:22:30.0618 3500 [ AE16F04463DAC39ABB970ECEA3CEE73A ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
00:22:30.0618 3500 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe - ok
00:22:30.0618 3500 [ DA8E72ECF9A2865717EC534FD95AF5E4 ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
00:22:30.0618 3500 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe - ok
00:22:30.0618 3500 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] C:\Windows\System32\qmgr.dll
00:22:30.0618 3500 C:\Windows\System32\qmgr.dll - ok
00:22:30.0634 3500 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
00:22:30.0634 3500 C:\Windows\System32\bitsigd.dll - ok
00:22:30.0634 3500 [ 4E75477E8BFA55C6F1F2688FB553F0C5 ] C:\Windows\System32\bitsperf.dll
00:22:30.0634 3500 C:\Windows\System32\bitsperf.dll - ok
00:22:30.0634 3500 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:22:30.0634 3500 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
00:22:30.0634 3500 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
00:22:30.0634 3500 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
00:22:30.0634 3500 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\SysWOW64\mscoree.dll
00:22:30.0634 3500 C:\Windows\SysWOW64\mscoree.dll - ok
00:22:30.0649 3500 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:22:30.0649 3500 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
00:22:30.0649 3500 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
00:22:30.0649 3500 C:\Windows\System32\msvcr100_clr0400.dll - ok
00:22:30.0649 3500 [ 72AB6633E9B39EC7FEBEDF083A9061E5 ] C:\Windows\System32\mscoree.dll
00:22:30.0649 3500 C:\Windows\System32\mscoree.dll - ok
00:22:30.0649 3500 [ BC00505CFDA789ED3BE95D2FF38C4875 ] C:\Windows\System32\FntCache.dll
00:22:30.0649 3500 C:\Windows\System32\FntCache.dll - ok
00:22:30.0665 3500 [ B5CFFC5AA0A876D606E0BB8714BC32D4 ] C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe
00:22:30.0665 3500 C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe - ok
00:22:30.0665 3500 [ 38340204A2D0228F1E87740FC5E554A7 ] C:\Windows\System32\wuaueng.dll
00:22:30.0665 3500 C:\Windows\System32\wuaueng.dll - ok
00:22:30.0665 3500 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
00:22:30.0665 3500 C:\Windows\System32\mspatcha.dll - ok
00:22:30.0665 3500 [ 99198D6590345DA0077F4C4EA4B35724 ] C:\Windows\System32\wups.dll
00:22:30.0665 3500 C:\Windows\System32\wups.dll - ok
00:22:30.0665 3500 [ D3F21B4715A656563D5FC58E72F655B4 ] C:\Windows\System32\wups2.dll
00:22:30.0665 3500 C:\Windows\System32\wups2.dll - ok
00:22:30.0681 3500 [ 22A904DACC4F3902E1D5D2CB8C56A354 ] C:\Program Files (x86)\O2_Installer\sscommon\common\modem\thomson\st780\Recovery Tool 62R1 (DU).exe
00:22:30.0681 3500 C:\Program Files (x86)\O2_Installer\sscommon\common\modem\thomson\st780\Recovery Tool 62R1 (DU).exe - ok
00:22:30.0681 3500 [ 6D4F368731EB53E433D6D93778C6F521 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\Adobe_Helperx32.exe
00:22:30.0681 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\Adobe_Helperx32.exe - ok
00:22:30.0681 3500 [ 96C1F3E3B7E8AC261AAF4B580181ACF0 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\Adobe_Helperx64.exe
00:22:30.0681 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\Adobe_Helperx64.exe - ok
00:22:30.0681 3500 [ 0A93D00EDB0CD487540B9A0D9036C286 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\CustomHook_Helperx64.exe
00:22:30.0681 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\CustomHook_Helperx64.exe - ok
00:22:30.0696 3500 [ 8C05B529BB592D68BFA3C0BF218914BB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\TokenResolverx64.exe
00:22:30.0696 3500 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\TokenResolverx64.exe - ok
00:22:30.0696 3500 [ 13A6762CDB166FE274CF0E4E59FA5BB6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.resources\Formatter.bundle\Contents\Windows\Formatter.exe
00:22:30.0696 3500 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.resources\Formatter.bundle\Contents\Windows\Formatter.exe - ok
00:22:30.0696 3500 [ 51ADC5DE31075E2E3804725C78A9987B ] C:\Program Files (x86)\Common Files\Windows Live\.cache\2fc212ec1cb70ed2f\OEM\Packages\default\SearchEnhancementPackSetup.EXE
00:22:30.0696 3500 C:\Program Files (x86)\Common Files\Windows Live\.cache\2fc212ec1cb70ed2f\OEM\Packages\default\SearchEnhancementPackSetup.EXE - ok
00:22:30.0696 3500 [ 51ADC5DE31075E2E3804725C78A9987B ] C:\Program Files (x86)\Common Files\Windows Live\.cache\37bef48f1cba2411d\OEM\Packages\default\SearchEnhancementPackSetup.EXE
00:22:30.0696 3500 C:\Program Files (x86)\Common Files\Windows Live\.cache\37bef48f1cba2411d\OEM\Packages\default\SearchEnhancementPackSetup.EXE - ok
00:22:30.0712 3500 [ B83BE5A0D09A0C978BA7CAA8294CF493 ] C:\Program Files (x86)\O2_Installer\sscommon\common\modem\thomson\st780\O2 Static IP Tool\StaticIPtool.exe
00:22:30.0712 3500 C:\Program Files (x86)\O2_Installer\sscommon\common\modem\thomson\st780\O2 Static IP Tool\StaticIPtool.exe - ok
00:22:30.0712 3500 ============================================================
00:22:30.0712 3500 Scan finished
00:22:30.0712 3500 ============================================================
00:22:30.0712 3156 Detected object count: 2
00:22:30.0712 3156 Actual detected object count: 2
00:23:06.0046 3156 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
00:23:06.0046 3156 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:23:06.0046 3156 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
00:23:06.0046 3156 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:23:49.0430 2736 Deinitialize success

On reboot this screen also appeared, i've done nothing with it
Posted Image

Listparts Scan ( I did not check the List BCD box)
ListParts by Farbar Version: 16-10-2012
Ran by Stevie (administrator) on 19-10-2012 at 00:26:27
Windows 7 (X64)
Running From: C:\Users\Stevie\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 33%
Total physical RAM: 3326.18 MB
Available physical RAM: 2206.29 MB
Total Pagefile: 6650.5 MB
Available Pagefile: 5486.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:60.55 GB) (Free:6.36 GB) NTFS
2 Drive d: () (Fixed) (Total:237.39 GB) (Free:140.11 GB) NTFS
7 Drive j: () (Removable) (Total:1.9 GB) (Free:1.03 GB) FAT

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 54 MB
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 Online 1951 MB 0 B
Disk 4 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 55 MB
Partition 2 Primary 60 GB 155 MB
Partition 3 Primary 237 GB 60 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 60 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 D NTFS Partition 237 GB Healthy

======================================================================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1950 MB 187 KB

======================================================================================================

Disk: 3
Partition 1
Type : 06
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 J FAT Removable 1950 MB Healthy

======================================================================================================

****** End Of Log ******

& this screen also appeared at the end of this scan
Posted Image

Edited by 750steve, 18 October 2012 - 05:45 PM.

#5
emeraldnzl

Posted 18 October 2012 - 05:45 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Please download Farbar Service Scanner and run.

Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center
Windows Update

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]

#6
750steve

Posted 18 October 2012 - 05:54 PM

Member

Topic Starter
Member
174 posts

Farbar Service Scanner Version: 07-10-2012
Ran by Stevie (administrator) on 19-10-2012 at 00:53:35
Running from "C:\Users\Stevie\Desktop"
Microsoft® Windows 7 Eternity™ 2009 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 01:09] - [2009-07-14 02:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 00:36] - [2009-07-14 02:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-14 01:36] - [2009-07-14 02:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

#7
emeraldnzl

Posted 18 October 2012 - 06:02 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Double click on ComboFix.exe & follow the prompts.
Your desktop may go blank. This is normal.
ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

#8
750steve

Posted 18 October 2012 - 06:29 PM

Member

Topic Starter
Member
174 posts

I'm posting this from my phone as combo fix rebooted but not started up again, it's at the same stage I needed to press the F12 button & boot from the hard drive. Should I do that now?

Incidentally, I disabled my Avast! Permanently but combo fix said it was still active for some reason?!

#9
emeraldnzl

Posted 18 October 2012 - 06:36 PM

GeekU Instructor

GeekU Moderator
20,051 posts

I needed to press the F12 button & boot from the hard drive. Should I do that now?

Yes, I did wonder whether you might have a problem with booting. On balance though we needed to see if we could get a possible infection before moving to some other solutions. Try the F12 one, if you have difficulty come back and tell me.

Incidentally, I disabled my Avast! Permanently but combo fix said it was still active for some reason?!

Yes, nowadays AVs work so deep in the system that parts never turn off. Shouldn't have caused a problem for ComboFix though.

#10
750steve

Posted 18 October 2012 - 06:37 PM

Member

Topic Starter
Member
174 posts

Ok ,i used F12 & booted from the hard drive

Results of Combofix;

ComboFix 12-10-18.03 - Stevie 19/10/2012 1:14.1.2 - x64
Microsoft® Windows 7 Eternity™ 2009 6.1.7600.0.1252.44.1033.18.3326.2182 [GMT 1:00]
Running from: c:\users\Stevie\Desktop\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: avast! Internet Security *Enabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}
SP: avast! Internet Security *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\AcRemoteUpdate.exe
c:\program files (x86)\AutocompletePro\AutocompletePro.dll
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\[email protected]\chrome.manifest
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\options.js
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\[email protected]\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\[email protected]\install.rdf
c:\program files (x86)\AutocompletePro\TaskScheduler.dll
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\users\Stevie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
c:\users\Stevie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
c:\users\Stevie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix\System Fix.lnk
c:\users\Stevie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix\Uninstall System Fix.lnk
c:\windows\SysWow64\msstdfmt.dll
c:\windows\SysWow64\rockers.reg
.
.
((((((((((((((((((((((((( Files Created from 2012-09-19 to 2012-10-19 )))))))))))))))))))))))))))))))
.
.
2012-10-19 00:20 . 2012-10-19 00:20 -------- d-----w- c:\users\Marissa\AppData\Local\temp
2012-10-19 00:20 . 2012-10-19 00:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 11:16 . 2012-10-07 11:16 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-07 11:15 . 2012-10-07 11:15 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-24 15:23 . 2012-09-24 15:23 -------- d-----w- c:\users\Marissa\AppData\Local\Google
2012-09-24 15:22 . 2012-09-28 14:44 -------- d-----w- c:\users\Marissa\Funmoods
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 11:30 . 2012-04-17 00:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 11:30 . 2012-04-17 00:32 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-07 11:15 . 2012-01-27 23:00 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-07 16:04 . 2012-05-14 23:22 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-21 09:13 . 2011-12-05 20:57 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-12-05 20:56 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2011-12-05 20:56 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-25 23:10 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-12-05 20:56 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-12-05 20:57 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-12-05 20:56 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-12-05 20:56 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-12-05 20:56 285328 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-03 20:51 . 2011-07-03 20:51 3085984 ----a-w- c:\program files (x86)\install_flash_player.exe
2010-12-17 19:55 . 2010-12-17 19:55 7622112 ----a-w- c:\program files\mbam-setup.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2010-05-30 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2010-05-30 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Welcome Center"="c:\windows\system32\OobeFldr.dll" [2009-09-14 859648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-29 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files (x86)\O2\bin\sprtsvc.exe [2007-06-07 202280]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 340992]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 11:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2012-03-08 884584]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://start.funmoods.com/?f=1&a=wbst&chnl=&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDzytBtAyB0E0FtDyCtC0CtN0D0Tzu0CtByCzztN1L2XzutBtFtCtFtDtFtAtDtC&cr=941833473
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: northernbank.co.uk
Trusted Zone: o2.co.uk\*.broadband
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\
FF - prefs.js: browser.search.selectedEngine - Arccosine
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
SafeBoot-16645827.sys
AddRemove-AutocompletePro2_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
.
**************************************************************************
.
Completion time: 2012-10-19 01:35:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-19 00:35
.
Pre-Run: 6,394,548,224 bytes free
Post-Run: 6,539,489,280 bytes free
.
- - End Of File - - 15FF7A5F5950897D0E4D6DF01D21E3AB

#11
750steve

Posted 18 October 2012 - 06:50 PM

Member

Topic Starter
Member
174 posts

Now this window popped up?????

Posted Image

#12
emeraldnzl

Posted 18 October 2012 - 06:58 PM

GeekU Instructor

GeekU Moderator
20,051 posts

advrcntr6.dll has to do with Nero I think. May need to reinstall Nero at some point.

For now

Please run the following scan for me.

Open OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
```
/md5start
user32.dll
/md5stop
```
Click the None button at the top.
Click the Run Scan button.

Post the log it produces in your next reply.

Next

Download Windows Repair (all in one) from this site

Install the program then run

Posted Image

Go to step 3 and allow it to run SFC
Posted Image

On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image

When you come back please post
OTL txt
tell me if there has been a change since running Windows Repair

#13
750steve

Posted 18 October 2012 - 07:13 PM

Member

Topic Starter
Member
174 posts

OTL Log

I'll run windowfix now......

OTL logfile created on: 19/10/2012 02:08:21 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stevie\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.69% Memory free
6.49 Gb Paging File | 5.29 Gb Available in Paging File | 81.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.55 Gb Total Space | 6.65 Gb Free Space | 10.98% Space Free | Partition Type: NTFS
Drive D: | 237.39 Gb Total Space | 140.11 Gb Free Space | 59.02% Space Free | Partition Type: NTFS
Drive J: | 1.90 Gb Total Space | 1.03 Gb Free Space | 53.94% Space Free | Partition Type: FAT

Computer Name: STEVIE-PC | User Name: Stevie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 00:52:36 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/09 12:30:20 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/10/01 02:08:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
PRC - [2012/08/21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2010/07/29 01:40:56 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2007/06/07 17:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\O2\bin\sprtsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/14 00:52:35 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/09 12:30:20 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV:64bit: - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/18 03:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 00:52:35 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/09 12:30:20 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2010/09/24 17:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/07 17:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\O2\bin\sprtsvc.exe -- (sprtsvc_O2)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 10:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 10:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 10:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 10:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 10:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 10:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011/07/13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2009/08/18 04:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/12/26 03:46:26 | 000,340,992 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wg111v2.sys -- (RTL8187)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmood...tC&cr=941833473
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...tC&cr=941833473
IE - HKLM\..\SearchScopes\{596CB429-7AA9-30B4-A2C5-66DE26D70A3C}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000184d625dca
IE - HKCU\..\SearchScopes\{271486CB-3C99-40D1-8755-EB7A2444F5F1}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Arccosine"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.6
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.8

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Stevie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AutocompletePro\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/26 00:25:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/14 00:52:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/14 00:52:32 | 000,000,000 | ---D | M]

[2010/01/24 14:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Extensions
[2012/05/02 08:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions
[2011/03/25 00:14:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions\[email protected]
[2012/05/01 02:14:52 | 000,019,920 | ---- | M] () (No name found) -- C:\Users\Stevie\AppData\Roaming\Mozilla\Firefox\Profiles\ddhh1c2n.default\extensions\[email protected]
[2012/10/14 00:52:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/14 00:52:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/14 00:52:36 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/25 20:35:20 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/01/02 22:19:26 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml
[2012/08/29 07:50:19 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/25 20:35:20 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/04/25 20:35:20 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 00:52:35 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/25 20:35:20 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/10/19 01:31:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: northernbank.co.uk ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites)
O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E9FFF8-EDEF-432B-A88D-1990AA5CDE16}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{270139D7-B3D5-4664-83DA-E1A566FE4B41}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/19 01:35:53 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/10/19 01:31:39 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{163949C1-741D-4519-B543-B580BAF71794}
[2012/10/19 01:31:09 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/10/19 01:18:54 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{A4F2922F-CA38-4389-A0E9-87501E321B81}
[2012/10/19 01:12:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/19 01:12:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/19 01:12:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/19 01:11:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/19 01:10:53 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/19 01:09:13 | 004,984,103 | R--- | C] (Swearware) -- C:\Users\Stevie\Desktop\ComboFix.exe
[2012/10/19 00:53:01 | 000,694,287 | ---- | C] (Farbar) -- C:\Users\Stevie\Desktop\FSS.exe
[2012/10/19 00:26:09 | 000,815,665 | ---- | C] (Farbar) -- C:\Users\Stevie\Desktop\ListParts64.exe
[2012/10/19 00:14:53 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Stevie\Desktop\tdsskiller.exe
[2012/10/16 01:17:34 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{B135C4C4-5092-4C00-8871-21C70A59D701}
[2012/10/15 01:16:59 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{3B6DD81F-EA80-4D6B-AB1F-C5C9D4C6AF5F}
[2012/10/14 16:51:14 | 000,000,000 | ---D | C] -- C:\Users\Stevie\Desktop\Ebay Zephyr
[2012/10/14 00:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/07 13:13:54 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{46DD2F9D-2245-4D4B-AE71-36345FDFD28E}
[2012/10/07 12:16:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/10/07 12:15:36 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/10/07 12:15:28 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/10/07 12:15:28 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/10/07 12:15:28 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/10/01 13:11:25 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{6AE9FAD6-97EA-4D82-81F1-B5791B099044}
[2012/10/01 02:08:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
[2012/10/01 01:11:00 | 000,000,000 | ---D | C] -- C:\Users\Stevie\AppData\Local\{55D1E0CF-0BB2-4F68-9A75-00366273A4C0}
[2012/09/21 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\Stevie\Desktop\GPz Turbo Engine Rebuild
[2011/07/03 21:51:15 | 003,085,984 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe
[2010/12/17 20:55:23 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe

========== Files - Modified Within 30 Days ==========

[2012/10/19 01:48:40 | 000,239,094 | ---- | M] () -- C:\Users\Stevie\Desktop\untitled.bmp
[2012/10/19 01:36:11 | 001,689,734 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/19 01:36:11 | 000,669,530 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/19 01:36:11 | 000,005,332 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/19 01:31:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/19 01:31:03 | 000,000,632 | RHS- | M] () -- C:\Users\Stevie\ntuser.pol
[2012/10/19 01:30:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/19 01:30:32 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/19 01:09:32 | 004,984,103 | R--- | M] (Swearware) -- C:\Users\Stevie\Desktop\ComboFix.exe
[2012/10/19 00:53:00 | 000,694,287 | ---- | M] (Farbar) -- C:\Users\Stevie\Desktop\FSS.exe
[2012/10/19 00:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/19 00:29:47 | 000,009,894 | ---- | M] () -- C:\Users\Stevie\Desktop\ListParts.JPG
[2012/10/19 00:29:12 | 000,026,314 | ---- | M] () -- C:\Users\Stevie\Desktop\TDSkiller2.jpg
[2012/10/19 00:26:09 | 000,815,665 | ---- | M] (Farbar) -- C:\Users\Stevie\Desktop\ListParts64.exe
[2012/10/19 00:14:51 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Stevie\Desktop\tdsskiller.exe
[2012/10/15 22:32:33 | 000,109,452 | ---- | M] () -- C:\Users\Stevie\Desktop\photo 1.JPG
[2012/10/14 02:15:32 | 000,002,048 | ---- | M] () -- C:\Users\Stevie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/09 12:30:20 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/09 12:30:20 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/07 12:15:17 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/10/07 12:15:15 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/10/07 12:15:15 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/10/07 12:15:15 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/10/07 12:15:14 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/10/06 20:35:32 | 000,069,540 | ---- | M] () -- C:\Users\Stevie\Desktop\voucherJPG.JPG
[2012/10/05 21:01:00 | 000,090,046 | ---- | M] () -- C:\Users\Stevie\Desktop\Yokes.JPG
[2012/10/01 02:08:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stevie\Desktop\OTL.exe
[2012/10/01 01:46:23 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 01:46:23 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 01:11:47 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/30 22:24:00 | 000,144,444 | ---- | M] () -- C:\Users\Stevie\Desktop\head surface.JPG
[2012/09/24 00:10:16 | 000,120,836 | ---- | M] () -- C:\Users\Stevie\Desktop\PA1223752.jpg
[2012/09/24 00:10:05 | 000,130,076 | ---- | M] () -- C:\Users\Stevie\Desktop\PA1224198.jpg
[2012/09/24 00:09:51 | 000,197,922 | ---- | M] () -- C:\Users\Stevie\Desktop\wsb2012crescentgsxr7.jpg
[2012/09/24 00:09:39 | 000,190,551 | ---- | M] () -- C:\Users\Stevie\Desktop\634762398746245129R06_Sun_Sykes_GB44575.jpg
[2012/09/24 00:09:28 | 000,094,132 | ---- | M] () -- C:\Users\Stevie\Desktop\Checa---Saturday-3.jpg
[2012/09/24 00:09:16 | 000,141,845 | ---- | M] () -- C:\Users\Stevie\Desktop\R12_Sun_Sykes_GB45268.jpg
[2012/09/24 00:09:04 | 000,194,087 | ---- | M] () -- C:\Users\Stevie\Desktop\634833861294151991Jorge-Lorenzo-Misano.jpg
[2012/09/23 21:43:30 | 000,774,642 | ---- | M] () -- C:\Users\Stevie\Desktop\GPz Turbo Technical Training Manual.pdf

========== Files Created - No Company Name ==========

[2012/10/19 01:47:50 | 000,239,094 | ---- | C] () -- C:\Users\Stevie\Desktop\untitled.bmp
[2012/10/19 01:12:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/19 01:12:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/19 01:12:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/19 01:12:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/19 01:12:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/19 00:29:11 | 000,026,314 | ---- | C] () -- C:\Users\Stevie\Desktop\TDSkiller2.jpg
[2012/10/19 00:28:20 | 000,009,894 | ---- | C] () -- C:\Users\Stevie\Desktop\ListParts.JPG
[2012/10/15 22:23:00 | 000,109,452 | ---- | C] () -- C:\Users\Stevie\Desktop\photo 1.JPG
[2012/10/06 20:34:54 | 000,069,540 | ---- | C] () -- C:\Users\Stevie\Desktop\voucherJPG.JPG
[2012/10/05 21:01:00 | 000,090,046 | ---- | C] () -- C:\Users\Stevie\Desktop\Yokes.JPG
[2012/09/30 22:24:00 | 000,144,444 | ---- | C] () -- C:\Users\Stevie\Desktop\head surface.JPG
[2012/09/23 23:57:35 | 000,120,836 | ---- | C] () -- C:\Users\Stevie\Desktop\PA1223752.jpg
[2012/09/23 23:57:15 | 000,130,076 | ---- | C] () -- C:\Users\Stevie\Desktop\PA1224198.jpg
[2012/09/23 23:54:26 | 000,197,922 | ---- | C] () -- C:\Users\Stevie\Desktop\wsb2012crescentgsxr7.jpg
[2012/09/23 23:52:49 | 000,190,551 | ---- | C] () -- C:\Users\Stevie\Desktop\634762398746245129R06_Sun_Sykes_GB44575.jpg
[2012/09/23 23:52:09 | 000,094,132 | ---- | C] () -- C:\Users\Stevie\Desktop\Checa---Saturday-3.jpg
[2012/09/23 23:51:41 | 000,141,845 | ---- | C] () -- C:\Users\Stevie\Desktop\R12_Sun_Sykes_GB45268.jpg
[2012/09/23 23:50:34 | 000,194,087 | ---- | C] () -- C:\Users\Stevie\Desktop\634833861294151991Jorge-Lorenzo-Misano.jpg
[2012/09/23 21:44:19 | 000,774,642 | ---- | C] () -- C:\Users\Stevie\Desktop\GPz Turbo Technical Training Manual.pdf
[2011/09/29 20:00:49 | 000,001,456 | ---- | C] () -- C:\Users\Stevie\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/21 21:48:02 | 000,098,304 | -H-- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/01/27 03:38:50 | 000,000,085 | -H-- | C] () -- C:\Windows\FI_Tool.INI
[2010/01/31 17:08:02 | 000,000,632 | RHS- | C] () -- C:\Users\Stevie\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 15:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< MD5 for: USER32.DLL >
[2010/05/30 15:48:12 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=2C353B6CE0C8D03225CAA2AF33B68D79 -- C:\Windows\SysNative\user32.dll
[2009/07/14 02:41:56 | 001,008,640 | -H-- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2010/05/30 15:48:12 | 000,833,024 | -H-- | M] (Microsoft Corporation) MD5=861C4346F9281DC0380DE72C8D55D6BE -- C:\Windows\SysWOW64\user32.dll
[2009/07/14 02:11:24 | 000,833,024 | -H-- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

#14
emeraldnzl

Posted 18 October 2012 - 07:19 PM

GeekU Instructor

GeekU Moderator
20,051 posts

#15
750steve

Posted 18 October 2012 - 07:29 PM

Member

Topic Starter
Member
174 posts

The Windows repair seems to be stuck @ 98%......the drive is making an oddasional double click noise

It's 2.30AM here, should i leave this overnight?

*edit* 100% now, still making the noise & CMD window still open.........when d i restart or will Windows Repair do that?

Edited by 750steve, 18 October 2012 - 07:32 PM.