Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Randomly created hyperlinks leading to scam websites? [Solved]


  • This topic is locked This topic is locked

#1
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Member
  • PipPip
  • 12 posts
Since a couple of hours ago, every website I visit will have randomly hyperlinked words that lead to scam websites.

Most of the time they lead to a global visitor survey website.


Posted Image
(this one lead me to a Dutch scam website to fire your own boss or something weird like that)

I followed some of the steps in this thread, but the problem was not solved.
(even though I did remove some stuff while following the steps, but not the initial problem)

Kaspersky doesn't find anything and neither did Malwarebytes' trial version.

Does anybody have any idea? Thanks in advance!

OTL logfile created on: 12-12-2012 1:57:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chester\Desktop\Internet Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

8,00 Gb Total Physical Memory | 5,58 Gb Available Physical Memory | 69,77% Memory free
16,00 Gb Paging File | 13,47 Gb Available in Paging File | 84,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,94 Gb Total Space | 148,00 Gb Free Space | 16,18% Space Free | Partition Type: NTFS
Drive D: | 14,57 Gb Total Space | 2,75 Gb Free Space | 18,85% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 682,14 Gb Free Space | 73,23% Space Free | Partition Type: NTFS

Computer Name: CHESTER-PC | User Name: Chester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-12-12 01:55:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chester\Desktop\Internet Downloads\OTL.exe
PRC - [2012-12-12 01:52:41 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012-12-10 00:37:16 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012-12-05 01:05:18 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-11-08 16:58:24 | 016,070,136 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012-10-31 20:04:12 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-03-21 18:43:36 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-04-22 19:08:54 | 002,008,576 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2010-10-27 20:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\LastFM.exe
PRC - [2010-04-05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-07-23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009-03-30 15:56:06 | 000,282,624 | ---- | M] (OsdMaestro) -- C:\Program Files (x86)\Hewlett-Packard\KBD\OSD\OSD.exe
PRC - [2008-11-20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008-09-30 17:59:26 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012-12-12 01:52:40 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012-12-12 01:45:04 | 000,571,392 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\pysqlite2._sqlite.pyd
MOD - [2012-12-12 01:45:04 | 000,263,168 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32com.shell.shell.pyd
MOD - [2012-12-12 01:45:04 | 000,096,256 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32api.pyd
MOD - [2012-12-12 01:45:04 | 000,086,016 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\_elementtree.pyd
MOD - [2012-12-12 01:45:04 | 000,070,656 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._html2.pyd
MOD - [2012-12-12 01:45:04 | 000,040,448 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\_socket.pyd
MOD - [2012-12-12 01:45:04 | 000,023,040 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32ts.pyd
MOD - [2012-12-12 01:45:03 | 001,169,408 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._core_.pyd
MOD - [2012-12-12 01:45:03 | 001,024,024 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\windows._cacheinvalidation.pyd
MOD - [2012-12-12 01:45:03 | 000,807,424 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._windows_.pyd
MOD - [2012-12-12 01:45:03 | 000,792,576 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._gdi_.pyd
MOD - [2012-12-12 01:45:03 | 000,731,136 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._misc_.pyd
MOD - [2012-12-12 01:45:03 | 000,645,120 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\_ssl.pyd
MOD - [2012-12-12 01:45:03 | 000,354,304 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\pythoncom26.dll
MOD - [2012-12-12 01:45:03 | 000,311,808 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\_hashlib.pyd
MOD - [2012-12-12 01:45:03 | 000,121,856 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._wizard.pyd
MOD - [2012-12-12 01:45:03 | 000,110,592 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32security.pyd
MOD - [2012-12-12 01:45:03 | 000,110,592 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\pywintypes26.dll
MOD - [2012-12-12 01:45:03 | 000,073,728 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\_ctypes.pyd
MOD - [2012-12-12 01:45:03 | 000,036,352 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32process.pyd
MOD - [2012-12-12 01:45:03 | 000,022,528 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32pdh.pyd
MOD - [2012-12-12 01:45:03 | 000,017,920 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32profile.pyd
MOD - [2012-12-12 01:45:03 | 000,011,776 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32crypt.pyd
MOD - [2012-12-12 01:45:02 | 001,056,256 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\wx._controls_.pyd
MOD - [2012-12-12 01:45:02 | 000,585,728 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\unicodedata.pyd
MOD - [2012-12-12 01:45:02 | 000,153,088 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\pyexpat.pyd
MOD - [2012-12-12 01:45:02 | 000,111,104 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32file.pyd
MOD - [2012-12-12 01:45:02 | 000,039,424 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32inet.pyd
MOD - [2012-12-12 01:45:02 | 000,017,920 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\win32event.pyd
MOD - [2012-12-12 01:45:02 | 000,011,776 | ---- | M] () -- C:\Users\Chester\AppData\Local\Temp\_MEI38242\select.pyd
MOD - [2012-12-05 01:05:18 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011-09-27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-09-27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011-06-02 16:36:02 | 000,228,864 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_playcount\foo_playcount.dll
MOD - [2011-06-02 16:35:27 | 000,334,848 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_quicksearch\foo_quicksearch.dll
MOD - [2011-04-24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011-04-24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011-04-24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011-04-24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011-04-24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011-04-24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011-04-22 19:08:54 | 002,008,576 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
MOD - [2011-04-22 19:07:30 | 001,128,960 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2011-04-22 19:07:24 | 000,299,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2011-04-22 19:07:20 | 001,368,576 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2011-04-22 19:07:12 | 000,282,112 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2011-04-22 19:07:08 | 000,479,744 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2011-04-22 19:06:46 | 000,171,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
MOD - [2011-04-22 19:06:44 | 000,238,592 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
MOD - [2011-04-22 19:06:14 | 000,148,480 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2011-04-20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2011-03-11 15:16:10 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2011-03-11 15:16:10 | 000,275,456 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2011-03-11 15:14:46 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
MOD - [2011-01-09 00:23:32 | 000,407,552 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_esplaylist\foo_uie_esplaylist.dll
MOD - [2010-10-27 20:23:04 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll
MOD - [2010-10-27 20:22:52 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_messengernotify.dll
MOD - [2010-10-27 20:22:42 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_skypenotify.dll
MOD - [2010-10-27 20:22:08 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_madtranscode.dll
MOD - [2010-10-27 20:22:00 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_httpinput.dll
MOD - [2010-10-27 20:19:28 | 000,372,736 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll
MOD - [2010-10-27 20:19:06 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Last.fm\breakpad.dll
MOD - [2010-10-27 20:18:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Last.fm\Moose1.dll
MOD - [2010-10-27 20:18:34 | 000,540,672 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmTools1.dll
MOD - [2010-10-27 20:13:52 | 001,382,507 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libfftw3f-3.dll
MOD - [2010-10-27 20:13:52 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\Last.fm\zlibwapi.dll
MOD - [2010-09-19 19:52:16 | 000,337,920 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_biography\foo_uie_biography.dll
MOD - [2010-08-06 12:30:34 | 000,679,936 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_wsh_panel_mod\foo_uie_wsh_panel_mod.dll
MOD - [2010-04-21 13:48:00 | 000,066,560 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2010-04-12 18:19:24 | 000,957,952 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_lyrics2\foo_uie_lyrics2.dll
MOD - [2010-03-20 23:43:12 | 001,595,392 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_ui_columns\foo_ui_columns.dll
MOD - [2010-02-24 09:00:14 | 000,278,528 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_quicksearch\foo_uie_quicksearch.dll
MOD - [2010-02-17 20:21:28 | 000,276,480 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_lastfm_radio\foo_lastfm_radio.dll
MOD - [2010-01-21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009-12-09 23:16:12 | 000,356,352 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_panel_splitter\foo_uie_panel_splitter.dll
MOD - [2008-04-16 16:42:30 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtNetwork4.dll
MOD - [2008-04-16 16:42:16 | 000,524,288 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtSql4.dll
MOD - [2008-04-16 16:42:02 | 006,701,056 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtGui4.dll
MOD - [2008-04-16 16:36:38 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtXml4.dll
MOD - [2008-04-16 16:36:34 | 001,654,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtCore4.dll
MOD - [2008-04-02 13:26:50 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll
MOD - [2008-04-02 13:26:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll
MOD - [2008-04-02 13:26:28 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-12-12 01:52:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-05 01:05:18 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-31 20:04:12 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-09-15 15:17:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-08-22 15:27:16 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-05 14:50:08 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012-03-21 18:43:36 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-04-05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-02-22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008-09-30 17:59:26 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-10-31 20:04:32 | 000,637,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-09-28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012-04-18 18:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-11-29 00:05:46 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011-09-21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-03-10 17:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011-03-04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011-03-04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011-02-16 16:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009-11-02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-13 15:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-07-01 11:27:30 | 000,542,464 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer888RC_64.sys -- (AVER_H193)
DRV:64bit: - [2009-07-01 11:26:44 | 000,039,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer888RCIR_64.sys -- (CXCIR)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-19 22:48:42 | 000,702,976 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2008-02-29 02:17:08 | 000,041,488 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2008-02-29 02:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012-03-20 07:49:34 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2011-11-12 23:03:00 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0309F9B9-0912-4971-9EF8-34414A5747D1}: "URL" = http://slirsredirect...hpcndtie7-nl-nl
IE:64bit: - HKLM\..\SearchScopes\{41A70601-F396-45E6-9361-CA1873A22688}: "URL" = http://nl.search.yah...p06&type=ie2008
IE:64bit: - HKLM\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.mocaflix.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0309F9B9-0912-4971-9EF8-34414A5747D1}: "URL" = http://slirsredirect...hpcndtie7-nl-nl
IE - HKLM\..\SearchScopes\{41A70601-F396-45E6-9361-CA1873A22688}: "URL" = http://nl.search.yah...p06&type=ie2008
IE - HKLM\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://global.myitla.../MyPegasus.aspx
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0309F9B9-0912-4971-9EF8-34414A5747D1}: "URL" = http://slirsredirect...hpcndtie7-nl-nl
IE - HKCU\..\SearchScopes\{41A70601-F396-45E6-9361-CA1873A22688}: "URL" = http://nl.search.yah...p06&type=ie2008
IE - HKCU\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: en-US%40dictionaries.addons.mozilla.org:6.0
FF - prefs.js..extensions.enabledAddons: giorgio%40gilestro.tk:1.0.4
FF - prefs.js..extensions.enabledAddons: nl-NL%40dictionaries.addons.mozilla.org:3.1.0
FF - prefs.js..extensions.enabledAddons: scriptish%40erikvold.com:0.1.8
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chester\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chester\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected] [2012-10-31 20:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected] [2012-10-31 20:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected] [2012-10-31 20:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-08 02:38:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-05 01:05:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-12-05 01:05:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-05 01:05:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-12-05 01:05:16 | 000,000,000 | ---D | M]

[2011-05-24 13:12:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\Extensions
[2012-11-23 20:12:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions
[2012-11-04 03:36:47 | 000,000,000 | ---D | M] (Download and Sa) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
[2012-05-19 23:19:55 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
[2012-03-21 02:40:08 | 000,000,000 | ---D | M] (Woordenboek Nederlands) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
[2012-09-13 15:01:51 | 000,082,490 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2012-10-10 18:36:28 | 000,401,328 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2012-07-27 18:38:02 | 000,013,951 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2012-10-04 14:16:00 | 000,235,457 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2011-05-27 23:38:28 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2011-05-24 13:59:30 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012-11-23 20:12:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-12-05 01:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-12-05 01:05:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-12-05 01:05:15 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak2
[2012-12-05 01:05:15 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2012-12-05 01:05:16 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak2
[2012-12-05 01:05:18 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-09-30 12:43:16 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-10-12 20:10:27 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: YouTube Flags = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeammepjjllhpcfnkohocddkmdejjebc\1.0_0\
CHR - Extension: imgur = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.1.3_0\
CHR - Extension: Google Calendar = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Download and Sa = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnciphacogbpkmkdgngiaokipoklbngl\7.1_0\
CHR - Extension: AdBlock = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.48_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: 4chan x = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihhokehpaghpcohlodffniandbhjngkd\2.36.0_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Google Maps = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Clickable Links = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp\1.1.6_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

Hosts file not found
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [OSD] C:\Program Files (x86)\Hewlett-Packard\KBD\OSD\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoThumbnail = 1
O8:64bit: - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://global.myitla...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DA0BE93-BE6C-4AB3-82E2-3E685078865E}: DhcpNameServer = 212.54.40.25 212.54.35.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-12-06 21:42:03 | 000,000,000 | ---D | C] -- C:\Users\Chester\AppData\Roaming\Malwarebytes
[2012-12-06 21:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-12-06 21:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-12-06 21:41:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-12-06 21:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-12-06 21:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012-12-05 01:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-30 20:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-30 20:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-30 20:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012-11-30 20:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-30 16:37:06 | 000,000,000 | ---D | C] -- C:\Users\Chester\Desktop\E_M04_YOCOMP_IRCD
[2012-11-30 08:30:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-11-23 22:08:18 | 000,000,000 | ---D | C] -- C:\Users\Chester\Desktop\Duinzigt
[2012-11-20 21:51:14 | 000,000,000 | ---D | C] -- C:\Users\Chester\AppData\Local\ESN
[2012-11-13 00:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
[2012-11-13 00:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rosetta Stone
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-12-12 01:52:42 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-12-12 01:51:03 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-12 01:51:03 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-12 01:42:30 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-12 01:42:30 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2012-12-12 01:42:27 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\OptimizerPro1UpdaterTask{33111346-BD1C-40C9-99C8-21AB9A141A37}.job
[2012-12-12 01:42:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-12 01:42:08 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-12 00:28:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-12 00:12:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3794437376-3695661613-713449860-1000UA.job
[2012-12-11 19:12:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3794437376-3695661613-713449860-1000Core.job
[2012-12-08 13:38:21 | 002,718,296 | ---- | M] () -- C:\Users\Chester\Desktop\IMR package.rar
[2012-12-07 22:43:35 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-12-07 22:43:35 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-07 22:43:24 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-12-06 21:38:59 | 000,000,798 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012-12-06 17:09:05 | 002,850,608 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1195.JPG
[2012-12-06 17:08:55 | 002,689,443 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1193.JPG
[2012-12-04 19:31:06 | 000,416,352 | ---- | M] () -- C:\Users\Chester\Desktop\barney google.jpg
[2012-12-04 00:59:35 | 001,549,498 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-04 00:59:35 | 000,701,548 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012-12-04 00:59:35 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-04 00:59:35 | 000,133,580 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012-12-04 00:59:35 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-02 19:03:30 | 000,909,582 | ---- | M] () -- C:\Users\Chester\Desktop\rosat.jpg
[2012-12-02 15:40:46 | 000,149,123 | ---- | M] () -- C:\Users\Chester\Desktop\asd.png
[2012-12-02 15:40:46 | 000,000,132 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012-12-02 15:35:43 | 000,035,732 | ---- | M] () -- C:\Users\Chester\Desktop\Untitled-1.png
[2012-12-02 00:38:08 | 000,304,085 | ---- | M] () -- C:\Users\Chester\Desktop\5y54y.jpg
[2012-11-30 20:44:31 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-30 16:36:57 | 000,040,810 | ---- | M] () -- C:\Users\Chester\Desktop\E_M04_YOCOMP_IRCD.zip
[2012-11-29 11:20:30 | 001,918,553 | ---- | M] () -- C:\Users\Chester\Desktop\D5 notes.JPG
[2012-11-28 16:55:38 | 001,781,798 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1151.JPG
[2012-11-26 22:46:15 | 000,739,719 | ---- | M] () -- C:\Users\Chester\Desktop\valley.jpg
[2012-11-26 17:55:13 | 000,945,204 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1085.JPG
[2012-11-26 00:33:54 | 000,346,174 | ---- | M] () -- C:\Users\Chester\Desktop\rosota.jpg
[2012-11-24 22:03:37 | 000,938,565 | ---- | M] () -- C:\Users\Chester\Desktop\map the hague.jpg
[2012-11-24 18:33:27 | 000,130,165 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1068.PNG
[2012-11-23 22:54:40 | 000,122,013 | ---- | M] () -- C:\Users\Chester\Desktop\52.jpg
[2012-11-23 22:32:08 | 000,712,958 | ---- | M] () -- C:\Users\Chester\Desktop\32.jpg
[2012-11-23 00:23:08 | 000,008,392 | ---- | M] () -- C:\Users\Chester\Desktop\ibm.png
[2012-11-21 20:13:24 | 001,283,310 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1041.JPG
[2012-11-21 20:13:14 | 001,296,175 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1042.JPG
[2012-11-19 23:22:25 | 000,024,993 | ---- | M] () -- C:\Users\Chester\Desktop\running back.jpg
[2012-11-18 17:32:43 | 000,067,077 | ---- | M] () -- C:\Users\Chester\Desktop\42t5.png
[2012-11-16 18:12:44 | 000,537,063 | ---- | M] () -- C:\Users\Chester\Desktop\ro.jpg
[2012-11-15 21:42:08 | 038,248,631 | ---- | M] () -- C:\Users\Chester\Desktop\ecommerce.wmv
[2012-11-15 20:50:58 | 000,885,294 | ---- | M] () -- C:\Users\Chester\Desktop\E-Commerce strategy.wmv
[2012-11-15 07:04:13 | 004,998,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-11-14 22:25:00 | 004,014,727 | ---- | M] () -- C:\Users\Chester\Desktop\1352928097133.gif
[2012-11-14 14:15:54 | 002,640,907 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_0964.JPG
[2012-11-14 13:19:28 | 025,832,800 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_0962.MOV
[2012-11-13 21:27:26 | 000,500,701 | ---- | M] () -- C:\Users\Chester\Desktop\seskual.gif
[2012-11-13 21:27:26 | 000,001,456 | ---- | M] () -- C:\Users\Chester\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012-11-13 21:23:42 | 000,875,170 | ---- | M] () -- C:\Users\Chester\Desktop\vnuchka.gif
[2012-11-13 12:50:56 | 002,791,568 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_0943.JPG
[2012-11-12 23:01:20 | 000,174,027 | ---- | M] () -- C:\Users\Chester\Desktop\3uwee.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-12-08 13:31:21 | 002,718,296 | ---- | C] () -- C:\Users\Chester\Desktop\IMR package.rar
[2012-12-08 13:30:14 | 001,918,553 | ---- | C] () -- C:\Users\Chester\Desktop\D5 notes.JPG
[2012-12-06 21:38:59 | 000,000,798 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012-12-06 17:13:32 | 002,850,608 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1195.JPG
[2012-12-06 17:13:32 | 002,689,443 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1193.JPG
[2012-12-04 19:31:05 | 000,416,352 | ---- | C] () -- C:\Users\Chester\Desktop\barney google.jpg
[2012-12-02 19:01:12 | 000,909,582 | ---- | C] () -- C:\Users\Chester\Desktop\rosat.jpg
[2012-12-02 16:03:02 | 001,781,798 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1151.JPG
[2012-12-02 15:40:46 | 000,149,123 | ---- | C] () -- C:\Users\Chester\Desktop\asd.png
[2012-12-02 15:33:24 | 000,035,732 | ---- | C] () -- C:\Users\Chester\Desktop\Untitled-1.png
[2012-12-02 00:38:07 | 000,304,085 | ---- | C] () -- C:\Users\Chester\Desktop\5y54y.jpg
[2012-11-30 20:44:31 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-30 16:36:56 | 000,040,810 | ---- | C] () -- C:\Users\Chester\Desktop\E_M04_YOCOMP_IRCD.zip
[2012-11-26 22:46:14 | 000,739,719 | ---- | C] () -- C:\Users\Chester\Desktop\valley.jpg
[2012-11-26 17:54:32 | 000,945,204 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1085.JPG
[2012-11-26 00:33:52 | 000,346,174 | ---- | C] () -- C:\Users\Chester\Desktop\rosota.jpg
[2012-11-24 22:03:35 | 000,938,565 | ---- | C] () -- C:\Users\Chester\Desktop\map the hague.jpg
[2012-11-24 18:34:45 | 000,130,165 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1068.PNG
[2012-11-23 22:54:39 | 000,122,013 | ---- | C] () -- C:\Users\Chester\Desktop\52.jpg
[2012-11-23 00:23:08 | 000,008,392 | ---- | C] () -- C:\Users\Chester\Desktop\ibm.png
[2012-11-21 20:10:53 | 001,283,310 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1041.JPG
[2012-11-21 20:10:49 | 001,296,175 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1042.JPG
[2012-11-19 23:22:25 | 000,024,993 | ---- | C] () -- C:\Users\Chester\Desktop\running back.jpg
[2012-11-18 17:32:30 | 000,067,077 | ---- | C] () -- C:\Users\Chester\Desktop\42t5.png
[2012-11-16 18:12:43 | 000,537,063 | ---- | C] () -- C:\Users\Chester\Desktop\ro.jpg
[2012-11-15 21:04:41 | 038,248,631 | ---- | C] () -- C:\Users\Chester\Desktop\ecommerce.wmv
[2012-11-15 20:37:04 | 000,885,294 | ---- | C] () -- C:\Users\Chester\Desktop\E-Commerce strategy.wmv
[2012-11-15 03:09:15 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-15 03:02:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-11-14 22:25:00 | 004,014,727 | ---- | C] () -- C:\Users\Chester\Desktop\1352928097133.gif
[2012-11-14 15:47:06 | 002,640,907 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_0964.JPG
[2012-11-14 15:47:04 | 025,832,800 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_0962.MOV
[2012-11-13 21:27:25 | 000,500,701 | ---- | C] () -- C:\Users\Chester\Desktop\seskual.gif
[2012-11-13 21:23:41 | 000,875,170 | ---- | C] () -- C:\Users\Chester\Desktop\vnuchka.gif
[2012-11-13 21:07:18 | 002,791,568 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_0943.JPG
[2012-11-12 23:01:20 | 000,174,027 | ---- | C] () -- C:\Users\Chester\Desktop\3uwee.jpg
[2012-03-11 20:29:30 | 000,017,408 | ---- | C] () -- C:\Users\Chester\AppData\Local\WebpageIcons.db
[2012-03-03 16:24:32 | 000,007,609 | ---- | C] () -- C:\Users\Chester\AppData\Local\Resmon.ResmonCfg
[2011-12-15 05:39:42 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011-12-05 00:53:38 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-12-05 00:53:37 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-11-29 00:42:22 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-09-19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011-08-20 21:46:31 | 000,000,294 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\net.telestream.ustreamproducer.prefs.xml
[2011-06-10 14:33:40 | 000,000,760 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\setup_ldm.iss
[2011-05-31 19:17:55 | 000,001,456 | ---- | C] () -- C:\Users\Chester\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011-05-31 18:38:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-05-26 14:38:24 | 000,000,132 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-05-24 16:54:00 | 000,000,041 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\TheHunterSettings_live.cfg
[2011-05-24 15:18:02 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-05-24 15:18:02 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-05-24 15:18:01 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-05-24 15:18:01 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-05-24 15:18:01 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-05-24 12:59:48 | 000,000,019 | ---- | C] () -- C:\Users\Chester\AppData\Local\Run.ini

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-09-24 23:00:27 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\AnvSoft
[2011-05-26 10:46:41 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\BSplayer
[2011-05-26 10:54:17 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\BSplayer Pro
[2011-06-21 15:29:29 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Canon
[2011-06-11 12:40:05 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011-06-10 18:40:46 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2012-11-13 00:49:38 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\DAEMON Tools Lite
[2012-09-23 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Dropbox
[2011-07-01 21:16:00 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\EAC
[2011-07-14 20:55:09 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\fltk.org
[2012-12-12 01:53:48 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\foobar2000
[2011-06-10 14:33:47 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Leadertech
[2011-06-27 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\MiniLyrics
[2012-12-02 22:04:39 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Origin
[2011-12-24 02:37:18 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Publish Providers
[2012-10-31 19:53:03 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\SmartDraw
[2012-02-20 17:12:53 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Sony
[2011-05-26 14:27:55 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-09-11 22:00:52 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\StreamTorrent
[2012-01-09 07:53:47 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\SystemRequirementsLab
[2012-12-08 13:38:24 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\TeraCopy
[2012-11-10 22:03:01 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\TS3Client
[2012-12-12 02:08:31 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\uTorrent
[2011-08-20 21:46:32 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Vara Software
[2011-08-20 21:46:31 | 000,000,000 | ---D | M] -- C:\Users\Chester\AppData\Roaming\Wirecast

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 12-12-2012 1:57:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chester\Desktop\Internet Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

8,00 Gb Total Physical Memory | 5,58 Gb Available Physical Memory | 69,77% Memory free
16,00 Gb Paging File | 13,47 Gb Available in Paging File | 84,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,94 Gb Total Space | 148,00 Gb Free Space | 16,18% Space Free | Partition Type: NTFS
Drive D: | 14,57 Gb Total Space | 2,75 Gb Free Space | 18,85% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 682,14 Gb Free Space | 73,23% Space Free | Partition Type: NTFS

Computer Name: CHESTER-PC | User Name: Chester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1AA8BA67-924C-4B46-8167-B1EDED4A0679}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{1B0AD185-E9C7-427D-9D66-B34F36153C63}" = rport=139 | protocol=6 | dir=out | app=system |
"{1FEA9CA8-77EC-459C-B327-1D31862DD6B2}" = rport=137 | protocol=17 | dir=out | app=system |
"{1FEDC714-5210-4C7F-954D-24C56DCC050B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2654D51F-A7B4-4FB1-9F25-4506F001E983}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44DDD9DF-0E69-429E-8A9A-23464852EB99}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4CA8B269-7A87-474E-B5C7-610E1F88E136}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D7EDC4C-A1E7-45AC-80C2-6BEB9D7A2EA9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4D7F5817-FC91-4BB9-87B9-B1D44103C7D9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54DD4964-70C4-447A-92A0-18206FF624DF}" = lport=139 | protocol=6 | dir=in | app=system |
"{6DBF55F9-E1E6-4113-9CDF-D0C829B8957E}" = lport=138 | protocol=17 | dir=in | app=system |
"{7132E445-B0D8-4358-9BDA-FDAC50075ED7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{773B8FD1-6751-4289-8C31-6FC82A750891}" = lport=445 | protocol=6 | dir=in | app=system |
"{7C65A498-22F5-465C-A954-118079ABD23C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{947CD309-D92B-41DC-B4AA-E32BD2CED10C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99DEEEBB-7AA4-4D11-B8ED-8C084BE73C28}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9A88759F-7F1E-4A75-A72F-133D04FA6B7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABDC3D0B-A4A4-447C-941D-E28990090508}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{B57F87C4-5348-4472-8C08-DE17084FBF80}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B6566068-2D42-468E-90DD-072A4954DA99}" = rport=445 | protocol=6 | dir=out | app=system |
"{CCEEAF89-9B9F-4200-8A01-E825F9673781}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDD2AE66-6255-40F1-B51B-F0B01134F7D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EB1D8D79-4A7D-4A7C-AECF-2B705833FBE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F256CCC5-3196-4136-BCED-E188FD1FF8A9}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A6D02C-46BC-4682-B51E-C15A6154F42F}" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"{0FB06B90-570C-46B7-966D-40424B08102E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{193A448D-28D3-4745-864B-247DAE82FBFD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{19E69C4E-579D-4481-8D8C-75176C95FEB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{1B53A04E-E79C-4EE9-A106-4B51ABF0C700}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{21F5A326-53FA-4C64-BCAB-0E6DD6AF11C0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2F70CA1C-2839-474C-932F-625173899897}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{36221391-D44F-4CA3-B0BA-9D537C88EF3E}" = protocol=6 | dir=in | app=c:\users\chester\appdata\roaming\dropbox\bin\dropbox.exe |
"{378D9A0F-8FDD-4B89-A0DD-CE5F462A033B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{3C80DB45-985F-4C2D-BCA8-644408818411}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{44BDA244-25FC-4EC1-8C76-84B171339AB1}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 2 complete collection\bf2.exe |
"{45105244-BF5E-483D-94C6-6DC6211DF6DA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{493BCD92-FE93-42C4-A183-B2F595515AD3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4C2706A2-2C77-44F9-9574-3313C903D8C4}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity 4 deluxe edition\apps\simcity 4.exe |
"{4CEEE7ED-4026-4FE7-A52D-4AE5E5058121}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4D8DA1BE-CF78-44BA-9184-106434683334}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{524B7E01-1B92-4DBB-9EEF-4DEE2C46E633}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52927A66-3D76-4156-A295-FC958AAEC7A6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{55E24D4F-DC89-4809-A436-94F1A0216D4A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5663AFA0-120B-416E-BE05-614B5735E828}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{5CDE2AEF-B25A-48DE-801B-EAE05CB1E8E4}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{5FD699FA-DAD1-4B7C-9FC5-403E5A2B3DD5}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity 4 deluxe edition\apps\simcity 4.exe |
"{5FFC11F1-99FB-47BF-8996-D5CF9AFBEC15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{65B6BFC0-4BA7-4343-AC7B-C81A2F128F34}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{66041DDA-4129-47B1-92D6-15230C820EAF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{699CBFAD-42BE-4BB8-A15B-A71C2000E9B4}" = protocol=58 | dir=out | [email protected],-28546 |
"{69EFE4F8-33BE-41E5-B075-C98F7DC4CD97}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6ABE9314-19C5-4FED-AB6C-AC806324A00C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{6D0E726D-E479-4406-BA5C-171845242AFB}" = protocol=6 | dir=out | app=system |
"{7048AE08-2360-4BE6-82C6-09C79776D6E7}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{722DD0D4-0FF2-441A-939D-88984C66CA68}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{7278C329-3EA6-433B-BA06-035B7A15FD38}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{735E31CE-F6E4-4C56-BF5F-EBA83FAA127A}" = protocol=58 | dir=in | [email protected],-28545 |
"{7BD06C2D-50DE-49F9-96F0-9F5C841797E0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{80F8A1F2-28A2-4AF2-B5E5-1944F02C1F5E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 2 complete collection\bf2.exe |
"{8CF0AB14-9D08-4484-95B7-D4E1F352EB25}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D0C47DF-F8B0-4144-86C0-DED75E74F174}" = protocol=17 | dir=in | app=c:\users\chester\appdata\roaming\dropbox\bin\dropbox.exe |
"{A22C64CC-EDC2-411A-BC2B-AAA2124945ED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A4496CB1-F04E-477C-8A7E-8A9BBE3D06C7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{A4A89F4B-2955-4036-BF0D-06B2CDEC13E5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{A9F1E4F3-0FFA-4A9E-8E28-B9AE0D399B23}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B37C14CE-BA34-407A-9A01-FA9C5DBB9110}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B54847E8-FDCA-461C-903C-3E447A721692}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B85D91F1-1FF5-4392-A751-FCF6452007CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B861AC09-9D73-4850-B266-8EBDF6B1C44B}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{B90A6FCF-41BD-4735-8279-7318C2352735}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BB895C5A-CA99-4A28-86C5-0899DF889B19}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD07BE88-343E-4D54-B7AC-BCB159BEAC17}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{BFA6A7AD-259A-4049-AE86-6C494FCAF161}" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"{CA0598F2-B0C3-4A57-A36F-B66904E006F7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0ED888F-E7EB-4016-9806-B20AE868A83F}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{DCD40733-21D6-4B04-8677-E6E780D7413A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DE0016A3-3B25-45E6-AA0C-1D0A447AFB0C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E03F4CDD-8176-4BC6-BCEE-1C371CB617DB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E1AC5AC7-D7E0-4C84-A5DB-51D6F23EA770}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F298D440-F646-484E-97D8-3E9479E71AD8}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{F37E1AE8-D2C3-4536-980D-9DE842E2A775}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{F4E6AF48-5E7D-4F85-BFC4-2BC6D7541E67}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5ADCC26-EEC2-42CE-82D1-ADB7BDA87145}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F791FB66-D3F8-4970-ADCD-25E3D5D74A9D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{F970B443-0FFF-4E12-8073-13CEB3438F75}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F9BC44E8-02B9-41AE-9EF9-CA93ADEF0F16}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{FCD9FE26-8B76-4FD4-9386-8793C3D88F25}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FCEB0C22-621F-402A-9C70-7C375F9EC2B0}" = protocol=1 | dir=in | [email protected],-28543 |
"{FE62CFB0-464D-42B5-A1B0-920E2AC47BFC}" = protocol=1 | dir=out | [email protected],-28544 |
"TCP Query User{A76B4492-1FA5-456C-97D7-2A872196CABC}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{FA3EDAEE-0D65-4000-AC15-4A552219F83A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{C388516E-31A7-4B59-9BAE-188700274BB4}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{FE041490-F813-450A-B781-CB45F743A203}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systeemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio-stuurprogramma 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"DriverAgent.exe" = DriverAgent by eSupport.com
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"OfficeTrial" = Evaluatieversie van Microsoft Office voor Thuisgebruik en Studenten 2007
"OptimizerPro1" = OptimizerPro1
"PC-Doctor for Windows" = Diagnostisch hulpprogramma voor hardware
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeraCopy_is1" = TeraCopy 2.12
"VueScan" = VueScan
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.0.0
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E7BC40-33F6-4A81-9D52-B58349326206}" = Download and Sa
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C9B0900-90C6-45E5-8D3E-86129974A53D}" = Enhanced Multimedia Keyboard Solution(USB)
"{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}" = HP Support Assistant
"{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1" = HP Easy Backup
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
"{90140000-0015-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
"{90140000-0016-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0017-0413-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Dutch) 2010
"{90140000-0017-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{60D55A40-09CF-4659-B81D-0712FBA24C21}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
"{90140000-0018-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
"{90140000-0019-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
"{90140000-001A-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
"{90140000-001B-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002A-0413-1000-0000000FF1CE}_Office14.OMUI.nl-nl_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
"{90140000-002C-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010
"{90140000-0044-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
"{90140000-006E-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010
"{90140000-00BA-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0100-0413-0000-0000000FF1CE}" = Microsoft Office O MUI (Dutch) 2010
"{90140000-0100-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{27169E09-8087-4930-B40C-C95FE99C0E39}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-0413-0000-0000000FF1CE}" = Microsoft Office X MUI (Dutch) 2010
"{90140000-0101-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{CCF9763A-D43C-48C7-AA94-F1CE1F00B90B}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00AF-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Dutch)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C1990F01-B51F-4CB0-99C8-C3C0861B8048}" = Ustream Producer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 Deluxe Edition
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.2.0 Beta 15
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.4.2
"ASIO4ALL" = ASIO4ALL
"AVS Audio Converter 6.3_is1" = AVS Audio Converter version 6.3
"AVS Audio Editor_is1" = AVS Audio Editor version 6.1
"AVS Audio Recorder_is1" = AVS Audio Recorder version 4.0
"AVS Disc Creator_is1" = AVS Disc Creator version 5.0.1
"AVS Document Converter_is1" = AVS Document Converter 1.0.2
"AVS DVD Copy_is1" = AVS DVD Copy version 4.1.1
"AVS Image Converter_is1" = AVS Image Converter 1.3.2.141
"AVS Media Player_is1" = AVS Media Player 4.1.3.68
"AVS Photo Editor_is1" = AVS Photo Editor
"AVS Ringtone Maker 1.6_is1" = AVS Ringtone Maker version 1.6
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS Video ReMaker_is1" = AVS Video ReMaker 4.0.2.126
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"AVSCoverEditor2_is1" = AVS Cover Editor 2.0.1.3
"Battlelog Web Plugins" = Battlelog Web Plugins
"BSPlayerp" = BS.Player PRO
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ESN Sonar-0.70.4" = ESN Sonar
"Exact Audio Copy" = Exact Audio Copy 1.0beta2
"FL Studio 10" = FL Studio 10
"foobar2000" = foobar2000 v1.1.6
"Gebruikersregistratie voor Canon MG5100 series" = Gebruikersregistratie voor Canon MG5100 series
"HP Remote Solution" = HP Remote Solution
"IL Download Manager" = IL Download Manager
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"MiniLyrics" = Minilyrics(remove only)
"mIRC" = mIRC
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.OMUI.nl-nl" = Microsoft Office Language Pack 2010 - Dutch/Nederlands
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"SmartDraw 2013" = SmartDraw 2013
"SopCast" = SopCast 3.4.8
"Steam App 40800" = Super Meat Boy
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 620" = Portal 2
"StreamTorrent 1.0" = StreamTorrent 1.0
"SystemRequirementsLab" = System Requirements Lab
"theHunter" = theHunter (remove only)
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 1.1.10
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Flux" = F.lux
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19-11-2012 19:32:58 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 20-11-2012 20:46:09 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 23-11-2012 22:34:34 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 25-11-2012 20:30:32 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 27-11-2012 19:31:47 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 28-11-2012 18:43:38 | Computer Name = Chester-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: AppleMobileBackup.exe, versie: 17.1008.10.53,
tijdstempel: 0x4f186178 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725,
tijdstempel: 0x4ec49b8f Uitzonderingscode: 0xc0000008 Foutoffset: 0x000827b8 Id van
proces met fout: 0xea4 Starttijd van toepassing met fout: 0x01cdcdb9c1de50b8 Pad
naar toepassing met fout: C:\Program Files (x86)\Common Files\Apple\Mobile Device
Support\AppleMobileBackup.exe Pad naar module met fout: C:\Windows\SysWOW64\ntdll.dll
Rapport-id:
0ca35067-39ad-11e2-83f4-90e6baec33ba

Error - 28-11-2012 19:32:07 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 29-11-2012 19:32:13 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

Error - 30-11-2012 19:12:26 | Computer Name = Chester-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: Explorer.EXE, versie: 6.1.7601.17567,
tijdstempel: 0x4d672ee4 Naam van module met fout: DivXPropertyHandler.dll, versie:
1.0.0.72, tijdstempel: 0x4cffd017 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0000000000001342
Id
van proces met fout: 0xc70 Starttijd van toepassing met fout: 0x01cdcdf7a938505c
Pad
naar toepassing met fout: C:\Windows\Explorer.EXE Pad naar module met fout: C:\Program
Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll Rapport-id:
677997b1-3b43-11e2-8162-90e6baec33ba

Error - 30-11-2012 20:46:14 | Computer Name = Chester-PC | Source = SideBySide | ID = 16842815
Description = Kan activeringscontext voor 'C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand
'C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel
3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR
van kenmerk version in element assemblyIdentity is ongeldig.

[ System Events ]
Error - 11-12-2012 20:42:25 | Computer Name = Chester-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 11-12-2012 20:42:27 | Computer Name = Chester-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 11-12-2012 20:42:40 | Computer Name = Chester-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 11-12-2012 20:42:40 | Computer Name = Chester-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 11-12-2012 20:44:59 | Computer Name = Chester-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 11-12-2012 20:45:00 | Computer Name = Chester-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 11-12-2012 20:46:33 | Computer Name = Chester-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: Windows Presentation Foundation Font Cache 3.0.0.0.

Error - 11-12-2012 20:46:33 | Computer Name = Chester-PC | Source = Service Control Manager | ID = 7000
Description = De Windows Presentation Foundation Font Cache 3.0.0.0-service kan
vanwege de volgende fout niet worden gestart: %%1053

Error - 11-12-2012 20:47:14 | Computer Name = Chester-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: Windows Defender.

Error - 11-12-2012 20:47:14 | Computer Name = Chester-PC | Source = Service Control Manager | ID = 7000
Description = De Windows Defender-service kan vanwege de volgende fout niet worden
gestart: %%1053


< End of report >

Edited by ohgodhowdidthisgethere, 11 December 2012 - 07:12 PM.

  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Thank you!

Security check log:

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
JavaFX 2.1.1
Java™ 6 Update 31
Java 7 Update 9
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
````````Process Check: objlist.exe by Laurent````````
Malwarebytes' Anti-Malware mbamscheduler.exe
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


edit: AdwCleaner log

# AdwCleaner v2.100 - Verslag gemaakt op 12/12/2012 om 11:23:02
# Geactualiseerd op 09/12/2012 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Chester - CHESTER-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Chester\Desktop\Internet Downloads\adwcleaner(1).exe
# Optie [Verwijderen]


***** [Diensten] *****


***** [Files / Mappen] *****


***** [Register] *****


***** [Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profielnaam : default
File : C:\Users\Chester\AppData\Roaming\Mozilla\Firefox\Profiles\zormzb6w.default\prefs.js

Verwijdert : user_pref("extensions.5095d6e39a8c4.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [1660 octets] - [12/12/2012 01:38:47]
AdwCleaner[S1].txt - [1741 octets] - [12/12/2012 01:38:57]
AdwCleaner[S2].txt - [1184 octets] - [12/12/2012 11:23:02]

########## EOF - C:\AdwCleaner[S2].txt - [1244 octets] ##########


Edit: RogueKiller log:

RogueKiller V8.4.0 [Dec 12 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestart vanuit : Normale modus
Gebruiker : Chester [Administrator rechten]
Modus : Verwijder -- Datum : 12/12/2012 11:29:25

¤¤¤ Kwaadaardige processen : 0 ¤¤¤

¤¤¤ Register verwijzingen : 3 ¤¤¤
[TASK][SUSP PATH] OptimizerPro1UpdaterTask{33111346-BD1C-40C9-99C8-21AB9A141A37}.job : C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro1\profile.ini" -> Verwijderd
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> VERVANGEN (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> VERVANGEN (0)

¤¤¤ Speciale Files / Folders: ¤¤¤

¤¤¤ Driver : [Niet geladen] ¤¤¤

¤¤¤ HOSTS Bestand: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Controle: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-65M2B0 ATA Device +++++
--- User ---
[MBR] 8e4bd981ccc19c7df05983cb71f5965e
[BSP] 2ae33e8e732edd45636b6770a1652fb5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 2034 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 4176900 | Size: 936900 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1922949120 | Size: 14924 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD10EADS-65M2B0 ATA Device +++++
--- User ---
[MBR] c22e3fefdd386196847651d58196c0ed
[BSP] 00fbdb235a6d02337d09c65c478e3206 : Standard MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Gereed : << RKreport[2]_D_12122012_02d1129.txt >>
RKreport[1]_S_12122012_02d1129.txt ; RKreport[2]_D_12122012_02d1129.txt

Edited by ohgodhowdidthisgethere, 12 December 2012 - 04:29 AM.

  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#5
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
The problem was not fixed by combofix; I still get randomly hyperlinked ads to scam websites everywhere I go.

Here is the log:

ComboFix 12-12-10.01 - Chester 13-12-2012 1:42.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8191.6205 [GMT 1:00]
Gestart vanuit: c:\users\Chester\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Download and Sa
c:\programdata\Download and Sa\5095d6e39a9ac.ocx
c:\programdata\Download and Sa\5095d6e39a9e4.html
c:\programdata\Download and Sa\5095d6e39aa1d.js
c:\programdata\Download and Sa\fnciphacogbpkmkdgngiaokipoklbngl.crx
c:\programdata\Download and Sa\settings.ini
c:\programdata\Download and Sa\uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Download and Sa
c:\programdata\Microsoft\Windows\Start Menu\Programs\Download and Sa\Download and Sa.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Download and Sa\Uninstall.lnk
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-11-13 to 2012-12-13 ))))))))))))))))))))))))))))))
.
.
2012-12-13 00:51 . 2012-12-13 00:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-13 00:51 . 2012-12-13 00:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-13 00:50 . 2012-12-13 00:50 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\offreg.dll
2012-12-11 16:18 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpengine.dll
2012-12-06 20:42 . 2012-12-06 20:42 -------- d-----w- c:\users\Chester\AppData\Roaming\Malwarebytes
2012-12-06 20:41 . 2012-12-06 20:41 -------- d-----w- c:\programdata\Malwarebytes
2012-12-06 20:41 . 2012-12-06 20:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-06 20:41 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-06 20:38 . 2012-12-06 20:38 -------- d-----w- c:\program files\Speccy
2012-11-30 19:51 . 2012-09-24 22:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-30 19:43 . 2012-11-30 19:44 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-11-30 19:43 . 2012-11-30 19:43 -------- d-----w- c:\program files\iPod
2012-11-30 19:43 . 2012-11-30 19:44 -------- d-----w- c:\program files\iTunes
2012-11-20 20:51 . 2012-11-20 20:51 -------- d-----w- c:\users\Chester\AppData\Local\ESN
2012-11-15 02:09 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
2012-11-15 02:09 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 02:09 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 02:09 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 02:02 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 02:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 02:02 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 02:02 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 02:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 02:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 02:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 00:52 . 2012-04-19 12:54 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 00:52 . 2011-05-24 12:23 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-07 21:43 . 2011-12-05 00:23 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-07 21:43 . 2011-12-04 23:53 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-07 21:43 . 2011-12-04 23:53 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-15 02:02 . 2011-05-27 11:03 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-31 19:04 . 2012-05-31 16:20 637272 ----a-w- c:\windows\system32\drivers\klif.sys
2012-10-16 08:38 . 2012-11-28 13:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 13:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 13:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 20:23 . 2012-10-10 20:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-10 20:23 . 2012-10-10 20:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-10 20:23 . 2012-10-10 20:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-10 20:23 . 2009-06-26 14:01 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-10 20:23 . 2012-03-03 15:35 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-10 20:23 . 2009-06-26 14:01 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-10 20:22 . 2011-11-12 22:09 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-08 20:19 . 2012-10-08 20:19 10220472 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-10-02 19:51 . 2012-03-03 15:37 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2011-03-20 16:33 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2011-03-20 16:33 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2011-03-20 16:34 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2011-03-20 16:34 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2011-03-20 16:34 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2009-06-26 15:00 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-28 09:32 . 2012-09-28 09:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-09-28 09:32 . 2012-09-28 09:32 53760 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-09-14 19:19 . 2012-10-10 20:01 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 20:01 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-15 1668664]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-12-09 969104]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-11-08 16070136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\LaunchApp.exe" [2009-03-30 364032]
"OSD"="c:\program files (x86)\Hewlett-Packard\KBD\OSD\OSD.exe" [2009-03-30 282624]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2012-10-31 206448]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-28 151952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoThumbnail"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-11-12 21712]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-05-19 702976]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-03-20 13368]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-26 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-28 279616]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys [2009-07-01 542464]
S3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys [2009-07-01 39424]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhoud van de 'Gedeelde Taken' map
.
2012-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 00:52]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-17 18:13]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-17 18:13]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794437376-3695661613-713449860-1000Core.job
- c:\users\Chester\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25 13:29]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794437376-3695661613-713449860-1000UA.job
- c:\users\Chester\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25 13:29]
.
2012-10-01 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
2012-12-12 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-10-31 15:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-08 610360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=94&bd=Pavilion&pf=cndt
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
FF - ProfilePath - c:\users\Chester\AppData\Roaming\Mozilla\Firefox\Profiles\zormzb6w.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - ExtSQL: 2012-11-04 03:45; [email protected]; c:\users\Chester\AppData\Roaming\Mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-36439459.sys
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{20E7BC40-33F6-4A81-9D52-B58349326206} - c:\programdata\Download and Sa\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-12-13 01:53:59
ComboFix-quarantined-files.txt 2012-12-13 00:53
.
Pre-Run: 187.377.618.944 bytes beschikbaar
Post-Run: 187.562.622.976 bytes beschikbaar
.
- - End Of File - - 57C17458F92B9B4C3DB8CC2B58C47180
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#7
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
aswMBR keeps crashing every time it gets to this folder:
Posted Image

(tried it twice, crashed each time)

Here is the TDSSKiller log:
19:42:18.0539 3132 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:42:23.0437 3132 ============================================================
19:42:23.0437 3132 Current date / time: 2012/12/13 19:42:23.0437
19:42:23.0437 3132 SystemInfo:
19:42:23.0437 3132
19:42:23.0437 3132 OS Version: 6.1.7601 ServicePack: 1.0
19:42:23.0437 3132 Product type: Workstation
19:42:23.0437 3132 ComputerName: CHESTER-PC
19:42:23.0437 3132 UserName: Chester
19:42:23.0437 3132 Windows directory: C:\Windows
19:42:23.0437 3132 System windows directory: C:\Windows
19:42:23.0437 3132 Running under WOW64
19:42:23.0437 3132 Processor architecture: Intel x64
19:42:23.0437 3132 Number of processors: 4
19:42:23.0437 3132 Page size: 0x1000
19:42:23.0437 3132 Boot type: Normal boot
19:42:23.0437 3132 ============================================================
19:42:34.0014 3132 BG loaded
19:42:39.0677 3132 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:42:39.0755 3132 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:42:39.0771 3132 ============================================================
19:42:39.0771 3132 \Device\Harddisk0\DR0:
19:42:39.0786 3132 MBR partitions:
19:42:39.0786 3132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3F9000
19:42:39.0786 3132 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3FBC04, BlocksNum 0x725E210E
19:42:39.0786 3132 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x729DE000, BlocksNum 0x1D26000
19:42:39.0786 3132 \Device\Harddisk1\DR1:
19:42:39.0786 3132 MBR partitions:
19:42:39.0786 3132 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:42:39.0786 3132 ============================================================
19:42:40.0083 3132 C: <-> \Device\Harddisk0\DR0\Partition2
19:42:40.0114 3132 E: <-> \Device\Harddisk1\DR1\Partition1
19:42:40.0332 3132 D: <-> \Device\Harddisk0\DR0\Partition3
19:42:40.0332 3132 ============================================================
19:42:40.0332 3132 Initialize success
19:42:40.0332 3132 ============================================================
19:42:51.0533 2856 ============================================================
19:42:51.0533 2856 Scan started
19:42:51.0533 2856 Mode: Manual; SigCheck; TDLFS;
19:42:51.0533 2856 ============================================================
19:42:52.0984 2856 ================ Scan system memory ========================
19:42:52.0984 2856 System memory - ok
19:42:52.0984 2856 ================ Scan services =============================
19:42:53.0109 2856 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:42:56.0010 2856 1394ohci - ok
19:42:56.0166 2856 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:43:00.0924 2856 ACPI - ok
19:43:01.0034 2856 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:43:01.0455 2856 AcpiPmi - ok
19:43:01.0767 2856 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:43:06.0618 2856 AdobeARMservice - ok
19:43:07.0024 2856 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:43:16.0883 2856 AdobeFlashPlayerUpdateSvc - ok
19:43:16.0930 2856 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:43:17.0024 2856 adp94xx - ok
19:43:17.0195 2856 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:43:17.0226 2856 adpahci - ok
19:43:17.0258 2856 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:43:17.0273 2856 adpu320 - ok
19:43:17.0351 2856 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:43:18.0116 2856 AeLookupSvc - ok
19:43:18.0240 2856 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:43:18.0412 2856 AFD - ok
19:43:18.0506 2856 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:43:18.0568 2856 agp440 - ok
19:43:18.0662 2856 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:43:18.0896 2856 ALG - ok
19:43:19.0005 2856 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:43:19.0067 2856 aliide - ok
19:43:19.0192 2856 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:43:19.0270 2856 amdide - ok
19:43:19.0426 2856 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:43:19.0644 2856 AmdK8 - ok
19:43:19.0676 2856 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:43:19.0769 2856 AmdPPM - ok
19:43:19.0847 2856 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:43:19.0894 2856 amdsata - ok
19:43:19.0956 2856 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:43:20.0003 2856 amdsbs - ok
19:43:20.0034 2856 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:43:20.0066 2856 amdxata - ok
19:43:20.0206 2856 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:43:22.0593 2856 AppID - ok
19:43:22.0624 2856 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:43:22.0718 2856 AppIDSvc - ok
19:43:22.0827 2856 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:43:22.0889 2856 Appinfo - ok
19:43:23.0139 2856 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:43:23.0170 2856 Apple Mobile Device - ok
19:43:23.0404 2856 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:43:23.0544 2856 arc - ok
19:43:23.0607 2856 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:43:23.0654 2856 arcsas - ok
19:43:23.0763 2856 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:43:23.0841 2856 AsyncMac - ok
19:43:23.0872 2856 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:43:23.0888 2856 atapi - ok
19:43:24.0044 2856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:43:24.0106 2856 AudioEndpointBuilder - ok
19:43:24.0137 2856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:43:24.0184 2856 AudioSrv - ok
19:43:24.0356 2856 [ 15708C6DE052E121BFD6384E2EFEA8B8 ] AVER_H193 C:\Windows\system32\drivers\AVer888RC_64.sys
19:43:24.0449 2856 AVER_H193 - ok
19:43:25.0026 2856 [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
19:43:25.0182 2856 AVP - ok
19:43:25.0370 2856 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:43:25.0744 2856 AxInstSV - ok
19:43:25.0791 2856 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:43:25.0869 2856 b06bdrv - ok
19:43:25.0978 2856 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:43:26.0087 2856 b57nd60a - ok
19:43:26.0243 2856 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:43:26.0477 2856 BDESVC - ok
19:43:26.0696 2856 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:43:26.0789 2856 Beep - ok
19:43:27.0132 2856 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:43:27.0195 2856 BFE - ok
19:43:27.0382 2856 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:43:27.0507 2856 BITS - ok
19:43:27.0632 2856 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:43:27.0663 2856 blbdrive - ok
19:43:28.0224 2856 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:43:28.0240 2856 Bonjour Service - ok
19:43:28.0318 2856 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:43:28.0365 2856 bowser - ok
19:43:28.0427 2856 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:43:28.0942 2856 BrFiltLo - ok
19:43:28.0973 2856 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:43:29.0004 2856 BrFiltUp - ok
19:43:29.0129 2856 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:43:29.0207 2856 BridgeMP - ok
19:43:29.0410 2856 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:43:29.0426 2856 Browser - ok
19:43:29.0597 2856 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:43:29.0738 2856 Brserid - ok
19:43:29.0769 2856 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:43:29.0847 2856 BrSerWdm - ok
19:43:29.0878 2856 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:43:29.0956 2856 BrUsbMdm - ok
19:43:30.0003 2856 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:43:30.0096 2856 BrUsbSer - ok
19:43:30.0252 2856 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:43:30.0408 2856 BTHMODEM - ok
19:43:30.0471 2856 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:43:30.0533 2856 bthserv - ok
19:43:30.0627 2856 catchme - ok
19:43:30.0642 2856 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:43:30.0689 2856 cdfs - ok
19:43:30.0798 2856 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:43:30.0845 2856 cdrom - ok
19:43:30.0908 2856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:43:30.0970 2856 CertPropSvc - ok
19:43:31.0048 2856 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:43:31.0079 2856 circlass - ok
19:43:31.0142 2856 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:43:31.0173 2856 CLFS - ok
19:43:31.0344 2856 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:43:31.0610 2856 clr_optimization_v2.0.50727_32 - ok
19:43:31.0922 2856 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:43:31.0984 2856 clr_optimization_v2.0.50727_64 - ok
19:43:32.0202 2856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:43:32.0421 2856 clr_optimization_v4.0.30319_32 - ok
19:43:32.0468 2856 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:43:32.0514 2856 clr_optimization_v4.0.30319_64 - ok
19:43:32.0561 2856 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:43:32.0639 2856 CmBatt - ok
19:43:32.0702 2856 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:43:32.0748 2856 cmdide - ok
19:43:32.0811 2856 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:43:32.0842 2856 CNG - ok
19:43:32.0858 2856 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:43:37.0974 2856 Compbatt - ok
19:43:38.0224 2856 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:43:38.0349 2856 CompositeBus - ok
19:43:38.0427 2856 COMSysApp - ok
19:43:39.0066 2856 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
19:43:39.0082 2856 cpuz135 - ok
19:43:39.0254 2856 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:43:39.0456 2856 crcdisk - ok
19:43:39.0768 2856 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:43:39.0909 2856 CryptSvc - ok
19:43:40.0190 2856 [ 29F99B350859441F99CA09DBAB828900 ] CXCIR C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys
19:43:40.0845 2856 CXCIR - ok
19:43:41.0048 2856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:43:41.0110 2856 DcomLaunch - ok
19:43:41.0157 2856 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:43:41.0250 2856 defragsvc - ok
19:43:41.0484 2856 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:43:41.0531 2856 DfsC - ok
19:43:41.0843 2856 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:43:41.0937 2856 Dhcp - ok
19:43:42.0093 2856 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:43:42.0155 2856 discache - ok
19:43:42.0498 2856 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:43:42.0686 2856 Disk - ok
19:43:42.0842 2856 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:43:43.0154 2856 Dnscache - ok
19:43:43.0481 2856 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:43:43.0637 2856 dot3svc - ok
19:43:43.0856 2856 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:43:43.0887 2856 DPS - ok
19:43:44.0136 2856 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:43:44.0230 2856 drmkaud - ok
19:43:44.0948 2856 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
19:43:50.0018 2856 DrvAgent64 - ok
19:43:50.0096 2856 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:43:50.0111 2856 dtsoftbus01 - ok
19:43:50.0158 2856 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:43:50.0189 2856 DXGKrnl - ok
19:43:50.0220 2856 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:43:50.0267 2856 EapHost - ok
19:43:50.0361 2856 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:43:50.0470 2856 ebdrv - ok
19:43:50.0486 2856 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:43:50.0532 2856 EFS - ok
19:43:50.0579 2856 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:43:50.0626 2856 ehRecvr - ok
19:43:50.0657 2856 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:43:50.0720 2856 ehSched - ok
19:43:50.0751 2856 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:43:50.0782 2856 elxstor - ok
19:43:50.0829 2856 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:43:50.0860 2856 ErrDev - ok
19:43:50.0907 2856 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:43:50.0954 2856 EventSystem - ok
19:43:50.0969 2856 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:43:51.0000 2856 exfat - ok
19:43:51.0032 2856 ezSharedSvc - ok
19:43:51.0047 2856 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:43:51.0110 2856 fastfat - ok
19:43:51.0172 2856 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:43:51.0219 2856 Fax - ok
19:43:51.0234 2856 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:43:51.0266 2856 fdc - ok
19:43:51.0297 2856 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:43:51.0344 2856 fdPHost - ok
19:43:51.0359 2856 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:43:51.0406 2856 FDResPub - ok
19:43:51.0422 2856 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:43:51.0437 2856 FileInfo - ok
19:43:51.0453 2856 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:43:51.0484 2856 Filetrace - ok
19:43:51.0562 2856 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:43:51.0578 2856 FLEXnet Licensing Service - ok
19:43:51.0609 2856 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:43:51.0656 2856 flpydisk - ok
19:43:51.0687 2856 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:43:51.0702 2856 FltMgr - ok
19:43:51.0749 2856 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:43:51.0796 2856 FontCache - ok
19:43:51.0858 2856 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:43:51.0874 2856 FontCache3.0.0.0 - ok
19:43:51.0890 2856 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:43:51.0905 2856 FsDepends - ok
19:43:51.0952 2856 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:43:56.0975 2856 Fs_Rec - ok
19:43:57.0038 2856 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:43:57.0053 2856 fvevol - ok
19:43:57.0084 2856 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:43:57.0100 2856 gagp30kx - ok
19:43:57.0147 2856 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:43:57.0209 2856 gpsvc - ok
19:43:57.0365 2856 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:43:57.0381 2856 gupdate - ok
19:43:57.0396 2856 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:43:57.0412 2856 gupdatem - ok
19:43:57.0428 2856 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:43:57.0459 2856 hcw85cir - ok
19:43:57.0490 2856 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:43:57.0521 2856 HdAudAddService - ok
19:43:57.0552 2856 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:43:57.0584 2856 HDAudBus - ok
19:43:57.0599 2856 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:43:57.0615 2856 HidBatt - ok
19:43:57.0630 2856 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:43:57.0646 2856 HidBth - ok
19:43:57.0677 2856 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:43:57.0708 2856 HidIr - ok
19:43:57.0724 2856 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:43:57.0771 2856 hidserv - ok
19:43:57.0802 2856 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:43:57.0818 2856 HidUsb - ok
19:43:57.0927 2856 [ 5A457C3D00C1C701230A12AA1580114D ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:43:57.0927 2856 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
19:43:57.0927 2856 HiPatchService - detected UnsignedFile.Multi.Generic (1)
19:43:57.0974 2856 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:43:58.0036 2856 hkmsvc - ok
19:43:58.0067 2856 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:43:58.0130 2856 HomeGroupListener - ok
19:43:58.0176 2856 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:43:58.0208 2856 HomeGroupProvider - ok
19:43:58.0286 2856 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
19:43:58.0301 2856 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
19:43:58.0301 2856 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
19:43:58.0317 2856 [ DEAB3BF5AEFBDC3F9AC0E020926EC81D ] HPBtnSrv C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
19:43:58.0332 2856 HPBtnSrv ( UnsignedFile.Multi.Generic ) - warning
19:43:58.0332 2856 HPBtnSrv - detected UnsignedFile.Multi.Generic (1)
19:43:58.0379 2856 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:43:58.0395 2856 hpqwmiex - ok
19:43:58.0442 2856 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:43:58.0457 2856 HpSAMD - ok
19:43:58.0520 2856 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:43:58.0582 2856 HTTP - ok
19:43:58.0598 2856 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:43:58.0613 2856 hwpolicy - ok
19:43:58.0676 2856 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:43:58.0707 2856 i8042prt - ok
19:43:58.0738 2856 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:43:58.0754 2856 iaStorV - ok
19:43:58.0832 2856 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:43:58.0863 2856 idsvc - ok
19:43:58.0894 2856 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:43:58.0910 2856 iirsp - ok
19:43:59.0050 2856 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:43:59.0066 2856 IJPLMSVC - ok
19:43:59.0081 2856 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:43:59.0144 2856 IKEEXT - ok
19:43:59.0206 2856 [ 31C32BC56D85D109EBB0C526BE5CACA7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:43:59.0237 2856 IntcAzAudAddService - ok
19:43:59.0253 2856 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:43:59.0268 2856 intelide - ok
19:43:59.0300 2856 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:43:59.0315 2856 intelppm - ok
19:43:59.0346 2856 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:43:59.0409 2856 IPBusEnum - ok
19:43:59.0456 2856 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:43:59.0502 2856 IpFilterDriver - ok
19:43:59.0534 2856 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:43:59.0565 2856 iphlpsvc - ok
19:43:59.0612 2856 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:43:59.0643 2856 IPMIDRV - ok
19:43:59.0674 2856 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:43:59.0721 2856 IPNAT - ok
19:43:59.0799 2856 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:43:59.0830 2856 iPod Service - ok
19:43:59.0846 2856 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:43:59.0877 2856 IRENUM - ok
19:43:59.0924 2856 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:43:59.0939 2856 isapnp - ok
19:43:59.0986 2856 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:44:00.0002 2856 iScsiPrt - ok
19:44:00.0033 2856 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:44:00.0048 2856 kbdclass - ok
19:44:00.0048 2856 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:44:00.0095 2856 kbdhid - ok
19:44:00.0111 2856 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:44:00.0126 2856 KeyIso - ok
19:44:00.0158 2856 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
19:44:00.0189 2856 KL1 - ok
19:44:00.0220 2856 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
19:44:00.0236 2856 kl2 - ok
19:44:00.0298 2856 [ 8490798365236B6C8E54DEDD27A42D07 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:44:00.0314 2856 KLIF - ok
19:44:00.0329 2856 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:44:00.0345 2856 KLIM6 - ok
19:44:00.0376 2856 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:44:00.0376 2856 klmouflt - ok
19:44:00.0438 2856 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:44:00.0454 2856 KSecDD - ok
19:44:00.0470 2856 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:44:00.0485 2856 KSecPkg - ok
19:44:00.0516 2856 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:44:00.0563 2856 ksthunk - ok
19:44:00.0579 2856 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:44:00.0626 2856 KtmRm - ok
19:44:00.0672 2856 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:44:00.0719 2856 LanmanServer - ok
19:44:00.0766 2856 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:44:00.0813 2856 LanmanWorkstation - ok
19:44:00.0860 2856 [ AA3D903C5A7538803F2400A8391F1881 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:44:00.0875 2856 LHidFilt - ok
19:44:00.0938 2856 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:44:00.0953 2856 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:44:00.0953 2856 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:44:00.0984 2856 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:44:01.0047 2856 lltdio - ok
19:44:01.0078 2856 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:44:01.0140 2856 lltdsvc - ok
19:44:01.0156 2856 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:44:01.0187 2856 lmhosts - ok
19:44:01.0296 2856 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:44:01.0328 2856 LSI_FC - ok
19:44:01.0343 2856 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:44:01.0359 2856 LSI_SAS - ok
19:44:01.0390 2856 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:44:01.0406 2856 LSI_SAS2 - ok
19:44:01.0421 2856 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:44:01.0452 2856 LSI_SCSI - ok
19:44:01.0468 2856 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:44:01.0530 2856 luafv - ok
19:44:01.0593 2856 [ 4EB7886F6223F68CA855730A96D6110C ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
19:47:00.0868 2856 LUsbFilt - ok
19:47:00.0931 2856 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:47:00.0946 2856 MBAMProtector - ok
19:47:01.0134 2856 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:47:01.0149 2856 MBAMScheduler - ok
19:47:01.0227 2856 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:47:01.0243 2856 MBAMService - ok
19:47:01.0290 2856 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:47:01.0477 2856 Mcx2Svc - ok
19:47:01.0508 2856 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:47:01.0524 2856 megasas - ok
19:47:01.0617 2856 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:47:01.0664 2856 MegaSR - ok
19:47:01.0898 2856 Microsoft SharePoint Workspace Audit Service - ok
19:47:01.0976 2856 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:47:02.0038 2856 MMCSS - ok
19:47:02.0132 2856 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:47:02.0241 2856 Modem - ok
19:47:02.0304 2856 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:47:02.0350 2856 monitor - ok
19:47:02.0522 2856 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:47:02.0538 2856 mouclass - ok
19:47:02.0694 2856 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:47:02.0740 2856 mouhid - ok
19:47:02.0803 2856 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:47:02.0818 2856 mountmgr - ok
19:47:02.0959 2856 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:47:03.0037 2856 MozillaMaintenance - ok
19:47:03.0115 2856 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:47:03.0162 2856 mpio - ok
19:47:03.0162 2856 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:47:03.0208 2856 mpsdrv - ok
19:47:03.0333 2856 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:47:03.0396 2856 MpsSvc - ok
19:47:03.0427 2856 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:47:03.0474 2856 MRxDAV - ok
19:47:03.0552 2856 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:47:03.0645 2856 mrxsmb - ok
19:47:03.0692 2856 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:47:03.0708 2856 mrxsmb10 - ok
19:47:03.0723 2856 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:47:03.0754 2856 mrxsmb20 - ok
19:47:03.0786 2856 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:47:03.0801 2856 msahci - ok
19:47:03.0848 2856 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:47:03.0864 2856 msdsm - ok
19:47:03.0879 2856 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:47:03.0895 2856 MSDTC - ok
19:47:04.0051 2856 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:47:04.0098 2856 Msfs - ok
19:47:04.0113 2856 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:47:04.0160 2856 mshidkmdf - ok
19:47:04.0207 2856 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:47:04.0222 2856 msisadrv - ok
19:47:04.0285 2856 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:47:04.0347 2856 MSiSCSI - ok
19:47:04.0363 2856 msiserver - ok
19:47:04.0394 2856 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:47:04.0519 2856 MSKSSRV - ok
19:47:04.0566 2856 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:47:04.0675 2856 MSPCLOCK - ok
19:47:04.0706 2856 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:47:04.0784 2856 MSPQM - ok
19:47:04.0862 2856 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:47:04.0909 2856 MsRPC - ok
19:47:04.0971 2856 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:47:04.0987 2856 mssmbios - ok
19:47:05.0034 2856 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:47:05.0096 2856 MSTEE - ok
19:47:05.0112 2856 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:47:05.0127 2856 MTConfig - ok
19:47:05.0174 2856 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:47:05.0205 2856 Mup - ok
19:47:05.0314 2856 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:47:05.0424 2856 napagent - ok
19:47:05.0486 2856 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:47:05.0517 2856 NativeWifiP - ok
19:47:05.0595 2856 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:47:05.0626 2856 NDIS - ok
19:47:05.0642 2856 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:47:05.0673 2856 NdisCap - ok
19:47:05.0704 2856 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:47:05.0751 2856 NdisTapi - ok
19:47:05.0814 2856 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:47:05.0860 2856 Ndisuio - ok
19:47:05.0923 2856 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:47:05.0970 2856 NdisWan - ok
19:47:06.0016 2856 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:47:06.0048 2856 NDProxy - ok
19:47:06.0079 2856 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:47:06.0141 2856 NetBIOS - ok
19:47:06.0188 2856 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:47:11.0212 2856 NetBT - ok
19:47:11.0228 2856 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:47:11.0243 2856 Netlogon - ok
19:47:11.0368 2856 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:47:11.0431 2856 Netman - ok
19:47:11.0477 2856 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:47:11.0509 2856 netprofm - ok
19:47:11.0555 2856 [ 44D4BD55191624C82A2745296BA42814 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:47:11.0602 2856 netr28x - ok
19:47:11.0633 2856 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:47:11.0665 2856 NetTcpPortSharing - ok
19:47:11.0711 2856 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:47:11.0727 2856 nfrd960 - ok
19:47:11.0789 2856 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:47:11.0805 2856 NlaSvc - ok
19:47:11.0836 2856 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:47:11.0883 2856 Npfs - ok
19:47:11.0945 2856 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:47:12.0008 2856 nsi - ok
19:47:12.0023 2856 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:47:12.0070 2856 nsiproxy - ok
19:47:12.0179 2856 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:47:12.0242 2856 Ntfs - ok
19:47:12.0257 2856 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:47:12.0304 2856 Null - ok
19:47:12.0413 2856 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:47:12.0538 2856 NVHDA - ok
19:47:14.0909 2856 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:47:15.0128 2856 nvlddmkm - ok
19:47:15.0315 2856 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:47:15.0627 2856 nvraid - ok
19:47:15.0783 2856 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:47:15.0877 2856 nvstor - ok
19:47:16.0298 2856 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
19:47:16.0329 2856 nvsvc - ok
19:47:17.0327 2856 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:47:17.0359 2856 nvUpdatusService - ok
19:47:17.0577 2856 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:47:17.0639 2856 nv_agp - ok
19:47:17.0717 2856 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:47:17.0811 2856 ohci1394 - ok
19:47:18.0107 2856 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:47:18.0232 2856 ose - ok
19:47:19.0667 2856 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:47:19.0792 2856 osppsvc - ok
19:47:19.0948 2856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:47:20.0073 2856 p2pimsvc - ok
19:47:20.0245 2856 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:47:20.0385 2856 p2psvc - ok
19:47:20.0479 2856 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:47:20.0525 2856 Parport - ok
19:47:20.0588 2856 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:47:20.0619 2856 partmgr - ok
19:47:20.0806 2856 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:47:20.0947 2856 PcaSvc - ok
19:47:29.0386 2856 PcdrNdisuio - ok
19:47:29.0480 2856 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:47:29.0542 2856 pci - ok
19:47:29.0589 2856 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:47:29.0636 2856 pciide - ok
19:47:29.0761 2856 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:47:29.0823 2856 pcmcia - ok
19:47:29.0854 2856 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:47:29.0901 2856 pcw - ok
19:47:30.0073 2856 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:47:30.0166 2856 PEAUTH - ok
19:47:30.0260 2856 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:47:30.0353 2856 PerfHost - ok
19:47:30.0853 2856 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:47:30.0946 2856 pla - ok
19:47:31.0243 2856 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:47:31.0367 2856 PlugPlay - ok
19:47:31.0586 2856 PnkBstrA - ok
19:47:31.0679 2856 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:47:31.0742 2856 PNRPAutoReg - ok
19:47:31.0913 2856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:47:31.0929 2856 PNRPsvc - ok
19:47:32.0163 2856 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:47:32.0225 2856 PolicyAgent - ok
19:47:32.0319 2856 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:47:32.0381 2856 Power - ok
19:47:32.0553 2856 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:47:32.0662 2856 PptpMiniport - ok
19:47:32.0740 2856 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:47:32.0896 2856 Processor - ok
19:47:33.0115 2856 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:47:33.0208 2856 ProfSvc - ok
19:47:33.0333 2856 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:47:33.0395 2856 ProtectedStorage - ok
19:47:33.0707 2856 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:47:33.0848 2856 Psched - ok
19:47:34.0456 2856 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:47:34.0503 2856 ql2300 - ok
19:47:34.0597 2856 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:47:34.0643 2856 ql40xx - ok
19:47:34.0721 2856 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:47:34.0831 2856 QWAVE - ok
19:47:34.0909 2856 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:47:35.0033 2856 QWAVEdrv - ok
19:47:35.0080 2856 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:47:35.0236 2856 RasAcd - ok
19:47:35.0470 2856 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:47:35.0501 2856 RasAgileVpn - ok
19:47:35.0595 2856 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:47:35.0751 2856 RasAuto - ok
19:47:35.0876 2856 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:47:35.0954 2856 Rasl2tp - ok
19:47:36.0094 2856 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:47:36.0188 2856 RasMan - ok
19:47:36.0375 2856 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:47:36.0593 2856 RasPppoe - ok
19:47:36.0625 2856 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:47:36.0687 2856 RasSstp - ok
19:47:36.0765 2856 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:47:36.0843 2856 rdbss - ok
19:47:37.0389 2856 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:47:37.0436 2856 rdpbus - ok
19:47:37.0483 2856 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:47:37.0795 2856 RDPCDD - ok
19:47:37.0904 2856 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:47:37.0935 2856 RDPENCDD - ok
19:47:37.0997 2856 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:47:38.0044 2856 RDPREFMP - ok
19:47:38.0122 2856 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:47:38.0185 2856 RDPWD - ok
19:47:38.0325 2856 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:47:38.0387 2856 rdyboost - ok
19:47:38.0434 2856 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:47:38.0497 2856 RemoteAccess - ok
19:47:38.0637 2856 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:47:38.0715 2856 RemoteRegistry - ok
19:47:38.0840 2856 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:47:39.0105 2856 RpcEptMapper - ok
19:47:39.0214 2856 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:47:39.0308 2856 RpcLocator - ok
19:47:39.0495 2856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
19:47:39.0542 2856 RpcSs - ok
19:47:39.0651 2856 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:47:39.0713 2856 rspndr - ok
19:47:39.0838 2856 [ C508D28487121828C3A1C2B57ACB05BE ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
19:47:39.0854 2856 RTCore64 - ok
19:47:39.0979 2856 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:47:40.0041 2856 RTL8167 - ok
19:47:40.0072 2856 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:47:40.0088 2856 SamSs - ok
19:47:40.0181 2856 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:47:40.0291 2856 sbp2port - ok
19:47:40.0447 2856 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:47:40.0540 2856 SCardSvr - ok
19:47:40.0634 2856 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:47:40.0821 2856 scfilter - ok
19:47:41.0601 2856 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:47:41.0648 2856 Schedule - ok
19:47:41.0913 2856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:47:41.0960 2856 SCPolicySvc - ok
19:47:42.0131 2856 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:47:42.0287 2856 SDRSVC - ok
19:47:42.0428 2856 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:47:42.0521 2856 secdrv - ok
19:47:42.0599 2856 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:47:42.0693 2856 seclogon - ok
19:47:42.0849 2856 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:47:42.0958 2856 SENS - ok
19:47:43.0177 2856 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:47:43.0317 2856 SensrSvc - ok
19:47:43.0395 2856 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:47:43.0426 2856 Serenum - ok
19:47:43.0457 2856 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:47:43.0520 2856 Serial - ok
19:47:43.0551 2856 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:47:43.0598 2856 sermouse - ok
19:47:43.0629 2856 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:47:43.0723 2856 SessionEnv - ok
19:47:43.0801 2856 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:47:43.0879 2856 sffdisk - ok
19:47:43.0925 2856 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:47:44.0050 2856 sffp_mmc - ok
19:47:44.0081 2856 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:47:44.0144 2856 sffp_sd - ok
19:47:44.0222 2856 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:47:44.0331 2856 sfloppy - ok
19:47:44.0456 2856 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:47:44.0549 2856 SharedAccess - ok
19:47:44.0690 2856 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:47:44.0830 2856 ShellHWDetection - ok
19:47:44.0955 2856 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:47:45.0033 2856 SiSRaid2 - ok
19:47:45.0142 2856 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:47:45.0236 2856 SiSRaid4 - ok
19:47:45.0501 2856 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:47:45.0517 2856 SkypeUpdate - ok
19:47:45.0907 2856 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:47:46.0000 2856 Smb - ok
19:47:46.0141 2856 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:47:46.0219 2856 SNMPTRAP - ok
19:47:46.0312 2856 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:47:46.0375 2856 spldr - ok
19:47:46.0562 2856 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:47:46.0609 2856 Spooler - ok
19:47:47.0295 2856 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:47:47.0435 2856 sppsvc - ok
19:47:47.0529 2856 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:47:47.0654 2856 sppuinotify - ok
19:47:47.0872 2856 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:47:52.0911 2856 srv - ok
19:47:53.0036 2856 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:47:58.0059 2856 srv2 - ok
19:47:58.0090 2856 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:47:59.0135 2856 srvnet - ok
19:47:59.0198 2856 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:47:59.0276 2856 SSDPSRV - ok
19:47:59.0291 2856 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:48:04.0096 2856 SstpSvc - ok
19:48:04.0268 2856 Steam Client Service - ok
19:48:04.0486 2856 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:48:04.0549 2856 Stereo Service - ok
19:48:04.0595 2856 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:48:04.0751 2856 stexstor - ok
19:48:04.0876 2856 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:48:04.0939 2856 stisvc - ok
19:48:05.0001 2856 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:48:05.0063 2856 swenum - ok
19:48:05.0375 2856 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:48:05.0407 2856 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
19:48:05.0407 2856 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
19:48:05.0485 2856 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:48:05.0547 2856 swprv - ok
19:48:05.0750 2856 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:48:05.0828 2856 SysMain - ok
19:48:05.0890 2856 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:48:05.0921 2856 TabletInputService - ok
19:48:06.0031 2856 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:48:06.0093 2856 TapiSrv - ok
19:48:06.0124 2856 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:48:06.0171 2856 TBS - ok
19:48:06.0233 2856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:48:06.0311 2856 Tcpip - ok
19:48:06.0764 2856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:48:06.0795 2856 TCPIP6 - ok
19:48:06.0842 2856 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:48:07.0013 2856 tcpipreg - ok
19:48:07.0076 2856 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:48:07.0169 2856 TDPIPE - ok
19:48:07.0263 2856 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:48:07.0357 2856 TDTCP - ok
19:48:07.0481 2856 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:48:07.0528 2856 tdx - ok
19:48:07.0606 2856 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:48:07.0606 2856 TermDD - ok
19:48:07.0715 2856 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:48:07.0778 2856 TermService - ok
19:48:07.0809 2856 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:48:07.0871 2856 Themes - ok
19:48:07.0934 2856 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:48:07.0981 2856 THREADORDER - ok
19:48:08.0043 2856 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:48:08.0090 2856 TrkWks - ok
19:48:08.0339 2856 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:48:08.0464 2856 TrustedInstaller - ok
19:48:08.0589 2856 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:48:08.0698 2856 tssecsrv - ok
19:48:08.0979 2856 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:48:09.0026 2856 TsUsbFlt - ok
19:48:09.0197 2856 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:48:09.0260 2856 tunnel - ok
19:48:09.0322 2856 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:48:09.0369 2856 uagp35 - ok
19:48:09.0556 2856 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:48:09.0619 2856 udfs - ok
19:48:09.0650 2856 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:48:09.0681 2856 UI0Detect - ok
19:48:09.0712 2856 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:48:09.0759 2856 uliagpkx - ok
19:48:09.0884 2856 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:48:09.0946 2856 umbus - ok
19:48:09.0993 2856 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:48:10.0071 2856 UmPass - ok
19:48:10.0102 2856 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:48:10.0149 2856 upnphost - ok
19:48:10.0243 2856 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:48:10.0383 2856 USBAAPL64 - ok
19:48:10.0508 2856 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:48:10.0601 2856 usbaudio - ok
19:48:10.0695 2856 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:48:10.0742 2856 usbccgp - ok
19:48:10.0820 2856 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:48:10.0945 2856 usbcir - ok
19:48:11.0023 2856 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:48:11.0038 2856 usbehci - ok
19:48:11.0225 2856 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:48:11.0272 2856 usbhub - ok
19:48:11.0335 2856 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:48:11.0350 2856 usbohci - ok
19:48:11.0397 2856 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:48:11.0444 2856 usbprint - ok
19:48:11.0506 2856 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:48:11.0553 2856 usbscan - ok
19:48:11.0584 2856 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:48:11.0662 2856 USBSTOR - ok
19:48:11.0693 2856 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:48:11.0740 2856 usbuhci - ok
19:48:11.0912 2856 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:48:11.0959 2856 usbvideo - ok
19:48:12.0037 2856 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:48:12.0130 2856 UxSms - ok
19:48:12.0161 2856 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:48:12.0177 2856 VaultSvc - ok
19:48:12.0317 2856 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:48:12.0364 2856 vdrvroot - ok
19:48:12.0458 2856 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:48:12.0551 2856 vds - ok
19:48:12.0661 2856 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:48:12.0707 2856 vga - ok
19:48:12.0739 2856 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:48:12.0785 2856 VgaSave - ok
19:48:12.0863 2856 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:48:12.0895 2856 vhdmp - ok
19:48:12.0910 2856 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:48:12.0941 2856 viaide - ok
19:48:12.0988 2856 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:48:13.0035 2856 volmgr - ok
19:48:13.0207 2856 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:48:13.0269 2856 volmgrx - ok
19:48:13.0316 2856 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:48:13.0363 2856 volsnap - ok
19:48:13.0487 2856 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:48:13.0534 2856 vsmraid - ok
19:48:14.0158 2856 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:48:14.0299 2856 VSS - ok
19:48:14.0314 2856 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:48:14.0392 2856 vwifibus - ok
19:48:14.0517 2856 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:48:14.0579 2856 vwififlt - ok
19:48:14.0767 2856 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:48:14.0845 2856 W32Time - ok
19:48:14.0938 2856 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:48:15.0047 2856 WacomPen - ok
19:48:15.0219 2856 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:48:15.0313 2856 WANARP - ok
19:48:15.0359 2856 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:48:15.0391 2856 Wanarpv6 - ok
19:48:16.0015 2856 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:48:16.0139 2856 WatAdminSvc - ok
19:48:16.0748 2856 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:48:17.0060 2856 wbengine - ok
19:48:17.0169 2856 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:48:17.0231 2856 WbioSrvc - ok
19:48:17.0450 2856 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:48:17.0621 2856 wcncsvc - ok
19:48:17.0731 2856 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:48:17.0933 2856 WcsPlugInService - ok
19:48:18.0074 2856 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:48:18.0136 2856 Wd - ok
19:48:18.0339 2856 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:48:18.0433 2856 WDC_SAM - ok
19:48:18.0729 2856 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:48:18.0823 2856 Wdf01000 - ok
19:48:18.0901 2856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:48:19.0805 2856 WdiServiceHost - ok
19:48:19.0837 2856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:48:19.0852 2856 WdiSystemHost - ok
19:48:19.0899 2856 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:48:19.0930 2856 WebClient - ok
19:48:19.0961 2856 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:48:20.0024 2856 Wecsvc - ok
19:48:20.0117 2856 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:48:20.0211 2856 wercplsupport - ok
19:48:20.0367 2856 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:48:20.0523 2856 WerSvc - ok
19:48:20.0601 2856 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:48:20.0632 2856 WfpLwf - ok
19:48:20.0679 2856 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:48:20.0788 2856 WIMMount - ok
19:48:20.0866 2856 WinDefend - ok
19:48:20.0866 2856 WinHttpAutoProxySvc - ok
19:48:21.0334 2856 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:48:21.0443 2856 Winmgmt - ok
19:48:22.0005 2856 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:48:22.0130 2856 WinRM - ok
19:48:22.0395 2856 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:48:22.0520 2856 WinUsb - ok
19:48:22.0785 2856 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:48:22.0832 2856 Wlansvc - ok
19:48:23.0549 2856 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:48:23.0596 2856 wlidsvc - ok
19:48:23.0659 2856 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:48:23.0768 2856 WmiAcpi - ok
19:48:23.0893 2856 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:48:23.0971 2856 wmiApSrv - ok
19:48:24.0111 2856 WMPNetworkSvc - ok
19:48:24.0142 2856 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:48:24.0267 2856 WPCSvc - ok
19:48:24.0329 2856 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:48:24.0345 2856 WPDBusEnum - ok
19:48:24.0423 2856 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:48:24.0485 2856 ws2ifsl - ok
19:48:24.0532 2856 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:48:24.0610 2856 wscsvc - ok
19:48:24.0626 2856 WSearch - ok
19:48:25.0125 2856 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:48:25.0172 2856 wuauserv - ok
19:48:25.0250 2856 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:48:25.0421 2856 WudfPf - ok
19:48:25.0531 2856 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:48:25.0562 2856 WUDFRd - ok
19:48:25.0655 2856 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:48:25.0718 2856 wudfsvc - ok
19:48:25.0889 2856 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:48:25.0999 2856 WwanSvc - ok
19:48:25.0999 2856 ================ Scan global ===============================
19:48:26.0061 2856 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:48:26.0217 2856 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:48:26.0279 2856 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:48:26.0389 2856 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:48:26.0545 2856 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:48:26.0545 2856 [Global] - ok
19:48:26.0545 2856 ================ Scan MBR ==================================
19:48:26.0576 2856 [ 02408B52285AAE6EBF7BED8ADA6DC2D4 ] \Device\Harddisk0\DR0
19:49:03.0748 2856 \Device\Harddisk0\DR0 - ok
19:49:03.0751 2856 [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1
19:49:03.0815 2856 \Device\Harddisk1\DR1 - ok
19:49:03.0815 2856 ================ Scan VBR ==================================
19:49:03.0839 2856 [ 26CFC4DD9AFCAE9BDA3B11157E2A24EA ] \Device\Harddisk0\DR0\Partition1
19:49:03.0906 2856 \Device\Harddisk0\DR0\Partition1 - ok
19:49:03.0932 2856 [ 1AA5D38B73FCC073787A6FFD4040A8BE ] \Device\Harddisk0\DR0\Partition2
19:49:04.0021 2856 \Device\Harddisk0\DR0\Partition2 - ok
19:49:04.0069 2856 [ 5CB87BC23CE7CE48C90921BBB83207DA ] \Device\Harddisk0\DR0\Partition3
19:49:04.0123 2856 \Device\Harddisk0\DR0\Partition3 - ok
19:49:04.0123 2856 [ 98FE5113F78ABA80397CF94F0BC204FE ] \Device\Harddisk1\DR1\Partition1
19:49:04.0123 2856 \Device\Harddisk1\DR1\Partition1 - ok
19:49:04.0123 2856 ================ Scan active images ========================
19:49:04.0123 2856 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:49:04.0123 2856 C:\Windows\System32\drivers\crashdmp.sys - ok
19:49:04.0123 2856 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
19:49:04.0123 2856 C:\Windows\System32\drivers\Dumpata.sys - ok
19:49:04.0123 2856 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
19:49:04.0123 2856 C:\Windows\System32\drivers\atapi.sys - ok
19:49:04.0138 2856 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
19:49:04.0138 2856 C:\Windows\System32\drivers\dumpfve.sys - ok
19:49:04.0138 2856 [ 400582B09E0BB557D0EC28A945150EEB ] C:\Windows\System32\drivers\dtsoftbus01.sys
19:49:04.0138 2856 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
19:49:04.0138 2856 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:49:04.0138 2856 C:\Windows\System32\drivers\cdrom.sys - ok
19:49:04.0154 2856 [ 8490798365236B6C8E54DEDD27A42D07 ] C:\Windows\System32\drivers\klif.sys
19:49:04.0154 2856 C:\Windows\System32\drivers\klif.sys - ok
19:49:04.0154 2856 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:49:04.0154 2856 C:\Windows\System32\drivers\null.sys - ok
19:49:04.0154 2856 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:49:04.0154 2856 C:\Windows\System32\drivers\beep.sys - ok
19:49:04.0154 2856 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:49:04.0154 2856 C:\Windows\System32\drivers\watchdog.sys - ok
19:49:04.0169 2856 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:49:04.0169 2856 C:\Windows\System32\drivers\msfs.sys - ok
19:49:04.0169 2856 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:49:04.0169 2856 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:49:04.0169 2856 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:49:04.0169 2856 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:49:04.0185 2856 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:49:04.0185 2856 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:49:04.0185 2856 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:49:04.0185 2856 C:\Windows\System32\drivers\vga.sys - ok
19:49:04.0185 2856 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:49:04.0185 2856 C:\Windows\System32\drivers\videoprt.sys - ok
19:49:04.0185 2856 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:49:04.0185 2856 C:\Windows\System32\drivers\npfs.sys - ok
19:49:04.0185 2856 [ D865DD8B0448E3F963D68C04C532858F ] C:\Windows\System32\drivers\kl2.sys
19:49:04.0185 2856 C:\Windows\System32\drivers\kl2.sys - ok
19:49:04.0201 2856 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:49:04.0201 2856 C:\Windows\System32\drivers\tdi.sys - ok
19:49:04.0201 2856 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:49:04.0201 2856 C:\Windows\System32\drivers\tdx.sys - ok
19:49:04.0201 2856 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:49:04.0201 2856 C:\Windows\System32\drivers\afd.sys - ok
19:49:04.0201 2856 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:49:04.0201 2856 C:\Windows\System32\drivers\netbt.sys - ok
19:49:04.0216 2856 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:49:04.0216 2856 C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:49:04.0216 2856 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] C:\Windows\System32\drivers\klim6.sys
19:49:04.0216 2856 C:\Windows\System32\drivers\klim6.sys - ok
19:49:04.0216 2856 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:49:04.0216 2856 C:\Windows\System32\drivers\pacer.sys - ok
19:49:04.0216 2856 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
19:49:04.0216 2856 C:\Windows\System32\drivers\vwififlt.sys - ok
19:49:04.0232 2856 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:49:04.0232 2856 C:\Windows\System32\drivers\wfplwf.sys - ok
19:49:04.0232 2856 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:49:04.0232 2856 C:\Windows\System32\drivers\netbios.sys - ok
19:49:04.0232 2856 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:49:04.0232 2856 C:\Windows\System32\drivers\wanarp.sys - ok
19:49:04.0232 2856 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:49:04.0232 2856 C:\Windows\System32\drivers\mssmbios.sys - ok
19:49:04.0247 2856 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:49:04.0247 2856 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:49:04.0247 2856 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:49:04.0247 2856 C:\Windows\System32\drivers\rdbss.sys - ok
19:49:04.0247 2856 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:49:04.0247 2856 C:\Windows\System32\drivers\termdd.sys - ok
19:49:04.0247 2856 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:49:04.0247 2856 C:\Windows\System32\drivers\discache.sys - ok
19:49:04.0263 2856 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:49:04.0263 2856 C:\Windows\System32\drivers\blbdrive.sys - ok
19:49:04.0263 2856 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:49:04.0263 2856 C:\Windows\System32\drivers\dfsc.sys - ok
19:49:04.0263 2856 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
19:49:04.0263 2856 C:\Windows\System32\drivers\intelppm.sys - ok
19:49:04.0263 2856 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:49:04.0263 2856 C:\Windows\System32\drivers\tunnel.sys - ok
19:49:04.0279 2856 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:49:04.0279 2856 C:\Windows\System32\ntdll.dll - ok
19:49:04.0279 2856 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
19:49:04.0279 2856 C:\Windows\System32\smss.exe - ok
19:49:04.0279 2856 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:49:04.0279 2856 C:\Windows\System32\autochk.exe - ok
19:49:04.0279 2856 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
19:49:04.0279 2856 C:\Windows\System32\drivers\nvlddmkm.sys - ok
19:49:04.0294 2856 [ 84FF37B1406DE71E4C27BF86DB2CA54C ] C:\Windows\System32\drivers\nvBridge.kmd
19:49:04.0294 2856 C:\Windows\System32\drivers\nvBridge.kmd - ok
19:49:04.0294 2856 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:49:04.0294 2856 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:49:04.0294 2856 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:49:04.0294 2856 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:49:04.0294 2856 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:49:04.0294 2856 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:49:04.0310 2856 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:49:04.0310 2856 C:\Windows\System32\drivers\usbport.sys - ok
19:49:04.0310 2856 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
19:49:04.0310 2856 C:\Windows\System32\drivers\usbuhci.sys - ok
19:49:04.0310 2856 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:49:04.0310 2856 C:\Windows\System32\drivers\ks.sys - ok
19:49:04.0310 2856 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:49:04.0310 2856 C:\Windows\System32\drivers\usbehci.sys - ok
19:49:04.0325 2856 [ 15708C6DE052E121BFD6384E2EFEA8B8 ] C:\Windows\System32\drivers\AVer888RC_64.sys
19:49:04.0325 2856 C:\Windows\System32\drivers\AVer888RC_64.sys - ok
19:49:04.0325 2856 [ D1CA0BE94F247D05F30F5F98AE29D4E4 ] C:\Windows\System32\drivers\BdaSup.sys
19:49:04.0325 2856 C:\Windows\System32\drivers\BdaSup.sys - ok
19:49:04.0325 2856 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:49:04.0325 2856 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:49:04.0325 2856 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:49:04.0325 2856 C:\Windows\System32\drivers\ksthunk.sys - ok
19:49:04.0341 2856 [ 91296F0B2653281B2F11E0FCE56AA427 ] C:\Windows\System32\drivers\Rt64win7.sys
19:49:04.0341 2856 C:\Windows\System32\drivers\Rt64win7.sys - ok
19:49:04.0341 2856 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:49:04.0341 2856 C:\Windows\System32\drivers\agilevpn.sys - ok
19:49:04.0341 2856 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:49:04.0341 2856 C:\Windows\System32\drivers\ndistapi.sys - ok
19:49:04.0341 2856 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:49:04.0341 2856 C:\Windows\System32\drivers\ndiswan.sys - ok
19:49:04.0341 2856 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:49:04.0341 2856 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:49:04.0357 2856 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:49:04.0357 2856 C:\Windows\System32\drivers\raspppoe.sys - ok
19:49:04.0357 2856 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:49:04.0357 2856 C:\Windows\System32\drivers\raspptp.sys - ok
19:49:04.0357 2856 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:49:04.0357 2856 C:\Windows\System32\drivers\rassstp.sys - ok
19:49:04.0357 2856 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
19:49:04.0357 2856 C:\Windows\System32\drivers\circlass.sys - ok
19:49:04.0372 2856 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:49:04.0372 2856 C:\Windows\System32\drivers\kbdclass.sys - ok
19:49:04.0372 2856 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:49:04.0372 2856 C:\Windows\System32\drivers\mouclass.sys - ok
19:49:04.0372 2856 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:49:04.0372 2856 C:\Windows\System32\drivers\swenum.sys - ok
19:49:04.0372 2856 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:49:04.0372 2856 C:\Windows\System32\drivers\umbus.sys - ok
19:49:04.0388 2856 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:49:04.0388 2856 C:\Windows\System32\drivers\usbhub.sys - ok
19:49:04.0388 2856 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:49:04.0388 2856 C:\Windows\System32\msvcrt.dll - ok
19:49:04.0388 2856 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:49:04.0388 2856 C:\Windows\System32\user32.dll - ok
19:49:04.0388 2856 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:49:04.0388 2856 C:\Windows\System32\comdlg32.dll - ok
19:49:04.0403 2856 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:49:04.0403 2856 C:\Windows\System32\setupapi.dll - ok
19:49:04.0403 2856 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:49:04.0403 2856 C:\Windows\System32\imm32.dll - ok
19:49:04.0403 2856 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:49:04.0403 2856 C:\Windows\System32\difxapi.dll - ok
19:49:04.0403 2856 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:49:04.0403 2856 C:\Windows\System32\ole32.dll - ok
19:49:04.0419 2856 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:49:04.0419 2856 C:\Windows\System32\ws2_32.dll - ok
19:49:04.0419 2856 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
19:49:04.0419 2856 C:\Windows\System32\kernel32.dll - ok
19:49:04.0419 2856 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:49:04.0419 2856 C:\Windows\System32\oleaut32.dll - ok
19:49:04.0419 2856 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
19:49:04.0419 2856 C:\Windows\System32\usp10.dll - ok
19:49:04.0435 2856 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:49:04.0435 2856 C:\Windows\System32\psapi.dll - ok
19:49:04.0435 2856 [ C41A504715F1BC09105D1FE8B46E9B2C ] C:\Windows\System32\iertutil.dll
19:49:04.0435 2856 C:\Windows\System32\iertutil.dll - ok
19:49:04.0435 2856 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:49:04.0435 2856 C:\Windows\System32\rpcrt4.dll - ok
19:49:04.0435 2856 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:49:04.0435 2856 C:\Windows\System32\shlwapi.dll - ok
19:49:04.0435 2856 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
19:49:04.0435 2856 C:\Windows\System32\shell32.dll - ok
19:49:04.0450 2856 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:49:04.0450 2856 C:\Windows\System32\imagehlp.dll - ok
19:49:04.0450 2856 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:49:04.0450 2856 C:\Windows\System32\advapi32.dll - ok
19:49:04.0450 2856 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:49:04.0450 2856 C:\Windows\System32\Wldap32.dll - ok
19:49:04.0450 2856 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:49:04.0450 2856 C:\Windows\System32\lpk.dll - ok
19:49:04.0466 2856 [ 74E96226CB92225E40AACC0E42D27AC0 ] C:\Windows\System32\urlmon.dll
19:49:04.0466 2856 C:\Windows\System32\urlmon.dll - ok
19:49:04.0466 2856 [ 7E04D13661FB771CA4FDBB836AD0BA49 ] C:\Windows\System32\wininet.dll
19:49:04.0466 2856 C:\Windows\System32\wininet.dll - ok
19:49:04.0466 2856 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:49:04.0466 2856 C:\Windows\System32\msctf.dll - ok
19:49:04.0466 2856 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:49:04.0466 2856 C:\Windows\System32\gdi32.dll - ok
19:49:04.0481 2856 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:49:04.0481 2856 C:\Windows\System32\clbcatq.dll - ok
19:49:04.0481 2856 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:49:04.0481 2856 C:\Windows\System32\normaliz.dll - ok
19:49:04.0481 2856 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:49:04.0481 2856 C:\Windows\System32\nsi.dll - ok
19:49:04.0481 2856 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:49:04.0481 2856 C:\Windows\System32\sechost.dll - ok
19:49:04.0481 2856 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:49:04.0481 2856 C:\Windows\System32\wintrust.dll - ok
19:49:04.0497 2856 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:49:04.0497 2856 C:\Windows\System32\cfgmgr32.dll - ok
19:49:04.0497 2856 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:49:04.0497 2856 C:\Windows\System32\devobj.dll - ok
19:49:04.0497 2856 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:49:04.0497 2856 C:\Windows\System32\comctl32.dll - ok
19:49:04.0497 2856 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
19:49:04.0497 2856 C:\Windows\System32\crypt32.dll - ok
19:49:04.0513 2856 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
19:49:04.0513 2856 C:\Windows\System32\KernelBase.dll - ok
19:49:04.0513 2856 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:49:04.0513 2856 C:\Windows\System32\msasn1.dll - ok
19:49:04.0513 2856 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:49:04.0513 2856 C:\Windows\SysWOW64\normaliz.dll - ok
19:49:04.0513 2856 [ 29F99B350859441F99CA09DBAB828900 ] C:\Windows\System32\drivers\AVer888RCIR_64.sys
19:49:04.0513 2856 C:\Windows\System32\drivers\AVer888RCIR_64.sys - ok
19:49:04.0528 2856 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:49:04.0528 2856 C:\Windows\System32\drivers\ndproxy.sys - ok
19:49:04.0528 2856 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:49:04.0528 2856 C:\Windows\System32\drivers\drmk.sys - ok
19:49:04.0528 2856 [ 102806B360D0E6BC6E55BF47EF655D43 ] C:\Windows\System32\drivers\nvhda64v.sys
19:49:04.0528 2856 C:\Windows\System32\drivers\nvhda64v.sys - ok
19:49:04.0528 2856 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:49:04.0528 2856 C:\Windows\System32\drivers\portcls.sys - ok
19:49:04.0544 2856 [ 31C32BC56D85D109EBB0C526BE5CACA7 ] C:\Windows\System32\drivers\RTKVHD64.sys
19:49:04.0544 2856 C:\Windows\System32\drivers\RTKVHD64.sys - ok
19:49:04.0544 2856 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:49:04.0544 2856 C:\Windows\System32\drivers\hidclass.sys - ok
19:49:04.0544 2856 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
19:49:04.0544 2856 C:\Windows\System32\drivers\hidir.sys - ok
19:49:04.0544 2856 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:49:04.0544 2856 C:\Windows\System32\drivers\hidparse.sys - ok
19:49:04.0559 2856 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
19:49:04.0559 2856 C:\Windows\System32\drivers\kbdhid.sys - ok
19:49:04.0559 2856 [ 9468D07E91BA136D82415F5DFC1FE168 ] C:\Windows\System32\drivers\klmouflt.sys
19:49:04.0559 2856 C:\Windows\System32\drivers\klmouflt.sys - ok
19:49:04.0559 2856 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:49:04.0559 2856 C:\Windows\System32\drivers\mouhid.sys - ok
19:49:04.0559 2856 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:49:04.0559 2856 C:\Windows\System32\drivers\dxapi.sys - ok
19:49:04.0575 2856 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
19:49:04.0575 2856 C:\Windows\System32\win32k.sys - ok
19:49:04.0575 2856 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
19:49:04.0575 2856 C:\Windows\System32\csrsrv.dll - ok
19:49:04.0575 2856 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:49:04.0575 2856 C:\Windows\System32\csrss.exe - ok
19:49:04.0575 2856 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:49:04.0575 2856 C:\Windows\System32\basesrv.dll - ok
19:49:04.0591 2856 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
19:49:04.0591 2856 C:\Windows\System32\winsrv.dll - ok
19:49:04.0591 2856 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:49:04.0591 2856 C:\Windows\System32\drivers\monitor.sys - ok
19:49:04.0591 2856 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:49:04.0591 2856 C:\Windows\System32\tsddd.dll - ok
19:49:04.0591 2856 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:49:04.0591 2856 C:\Windows\System32\profapi.dll - ok
19:49:04.0606 2856 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:49:04.0606 2856 C:\Windows\System32\sxssrv.dll - ok
19:49:04.0606 2856 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:49:04.0606 2856 C:\Windows\System32\wininit.exe - ok
19:49:04.0606 2856 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:49:04.0606 2856 C:\Windows\System32\drivers\usbccgp.sys - ok
19:49:04.0606 2856 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:49:04.0606 2856 C:\Windows\System32\drivers\usbd.sys - ok
19:49:04.0622 2856 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:49:04.0622 2856 C:\Windows\System32\KBDUS.DLL - ok
19:49:04.0622 2856 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:49:04.0622 2856 C:\Windows\System32\RpcRtRemote.dll - ok
19:49:04.0622 2856 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:49:04.0622 2856 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:49:04.0622 2856 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:49:04.0622 2856 C:\Windows\System32\cdd.dll - ok
19:49:04.0622 2856 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:49:04.0622 2856 C:\Windows\System32\drivers\hidusb.sys - ok
19:49:04.0637 2856 [ 9902B2F955AD34E62472D3AD25B496D7 ] C:\Windows\System32\KBDNE.DLL
19:49:04.0637 2856 C:\Windows\System32\KBDNE.DLL - ok
19:49:04.0637 2856 [ 331EFB5B729C3DB265F985D857B6F574 ] C:\Windows\System32\KBDUSX.DLL
19:49:04.0637 2856 C:\Windows\System32\KBDUSX.DLL - ok
19:49:04.0637 2856 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:49:04.0637 2856 C:\Windows\System32\sxs.dll - ok
19:49:04.0653 2856 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:49:04.0653 2856 C:\Windows\System32\WlS0WndH.dll - ok
19:49:04.0653 2856 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:49:04.0653 2856 C:\Windows\System32\cryptbase.dll - ok
19:49:04.0653 2856 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:49:04.0653 2856 C:\Windows\System32\apphelp.dll - ok
19:49:04.0653 2856 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:49:04.0653 2856 C:\Windows\System32\services.exe - ok
19:49:04.0669 2856 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:49:04.0669 2856 C:\Windows\System32\sspicli.dll - ok
19:49:04.0669 2856 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:49:04.0669 2856 C:\Windows\System32\scesrv.dll - ok
19:49:04.0669 2856 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:49:04.0669 2856 C:\Windows\System32\scext.dll - ok
19:49:04.0669 2856 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:49:04.0669 2856 C:\Windows\System32\secur32.dll - ok
19:49:04.0684 2856 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:49:04.0684 2856 C:\Windows\System32\srvcli.dll - ok
19:49:04.0684 2856 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:49:04.0684 2856 C:\Windows\System32\winlogon.exe - ok
19:49:04.0684 2856 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:49:04.0684 2856 C:\Windows\System32\winsta.dll - ok
19:49:04.0684 2856 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:49:04.0684 2856 C:\Windows\System32\lsass.exe - ok
19:49:04.0684 2856 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:49:04.0684 2856 C:\Windows\System32\lsm.exe - ok
19:49:04.0700 2856 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:49:04.0700 2856 C:\Windows\System32\sspisrv.dll - ok
19:49:04.0700 2856 [ 8784236EED5079493DA9FC95B28B89F8 ] C:\Windows\System32\WerFault.exe
19:49:04.0700 2856 C:\Windows\System32\WerFault.exe - ok
19:49:04.0700 2856 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
19:49:04.0700 2856 C:\Windows\System32\lsasrv.dll - ok
19:49:04.0700 2856 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:49:04.0700 2856 C:\Windows\System32\samsrv.dll - ok
19:49:04.0715 2856 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:49:04.0715 2856 C:\Windows\System32\sysntfy.dll - ok
19:49:04.0715 2856 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:49:04.0715 2856 C:\Windows\System32\wmsgapi.dll - ok
19:49:04.0715 2856 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:49:04.0715 2856 C:\Windows\System32\wer.dll - ok
19:49:04.0715 2856 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:49:04.0715 2856 C:\Windows\System32\cryptdll.dll - ok
19:49:04.0731 2856 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:49:04.0731 2856 C:\Windows\System32\wevtapi.dll - ok
19:49:04.0731 2856 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:49:04.0731 2856 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:49:04.0731 2856 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
19:49:04.0731 2856 C:\Windows\System32\drivers\USBAUDIO.sys - ok
19:49:04.0731 2856 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:49:04.0731 2856 C:\Windows\System32\authz.dll - ok
19:49:04.0747 2856 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:49:04.0747 2856 C:\Windows\System32\cngaudit.dll - ok
19:49:04.0747 2856 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
19:49:04.0747 2856 C:\Windows\System32\ncrypt.dll - ok
19:49:04.0747 2856 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:49:04.0747 2856 C:\Windows\System32\bcrypt.dll - ok
19:49:04.0747 2856 [ F152755F131ADFE452D534F4E9383590 ] C:\Windows\System32\Faultrep.dll
19:49:04.0747 2856 C:\Windows\System32\Faultrep.dll - ok
19:49:04.0762 2856 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:49:04.0762 2856 C:\Windows\System32\msprivs.dll - ok
19:49:04.0762 2856 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:49:04.0762 2856 C:\Windows\System32\netjoin.dll - ok
19:49:04.0762 2856 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:49:04.0762 2856 C:\Windows\System32\negoexts.dll - ok
19:49:04.0762 2856 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:49:04.0762 2856 C:\Windows\System32\wkscli.dll - ok
19:49:04.0762 2856 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:49:04.0762 2856 C:\Windows\System32\kerberos.dll - ok
19:49:04.0778 2856 [ E543D373382C3B76D3BC27585DEF3907 ] C:\Windows\System32\atmfd.dll
19:49:04.0778 2856 C:\Windows\System32\atmfd.dll - ok
19:49:04.0778 2856 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:49:04.0778 2856 C:\Windows\System32\cryptsp.dll - ok
19:49:04.0778 2856 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:49:04.0778 2856 C:\Windows\System32\msv1_0.dll - ok
19:49:04.0778 2856 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:49:04.0778 2856 C:\Windows\System32\mswsock.dll - ok
19:49:04.0778 2856 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:49:04.0778 2856 C:\Windows\System32\wship6.dll - ok
19:49:04.0793 2856 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:49:04.0793 2856 C:\Windows\System32\netlogon.dll - ok
19:49:04.0793 2856 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:49:04.0793 2856 C:\Windows\System32\dnsapi.dll - ok
19:49:04.0793 2856 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:49:04.0793 2856 C:\Windows\System32\logoncli.dll - ok
19:49:04.0793 2856 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
19:49:04.0793 2856 C:\Windows\System32\schannel.dll - ok
19:49:04.0809 2856 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:49:04.0809 2856 C:\Windows\System32\wdigest.dll - ok
19:49:04.0809 2856 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:49:04.0809 2856 C:\Windows\System32\rsaenh.dll - ok
19:49:04.0809 2856 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:49:04.0809 2856 C:\Windows\System32\TSpkg.dll - ok
19:49:04.0809 2856 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
19:49:04.0809 2856 C:\Windows\System32\LIVESSP.DLL - ok
19:49:04.0825 2856 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:49:04.0825 2856 C:\Windows\System32\pku2u.dll - ok
19:49:04.0825 2856 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:49:04.0825 2856 C:\Windows\System32\bcryptprimitives.dll - ok
19:49:04.0825 2856 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:49:04.0825 2856 C:\Windows\System32\efslsaext.dll - ok
19:49:04.0825 2856 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:49:04.0825 2856 C:\Windows\System32\credssp.dll - ok
19:49:04.0840 2856 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:49:04.0840 2856 C:\Windows\System32\scecli.dll - ok
19:49:04.0840 2856 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:49:04.0840 2856 C:\Windows\System32\ubpm.dll - ok
19:49:04.0840 2856 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:49:04.0840 2856 C:\Windows\System32\netutils.dll - ok
19:49:04.0840 2856 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:49:04.0840 2856 C:\Windows\System32\svchost.exe - ok
19:49:04.0840 2856 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:49:04.0840 2856 C:\Windows\System32\umpnpmgr.dll - ok
19:49:04.0856 2856 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:49:04.0856 2856 C:\Windows\System32\SPInf.dll - ok
19:49:04.0856 2856 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:49:04.0856 2856 C:\Windows\System32\devrtl.dll - ok
19:49:04.0856 2856 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:49:04.0856 2856 C:\Windows\System32\userenv.dll - ok
19:49:04.0856 2856 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:49:04.0856 2856 C:\Windows\System32\gpapi.dll - ok
19:49:04.0871 2856 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:49:04.0871 2856 C:\Windows\System32\umpo.dll - ok
19:49:04.0871 2856 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:49:04.0871 2856 C:\Windows\System32\pcwum.dll - ok
19:49:04.0871 2856 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:49:04.0871 2856 C:\Windows\System32\powrprof.dll - ok
19:49:04.0871 2856 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:49:04.0871 2856 C:\Windows\System32\drivers\luafv.sys - ok
19:49:04.0887 2856 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
19:49:04.0887 2856 C:\Windows\System32\drivers\mbam.sys - ok
19:49:04.0887 2856 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
19:49:04.0887 2856 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:49:04.0887 2856 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe
19:49:04.0887 2856 C:\Windows\System32\nvvsvc.exe - ok
19:49:04.0887 2856 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:49:04.0887 2856 C:\Windows\System32\wtsapi32.dll - ok
19:49:04.0903 2856 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:49:04.0903 2856 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
19:49:04.0903 2856 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:49:04.0903 2856 C:\Windows\SysWOW64\ntdll.dll - ok
19:49:04.0903 2856 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
19:49:04.0903 2856 C:\Windows\System32\wow64.dll - ok
19:49:04.0903 2856 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
19:49:04.0903 2856 C:\Windows\System32\wow64win.dll - ok
19:49:04.0903 2856 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
19:49:04.0903 2856 C:\Windows\System32\wow64cpu.dll - ok
19:49:04.0918 2856 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
19:49:04.0918 2856 C:\Windows\SysWOW64\kernel32.dll - ok
19:49:04.0918 2856 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
19:49:04.0918 2856 C:\Windows\SysWOW64\KernelBase.dll - ok
19:49:04.0918 2856 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:49:04.0918 2856 C:\Windows\SysWOW64\msvcrt.dll - ok
19:49:04.0918 2856 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:49:04.0918 2856 C:\Windows\SysWOW64\setupapi.dll - ok
19:49:04.0934 2856 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:49:04.0934 2856 C:\Windows\SysWOW64\version.dll - ok
19:49:04.0934 2856 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:49:04.0934 2856 C:\Windows\SysWOW64\advapi32.dll - ok
19:49:04.0934 2856 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:49:04.0934 2856 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:49:04.0934 2856 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:49:04.0934 2856 C:\Windows\SysWOW64\cryptbase.dll - ok
19:49:04.0949 2856 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:49:04.0949 2856 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:49:04.0949 2856 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:49:04.0949 2856 C:\Windows\SysWOW64\sechost.dll - ok
19:49:04.0949 2856 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
19:49:04.0949 2856 C:\Windows\SysWOW64\sspicli.dll - ok
19:49:04.0965 2856 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:49:04.0965 2856 C:\Windows\SysWOW64\gdi32.dll - ok
19:49:04.0965 2856 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:49:04.0965 2856 C:\Windows\SysWOW64\lpk.dll - ok
19:49:04.0965 2856 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:49:04.0965 2856 C:\Windows\SysWOW64\ole32.dll - ok
19:49:04.0965 2856 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:49:04.0965 2856 C:\Windows\SysWOW64\oleaut32.dll - ok
19:49:04.0965 2856 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:49:04.0965 2856 C:\Windows\SysWOW64\user32.dll - ok
19:49:04.0981 2856 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
19:49:04.0981 2856 C:\Windows\SysWOW64\usp10.dll - ok
19:49:04.0981 2856 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:49:04.0981 2856 C:\Windows\SysWOW64\devobj.dll - ok
19:49:04.0981 2856 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:49:04.0981 2856 C:\Windows\SysWOW64\winspool.drv - ok
19:49:04.0981 2856 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
19:49:04.0981 2856 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
19:49:04.0996 2856 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:49:04.0996 2856 C:\Windows\SysWOW64\imm32.dll - ok
19:49:04.0996 2856 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:49:04.0996 2856 C:\Windows\SysWOW64\msctf.dll - ok
19:49:04.0996 2856 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
19:49:04.0996 2856 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
19:49:04.0996 2856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:49:04.0996 2856 C:\Windows\System32\rpcss.dll - ok
19:49:05.0012 2856 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:49:05.0012 2856 C:\Windows\System32\RpcEpMap.dll - ok
19:49:05.0012 2856 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
19:49:05.0012 2856 C:\Windows\SysWOW64\crypt32.dll - ok
19:49:05.0012 2856 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:49:05.0012 2856 C:\Windows\SysWOW64\wintrust.dll - ok
19:49:05.0012 2856 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:49:05.0012 2856 C:\Windows\SysWOW64\msasn1.dll - ok
19:49:05.0012 2856 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:49:05.0012 2856 C:\Windows\SysWOW64\ntmarta.dll - ok
19:49:05.0027 2856 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:49:05.0027 2856 C:\Windows\SysWOW64\Wldap32.dll - ok
19:49:05.0027 2856 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:49:05.0027 2856 C:\Windows\System32\WSHTCPIP.DLL - ok
19:49:05.0027 2856 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:49:05.0027 2856 C:\Windows\System32\wshqos.dll - ok
19:49:05.0027 2856 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:49:05.0027 2856 C:\Windows\System32\FirewallAPI.dll - ok
19:49:05.0043 2856 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:49:05.0043 2856 C:\Windows\SysWOW64\devrtl.dll - ok
19:49:05.0043 2856 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
19:49:05.0043 2856 C:\Windows\SysWOW64\SPInf.dll - ok
19:49:05.0043 2856 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:49:05.0043 2856 C:\Windows\System32\LogonUI.exe - ok
19:49:05.0043 2856 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:49:05.0043 2856 C:\Windows\System32\version.dll - ok
19:49:05.0059 2856 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:49:05.0059 2856 C:\Windows\System32\wevtsvc.dll - ok
19:49:05.0059 2856 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:49:05.0059 2856 C:\Windows\System32\authui.dll - ok
19:49:05.0059 2856 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:49:05.0059 2856 C:\Windows\System32\cryptui.dll - ok
19:49:05.0059 2856 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:49:05.0059 2856 C:\Windows\System32\audiosrv.dll - ok
19:49:05.0074 2856 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:49:05.0074 2856 C:\Windows\System32\ntmarta.dll - ok
19:49:05.0074 2856 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
19:49:05.0074 2856 C:\Windows\System32\drivers\usbvideo.sys - ok
19:49:05.0074 2856 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:49:05.0074 2856 C:\Windows\System32\avrt.dll - ok
19:49:05.0090 2856 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:49:05.0090 2856 C:\Windows\System32\mmcss.dll - ok
19:49:05.0090 2856 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:49:05.0090 2856 C:\Windows\System32\MMDevAPI.dll - ok
19:49:05.0090 2856 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:49:05.0090 2856 C:\Windows\System32\netprofm.dll - ok
19:49:05.0090 2856 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:49:05.0090 2856 C:\Windows\System32\propsys.dll - ok
19:49:05.0090 2856 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
19:49:05.0090 2856 C:\Windows\System32\wlansvc.dll - ok
19:49:05.0105 2856 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:49:05.0105 2856 C:\Windows\System32\samlib.dll - ok
19:49:05.0105 2856 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:49:05.0105 2856 C:\Windows\System32\shacct.dll - ok
19:49:05.0105 2856 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:49:05.0105 2856 C:\Windows\System32\adtschema.dll - ok
19:49:05.0105 2856 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:49:05.0105 2856 C:\Windows\System32\MPSSVC.dll - ok
19:49:05.0121 2856 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:49:05.0121 2856 C:\Windows\System32\uxtheme.dll - ok
19:49:05.0121 2856 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
19:49:05.0121 2856 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
19:49:05.0121 2856 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:49:05.0121 2856 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:49:05.0121 2856 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
19:49:05.0121 2856 C:\Windows\System32\WUDFPlatform.dll - ok
19:49:05.0137 2856 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
19:49:05.0137 2856 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
19:49:05.0137 2856 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:49:05.0137 2856 C:\Windows\System32\drivers\fltMgr.sys - ok
19:49:05.0137 2856 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:49:05.0137 2856 C:\Windows\System32\audiodg.exe - ok
19:49:05.0137 2856 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:49:05.0137 2856 C:\Windows\System32\dui70.dll - ok
19:49:05.0152 2856 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:49:05.0152 2856 C:\Windows\System32\PSHED.DLL - ok
19:49:05.0152 2856 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:49:05.0152 2856 C:\Windows\System32\duser.dll - ok
19:49:05.0152 2856 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:49:05.0152 2856 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:49:05.0152 2856 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:49:05.0152 2856 C:\Windows\System32\SndVolSSO.dll - ok
19:49:05.0168 2856 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:49:05.0168 2856 C:\Windows\System32\hid.dll - ok
19:49:05.0168 2856 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:49:05.0168 2856 C:\Windows\System32\dwmapi.dll - ok
19:49:05.0168 2856 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:49:05.0168 2856 C:\Windows\System32\xmllite.dll - ok
19:49:05.0168 2856 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
19:49:05.0168 2856 C:\Windows\System32\WindowsCodecs.dll - ok
19:49:05.0168 2856 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:49:05.0168 2856 C:\Windows\System32\gpsvc.dll - ok
19:49:05.0183 2856 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
19:49:05.0183 2856 C:\Windows\System32\nlaapi.dll - ok
19:49:05.0183 2856 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:49:05.0183 2856 C:\Windows\System32\themeservice.dll - ok
19:49:05.0183 2856 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:49:05.0183 2856 C:\Windows\System32\atl.dll - ok
19:49:05.0183 2856 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:49:05.0183 2856 C:\Windows\System32\profsvc.dll - ok
19:49:05.0199 2856 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:49:05.0199 2856 C:\Windows\System32\dsrole.dll - ok
19:49:05.0199 2856 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:49:05.0199 2856 C:\Windows\System32\slc.dll - ok
19:49:05.0199 2856 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:49:05.0199 2856 C:\Windows\System32\es.dll - ok
19:49:05.0199 2856 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:49:05.0199 2856 C:\Windows\System32\comres.dll - ok
19:49:05.0215 2856 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:49:05.0215 2856 C:\Windows\System32\Sens.dll - ok
19:49:05.0215 2856 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:49:05.0215 2856 C:\Windows\System32\uxsms.dll - ok
19:49:05.0215 2856 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
19:49:05.0215 2856 C:\Windows\System32\WUDFSvc.dll - ok
19:49:05.0215 2856 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:49:05.0215 2856 C:\Windows\System32\drivers\lltdio.sys - ok
19:49:05.0230 2856 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
19:49:05.0230 2856 C:\Windows\System32\drivers\nwifi.sys - ok
19:49:05.0230 2856 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
19:49:05.0230 2856 C:\Windows\System32\drivers\ndisuio.sys - ok
19:49:05.0230 2856 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:49:05.0230 2856 C:\Windows\System32\drivers\rspndr.sys - ok
19:49:05.0230 2856 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:49:05.0230 2856 C:\Windows\System32\IPHLPAPI.DLL - ok
19:49:05.0246 2856 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:49:05.0246 2856 C:\Windows\System32\lmhsvc.dll - ok
19:49:05.0246 2856 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:49:05.0246 2856 C:\Windows\System32\nsisvc.dll - ok
19:49:05.0246 2856 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:49:05.0246 2856 C:\Windows\System32\dhcpcore.dll - ok
19:49:05.0246 2856 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:49:05.0246 2856 C:\Windows\System32\nrpsrv.dll - ok
19:49:05.0246 2856 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:49:05.0246 2856 C:\Windows\System32\winnsi.dll - ok
19:49:05.0261 2856 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:49:05.0261 2856 C:\Windows\System32\dnsrslvr.dll - ok
19:49:05.0261 2856 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
19:49:05.0261 2856 C:\Windows\System32\keyiso.dll - ok
19:49:05.0261 2856 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:49:05.0261 2856 C:\Windows\System32\winbrand.dll - ok
19:49:05.0261 2856 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
19:49:05.0261 2856 C:\Windows\System32\dhcpcore6.dll - ok
19:49:05.0277 2856 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
19:49:05.0277 2856 C:\Windows\System32\eapphost.dll - ok
19:49:05.0277 2856 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
19:49:05.0277 2856 C:\Windows\System32\eapsvc.dll - ok
19:49:05.0277 2856 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:49:05.0277 2856 C:\Windows\System32\VaultCredProvider.dll - ok
19:49:05.0277 2856 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:49:05.0277 2856 C:\Windows\System32\umb.dll - ok
19:49:05.0293 2856 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
19:49:05.0293 2856 C:\Windows\System32\wlanmsm.dll - ok
19:49:05.0293 2856 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:49:05.0293 2856 C:\Windows\System32\FWPUCLNT.DLL - ok
19:49:05.0293 2856 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:49:05.0293 2856 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:49:05.0293 2856 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:49:05.0293 2856 C:\Windows\System32\BioCredProv.dll - ok
19:49:05.0308 2856 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:49:05.0308 2856 C:\Windows\System32\dhcpcsvc.dll - ok
19:49:05.0308 2856 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
19:49:05.0308 2856 C:\Windows\System32\dhcpcsvc6.dll - ok
19:49:05.0308 2856 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:49:05.0308 2856 C:\Windows\System32\dnsext.dll - ok
19:49:05.0308 2856 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
19:49:05.0308 2856 C:\Windows\System32\wlansec.dll - ok
19:49:05.0308 2856 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:49:05.0308 2856 C:\Windows\System32\credui.dll - ok
19:49:05.0324 2856 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:49:05.0324 2856 C:\Windows\System32\winbio.dll - ok
19:49:05.0324 2856 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:49:05.0324 2856 C:\Windows\System32\eappcfg.dll - ok
19:49:05.0324 2856 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:49:05.0324 2856 C:\Windows\System32\eappprxy.dll - ok
19:49:05.0324 2856 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:49:05.0324 2856 C:\Windows\System32\netapi32.dll - ok
19:49:05.0339 2856 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:49:05.0339 2856 C:\Windows\System32\onex.dll - ok
19:49:05.0339 2856 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:49:05.0339 2856 C:\Windows\System32\samcli.dll - ok
19:49:05.0339 2856 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:49:05.0339 2856 C:\Windows\System32\vaultcli.dll - ok
19:49:05.0339 2856 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
19:49:05.0339 2856 C:\Windows\System32\l2gpstore.dll - ok
19:49:05.0355 2856 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
19:49:05.0355 2856 C:\Windows\System32\wlgpclnt.dll - ok
19:49:05.0355 2856 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:49:05.0355 2856 C:\Windows\System32\certCredProvider.dll - ok
19:49:05.0355 2856 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
19:49:05.0355 2856 C:\Windows\System32\WinSCard.dll - ok
19:49:05.0355 2856 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:49:05.0355 2856 C:\Windows\System32\wlanutil.dll - ok
19:49:05.0355 2856 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
19:49:05.0355 2856 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
19:49:05.0371 2856 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
19:49:05.0371 2856 C:\Windows\System32\msxml6.dll - ok
19:49:05.0371 2856 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:49:05.0371 2856 C:\Windows\System32\rasplap.dll - ok
19:49:05.0371 2856 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:49:05.0371 2856 C:\Windows\System32\rasapi32.dll - ok
19:49:05.0371 2856 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:49:05.0371 2856 C:\Windows\System32\rasman.dll - ok
19:49:05.0386 2856 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:49:05.0386 2856 C:\Windows\System32\rtutils.dll - ok
19:49:05.0386 2856 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:49:05.0386 2856 C:\Windows\System32\shsvcs.dll - ok
19:49:05.0386 2856 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:49:05.0386 2856 C:\Windows\System32\schedsvc.dll - ok
19:49:05.0386 2856 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:49:05.0386 2856 C:\Windows\System32\ktmw32.dll - ok
19:49:05.0402 2856 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:49:05.0402 2856 C:\Windows\System32\fveapi.dll - ok
19:49:05.0402 2856 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:49:05.0402 2856 C:\Windows\System32\fvecerts.dll - ok
19:49:05.0402 2856 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:49:05.0402 2856 C:\Windows\System32\taskcomp.dll - ok
19:49:05.0417 2856 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:49:05.0417 2856 C:\Windows\System32\tbs.dll - ok
19:49:05.0417 2856 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:49:05.0417 2856 C:\Windows\System32\drivers\http.sys - ok
19:49:05.0417 2856 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:49:05.0417 2856 C:\Windows\System32\UXInit.dll - ok
19:49:05.0417 2856 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:49:05.0417 2856 C:\Windows\System32\spoolsv.exe - ok
19:49:05.0433 2856 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
19:49:05.0433 2856 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok
19:49:05.0433 2856 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:49:05.0433 2856 C:\Windows\System32\wiarpc.dll - ok
19:49:05.0433 2856 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll
19:49:05.0433 2856 C:\Windows\System32\nvsvc64.dll - ok
19:49:05.0433 2856 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:49:05.0433 2856 C:\Windows\System32\oleacc.dll - ok
19:49:05.0433 2856 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll
19:49:05.0433 2856 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok
19:49:05.0449 2856 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:49:05.0449 2856 C:\Windows\System32\BFE.DLL - ok
19:49:05.0449 2856 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
19:49:05.0449 2856 C:\Windows\System32\UIAutomationCore.dll - ok
19:49:05.0449 2856 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:49:05.0449 2856 C:\Windows\System32\msimg32.dll - ok
19:49:05.0449 2856 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:49:05.0449 2856 C:\Windows\System32\drivers\bowser.sys - ok
19:49:05.0464 2856 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:49:05.0464 2856 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:49:05.0464 2856 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:49:05.0464 2856 C:\Windows\System32\mscms.dll - ok
19:49:05.0464 2856 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:49:05.0464 2856 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:49:05.0464 2856 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:49:05.0464 2856 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:49:05.0480 2856 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:49:05.0480 2856 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:49:05.0480 2856 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
19:49:05.0480 2856 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
19:49:05.0480 2856 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:49:05.0480 2856 C:\Windows\System32\winmm.dll - ok
19:49:05.0480 2856 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:49:05.0480 2856 C:\Windows\System32\wkssvc.dll - ok
19:49:05.0480 2856 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:49:05.0480 2856 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:49:05.0495 2856 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll
19:49:05.0495 2856 C:\Windows\System32\nvapi64.dll - ok
19:49:05.0495 2856 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:49:05.0495 2856 C:\Windows\System32\wfapigp.dll - ok
19:49:05.0495 2856 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:49:05.0495 2856 C:\Windows\System32\imageres.dll - ok
19:49:05.0495 2856 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
19:49:05.0495 2856 C:\Windows\SysWOW64\shell32.dll - ok
19:49:05.0511 2856 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:49:05.0511 2856 C:\Windows\System32\pcasvc.dll - ok
19:49:05.0511 2856 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:49:05.0511 2856 C:\Windows\System32\snmptrap.exe - ok
19:49:05.0511 2856 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:49:05.0511 2856 C:\Windows\System32\provsvc.dll - ok
19:49:05.0511 2856 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:49:05.0511 2856 C:\Windows\System32\sstpsvc.dll - ok
19:49:05.0527 2856 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
19:49:05.0527 2856 C:\Windows\System32\nvsvcr.dll - ok
19:49:05.0527 2856 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:49:05.0527 2856 C:\Windows\System32\winspool.drv - ok
19:49:05.0527 2856 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:49:05.0527 2856 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:49:05.0527 2856 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
19:49:05.0527 2856 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
19:49:05.0542 2856 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll
19:49:05.0542 2856 C:\Windows\System32\nvcpl.dll - ok
19:49:05.0542 2856 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll
19:49:05.0542 2856 C:\Windows\System32\nvumdshimx.dll - ok
19:49:05.0542 2856 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll
19:49:05.0542 2856 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok
19:49:05.0542 2856 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll
19:49:05.0542 2856 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok
19:49:05.0558 2856 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:49:05.0558 2856 C:\Windows\SysWOW64\shlwapi.dll - ok
19:49:05.0558 2856 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:49:05.0558 2856 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:49:05.0558 2856 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:49:05.0558 2856 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
19:49:05.0558 2856 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:49:05.0558 2856 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:49:05.0573 2856 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:49:05.0573 2856 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:49:05.0573 2856 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
19:49:05.0573 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
19:49:05.0573 2856 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
19:49:05.0573 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
19:49:05.0589 2856 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
19:49:05.0589 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
19:49:05.0589 2856 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
19:49:05.0589 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
19:49:05.0589 2856 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:49:05.0589 2856 C:\Windows\SysWOW64\nsi.dll - ok
19:49:05.0589 2856 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:49:05.0589 2856 C:\Windows\SysWOW64\ws2_32.dll - ok
19:49:05.0589 2856 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
19:49:05.0589 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
19:49:05.0605 2856 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:49:05.0605 2856 C:\Windows\SysWOW64\wsock32.dll - ok
19:49:05.0605 2856 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
19:49:05.0605 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
19:49:05.0605 2856 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
19:49:05.0605 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
19:49:05.0605 2856 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:49:05.0605 2856 C:\Windows\SysWOW64\winmm.dll - ok
19:49:05.0620 2856 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
19:49:05.0620 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
19:49:05.0620 2856 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
19:49:05.0620 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
19:49:05.0620 2856 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:49:05.0620 2856 C:\Windows\System32\dllhost.exe - ok
19:49:05.0620 2856 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:49:05.0620 2856 C:\Windows\System32\IDStore.dll - ok
19:49:05.0636 2856 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
19:49:05.0636 2856 C:\Windows\System32\taskhost.exe - ok
19:49:05.0636 2856 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:49:05.0636 2856 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:49:05.0636 2856 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
19:49:05.0636 2856 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
19:49:05.0636 2856 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:49:05.0636 2856 C:\Windows\System32\localspl.dll - ok
19:49:05.0651 2856 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:49:05.0651 2856 C:\Windows\System32\rasadhlp.dll - ok
19:49:05.0651 2856 [ 488256C0AFA4D9C1CB3084C2956288DF ] C:\Windows\System32\CNMLMAD.DLL
19:49:05.0651 2856 C:\Windows\System32\CNMLMAD.DLL - ok
19:49:05.0651 2856 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:49:05.0651 2856 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:49:05.0651 2856 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:49:05.0651 2856 C:\Windows\System32\spoolss.dll - ok
19:49:05.0667 2856 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:49:05.0667 2856 C:\Windows\System32\FXSMON.dll - ok
19:49:05.0667 2856 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:49:05.0667 2856 C:\Windows\System32\HotStartUserAgent.dll - ok
19:49:05.0667 2856 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:49:05.0667 2856 C:\Windows\System32\tcpmon.dll - ok
19:49:05.0667 2856 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:49:05.0667 2856 C:\Windows\System32\snmpapi.dll - ok
19:49:05.0683 2856 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:49:05.0683 2856 C:\Windows\System32\wsnmp32.dll - ok
19:49:05.0683 2856 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
19:49:05.0683 2856 C:\Windows\System32\AtBroker.exe - ok
19:49:05.0683 2856 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:49:05.0683 2856 C:\Windows\System32\mpr.dll - ok
19:49:05.0683 2856 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:49:05.0683 2856 C:\Windows\System32\usbmon.dll - ok
19:49:05.0683 2856 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:49:05.0683 2856 C:\Windows\System32\WSDMon.dll - ok
19:49:05.0698 2856 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:49:05.0698 2856 C:\Windows\System32\userinit.exe - ok
19:49:05.0698 2856 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:49:05.0698 2856 C:\Windows\System32\WSDApi.dll - ok
19:49:05.0698 2856 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:49:05.0698 2856 C:\Windows\System32\dwm.exe - ok
19:49:05.0698 2856 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:49:05.0698 2856 C:\Windows\System32\dwmredir.dll - ok
19:49:05.0714 2856 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:49:05.0714 2856 C:\Windows\System32\webservices.dll - ok
19:49:05.0714 2856 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:49:05.0714 2856 C:\Windows\System32\dwmcore.dll - ok
19:49:05.0714 2856 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
19:49:05.0714 2856 C:\Windows\System32\d3d10_1.dll - ok
19:49:05.0714 2856 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:49:05.0714 2856 C:\Windows\System32\fundisc.dll - ok
19:49:05.0714 2856 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
19:49:05.0714 2856 C:\Windows\System32\d3d10_1core.dll - ok
19:49:05.0729 2856 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:49:05.0729 2856 C:\Windows\System32\fdPnp.dll - ok
19:49:05.0729 2856 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
19:49:05.0729 2856 C:\Windows\System32\dxgi.dll - ok
19:49:05.0729 2856 [ B5ED5424F3719BA248C6A1497DF2407C ] C:\Windows\System32\spool\prtprocs\x64\CNMPDAD.DLL
19:49:05.0729 2856 C:\Windows\System32\spool\prtprocs\x64\CNMPDAD.DLL - ok
19:49:05.0729 2856 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:49:05.0729 2856 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:49:05.0745 2856 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:49:05.0745 2856 C:\Windows\System32\PlaySndSrv.dll - ok
19:49:05.0745 2856 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:49:05.0745 2856 C:\Windows\System32\MsCtfMonitor.dll - ok
19:49:05.0745 2856 [ 80ED288D61ABCBB9B2DD3FCDDBB71E1E ] C:\Windows\System32\nvwgf2umx.dll
19:49:05.0745 2856 C:\Windows\System32\nvwgf2umx.dll - ok
19:49:05.0745 2856 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
19:49:05.0745 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
19:49:05.0761 2856 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:49:05.0761 2856 C:\Windows\System32\taskeng.exe - ok
19:49:05.0761 2856 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:49:05.0761 2856 C:\Windows\System32\msutb.dll - ok
19:49:05.0761 2856 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:49:05.0761 2856 C:\Windows\SysWOW64\profapi.dll - ok
19:49:05.0761 2856 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:49:05.0761 2856 C:\Windows\System32\TSChannel.dll - ok
19:49:05.0776 2856 [ 50D28F3F8B7C17056520C80A29EFE17C ] C:\Windows\System32\lpksetup.exe
19:49:05.0776 2856 C:\Windows\System32\lpksetup.exe - ok
19:49:05.0776 2856 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:05.0776 2856 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:49:05.0776 2856 [ 51B0C40F5AA14D1F4F417C59FF5B4995 ] C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
19:49:05.0776 2856 C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe - ok
19:49:05.0776 2856 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
19:49:05.0776 2856 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
19:49:05.0776 2856 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:49:05.0776 2856 C:\Windows\SysWOW64\comdlg32.dll - ok
19:49:05.0792 2856 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:49:05.0792 2856 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:49:05.0792 2856 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
19:49:05.0792 2856 C:\Windows\System32\dpx.dll - ok
19:49:05.0792 2856 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:49:05.0792 2856 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:49:05.0792 2856 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
19:49:05.0792 2856 C:\Windows\SysWOW64\oledlg.dll - ok
19:49:05.0807 2856 [ 42C671E0525618E23371D0E68282F37C ] C:\Windows\SysWOW64\wininet.dll
19:49:05.0807 2856 C:\Windows\SysWOW64\wininet.dll - ok
19:49:05.0807 2856 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:49:05.0807 2856 C:\Windows\SysWOW64\winnsi.dll - ok
19:49:05.0807 2856 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:49:05.0807 2856 C:\Windows\SysWOW64\netapi32.dll - ok
19:49:05.0807 2856 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:49:05.0807 2856 C:\Windows\SysWOW64\netutils.dll - ok
19:49:05.0823 2856 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:49:05.0823 2856 C:\Windows\SysWOW64\srvcli.dll - ok
19:49:05.0823 2856 [ 557A086A4659799D63A9CE474ADFEBE8 ] C:\Windows\SysWOW64\urlmon.dll
19:49:05.0823 2856 C:\Windows\SysWOW64\urlmon.dll - ok
19:49:05.0823 2856 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:49:05.0823 2856 C:\Windows\SysWOW64\wkscli.dll - ok
19:49:05.0823 2856 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
19:49:05.0823 2856 C:\Windows\System32\comsvcs.dll - ok
19:49:05.0823 2856 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:49:05.0823 2856 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:49:05.0839 2856 [ C5D48985BADF6CFEDCBCCDD5D92F526D ] C:\Windows\SysWOW64\iertutil.dll
19:49:05.0839 2856 C:\Windows\SysWOW64\iertutil.dll - ok
19:49:05.0839 2856 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:49:05.0839 2856 C:\Windows\SysWOW64\imagehlp.dll - ok
19:49:05.0839 2856 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:49:05.0839 2856 C:\Windows\SysWOW64\msi.dll - ok
19:49:05.0839 2856 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:49:05.0839 2856 C:\Windows\SysWOW64\uxtheme.dll - ok
19:49:05.0854 2856 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:49:05.0854 2856 C:\Windows\SysWOW64\clbcatq.dll - ok
19:49:05.0854 2856 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:49:05.0854 2856 C:\Windows\SysWOW64\dwmapi.dll - ok
19:49:05.0854 2856 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:49:05.0854 2856 C:\Windows\SysWOW64\cscapi.dll - ok
19:49:05.0854 2856 [ 37F358CBD2A1D82C56A542325DA6D368 ] C:\Windows\SysWOW64\ieframe.dll
19:49:05.0854 2856 C:\Windows\SysWOW64\ieframe.dll - ok
19:49:05.0870 2856 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:49:05.0870 2856 C:\Windows\SysWOW64\dbghelp.dll - ok
19:49:05.0870 2856 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:49:05.0870 2856 C:\Windows\SysWOW64\apphelp.dll - ok
19:49:05.0870 2856 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
19:49:05.0870 2856 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
19:49:05.0870 2856 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
19:49:05.0870 2856 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
19:49:05.0885 2856 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:49:05.0885 2856 C:\Windows\SysWOW64\mstask.dll - ok
19:49:05.0885 2856 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:49:05.0885 2856 C:\Windows\SysWOW64\userenv.dll - ok
19:49:05.0885 2856 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:49:05.0885 2856 C:\Windows\System32\cscapi.dll - ok
19:49:05.0885 2856 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:49:05.0885 2856 C:\Windows\System32\dbghelp.dll - ok
19:49:05.0901 2856 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:49:05.0901 2856 C:\Windows\SysWOW64\psapi.dll - ok
19:49:05.0901 2856 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:49:05.0901 2856 C:\Windows\SysWOW64\oleacc.dll - ok
19:49:05.0901 2856 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:49:05.0901 2856 C:\Windows\SysWOW64\sxs.dll - ok
19:49:05.0901 2856 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:49:05.0901 2856 C:\Windows\System32\uDWM.dll - ok
19:49:05.0901 2856 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:49:05.0901 2856 C:\Windows\SysWOW64\dnsapi.dll - ok
19:49:05.0917 2856 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:49:05.0917 2856 C:\Windows\SysWOW64\rasapi32.dll - ok
19:49:05.0917 2856 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:49:05.0917 2856 C:\Windows\SysWOW64\rasman.dll - ok
19:49:05.0917 2856 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:49:05.0917 2856 C:\Windows\SysWOW64\rtutils.dll - ok
19:49:05.0917 2856 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:49:05.0917 2856 C:\Windows\SysWOW64\SensApi.dll - ok
19:49:05.0932 2856 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
19:49:05.0932 2856 C:\Windows\System32\win32spl.dll - ok
19:49:05.0932 2856 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:49:05.0932 2856 C:\Windows\System32\inetpp.dll - ok
19:49:05.0932 2856 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
19:49:05.0932 2856 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
19:49:05.0932 2856 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:49:05.0932 2856 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:49:05.0948 2856 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
19:49:05.0948 2856 C:\Windows\SysWOW64\dnssd.dll - ok
19:49:05.0948 2856 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:49:05.0948 2856 C:\Windows\SysWOW64\mswsock.dll - ok
19:49:05.0948 2856 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:49:05.0948 2856 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:49:05.0948 2856 [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
19:49:05.0948 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe - ok
19:49:05.0963 2856 [ D803DDACAD79DC588C937190D95E390D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll
19:49:05.0963 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll - ok
19:49:05.0963 2856 [ 6D8EE63DD06E595858EC021E6B13135C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll
19:49:05.0963 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll - ok
19:49:05.0963 2856 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
19:49:05.0963 2856 C:\Windows\SysWOW64\fltLib.dll - ok
19:49:05.0979 2856 [ 4197DBBD6B76BADF2A49BBDBD71CCB21 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll
19:49:05.0979 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll - ok
19:49:05.0979 2856 [ EED1FBD0FDE9F97EB90BD8F5075CA0DF ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll
19:49:05.0979 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll - ok
19:49:05.0979 2856 [ AC85030671EE8276D46FC25DCBA1E076 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll
19:49:05.0979 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll - ok
19:49:05.0979 2856 [ 223135AF2A061F983C6D5BD253885120 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dumpwriter.dll
19:49:05.0979 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dumpwriter.dll - ok
19:49:05.0995 2856 [ 8EFB5CF2AD159AD40C1E450D7D1EDB47 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\clldr.dll
19:49:05.0995 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\clldr.dll - ok
19:49:05.0995 2856 [ BBD6EADAC482A006BEBF0227DC763092 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll
19:49:05.0995 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll - ok
19:49:05.0995 2856 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
19:49:05.0995 2856 C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:49:05.0995 2856 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
19:49:05.0995 2856 C:\Windows\System32\cryptsvc.dll - ok
19:49:06.0010 2856 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:49:06.0010 2856 C:\Windows\System32\dps.dll - ok
19:49:06.0010 2856 [ C08063F052308B6F5882482615387F30 ] C:\Windows\System32\drivers\cpuz135_x64.sys
19:49:06.0010 2856 C:\Windows\System32\drivers\cpuz135_x64.sys - ok
19:49:06.0010 2856 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
19:49:06.0010 2856 C:\Windows\SysWOW64\svchost.exe - ok
19:49:06.0010 2856 [ 21B3E714EDA19C7169139381E97899F3 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl
19:49:06.0010 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl - ok
19:49:06.0026 2856 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
19:49:06.0026 2856 C:\Windows\System32\cryptnet.dll - ok
19:49:06.0026 2856 [ 1D225A72413F32B5DB69E94FB574D929 ] C:\Windows\SysWOW64\ezsvc7.dll
19:49:06.0026 2856 C:\Windows\SysWOW64\ezsvc7.dll - ok
19:49:06.0026 2856 [ 621AC13798C1CF8D72737F3EA0515767 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl
19:49:06.0026 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl - ok
19:49:06.0026 2856 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:49:06.0026 2856 C:\Windows\SysWOW64\mpr.dll - ok
19:49:06.0041 2856 [ 5A457C3D00C1C701230A12AA1580114D ] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:49:06.0041 2856 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - ok
19:49:06.0041 2856 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:49:06.0041 2856 C:\Windows\System32\mscoree.dll - ok
19:49:06.0041 2856 [ 63B85A580D21AF9BC788FE69854FABD7 ] C:\Windows\SysWOW64\ezsvc7x.dll
19:49:06.0041 2856 C:\Windows\SysWOW64\ezsvc7x.dll - ok
19:49:06.0041 2856 [ 71AFA4402F0B456A55AFEC899F5FA93F ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl
19:49:06.0041 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl - ok
19:49:06.0041 2856 [ C94C955F69A65D54B3CE8EB8AB00E8DE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll
19:49:06.0041 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll - ok
19:49:06.0057 2856 [ 821127CA5F45638A12D6DF1F2C9103E9 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll
19:49:06.0057 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll - ok
19:49:06.0057 2856 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:49:06.0057 2856 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:49:06.0057 2856 [ 4FDDC789F9A33C342F6AE29F47883AEC ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll
19:49:06.0057 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll - ok
19:49:06.0057 2856 [ 0386C3CDC977A98C81DE7EC62DB5DD71 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl
19:49:06.0057 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl - ok
19:49:06.0073 2856 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:49:06.0073 2856 C:\Windows\explorer.exe - ok
19:49:06.0073 2856 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:49:06.0073 2856 C:\Windows\System32\taskschd.dll - ok
19:49:06.0073 2856 [ F07818B44FB5879E1A298EA07174B26C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl
19:49:06.0073 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl - ok
19:49:06.0073 2856 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:49:06.0073 2856 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:49:06.0088 2856 [ 1913B0BC16BF2B6481ECA48438C4770A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl
19:49:06.0088 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl - ok
19:49:06.0088 2856 [ 4D9C1475FC099D5E49F2FD7DD1AB8804 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\propmap.ppl
19:49:06.0088 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\propmap.ppl - ok
19:49:06.0088 2856 [ BE3594617BD42FD121D8817C922FFEEA ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\filemap.ppl
19:49:06.0088 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\filemap.ppl - ok
19:49:06.0088 2856 [ DDC17AADCD6A8830BAE8D78B1EB1999B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\tm.ppl
19:49:06.0088 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\tm.ppl - ok
19:49:06.0104 2856 [ 907449387E15BA9CB3D69CFC4077DB9E ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\bl.ppl
19:49:06.0104 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\bl.ppl - ok
19:49:06.0104 2856 [ E4DD7EC55F8C2DF6FF89A9BCDAA372B4 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wmihlpr.ppl
19:49:06.0104 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wmihlpr.ppl - ok
19:49:06.0104 2856 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
19:49:06.0104 2856 C:\Windows\SysWOW64\samcli.dll - ok
19:49:06.0104 2856 [ EB1337AB930813C744EBD1DE33A03EF9 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\regmap.ppl
19:49:06.0104 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\regmap.ppl - ok
19:49:06.0119 2856 [ 3D830DA10AE8BF43FCF3F877487853C6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\vercheck.ppl
19:49:06.0119 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\vercheck.ppl - ok
19:49:06.0119 2856 [ 40AB2B202EB3478A36CDDCA4F16FC3D7 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\acassembler.dll
19:49:06.0119 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\acassembler.dll - ok
19:49:06.0119 2856 [ DBFE03E9DC5F0FA88EE0587452E6DEFE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\am_facade.dll
19:49:06.0119 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\am_facade.dll - ok
19:49:06.0119 2856 [ E704F883FB01C2D3BAC69A4E946E22C2 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\storage.dll
19:49:06.0119 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\storage.dll - ok
19:49:06.0135 2856 [ 34FD14241BD3C5706305E9F02CC8541F ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ndetect.ppl
19:49:06.0135 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ndetect.ppl - ok
19:49:06.0135 2856 [ 91AE44422C4A9A5600284BFF6AA086E2 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\crpthlpr.ppl
19:49:06.0135 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\crpthlpr.ppl - ok
19:49:06.0135 2856 [ BEB5E7C250F95D62FCDD4C98F59222F8 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dtreg.ppl
19:49:06.0135 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dtreg.ppl - ok
19:49:06.0151 2856 [ A957011F8646FADD1237E46E37BCBDCD ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\report.ppl
19:49:06.0151 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\report.ppl - ok
19:49:06.0151 2856 [ 2A01E1E55090F0E9130D6D7A06422C54 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\schedule.ppl
19:49:06.0151 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\schedule.ppl - ok
19:49:06.0151 2856 [ 3A95D8C5C3D57E7F1B690A29B977AFC2 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\timer.ppl
19:49:06.0151 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\timer.ppl - ok
19:49:06.0151 2856 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:49:06.0151 2856 C:\Windows\System32\ExplorerFrame.dll - ok
19:49:06.0151 2856 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:49:06.0151 2856 C:\Windows\System32\EhStorShell.dll - ok
19:49:06.0166 2856 [ 7979639731124E5BF730061E29B96F7F ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
19:49:06.0166 2856 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
19:49:06.0166 2856 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:49:06.0166 2856 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:49:06.0166 2856 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:49:06.0166 2856 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:49:06.0182 2856 [ 97BB37731F04CEBC15C4FD09C8CE5176 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
19:49:06.0182 2856 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
19:49:06.0182 2856 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
19:49:06.0182 2856 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
19:49:06.0182 2856 [ 2189278AB7A6FA4428188606D93D202B ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:49:06.0182 2856 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:49:06.0182 2856 [ 53FE14BD8160EBE29EF29B0A5366F34A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
19:49:06.0182 2856 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
19:49:06.0182 2856 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:49:06.0182 2856 C:\Windows\System32\ntshrui.dll - ok
19:49:06.0197 2856 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:49:06.0197 2856 C:\Windows\System32\IconCodecService.dll - ok
19:49:06.0197 2856 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:49:06.0197 2856 C:\Windows\System32\vssapi.dll - ok
19:49:06.0197 2856 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:49:06.0197 2856 C:\Windows\System32\vsstrace.dll - ok
19:49:06.0197 2856 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
19:49:06.0197 2856 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
19:49:06.0213 2856 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
19:49:06.0213 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
19:49:06.0213 2856 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
19:49:06.0213 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
19:49:06.0213 2856 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
19:49:06.0213 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
19:49:06.0229 2856 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
19:49:06.0229 2856 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
19:49:06.0229 2856 [ 1E6ECA8B944A170020016F4ABCDAAAED ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\reportdb.ppl
19:49:06.0229 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\reportdb.ppl - ok
19:49:06.0229 2856 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
19:49:06.0229 2856 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
19:49:06.0244 2856 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
19:49:06.0244 2856 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
19:49:06.0244 2856 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
19:49:06.0244 2856 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
19:49:06.0244 2856 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
19:49:06.0244 2856 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
19:49:06.0244 2856 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
19:49:06.0244 2856 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
19:49:06.0260 2856 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll
19:49:06.0260 2856 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok
19:49:06.0260 2856 [ DEAB3BF5AEFBDC3F9AC0E020926EC81D ] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
19:49:06.0260 2856 C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe - ok
19:49:06.0260 2856 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
19:49:06.0260 2856 C:\Windows\System32\shfolder.dll - ok
19:49:06.0275 2856 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MSVCP71.DLL
19:49:06.0275 2856 C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MSVCP71.DLL - ok
19:49:06.0275 2856 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MSVCR71.DLL
19:49:06.0275 2856 C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MSVCR71.DLL - ok
19:49:06.0275 2856 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
19:49:06.0275 2856 C:\Windows\SysWOW64\hid.dll - ok
19:49:06.0275 2856 [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\mfc71u.dll
19:49:06.0275 2856 C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\mfc71u.dll - ok
19:49:06.0291 2856 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
19:49:06.0291 2856 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
19:49:06.0291 2856 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
19:49:06.0291 2856 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
19:49:06.0291 2856 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
19:49:06.0291 2856 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
19:49:06.0307 2856 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
19:49:06.0307 2856 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
19:49:06.0307 2856 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:49:06.0307 2856 C:\Windows\System32\NapiNSP.dll - ok
19:49:06.0307 2856 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:49:06.0307 2856 C:\Windows\System32\pnrpnsp.dll - ok
19:49:06.0307 2856 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:49:06.0307 2856 C:\Windows\System32\winrnr.dll - ok
19:49:06.0322 2856 [ 5D3F9E7CE4477D26A71A8B927A5E831A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lic.ppl
19:49:06.0322 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lic.ppl - ok
19:49:06.0322 2856 [ 3B815C50B50F8EE7CC75668CD74CBE6C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cbi.dll
19:49:06.0322 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cbi.dll - ok
19:49:06.0322 2856 [ D48DAC06DB15822D0B091D228298547C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hashmd5.ppl
19:49:06.0322 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hashmd5.ppl - ok
19:49:06.0322 2856 [ E8753D0A60BD0A4FD1D64044AA55B901 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klifpp.dll
19:49:06.0322 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klifpp.dll - ok
19:49:06.0338 2856 [ 2AFD47A92B2251221859D8D4EA7B8E23 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avs.ppl
19:49:06.0338 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avs.ppl - ok
19:49:06.0338 2856 [ E7F9C7C97752C1C4C8EC8A139CC2B406 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dmap.ppl
19:49:06.0338 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dmap.ppl - ok
19:49:06.0338 2856 [ AC6EBF23958EE09BA9C0595B78811A22 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\excludemanager.dll
19:49:06.0338 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\excludemanager.dll - ok
19:49:06.0353 2856 [ AA03194822C1C56516DA27F6AB4FFF25 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\threatsmanager.dll
19:49:06.0353 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\threatsmanager.dll - ok
19:49:06.0353 2856 [ 5E34F8250C33E4560588A50FCB2713F6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qb.ppl
19:49:06.0353 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qb.ppl - ok
19:49:06.0353 2856 [ E16BBF224B246349B407F6C00771CEE0 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\wmi64.exe
19:49:06.0353 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\wmi64.exe - ok
19:49:06.0353 2856 [ BC686499E32C19336DEABFD9A0A54F52 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\avengine.dll.bc686499e32c19336deabfd9a0a54f52
19:49:06.0353 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\avengine.dll.bc686499e32c19336deabfd9a0a54f52 - ok
19:49:06.0369 2856 [ 09CF6E78B110FA2C2F77C68FA48E215E ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_facade.dll
19:49:06.0369 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_facade.dll - ok
19:49:06.0369 2856 [ 5CAF4078292BFA90C1EAE266409C3F33 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavbase.kdl.5caf4078292bfa90c1eae266409c3f33
19:49:06.0369 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavbase.kdl.5caf4078292bfa90c1eae266409c3f33 - ok
19:49:06.0369 2856 [ 54E9635D5AF0B41667FBD0361E33706C ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavemu.kdl.54e9635d5af0b41667fbd0361e33706c
19:49:06.0369 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavemu.kdl.54e9635d5af0b41667fbd0361e33706c - ok
19:49:06.0369 2856 [ 90218EAD94BA6D1582046D05162F0BCA ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kjim.kdl.90218ead94ba6d1582046d05162f0bca
19:49:06.0369 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kjim.kdl.90218ead94ba6d1582046d05162f0bca - ok
19:49:06.0385 2856 [ FAEF3ECFD4325C2F9A413C3810EEA396 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\wmihlpr.ppl
19:49:06.0385 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\wmihlpr.ppl - ok
19:49:06.0385 2856 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:49:06.0385 2856 C:\Windows\SysWOW64\cryptsp.dll - ok
19:49:06.0385 2856 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
19:49:06.0385 2856 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
19:49:06.0385 2856 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
19:49:06.0385 2856 C:\Windows\System32\wscapi.dll - ok
19:49:06.0400 2856 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
19:49:06.0400 2856 C:\Windows\System32\wscisvif.dll - ok
19:49:06.0400 2856 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:49:06.0400 2856 C:\Windows\SysWOW64\rsaenh.dll - ok
19:49:06.0400 2856 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
19:49:06.0400 2856 C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe - ok
19:49:06.0400 2856 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
19:49:06.0400 2856 C:\Windows\System32\IKEEXT.DLL - ok
19:49:06.0416 2856 [ D73B5BEFC8BB6E877A7E6437E2613FFA ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
19:49:06.0416 2856 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
19:49:06.0416 2856 [ 108333981C841EB0FF198AA5DFCF3D3B ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:49:06.0416 2856 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
19:49:06.0416 2856 [ 61DACB0FBB1F7237FFEF769C23C903AF ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
19:49:06.0416 2856 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
19:49:06.0416 2856 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:49:06.0416 2856 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
19:49:06.0431 2856 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
19:49:06.0431 2856 C:\Windows\System32\vpnikeapi.dll - ok
19:49:06.0431 2856 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
19:49:06.0431 2856 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
19:49:06.0431 2856 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
19:49:06.0431 2856 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
19:49:06.0431 2856 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:49:06.0431 2856 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
19:49:06.0447 2856 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
19:49:06.0447 2856 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
19:49:06.0447 2856 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:49:06.0447 2856 C:\Windows\System32\netman.dll - ok
19:49:06.0447 2856 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
19:49:06.0447 2856 C:\Windows\System32\nlasvc.dll - ok
19:49:06.0463 2856 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:49:06.0463 2856 C:\Windows\System32\aepic.dll - ok
19:49:06.0463 2856 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:49:06.0463 2856 C:\Windows\System32\sfc.dll - ok
19:49:06.0463 2856 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:49:06.0463 2856 C:\Windows\System32\sfc_os.dll - ok
19:49:06.0463 2856 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:49:06.0463 2856 C:\Windows\SysWOW64\winsta.dll - ok
19:49:06.0478 2856 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
19:49:06.0478 2856 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
19:49:06.0478 2856 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:49:06.0478 2856 C:\Windows\System32\drivers\PEAuth.sys - ok
19:49:06.0478 2856 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] C:\Windows\SysWOW64\PnkBstrA.exe
19:49:06.0478 2856 C:\Windows\SysWOW64\PnkBstrA.exe - ok
19:49:06.0478 2856 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:49:06.0478 2856 C:\Windows\System32\drivers\secdrv.sys - ok
19:49:06.0478 2856 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
19:49:06.0478 2856 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
19:49:06.0494 2856 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
19:49:06.0494 2856 C:\Windows\System32\seclogon.dll - ok
19:49:06.0494 2856 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:49:06.0494 2856 C:\Windows\System32\drivers\srvnet.sys - ok
19:49:06.0494 2856 [ 6B4C6ECEE30E9F6D4DB704D6CF13A8C0 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\mark.kdl.6b4c6ecee30e9f6d4db704d6cf13a8c0
19:49:06.0494 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\mark.kdl.6b4c6ecee30e9f6d4db704d6cf13a8c0 - ok
19:49:06.0494 2856 [ 317DF7C0EFF0939E6289F5C72F65BA51 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51
19:49:06.0494 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51 - ok
19:49:06.0509 2856 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
19:49:06.0509 2856 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:49:06.0509 2856 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:49:06.0509 2856 C:\Windows\System32\sysmain.dll - ok
19:49:06.0509 2856 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:49:06.0509 2856 C:\Windows\System32\wiaservc.dll - ok
19:49:06.0509 2856 [ D8FB3E87A423BA9A64303A8AB742D96C ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\qscan.kdl.d8fb3e87a423ba9a64303a8ab742d96c
19:49:06.0509 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\qscan.kdl.d8fb3e87a423ba9a64303a8ab742d96c - ok
19:49:06.0525 2856 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:49:06.0525 2856 C:\Windows\System32\httpapi.dll - ok
19:49:06.0525 2856 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:49:06.0525 2856 C:\Windows\System32\wiatrace.dll - ok
19:49:06.0525 2856 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:49:06.0525 2856 C:\Windows\System32\trkwks.dll - ok
19:49:06.0541 2856 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
19:49:06.0541 2856 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:49:06.0541 2856 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:49:06.0541 2856 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
19:49:06.0541 2856 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
19:49:06.0541 2856 C:\Program Files\Windows Defender\MpSvc.dll - ok
19:49:06.0541 2856 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
19:49:06.0541 2856 C:\Program Files\Windows Defender\MpClient.dll - ok
19:49:06.0556 2856 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
19:49:06.0556 2856 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
19:49:06.0556 2856 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:49:06.0556 2856 C:\Windows\System32\SensApi.dll - ok
19:49:06.0556 2856 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:49:06.0556 2856 C:\Windows\System32\winhttp.dll - ok
19:49:06.0556 2856 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:49:06.0556 2856 C:\Windows\System32\aeevts.dll - ok
19:49:06.0572 2856 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
19:49:06.0572 2856 C:\Windows\System32\ncsi.dll - ok
19:49:06.0572 2856 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:49:06.0572 2856 C:\Windows\System32\wbemcomn.dll - ok
19:49:06.0572 2856 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
19:49:06.0572 2856 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:49:06.0572 2856 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:49:06.0572 2856 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:49:06.0587 2856 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
19:49:06.0587 2856 C:\Windows\System32\wbem\fastprox.dll - ok
19:49:06.0587 2856 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:49:06.0587 2856 C:\Windows\System32\ntdsapi.dll - ok
19:49:06.0587 2856 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
19:49:06.0587 2856 C:\Windows\System32\wbem\wbemprox.dll - ok
19:49:06.0587 2856 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
19:49:06.0587 2856 C:\Windows\System32\wbem\wbemcore.dll - ok
19:49:06.0603 2856 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
19:49:06.0603 2856 C:\Windows\System32\wbem\esscli.dll - ok
19:49:06.0603 2856 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:49:06.0603 2856 C:\Windows\System32\webio.dll - ok
19:49:06.0603 2856 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
19:49:06.0603 2856 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
19:49:06.0603 2856 [ 7FC520E215B0B2B41FA2E224FE8F6030 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pbs.kdl.7fc520e215b0b2b41fa2e224fe8f6030
19:49:06.0603 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pbs.kdl.7fc520e215b0b2b41fa2e224fe8f6030 - ok
19:49:06.0619 2856 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:49:06.0619 2856 C:\Windows\SysWOW64\webio.dll - ok
19:49:06.0619 2856 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:49:06.0619 2856 C:\Windows\SysWOW64\wship6.dll - ok
19:49:06.0619 2856 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
19:49:06.0619 2856 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
19:49:06.0619 2856 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
19:49:06.0619 2856 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
19:49:06.0634 2856 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:49:06.0634 2856 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:49:06.0634 2856 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:49:06.0634 2856 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:49:06.0634 2856 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
19:49:06.0634 2856 C:\Windows\SysWOW64\ntdsapi.dll - ok
19:49:06.0634 2856 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
19:49:06.0634 2856 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
19:49:06.0650 2856 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
19:49:06.0650 2856 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:49:06.0650 2856 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
19:49:06.0650 2856 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
19:49:06.0650 2856 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
19:49:06.0650 2856 C:\Windows\System32\wbem\wmiutils.dll - ok
19:49:06.0650 2856 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
19:49:06.0650 2856 C:\Windows\SysWOW64\esent.dll - ok
19:49:06.0665 2856 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
19:49:06.0665 2856 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:49:06.0665 2856 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:49:06.0665 2856 C:\Windows\System32\esent.dll - ok
19:49:06.0665 2856 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:49:06.0665 2856 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:49:06.0665 2856 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
19:49:06.0665 2856 C:\Windows\System32\ncobjapi.dll - ok
19:49:06.0681 2856 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
19:49:06.0681 2856 C:\Windows\SysWOW64\ncobjapi.dll - ok
19:49:06.0681 2856 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
19:49:06.0681 2856 C:\Windows\System32\wbem\wbemess.dll - ok
19:49:06.0681 2856 [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll
19:49:06.0681 2856 C:\Windows\SysWOW64\tapisrv.dll - ok
19:49:06.0681 2856 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
19:49:06.0681 2856 C:\Windows\System32\tapisrv.dll - ok
19:49:06.0697 2856 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
19:49:06.0697 2856 C:\Windows\SysWOW64\secur32.dll - ok
19:49:06.0697 2856 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:49:06.0697 2856 C:\Windows\SysWOW64\credssp.dll - ok
19:49:06.0697 2856 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
19:49:06.0697 2856 C:\Windows\SysWOW64\ssdpapi.dll - ok
19:49:06.0697 2856 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:49:06.0697 2856 C:\Windows\System32\ssdpapi.dll - ok
19:49:06.0712 2856 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:49:06.0712 2856 C:\Windows\SysWOW64\bcrypt.dll - ok
19:49:06.0712 2856 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:49:06.0712 2856 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:49:06.0712 2856 [ 5FCA87BFFA5DE5E86EA8BB662A2DBCA6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avzkrnl.dll
19:49:06.0712 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avzkrnl.dll - ok
19:49:06.0712 2856 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
19:49:06.0712 2856 C:\Windows\SysWOW64\wer.dll - ok
19:49:06.0728 2856 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
19:49:06.0728 2856 C:\Windows\SysWOW64\ncrypt.dll - ok
19:49:06.0728 2856 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
19:49:06.0728 2856 C:\Windows\SysWOW64\hhctrl.ocx - ok
19:49:06.0728 2856 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
19:49:06.0728 2856 C:\Program Files\Windows Defender\MpRTP.dll - ok
19:49:06.0728 2856 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll
19:49:06.0728 2856 C:\Windows\SysWOW64\WinSCard.dll - ok
19:49:06.0743 2856 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
19:49:06.0743 2856 C:\Windows\System32\iphlpsvc.dll - ok
19:49:06.0743 2856 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:49:06.0743 2856 C:\Windows\System32\drivers\srv2.sys - ok
19:49:06.0743 2856 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\SysWOW64\tdh.dll
19:49:06.0743 2856 C:\Windows\SysWOW64\tdh.dll - ok
19:49:06.0743 2856 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:49:06.0743 2856 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:49:06.0759 2856 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
19:49:06.0759 2856 C:\Windows\SysWOW64\sqmapi.dll - ok
19:49:06.0759 2856 [ 7B53984BB934E599A4E3668B2F678D48 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48
19:49:06.0759 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48 - ok
19:49:06.0759 2856 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:49:06.0759 2856 C:\Windows\System32\drivers\srv.sys - ok
19:49:06.0759 2856 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:49:06.0759 2856 C:\Windows\System32\sqmapi.dll - ok
19:49:06.0775 2856 [ 92BAA7DEBEDC6EBE803BC14BC5180AB3 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3
19:49:06.0775 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3 - ok
19:49:06.0775 2856 [ 72A073E7C796C359007E7D7158415750 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ichecker.dll
19:49:06.0775 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ichecker.dll - ok
19:49:06.0775 2856 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
19:49:06.0775 2856 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
19:49:06.0775 2856 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
19:49:06.0775 2856 C:\Windows\SysWOW64\wdscore.dll - ok
19:49:06.0790 2856 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:49:06.0790 2856 C:\Windows\System32\wdscore.dll - ok
19:49:06.0790 2856 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
19:49:06.0790 2856 C:\Windows\System32\tdh.dll - ok
19:49:06.0790 2856 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
19:49:06.0790 2856 C:\Windows\System32\rasmans.dll - ok
19:49:06.0790 2856 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:49:06.0790 2856 C:\Windows\System32\srvsvc.dll - ok
19:49:06.0806 2856 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll
19:49:06.0806 2856 C:\Windows\SysWOW64\eappprxy.dll - ok
19:49:06.0806 2856 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:49:06.0806 2856 C:\Windows\System32\browser.dll - ok
19:49:06.0806 2856 [ 1DA5B41B997BAB9BFD84278780BDB289 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahum.dll
19:49:06.0806 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahum.dll - ok
19:49:06.0806 2856 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\SysWOW64\rastapi.dll
19:49:06.0806 2856 C:\Windows\SysWOW64\rastapi.dll - ok
19:49:06.0821 2856 [ 6C66798EEAB224D7B581CA9344F99A02 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahcomm.dll
19:49:06.0821 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahcomm.dll - ok
19:49:06.0821 2856 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
19:49:06.0821 2856 C:\Windows\System32\rastapi.dll - ok
19:49:06.0821 2856 [ F8AC44B370D457CAF2DF771B2CE70E97 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahrule.dll
19:49:06.0821 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahrule.dll - ok
19:49:06.0821 2856 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
19:49:06.0821 2856 C:\Windows\SysWOW64\tapi32.dll - ok
19:49:06.0837 2856 [ 83BF7133DFD0BC702C870C8ED1416076 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\stat.ppl
19:49:06.0837 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\stat.ppl - ok
19:49:06.0837 2856 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
19:49:06.0837 2856 C:\Windows\System32\tapi32.dll - ok
19:49:06.0837 2856 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\SysWOW64\netmsg.dll
19:49:06.0837 2856 C:\Windows\SysWOW64\netmsg.dll - ok
19:49:06.0837 2856 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:49:06.0837 2856 C:\Windows\System32\netmsg.dll - ok
19:49:06.0853 2856 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
19:49:06.0853 2856 C:\Windows\SysWOW64\netcfgx.dll - ok
19:49:06.0853 2856 [ C08B6A19BBDC70187E84B04C1EE0F356 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\procmon.ppl
19:49:06.0853 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\procmon.ppl - ok
19:49:06.0853 2856 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:49:06.0853 2856 C:\Windows\System32\netcfgx.dll - ok
19:49:06.0853 2856 [ 1673AF398DE23F09E0F72B27E6DB8BE6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sandbox.ppl
19:49:06.0853 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sandbox.ppl - ok
19:49:06.0868 2856 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:49:06.0868 2856 C:\Windows\System32\hnetcfg.dll - ok
19:49:06.0868 2856 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
19:49:06.0868 2856 C:\Windows\SysWOW64\hnetcfg.dll - ok
19:49:06.0868 2856 [ 3ED1C2E7363C18D04BD3FDCAD437DACE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\netwatch.ppl
19:49:06.0868 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\netwatch.ppl - ok
19:49:06.0868 2856 [ AE19FD2ED75962CD3403B7AE66F00166 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imc.ppl
19:49:06.0868 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imc.ppl - ok
19:49:06.0884 2856 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
19:49:06.0884 2856 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
19:49:06.0884 2856 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:49:06.0884 2856 C:\Windows\SysWOW64\netprofm.dll - ok
19:49:06.0884 2856 [ BBBAF347C3CA71AB49CF050E9451A3D5 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ahids.ppl
19:49:06.0884 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ahids.ppl - ok
19:49:06.0884 2856 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll
19:49:06.0884 2856 C:\Windows\SysWOW64\sscore.dll - ok
19:49:06.0899 2856 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpengine.dll
19:49:06.0899 2856 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpengine.dll - ok
19:49:06.0899 2856 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\SysWOW64\unimdm.tsp
19:49:06.0899 2856 C:\Windows\SysWOW64\unimdm.tsp - ok
19:49:06.0899 2856 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:49:06.0899 2856 C:\Windows\System32\sscore.dll - ok
19:49:06.0899 2856 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
19:49:06.0899 2856 C:\Windows\SysWOW64\nci.dll - ok
19:49:06.0915 2856 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
19:49:06.0915 2856 C:\Windows\System32\unimdm.tsp - ok
19:49:06.0915 2856 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:49:06.0915 2856 C:\Windows\System32\nci.dll - ok
19:49:06.0915 2856 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
19:49:06.0915 2856 C:\Windows\SysWOW64\clusapi.dll - ok
19:49:06.0915 2856 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:49:06.0915 2856 C:\Windows\System32\clusapi.dll - ok
19:49:06.0931 2856 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\SysWOW64\uniplat.dll
19:49:06.0931 2856 C:\Windows\SysWOW64\uniplat.dll - ok
19:49:06.0931 2856 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
19:49:06.0931 2856 C:\Windows\System32\uniplat.dll - ok
19:49:06.0931 2856 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
19:49:06.0931 2856 C:\Windows\SysWOW64\cryptdll.dll - ok
19:49:06.0946 2856 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
19:49:06.0946 2856 C:\Windows\SysWOW64\resutils.dll - ok
19:49:06.0946 2856 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:49:06.0946 2856 C:\Windows\System32\resutils.dll - ok
19:49:06.0946 2856 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\SysWOW64\kmddsp.tsp
19:49:06.0946 2856 C:\Windows\SysWOW64\kmddsp.tsp - ok
19:49:06.0946 2856 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
19:49:06.0946 2856 C:\Windows\System32\kmddsp.tsp - ok
19:49:06.0962 2856 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\SysWOW64\ndptsp.tsp
19:49:06.0962 2856 C:\Windows\SysWOW64\ndptsp.tsp - ok
19:49:06.0962 2856 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
19:49:06.0962 2856 C:\Windows\System32\ndptsp.tsp - ok
19:49:06.0962 2856 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\SysWOW64\hidphone.tsp
19:49:06.0962 2856 C:\Windows\SysWOW64\hidphone.tsp - ok
19:49:06.0962 2856 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
19:49:06.0962 2856 C:\Windows\System32\hidphone.tsp - ok
19:49:06.0962 2856 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\SysWOW64\rasppp.dll
19:49:06.0962 2856 C:\Windows\SysWOW64\rasppp.dll - ok
19:49:06.0977 2856 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
19:49:06.0977 2856 C:\Windows\System32\rasppp.dll - ok
19:49:06.0977 2856 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
19:49:06.0977 2856 C:\Windows\SysWOW64\eappcfg.dll - ok
19:49:06.0977 2856 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
19:49:06.0977 2856 C:\Windows\System32\vpnike.dll - ok
19:49:06.0977 2856 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
19:49:06.0977 2856 C:\Windows\SysWOW64\kerberos.dll - ok
19:49:06.0993 2856 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\SysWOW64\raschap.dll
19:49:06.0993 2856 C:\Windows\SysWOW64\raschap.dll - ok
19:49:06.0993 2856 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
19:49:06.0993 2856 C:\Windows\SysWOW64\msxml3.dll - ok
19:49:06.0993 2856 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpasbase.vdm
19:49:06.0993 2856 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpasbase.vdm - ok
19:49:06.0993 2856 [ 610E8B38C8EC7BC7F6E49476D30DD890 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hips.ppl
19:49:06.0993 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hips.ppl - ok
19:49:07.0009 2856 [ E1BD3BF5BEE672EC61B1B6D61A27F804 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpasdlta.vdm
19:49:07.0009 2856 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{107230BD-4C06-4DAD-ABC2-ED23CDEEDABF}\mpasdlta.vdm - ok
19:49:07.0009 2856 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
19:49:07.0009 2856 C:\Windows\SysWOW64\taskeng.exe - ok
19:49:07.0009 2856 [ 6470CDB52DBCB742CA262DEADB3ED996 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahstat.dll
19:49:07.0009 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahstat.dll - ok
19:49:07.0009 2856 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
19:49:07.0009 2856 C:\Windows\System32\raschap.dll - ok
19:49:07.0024 2856 [ E0EF502BFA5A5E7027A4F0759862C635 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\oas.ppl
19:49:07.0024 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\oas.ppl - ok
19:49:07.0024 2856 [ 4F012EC9FEB409519FB44C5DF2A9AC1A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\volenum.ppl
19:49:07.0024 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\volenum.ppl - ok
19:49:07.0024 2856 [ DCDFB4268175D8E1B13E969863A76F61 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpscan.ppl
19:49:07.0024 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpscan.ppl - ok
19:49:07.0024 2856 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
19:49:07.0024 2856 C:\Windows\SysWOW64\credui.dll - ok
19:49:07.0040 2856 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
19:49:07.0040 2856 C:\Windows\SysWOW64\apisetschema.dll - ok
19:49:07.0040 2856 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
19:49:07.0040 2856 C:\Windows\SysWOW64\powrprof.dll - ok
19:49:07.0040 2856 [ 0C51BF2CE9C634BD4BE7AF1D9A0A6526 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sc.ppl
19:49:07.0040 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sc.ppl - ok
19:49:07.0040 2856 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
19:49:07.0040 2856 C:\Windows\System32\ipnathlp.dll - ok
19:49:07.0055 2856 [ 7EF723BFC695230B1BFD8D5CF0A84964 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mc.ppl
19:49:07.0055 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mc.ppl - ok
19:49:07.0055 2856 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
19:49:07.0055 2856 C:\Windows\SysWOW64\mprapi.dll - ok
19:49:07.0055 2856 [ 2C3E5691508DF9A1573FEACB9A6CD93D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ekasyswatch.dll
19:49:07.0055 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ekasyswatch.dll - ok
19:49:07.0055 2856 [ 36E83D94508B030C224544EC1A939D01 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbffr.dll
19:49:07.0055 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbffr.dll - ok
19:49:07.0071 2856 [ 0A58C0AC94ED39323DF6EFF4D7E8D93F ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\extlprtc.ppl
19:49:07.0071 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\extlprtc.ppl - ok
19:49:07.0071 2856 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:49:07.0071 2856 C:\Windows\System32\mprapi.dll - ok
19:49:07.0071 2856 [ 5733C72D2C097B7469483A1A27CB1012 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\antispam.ppl
19:49:07.0071 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\antispam.ppl - ok
19:49:07.0071 2856 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
19:49:07.0071 2856 C:\Windows\SysWOW64\ktmw32.dll - ok
19:49:07.0087 2856 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
19:49:07.0087 2856 C:\Windows\SysWOW64\wevtapi.dll - ok
19:49:07.0087 2856 [ CA0AB8902A0C0D919F1738CAAB56E7AB ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpanlz.ppl
19:49:07.0087 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpanlz.ppl - ok
19:49:07.0087 2856 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll
19:49:07.0087 2856 C:\Windows\SysWOW64\TSChannel.dll - ok
19:49:07.0102 2856 [ 957439E6EA0AF230F03A2D5BFE266A12 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pdm2rt.ppl
19:49:07.0102 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pdm2rt.ppl - ok
19:49:07.0102 2856 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
19:49:07.0102 2856 C:\Windows\SysWOW64\xmllite.dll - ok
19:49:07.0102 2856 [ 02F81A910397E6677ACCC9AA71B47765 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\processmonitor.dll
19:49:07.0102 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\processmonitor.dll - ok
19:49:07.0102 2856 [ 4CBDC44139FC151DC2748CEB011098ED ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\icqprtc.dll
19:49:07.0102 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\icqprtc.dll - ok
19:49:07.0118 2856 [ 0A39DD24C779CD4E37F09AD398BA4D47 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\packed_io.dll
19:49:07.0118 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\packed_io.dll - ok
19:49:07.0118 2856 [ 4AC4432DFDD3B04A1D71D02594C3D535 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\smtpprtc.ppl
19:49:07.0118 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\smtpprtc.ppl - ok
19:49:07.0118 2856 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:49:07.0118 2856 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
19:49:07.0118 2856 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Chester\AppData\Local\Google\Update\GoogleUpdate.exe
19:49:07.0118 2856 C:\Users\Chester\AppData\Local\Google\Update\GoogleUpdate.exe - ok
19:49:07.0133 2856 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvSmartMax64.dll
19:49:07.0133 2856 C:\Program Files\NVIDIA Corporation\Display\nvSmartMax64.dll - ok
19:49:07.0133 2856 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
19:49:07.0133 2856 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
19:49:07.0133 2856 [ C65B115A03DB0260895DE96681E88221 ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
19:49:07.0133 2856 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe - ok
19:49:07.0149 2856 [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\Windows\SysWOW64\MFC71u.dll
19:49:07.0149 2856 C:\Windows\SysWOW64\MFC71u.dll - ok
19:49:07.0149 2856 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
19:49:07.0149 2856 C:\Windows\SysWOW64\msvcr71.dll - ok
19:49:07.0149 2856 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
19:49:07.0149 2856 C:\Windows\SysWOW64\msvcp71.dll - ok
19:49:07.0149 2856 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:49:07.0149 2856 C:\Windows\SysWOW64\msimg32.dll - ok
19:49:07.0165 2856 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
19:49:07.0165 2856 C:\Windows\SysWOW64\shfolder.dll - ok
19:49:07.0165 2856 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
19:49:07.0165 2856 C:\Windows\SysWOW64\oleaccrc.dll - ok
19:49:07.0165 2856 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
19:49:07.0165 2856 C:\Windows\SysWOW64\drprov.dll - ok
19:49:07.0165 2856 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll
19:49:07.0165 2856 C:\Windows\SysWOW64\tzres.dll - ok
19:49:07.0165 2856 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
19:49:07.0165 2856 C:\Windows\SysWOW64\ntlanman.dll - ok
19:49:07.0180 2856 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
19:49:07.0180 2856 C:\Windows\SysWOW64\davclnt.dll - ok
19:49:07.0180 2856 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
19:49:07.0180 2856 C:\Windows\SysWOW64\davhlpr.dll - ok
19:49:07.0180 2856 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:49:07.0180 2856 C:\Windows\SysWOW64\propsys.dll - ok
19:49:07.0196 2856 [ 3F126756F43B4EE74A4831145D99B9BA ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll
19:49:07.0196 2856 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll - ok
19:49:07.0196 2856 [ 2D9E979E6636C9367765E22A6DC1CB3C ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
19:49:07.0196 2856 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
19:49:07.0196 2856 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
19:49:07.0196 2856 C:\Program Files\Windows Defender\MsMpLics.dll - ok
19:49:07.0211 2856 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
19:49:07.0211 2856 C:\Windows\SysWOW64\netshell.dll - ok
19:49:07.0211 2856 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:49:07.0211 2856 C:\Windows\System32\netshell.dll - ok
19:49:07.0211 2856 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
19:49:07.0211 2856 C:\Windows\SysWOW64\wscapi.dll - ok
19:49:07.0211 2856 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
19:49:07.0211 2856 C:\Windows\SysWOW64\wscisvif.dll - ok
19:49:07.0227 2856 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
19:49:07.0227 2856 C:\Windows\SysWOW64\wscproxystub.dll - ok
19:49:07.0227 2856 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
19:49:07.0227 2856 C:\Windows\System32\wscproxystub.dll - ok
19:49:07.0227 2856 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
19:49:07.0227 2856 C:\Windows\System32\appinfo.dll - ok
19:49:07.0227 2856 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
19:49:07.0227 2856 C:\Windows\SysWOW64\nlaapi.dll - ok
19:49:07.0246 2856 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:49:07.0246 2856 C:\Windows\System32\wdi.dll - ok
19:49:07.0249 2856 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
19:49:07.0249 2856 C:\Windows\SysWOW64\wdi.dll - ok
19:49:07.0253 2856 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
19:49:07.0253 2856 C:\Windows\SysWOW64\hidserv.dll - ok
19:49:07.0257 2856 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:49:07.0257 2856 C:\Windows\System32\diagperf.dll - ok
19:49:07.0261 2856 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
19:49:07.0261 2856 C:\Windows\System32\hidserv.dll - ok
19:49:07.0265 2856 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:49:07.0265 2856 C:\Windows\SysWOW64\npmproxy.dll - ok
19:49:07.0270 2856 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:49:07.0270 2856 C:\Windows\System32\npmproxy.dll - ok
19:49:07.0276 2856 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:49:07.0276 2856 C:\Windows\System32\wpdbusenum.dll - ok
19:49:07.0281 2856 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:49:07.0282 2856 C:\Windows\System32\perftrack.dll - ok
19:49:07.0288 2856 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:49:07.0288 2856 C:\Windows\System32\pnpts.dll - ok
19:49:07.0294 2856 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:49:07.0294 2856 C:\Windows\SysWOW64\gpapi.dll - ok
19:49:07.0298 2856 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
19:49:07.0298 2856 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
19:49:07.0304 2856 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
19:49:07.0304 2856 C:\Windows\SysWOW64\radardt.dll - ok
19:49:07.0309 2856 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:49:07.0309 2856 C:\Windows\SysWOW64\sfc.dll - ok
19:49:07.0312 2856 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:49:07.0312 2856 C:\Windows\SysWOW64\sfc_os.dll - ok
19:49:07.0316 2856 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:49:07.0316 2856 C:\Windows\System32\PortableDeviceApi.dll - ok
19:49:07.0320 2856 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:49:07.0320 2856 C:\Windows\System32\radardt.dll - ok
19:49:07.0324 2856 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:49:07.0324 2856 C:\Windows\System32\wdiasqmmodule.dll - ok
19:49:07.0328 2856 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
19:49:07.0328 2856 C:\Windows\SysWOW64\Apphlpdm.dll - ok
19:49:07.0331 2856 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:49:07.0331 2856 C:\Windows\System32\Apphlpdm.dll - ok
19:49:07.0335 2856 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
19:49:07.0336 2856 C:\Windows\SysWOW64\atl.dll - ok
19:49:07.0339 2856 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
19:49:07.0339 2856 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
19:49:07.0343 2856 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:49:07.0343 2856 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:49:07.0347 2856 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
19:49:07.0347 2856 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:49:07.0351 2856 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
19:49:07.0351 2856 C:\Windows\System32\IPSECSVC.DLL - ok
19:49:07.0354 2856 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
19:49:07.0354 2856 C:\Windows\System32\WUDFHost.exe - ok
19:49:07.0358 2856 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
19:49:07.0358 2856 C:\Windows\SysWOW64\authz.dll - ok
19:49:07.0361 2856 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:49:07.0361 2856 C:\Windows\System32\aelupsvc.dll - ok
19:49:07.0365 2856 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
19:49:07.0365 2856 C:\Windows\SysWOW64\dllhost.exe - ok
19:49:07.0369 2856 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
19:49:07.0369 2856 C:\Windows\System32\FwRemoteSvr.dll - ok
19:49:07.0372 2856 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll
19:49:07.0372 2856 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
19:49:07.0376 2856 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
19:49:07.0376 2856 C:\Windows\SysWOW64\shacct.dll - ok
19:49:07.0379 2856 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
19:49:07.0379 2856 C:\Windows\System32\msxml3.dll - ok
19:49:07.0383 2856 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
19:49:07.0383 2856 C:\Windows\System32\WUDFx.dll - ok
19:49:07.0387 2856 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:49:07.0387 2856 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:49:07.0390 2856 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL
19:49:07.0390 2856 C:\Windows\SysWOW64\WMVCORE.DLL - ok
19:49:07.0394 2856 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
19:49:07.0394 2856 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
19:49:07.0398 2856 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:49:07.0398 2856 C:\Windows\System32\WMVCORE.DLL - ok
19:49:07.0402 2856 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
19:49:07.0402 2856 C:\Windows\SysWOW64\wbemcomn.dll - ok
19:49:07.0405 2856 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
19:49:07.0405 2856 C:\Windows\SysWOW64\WMASF.DLL - ok
19:49:07.0409 2856 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:49:07.0409 2856 C:\Windows\System32\WMASF.DLL - ok
19:49:07.0413 2856 [ 5304B7E7A9EF145B197E16862ABD6622 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\trafmon2.ppl
19:49:07.0413 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\trafmon2.ppl - ok
19:49:07.0417 2856 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
19:49:07.0417 2856 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
19:49:07.0421 2856 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:49:07.0421 2856 C:\Windows\SysWOW64\winhttp.dll - ok
19:49:07.0426 2856 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
19:49:07.0426 2856 C:\Windows\SysWOW64\wlanapi.dll - ok
19:49:07.0430 2856 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:49:07.0430 2856 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:49:07.0434 2856 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
19:49:07.0434 2856 C:\Windows\SysWOW64\wlanutil.dll - ok
19:49:07.0438 2856 [ CA532DB33ABA38E0ED50EDFF4ECD5364 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pop3prtc.ppl
19:49:07.0438 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pop3prtc.ppl - ok
19:49:07.0444 2856 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:49:07.0444 2856 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:49:07.0449 2856 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:49:07.0449 2856 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:49:07.0454 2856 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:49:07.0454 2856 C:\Windows\SysWOW64\slc.dll - ok
19:49:07.0458 2856 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\SysWOW64\dpx.dll
19:49:07.0458 2856 C:\Windows\SysWOW64\dpx.dll - ok
19:49:07.0458 2856 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
19:49:07.0458 2856 C:\Windows\SysWOW64\IDStore.dll - ok
19:49:07.0458 2856 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
19:49:07.0458 2856 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
19:49:07.0458 2856 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
19:49:07.0458 2856 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok
19:49:07.0473 2856 [ 809D8D22199FA7E46455B1D6957E0F82 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ffregistrarab.dll
19:49:07.0473 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ffregistrarab.dll - ok
19:49:07.0473 2856 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
19:49:07.0473 2856 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
19:49:07.0473 2856 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:49:07.0473 2856 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:49:07.0489 2856 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:49:07.0489 2856 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:49:07.0489 2856 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
19:49:07.0489 2856 C:\Windows\SysWOW64\samlib.dll - ok
19:49:07.0489 2856 [ 929AF69EBF5400BB525D0FA91B905ED7 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imapprtc.ppl
19:49:07.0489 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imapprtc.ppl - ok
19:49:07.0489 2856 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
19:49:07.0489 2856 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
19:49:07.0504 2856 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:49:07.0504 2856 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:49:07.0504 2856 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:49:07.0504 2856 C:\Windows\SysWOW64\winrnr.dll - ok
19:49:07.0504 2856 [ 8CF4B0337B06CCC624C20EE4C934767E ] C:\Windows\System32\lpksetupproxyserv.dll
19:49:07.0504 2856 C:\Windows\System32\lpksetupproxyserv.dll - ok
19:49:07.0504 2856 [ 0066084BE7B1C46D605A078E83D354A6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\msnprtc.dll
19:49:07.0504 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\msnprtc.dll - ok
19:49:07.0520 2856 [ D08809C53000675FAD9422B6A4A37652 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nntpprtc.ppl
19:49:07.0520 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nntpprtc.ppl - ok
19:49:07.0520 2856 [ BD6EF00291FA22343BAD2F8C99538BF3 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll
19:49:07.0520 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll - ok
19:49:07.0520 2856 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
19:49:07.0520 2856 C:\Windows\servicing\TrustedInstaller.exe - ok
19:49:07.0536 2856 [ 4167A0B5DB31C9DBB411037B084402B0 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\jbrprtc.dll
19:49:07.0536 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\jbrprtc.dll - ok
19:49:07.0536 2856 [ 1EC49940D32B4737DB8145C505982059 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sfdb.ppl
19:49:07.0536 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sfdb.ppl - ok
19:49:07.0536 2856 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:49:07.0536 2856 C:\Windows\SysWOW64\runonce.exe - ok
19:49:07.0536 2856 [ 198366199A9F342EF87978D79308B49F ] C:\Windows\SysWOW64\RacEngn.dll
19:49:07.0536 2856 C:\Windows\SysWOW64\RacEngn.dll - ok
19:49:07.0551 2856 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
19:49:07.0551 2856 C:\Windows\SysWOW64\vssapi.dll - ok
19:49:07.0551 2856 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
19:49:07.0551 2856 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
19:49:07.0551 2856 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
19:49:07.0551 2856 C:\Windows\SysWOW64\dssenh.dll - ok
19:49:07.0551 2856 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
19:49:07.0551 2856 C:\Windows\System32\dssenh.dll - ok
19:49:07.0567 2856 [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
19:49:07.0567 2856 C:\Windows\servicing\CbsMsg.dll - ok
19:49:07.0567 2856 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:49:07.0567 2856 C:\Windows\System32\runonce.exe - ok
19:49:07.0567 2856 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
19:49:07.0567 2856 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
19:49:07.0582 2856 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
19:49:07.0582 2856 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
19:49:07.0582 2856 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\SysWOW64\sqlceoledb30.dll
19:49:07.0582 2856 C:\Windows\SysWOW64\sqlceoledb30.dll - ok
19:49:07.0582 2856 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\SysWOW64\sqlcese30.dll
19:49:07.0582 2856 C:\Windows\SysWOW64\sqlcese30.dll - ok
19:49:07.0582 2856 [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
19:49:07.0582 2856 C:\Windows\SysWOW64\srclient.dll - ok
19:49:07.0598 2856 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
19:49:07.0598 2856 C:\Windows\SysWOW64\spp.dll - ok
19:49:07.0598 2856 [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\SysWOW64\sqlceqp30.dll
19:49:07.0598 2856 C:\Windows\SysWOW64\sqlceqp30.dll - ok
19:49:07.0598 2856 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
19:49:07.0598 2856 C:\Windows\SysWOW64\vsstrace.dll - ok
19:49:07.0598 2856 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\SysWOW64\sxsstore.dll
19:49:07.0598 2856 C:\Windows\SysWOW64\sxsstore.dll - ok
19:49:07.0614 2856 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
19:49:07.0614 2856 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
19:49:07.0614 2856 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
19:49:07.0614 2856 C:\Windows\SysWOW64\WinSATAPI.dll - ok
19:49:07.0614 2856 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
19:49:07.0614 2856 C:\Windows\servicing\CbsApi.dll - ok
19:49:07.0614 2856 [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
19:49:07.0614 2856 C:\Windows\SysWOW64\WerFault.exe - ok
19:49:07.0629 2856 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
19:49:07.0629 2856 C:\Windows\SysWOW64\dxgi.dll - ok
19:49:07.0629 2856 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
19:49:07.0629 2856 C:\Windows\SysWOW64\msxml6.dll - ok
19:49:07.0629 2856 [ CEA119C323082026583901452B14C30E ] C:\Windows\SysWOW64\makecab.exe
19:49:07.0629 2856 C:\Windows\SysWOW64\makecab.exe - ok
19:49:07.0629 2856 [ 387F2728BFCF50066F7F3219197918EB ] C:\Windows\System32\makecab.exe
19:49:07.0629 2856 C:\Windows\System32\makecab.exe - ok
19:49:07.0645 2856 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
19:49:07.0645 2856 C:\Windows\System32\conhost.exe - ok
19:49:07.0645 2856 [ 0F54835699CFF99B9EC4B936FC9CA5DA ] C:\Windows\SysWOW64\nl-NL\KernelBase.dll.mui
19:49:07.0645 2856 C:\Windows\SysWOW64\nl-NL\KernelBase.dll.mui - ok
19:49:07.0645 2856 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
19:49:07.0645 2856 C:\Windows\SysWOW64\Faultrep.dll - ok
19:49:07.0645 2856 [ C2A9093E56551AACD417926F14F848E8 ] C:\Windows\SysWOW64\msxml6r.dll
19:49:07.0645 2856 C:\Windows\SysWOW64\msxml6r.dll - ok
19:49:07.0660 2856 [ 86D177F43030F61A8610259A2E8F07FE ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
19:49:07.0660 2856 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
19:49:07.0660 2856 [ 41905052445D8481457E824C27DB14A2 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
19:49:07.0660 2856 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
19:49:07.0660 2856 [ 1275CE16FBFFE4617C8CCBA3B1D28847 ] C:\Windows\SysWOW64\nl-NL\WinSATAPI.dll.mui
19:49:07.0660 2856 C:\Windows\SysWOW64\nl-NL\WinSATAPI.dll.mui - ok
19:49:07.0660 2856 [ 056323D145DA5D8C0F1E84F95C96195B ] C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\reliability\Sqm\Manifest\Sqm27.bin
19:49:07.0660 2856 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\reliability\Sqm\Manifest\Sqm27.bin - ok
19:49:07.0676 2856 [ D357A60AB18B8DB06BDF8DB336B49558 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\urlflt.ppl
19:49:07.0676 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\urlflt.ppl - ok
19:49:07.0676 2856 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
19:49:07.0676 2856 C:\Windows\SysWOW64\p2pcollab.dll - ok
19:49:07.0676 2856 [ 4ED9E7700C644D2E7BDFB0AA86F954C4 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\icuuc40.dll
19:49:07.0676 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\icuuc40.dll - ok
19:49:07.0676 2856 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:49:07.0676 2856 C:\Windows\System32\QAGENTRT.DLL - ok
19:49:07.0692 2856 [ 02572B9F55EC26A6616F9788DDF9FB39 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\icudt40.dll
19:49:07.0692 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\icudt40.dll - ok
19:49:07.0692 2856 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:49:07.0692 2856 C:\Windows\System32\fveui.dll - ok
19:49:07.0692 2856 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
19:49:07.0692 2856 C:\Windows\SysWOW64\cryptnet.dll - ok
19:49:07.0692 2856 [ 4A0AE910A5710329130B36039BB0D8AF ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ircprtc.dll
19:49:07.0692 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ircprtc.dll - ok
19:49:07.0707 2856 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
19:49:07.0707 2856 C:\Windows\SysWOW64\taskschd.dll - ok
19:49:07.0707 2856 [ 92DFF4EE3F31D4A8028788006D921D26 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\uds.dll.92dff4ee3f31d4a8028788006d921d26
19:49:07.0707 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\uds.dll.92dff4ee3f31d4a8028788006d921d26 - ok
19:49:07.0707 2856 [ FAF7D647B0B56D4F500E1B6A5C4C2C6A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\webnetstat.ppl
19:49:07.0707 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\webnetstat.ppl - ok
19:49:07.0723 2856 [ A80A25A863E0A54041FABE75336EACBA ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_client.dll
19:49:07.0723 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_client.dll - ok
19:49:07.0723 2856 [ 18174DACB61F0714C5AED15D9A23B231 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\transport_provider.dll
19:49:07.0723 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\transport_provider.dll - ok
19:49:07.0723 2856 [ EB69743E6C6415E8C08706BA0E9AEF0A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\yhoprtc.dll
19:49:07.0723 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\yhoprtc.dll - ok
19:49:07.0723 2856 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
19:49:07.0723 2856 C:\Windows\SysWOW64\wshqos.dll - ok
19:49:07.0738 2856 [ EE454DD4E784389AE4E94E45BD5F2BA5 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cryptostaticprovider.dll
19:49:07.0738 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cryptostaticprovider.dll - ok
19:49:07.0738 2856 [ 3D800E8FCAB7362A79F7B2BEA5ED0ACF ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\uniarc.ppl
19:49:07.0738 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\uniarc.ppl - ok
19:49:07.0738 2856 [ F3BC7256146037C7FFDE2F71C10BAA2B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\minizip.ppl
19:49:07.0738 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\minizip.ppl - ok
19:49:07.0738 2856 [ CED18B3227F82900FD3FEEFDB941CA23 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cab.ppl
19:49:07.0738 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cab.ppl - ok
19:49:07.0754 2856 [ CDA1836BADB3A9BAF497560C77188288 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\arj.ppl
19:49:07.0754 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\arj.ppl - ok
19:49:07.0754 2856 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
19:49:07.0754 2856 C:\Windows\SysWOW64\dimsjob.dll - ok
19:49:07.0754 2856 [ FD5545EA84BF2769472EEA79E992CF37 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\rar.ppl
19:49:07.0754 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\rar.ppl - ok
19:49:07.0754 2856 [ 27F28FEF3C456F3588E64CAC6A675E5B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lha.ppl
19:49:07.0754 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lha.ppl - ok
19:49:07.0770 2856 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:49:07.0770 2856 C:\Windows\System32\dimsjob.dll - ok
19:49:07.0770 2856 [ C321A5DA815DD9BDE26DE2113753B5EE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mdb.ppl
19:49:07.0770 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mdb.ppl - ok
19:49:07.0770 2856 [ 625F381930B19B544D45FCD8EE50D8DE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\msoe.ppl
19:49:07.0770 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\msoe.ppl - ok
19:49:07.0785 2856 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
19:49:07.0785 2856 C:\Windows\SysWOW64\mapi32.dll - ok
19:49:07.0785 2856 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
19:49:07.0785 2856 C:\Windows\SysWOW64\pautoenr.dll - ok
19:49:07.0785 2856 [ D370B7C6A273D1F5787508F89F63F12D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mailmsg.ppl
19:49:07.0785 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mailmsg.ppl - ok
19:49:07.0785 2856 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:49:07.0785 2856 C:\Windows\System32\pautoenr.dll - ok
19:49:07.0801 2856 [ AAA33CB7B23870D15562EDCE94DAF4CE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\format_recognizer.dll
19:49:07.0801 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\format_recognizer.dll - ok
19:49:07.0801 2856 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
19:49:07.0801 2856 C:\Windows\SysWOW64\certcli.dll - ok
19:49:07.0801 2856 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:49:07.0801 2856 C:\Windows\System32\certcli.dll - ok
19:49:07.0801 2856 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
19:49:07.0801 2856 C:\Windows\SysWOW64\CertEnroll.dll - ok
19:49:07.0816 2856 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:49:07.0816 2856 C:\Windows\System32\CertEnroll.dll - ok
19:49:07.0816 2856 [ 2C5AF54B714FD4B9A69E6EED7A7989BE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksnhelper.dll
19:49:07.0816 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksnhelper.dll - ok
19:49:07.0816 2856 [ FF4B74028AB0D384A4239003F42B26EA ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\bsshlp2.kdl.ff4b74028ab0d384a4239003f42b26ea
19:49:07.0816 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\bsshlp2.kdl.ff4b74028ab0d384a4239003f42b26ea - ok
19:49:07.0816 2856 [ D249A3396DF79EA8B23032D2F0D3662C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wdiskio.ppl
19:49:07.0816 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wdiskio.ppl - ok
19:49:07.0832 2856 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:49:07.0832 2856 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:49:07.0832 2856 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
19:49:07.0832 2856 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
19:49:07.0832 2856 [ FFC54FA19FD67DDE232CFC0A87B0B1A7 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
19:49:07.0832 2856 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF - ok
19:49:07.0832 2856 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:49:07.0832 2856 C:\Windows\SysWOW64\cmd.exe - ok
19:49:07.0848 2856 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
19:49:07.0848 2856 C:\Windows\SysWOW64\dsrole.dll - ok
19:49:07.0848 2856 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
19:49:07.0848 2856 C:\Windows\System32\spp.dll - ok
19:49:07.0848 2856 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
19:49:07.0848 2856 C:\Windows\System32\srclient.dll - ok
19:49:07.0848 2856 [ 3A71C45E86A563A089FD0F7E98DA5884 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\updater.dll
19:49:07.0848 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\updater.dll - ok
19:49:07.0863 2856 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
19:49:07.0863 2856 C:\Windows\System32\sxsstore.dll - ok
19:49:07.0863 2856 [ 0681CD4A3BEE5669D82B4056DBA5F453 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\proxydet.ppl
19:49:07.0863 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\proxydet.ppl - ok
19:49:07.0863 2856 [ D405567DD245AE5B0640A9D881C832F1 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\diffs.dll
19:49:07.0863 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\diffs.dll - ok
19:49:07.0863 2856 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
19:49:07.0863 2856 C:\Windows\SysWOW64\schannel.dll - ok
19:49:07.0879 2856 [ 69D2B6F54B8D3AAE15E8112FAAC7979F ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f
19:49:07.0879 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f - ok
19:49:07.0879 2856 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
19:49:07.0879 2856 C:\Windows\System32\wbem\NCProv.dll - ok
19:49:07.0879 2856 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:49:07.0879 2856 C:\Windows\SysWOW64\winbrand.dll - ok
19:49:07.0879 2856 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
19:49:07.0879 2856 C:\Windows\System32\regsvr32.exe - ok
19:49:07.0894 2856 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\SysWOW64\HelpPaneProxy.dll
19:49:07.0894 2856 C:\Windows\SysWOW64\HelpPaneProxy.dll - ok
19:49:07.0894 2856 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
19:49:07.0894 2856 C:\Windows\SysWOW64\regsvr32.exe - ok
19:49:07.0894 2856 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
19:49:07.0894 2856 C:\Windows\System32\HelpPaneProxy.dll - ok
19:49:07.0894 2856 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
19:49:07.0894 2856 C:\Windows\AppPatch\AcGenral.dll - ok
19:49:07.0910 2856 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
19:49:07.0910 2856 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
19:49:07.0910 2856 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
19:49:07.0910 2856 C:\Windows\SysWOW64\msacm32.dll - ok
19:49:07.0910 2856 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
19:49:07.0910 2856 C:\Windows\SysWOW64\WlS0WndH.dll - ok
19:49:07.0910 2856 [ D6AFFB18644ED767378CD385B9F78EE9 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\scrchpg.dll
19:49:07.0910 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\scrchpg.dll - ok
19:49:07.0926 2856 [ 8B2AD841336A36629DACD80CCA0CD1CF ] C:\Windows\SysWOW64\nl-NL\regsvr32.exe.mui
19:49:07.0926 2856 C:\Windows\SysWOW64\nl-NL\regsvr32.exe.mui - ok
19:49:07.0926 2856 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:49:07.0926 2856 C:\Windows\SysWOW64\shdocvw.dll - ok
19:49:07.0926 2856 [ B68CDB7F0D1C509459573C51262F59F2 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll
19:49:07.0926 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll - ok
19:49:07.0941 2856 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Chester\AppData\Local\Temp\C97BAADE-CAE6-4072-AEAF-EA50991AB77C.exe
19:49:07.0941 2856 C:\Users\Chester\AppData\Local\Temp\C97BAADE-CAE6-4072-AEAF-EA50991AB77C.exe - ok
19:49:07.0941 2856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
19:49:07.0941 2856 C:\Windows\System32\pnrpsvc.dll - ok
19:49:07.0941 2856 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:49:07.0941 2856 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:49:07.0941 2856 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:49:07.0941 2856 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:49:07.0957 2856 [ F14823F07336AA84D2F5C26834D851E9 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
19:49:07.0957 2856 C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll - ok
19:49:07.0957 2856 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:49:07.0957 2856 C:\Windows\SysWOW64\ntshrui.dll - ok
19:49:07.0957 2856 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:49:07.0957 2856 C:\Windows\SysWOW64\imageres.dll - ok
19:49:07.0972 2856 [ 59EBDAB69493747AE1E0517B0686FB84 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\aphishex.ppl
19:49:07.0972 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\aphishex.ppl - ok
19:49:07.0972 2856 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:49:07.0972 2856 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
19:49:07.0972 2856 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
19:49:07.0972 2856 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
19:49:07.0972 2856 [ F608FC33B3DA613110256D73A580C126 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_statistics.dll
19:49:07.0972 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_statistics.dll - ok
19:49:07.0988 2856 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:49:07.0988 2856 C:\Windows\SysWOW64\mscoree.dll - ok
19:49:07.0988 2856 [ 4F3929E838F5C2F44FC551574DA2D7D4 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mmpprtc.dll
19:49:07.0988 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mmpprtc.dll - ok
19:49:07.0988 2856 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:49:07.0988 2856 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
19:49:07.0988 2856 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
19:49:07.0988 2856 C:\Windows\System32\msvcr100_clr0400.dll - ok
19:49:08.0004 2856 [ EB45AD32B19110B17C1E8C4833D76E32 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavasyswatch.dll.eb45ad32b19110b17c1e8c4833d76e32
19:49:08.0004 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavasyswatch.dll.eb45ad32b19110b17c1e8c4833d76e32 - ok
19:49:08.0004 2856 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
19:49:08.0004 2856 C:\Windows\System32\iedkcs32.dll - ok
19:49:08.0004 2856 [ 19CBE8982C18369A2AB10A1B6A6B3251 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\sys_critical_obj.dll.19cbe8982c18369a2ab10a1b6a6b3251
19:49:08.0004 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\sys_critical_obj.dll.19cbe8982c18369a2ab10a1b6a6b3251 - ok
19:49:08.0004 2856 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
19:49:08.0004 2856 C:\Windows\System32\FntCache.dll - ok
19:49:08.0019 2856 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\28076705.sys
19:49:08.0019 2856 C:\Windows\System32\drivers\28076705.sys - ok
19:49:08.0019 2856 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
19:49:08.0019 2856 C:\Windows\System32\ie4uinit.exe - ok
19:49:08.0019 2856 [ BE99D2031EB3AA6699EECCE74DF88B01 ] C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pdm.kdl.be99d2031eb3aa6699eecce74df88b01
19:49:08.0019 2856 C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pdm.kdl.be99d2031eb3aa6699eecce74df88b01 - ok
19:49:08.0019 2856 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
19:49:08.0019 2856 C:\Windows\SysWOW64\SndVolSSO.dll - ok
19:49:08.0035 2856 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
19:49:08.0035 2856 C:\Windows\SysWOW64\MMDevAPI.dll - ok
19:49:08.0035 2856 [ D228C9CDD6C4EEBAC564ADFA67754C5D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\swpragueplugin.dll
19:49:08.0035 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\swpragueplugin.dll - ok
19:49:08.0035 2856 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
19:49:08.0035 2856 C:\Windows\SysWOW64\timedate.cpl - ok
19:49:08.0035 2856 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:49:08.0035 2856 C:\Windows\System32\timedate.cpl - ok
19:49:08.0035 2856 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:49:08.0035 2856 C:\Windows\SysWOW64\riched20.dll - ok
19:49:08.0050 2856 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:49:08.0050 2856 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:49:08.0050 2856 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
19:49:08.0050 2856 C:\Windows\SysWOW64\actxprxy.dll - ok
19:49:08.0050 2856 [ 3F0D5E333583AE2DE79B0B9E3F7592AF ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_nl.dll
19:49:08.0050 2856 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_nl.dll - ok
19:49:08.0050 2856 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:49:08.0050 2856 C:\Windows\System32\actxprxy.dll - ok
19:49:08.0066 2856 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:49:08.0066 2856 C:\Windows\SysWOW64\duser.dll - ok
19:49:08.0066 2856 [ 0141816A095A3F5A83FFA5B4A47B8023 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
19:49:08.0066 2856 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
19:49:08.0066 2856 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:49:08.0066 2856 C:\Windows\SysWOW64\dui70.dll - ok
19:49:08.0066 2856 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:49:08.0066 2856 C:\Windows\System32\shdocvw.dll - ok
19:49:08.0082 2856 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
19:49:08.0082 2856 C:\Windows\SysWOW64\linkinfo.dll - ok
19:49:08.0082 2856 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:49:08.0082 2856 C:\Windows\System32\linkinfo.dll - ok
19:49:08.0082 2856 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
19:49:08.0082 2856 C:\Windows\SysWOW64\msutb.dll - ok
19:49:08.0082 2856 [ 4F86F2A928D9B75F9C99D78D3920C9BB ] C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
19:49:08.0082 2856 C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - ok
19:49:08.0097 2856 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
19:49:08.0097 2856 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
19:49:08.0097 2856 [ 0D2BF2054AE6CDCD4934F1E8E662371E ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
19:49:08.0097 2856 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - ok
19:49:08.0097 2856 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
19:49:08.0097 2856 C:\Windows\SysWOW64\gameux.dll - ok
19:49:08.0097 2856 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
19:49:08.0097 2856 C:\Windows\System32\gameux.dll - ok
19:49:08.0113 2856 [ CB0AD458BBD11A98C6FACC7668F91C8D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ftpprtc.dll
19:49:08.0113 2856 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ftpprtc.dll - ok
19:49:08.0113 2856 ============================================================
19:49:08.0113 2856 Scan finished
19:49:08.0113 2856 ============================================================
19:49:08.0113 3988 Detected object count: 5
19:49:08.0113 3988 Actual detected object count: 5
19:52:25.0469 3988 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:25.0469 3988 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:25.0469 3988 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:25.0469 3988 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:25.0469 3988 HPBtnSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:25.0469 3988 HPBtnSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:25.0469 3988 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:25.0469 3988 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:25.0484 3988 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:25.0484 3988 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:26.0300 3180 Deinitialize success
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
  • 0

#9
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Thanks again for helping me. :)

Here is OTL.txt

OTL logfile created on: 13-12-2012 20:45:52 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chester\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

8,00 Gb Total Physical Memory | 5,24 Gb Available Physical Memory | 65,56% Memory free
16,00 Gb Paging File | 12,30 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,94 Gb Total Space | 168,57 Gb Free Space | 18,42% Space Free | Partition Type: NTFS
Drive D: | 14,57 Gb Total Space | 2,75 Gb Free Space | 18,85% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 682,14 Gb Free Space | 73,23% Space Free | Partition Type: NTFS

Computer Name: CHESTER-PC | User Name: Chester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Chester\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\foobar2000\foobar2000.exe ()
PRC - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
PRC - C:\Program Files (x86)\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\KBD\OSD\OSD.exe (OsdMaestro)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._core_.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._windows_.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._gdi_.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._misc_.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\_ssl.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\pythoncom26.dll ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\_hashlib.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32com.shell.shell.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._wizard.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32file.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32security.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\pywintypes26.dll ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32api.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\_elementtree.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\_ctypes.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._html2.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\_socket.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32inet.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32process.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32ts.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32pdh.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32profile.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32crypt.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\wx._controls_.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\unicodedata.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\pyexpat.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\win32event.pyd ()
MOD - C:\Users\Chester\AppData\Local\Temp\_MEI33402\select.pyd ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_playcount\foo_playcount.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_quicksearch\foo_quicksearch.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Program Files (x86)\foobar2000\foobar2000.exe ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_cdda.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_input_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_converter.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_unpack.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll ()
MOD - C:\Program Files (x86)\foobar2000\shared.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\QuickTimeGlue.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_fileops.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_esplaylist\foo_uie_esplaylist.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_messengernotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_skypenotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_madtranscode.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_httpinput.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Program Files (x86)\Last.fm\breakpad.dll ()
MOD - C:\Program Files (x86)\Last.fm\Moose1.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmTools1.dll ()
MOD - C:\Program Files (x86)\Last.fm\libfftw3f-3.dll ()
MOD - C:\Program Files (x86)\Last.fm\zlibwapi.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_biography\foo_uie_biography.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_wsh_panel_mod\foo_uie_wsh_panel_mod.dll ()
MOD - C:\Program Files (x86)\foobar2000\zlib1.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_lyrics2\foo_uie_lyrics2.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_ui_columns\foo_ui_columns.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_quicksearch\foo_uie_quicksearch.dll ()
MOD - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_lastfm_radio\foo_lastfm_radio.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Users\Chester\AppData\Roaming\foobar2000\user-components\foo_uie_panel_splitter\foo_uie_panel_splitter.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtSql4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtGui4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtXml4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtCore4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (HPBtnSrv) -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AVER_H193) -- C:\Windows\SysNative\drivers\AVer888RC_64.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:64bit: - (CXCIR) -- C:\Windows\SysNative\drivers\AVer888RCIR_64.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (RTCore64) -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys ()
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0309F9B9-0912-4971-9EF8-34414A5747D1}: "URL" = http://slirsredirect...hpcndtie7-nl-nl
IE:64bit: - HKLM\..\SearchScopes\{41A70601-F396-45E6-9361-CA1873A22688}: "URL" = http://nl.search.yah...p06&type=ie2008
IE:64bit: - HKLM\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0309F9B9-0912-4971-9EF8-34414A5747D1}: "URL" = http://slirsredirect...hpcndtie7-nl-nl
IE - HKLM\..\SearchScopes\{41A70601-F396-45E6-9361-CA1873A22688}: "URL" = http://nl.search.yah...p06&type=ie2008
IE - HKLM\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\..\SearchScopes\{0309F9B9-0912-4971-9EF8-34414A5747D1}: "URL" = http://slirsredirect...hpcndtie7-nl-nl
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\..\SearchScopes\{41A70601-F396-45E6-9361-CA1873A22688}: "URL" = http://nl.search.yah...p06&type=ie2008
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1004\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1004\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: en-US%40dictionaries.addons.mozilla.org:6.0
FF - prefs.js..extensions.enabledAddons: giorgio%40gilestro.tk:1.0.4
FF - prefs.js..extensions.enabledAddons: nl-NL%40dictionaries.addons.mozilla.org:3.1.0
FF - prefs.js..extensions.enabledAddons: scriptish%40erikvold.com:0.1.8
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chester\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chester\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected] [2012-10-31 20:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected] [2012-10-31 20:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected] [2012-10-31 20:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-08 02:38:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-05 01:05:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-12-05 01:05:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-05 01:05:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-12-05 01:05:16 | 000,000,000 | ---D | M]

[2011-05-24 13:12:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\Extensions
[2012-11-23 20:12:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions
[2012-11-04 03:36:47 | 000,000,000 | ---D | M] (Download and Sa) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
[2012-05-19 23:19:55 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
[2012-03-21 02:40:08 | 000,000,000 | ---D | M] (Woordenboek Nederlands) -- C:\Users\Chester\AppData\Roaming\mozilla\Firefox\Profiles\zormzb6w.default\extensions\[email protected]
[2012-09-13 15:01:51 | 000,082,490 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2012-10-10 18:36:28 | 000,401,328 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2012-07-27 18:38:02 | 000,013,951 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2012-10-04 14:16:00 | 000,235,457 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2011-05-27 23:38:28 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
[2011-05-24 13:59:30 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012-11-23 20:12:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-12-05 01:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-12-05 01:05:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-12-05 01:05:15 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak2
[2012-12-05 01:05:15 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2012-12-05 01:05:16 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak2
[2012-12-05 01:05:18 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-09-30 12:43:16 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-10-12 20:10:27 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chester\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: YouTube Flags = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeammepjjllhpcfnkohocddkmdejjebc\1.0_0\
CHR - Extension: imgur = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.1.3_0\
CHR - Extension: Google Calendar = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Download and Sa = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnciphacogbpkmkdgngiaokipoklbngl\7.1_0\
CHR - Extension: AdBlock = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.48_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: 4chan x = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihhokehpaghpcohlodffniandbhjngkd\2.36.0_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Google Maps = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Clickable Links = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp\1.1.6_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2012-12-13 01:51:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [OSD] C:\Program Files (x86)\Hewlett-Packard\KBD\OSD\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3794437376-3695661613-713449860-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3794437376-3695661613-713449860-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoThumbnail = 1
O7 - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3794437376-3695661613-713449860-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://global.myitla...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DA0BE93-BE6C-4AB3-82E2-3E685078865E}: DhcpNameServer = 212.54.40.25 212.54.35.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-12-13 20:44:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chester\Desktop\OTL(1).exe
[2012-12-13 20:01:28 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Chester\Desktop\aswMBR.exe
[2012-12-13 19:42:23 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\28076705.sys
[2012-12-13 19:32:31 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Chester\Desktop\tdsskiller(1).exe
[2012-12-13 13:28:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-12-13 01:54:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-12-13 01:40:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-12-13 01:40:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-12-13 01:40:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-12-13 01:40:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-12-13 01:40:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012-12-12 22:31:46 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-12-12 22:31:45 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-12-12 22:31:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-12-12 22:31:45 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-12-12 22:31:45 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-12-12 22:31:45 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-12-12 22:31:45 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-12-12 22:31:42 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012-12-12 22:31:42 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012-12-12 22:31:42 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012-12-12 22:31:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012-12-12 22:31:36 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012-12-12 22:31:35 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012-12-12 22:31:35 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012-12-12 22:31:35 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012-12-12 22:31:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012-12-12 22:31:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012-12-12 22:31:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012-12-12 22:31:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012-12-12 22:31:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012-12-12 22:31:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012-12-12 22:31:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012-12-12 22:31:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012-12-12 22:31:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012-12-12 22:31:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012-12-12 22:31:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012-12-12 22:31:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012-12-12 22:31:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012-12-12 22:31:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012-12-12 22:31:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012-12-12 22:31:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012-12-12 22:31:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012-12-12 22:31:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012-12-12 22:31:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012-12-12 22:31:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012-12-12 22:31:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012-12-12 22:31:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012-12-12 22:31:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012-12-12 22:31:26 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012-12-12 22:31:26 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012-12-12 19:52:17 | 005,011,065 | R--- | C] (Swearware) -- C:\Users\Chester\Desktop\ComboFix.exe
[2012-12-12 18:31:02 | 000,000,000 | ---D | C] -- C:\Users\Chester\Desktop\luna ye imr
[2012-12-12 11:28:35 | 000,000,000 | ---D | C] -- C:\Users\Chester\Desktop\RK_Quarantine
[2012-12-06 21:42:03 | 000,000,000 | ---D | C] -- C:\Users\Chester\AppData\Roaming\Malwarebytes
[2012-12-06 21:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-12-06 21:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-12-06 21:41:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-12-06 21:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-12-06 21:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012-12-05 01:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-30 20:51:42 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012-11-30 20:51:42 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012-11-30 20:51:42 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012-11-30 20:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-30 20:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-30 20:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012-11-30 20:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-30 16:37:06 | 000,000,000 | ---D | C] -- C:\Users\Chester\Desktop\E_M04_YOCOMP_IRCD
[2012-11-23 22:08:18 | 000,000,000 | ---D | C] -- C:\Users\Chester\Desktop\Duinzigt
[2012-11-20 21:51:14 | 000,000,000 | ---D | C] -- C:\Users\Chester\AppData\Local\ESN
[2012-11-15 03:09:12 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012-11-15 03:09:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012-11-15 03:02:27 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012-11-15 03:02:27 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012-11-15 03:02:27 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012-11-15 03:02:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012-11-14 21:48:41 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012-11-14 21:48:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012-11-14 21:48:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012-11-14 21:48:37 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012-11-14 21:48:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012-11-14 21:48:36 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012-11-14 21:48:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012-11-14 21:48:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012-11-14 21:48:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012-11-14 21:48:26 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012-11-14 21:48:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-12-13 20:44:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chester\Desktop\OTL(1).exe
[2012-12-13 20:28:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-13 20:20:44 | 000,094,331 | ---- | M] () -- C:\Users\Chester\Desktop\why didnt you stop it.jpg
[2012-12-13 20:19:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-12-13 20:12:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3794437376-3695661613-713449860-1000UA.job
[2012-12-13 20:04:35 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-13 20:04:35 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-13 20:02:03 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Chester\Desktop\aswMBR.exe
[2012-12-13 19:56:45 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-13 19:56:45 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2012-12-13 19:56:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-13 19:56:28 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-13 19:42:23 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\28076705.sys
[2012-12-13 19:32:35 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Chester\Desktop\tdsskiller(1).exe
[2012-12-13 19:12:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3794437376-3695661613-713449860-1000Core.job
[2012-12-13 13:27:52 | 004,998,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-12-13 01:51:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-12-12 19:52:30 | 005,011,065 | R--- | M] (Swearware) -- C:\Users\Chester\Desktop\ComboFix.exe
[2012-12-12 01:52:41 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-12-12 01:52:41 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-12-08 13:38:21 | 002,718,296 | ---- | M] () -- C:\Users\Chester\Desktop\IMR package.rar
[2012-12-07 22:43:35 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-12-07 22:43:35 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-07 22:43:24 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-12-06 21:38:59 | 000,000,798 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012-12-06 17:09:05 | 002,850,608 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1195.JPG
[2012-12-06 17:08:55 | 002,689,443 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1193.JPG
[2012-12-04 19:31:06 | 000,416,352 | ---- | M] () -- C:\Users\Chester\Desktop\barney google.jpg
[2012-12-04 00:59:35 | 001,549,498 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-04 00:59:35 | 000,701,548 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012-12-04 00:59:35 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-04 00:59:35 | 000,133,580 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012-12-04 00:59:35 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-02 19:03:30 | 000,909,582 | ---- | M] () -- C:\Users\Chester\Desktop\rosat.jpg
[2012-12-02 15:40:46 | 000,149,123 | ---- | M] () -- C:\Users\Chester\Desktop\asd.png
[2012-12-02 15:40:46 | 000,000,132 | ---- | M] () -- C:\Users\Chester\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012-12-02 15:35:43 | 000,035,732 | ---- | M] () -- C:\Users\Chester\Desktop\Untitled-1.png
[2012-12-02 00:38:08 | 000,304,085 | ---- | M] () -- C:\Users\Chester\Desktop\5y54y.jpg
[2012-11-30 20:44:31 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-30 16:36:57 | 000,040,810 | ---- | M] () -- C:\Users\Chester\Desktop\E_M04_YOCOMP_IRCD.zip
[2012-11-29 11:20:30 | 001,918,553 | ---- | M] () -- C:\Users\Chester\Desktop\D5 notes.JPG
[2012-11-28 16:55:38 | 001,781,798 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1151.JPG
[2012-11-26 22:46:15 | 000,739,719 | ---- | M] () -- C:\Users\Chester\Desktop\valley.jpg
[2012-11-26 17:55:13 | 000,945,204 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1085.JPG
[2012-11-26 00:33:54 | 000,346,174 | ---- | M] () -- C:\Users\Chester\Desktop\rosota.jpg
[2012-11-24 22:03:37 | 000,938,565 | ---- | M] () -- C:\Users\Chester\Desktop\map the hague.jpg
[2012-11-24 18:33:27 | 000,130,165 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1068.PNG
[2012-11-23 22:54:40 | 000,122,013 | ---- | M] () -- C:\Users\Chester\Desktop\52.jpg
[2012-11-23 22:32:08 | 000,712,958 | ---- | M] () -- C:\Users\Chester\Desktop\32.jpg
[2012-11-23 00:23:08 | 000,008,392 | ---- | M] () -- C:\Users\Chester\Desktop\ibm.png
[2012-11-21 20:13:24 | 001,283,310 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1041.JPG
[2012-11-21 20:13:14 | 001,296,175 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_1042.JPG
[2012-11-19 23:22:25 | 000,024,993 | ---- | M] () -- C:\Users\Chester\Desktop\running back.jpg
[2012-11-18 17:32:43 | 000,067,077 | ---- | M] () -- C:\Users\Chester\Desktop\42t5.png
[2012-11-16 18:12:44 | 000,537,063 | ---- | M] () -- C:\Users\Chester\Desktop\ro.jpg
[2012-11-15 21:42:08 | 038,248,631 | ---- | M] () -- C:\Users\Chester\Desktop\ecommerce.wmv
[2012-11-15 20:50:58 | 000,885,294 | ---- | M] () -- C:\Users\Chester\Desktop\E-Commerce strategy.wmv
[2012-11-14 22:25:00 | 004,014,727 | ---- | M] () -- C:\Users\Chester\Desktop\1352928097133.gif
[2012-11-14 14:15:54 | 002,640,907 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_0964.JPG
[2012-11-14 13:19:28 | 025,832,800 | ---- | M] () -- C:\Users\Chester\Desktop\IMG_0962.MOV
[2012-11-13 21:27:26 | 000,500,701 | ---- | M] () -- C:\Users\Chester\Desktop\seskual.gif
[2012-11-13 21:27:26 | 000,001,456 | ---- | M] () -- C:\Users\Chester\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012-11-13 21:23:42 | 000,875,170 | ---- | M] () -- C:\Users\Chester\Desktop\vnuchka.gif
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-12-13 20:20:44 | 000,094,331 | ---- | C] () -- C:\Users\Chester\Desktop\why didnt you stop it.jpg
[2012-12-13 01:40:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-12-13 01:40:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-12-13 01:40:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-12-13 01:40:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-12-13 01:40:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-12-08 13:31:21 | 002,718,296 | ---- | C] () -- C:\Users\Chester\Desktop\IMR package.rar
[2012-12-08 13:30:14 | 001,918,553 | ---- | C] () -- C:\Users\Chester\Desktop\D5 notes.JPG
[2012-12-06 21:38:59 | 000,000,798 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012-12-06 17:13:32 | 002,850,608 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1195.JPG
[2012-12-06 17:13:32 | 002,689,443 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1193.JPG
[2012-12-04 19:31:05 | 000,416,352 | ---- | C] () -- C:\Users\Chester\Desktop\barney google.jpg
[2012-12-02 19:01:12 | 000,909,582 | ---- | C] () -- C:\Users\Chester\Desktop\rosat.jpg
[2012-12-02 16:03:02 | 001,781,798 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1151.JPG
[2012-12-02 15:40:46 | 000,149,123 | ---- | C] () -- C:\Users\Chester\Desktop\asd.png
[2012-12-02 15:33:24 | 000,035,732 | ---- | C] () -- C:\Users\Chester\Desktop\Untitled-1.png
[2012-12-02 00:38:07 | 000,304,085 | ---- | C] () -- C:\Users\Chester\Desktop\5y54y.jpg
[2012-11-30 20:44:31 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-30 16:36:56 | 000,040,810 | ---- | C] () -- C:\Users\Chester\Desktop\E_M04_YOCOMP_IRCD.zip
[2012-11-26 22:46:14 | 000,739,719 | ---- | C] () -- C:\Users\Chester\Desktop\valley.jpg
[2012-11-26 17:54:32 | 000,945,204 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1085.JPG
[2012-11-26 00:33:52 | 000,346,174 | ---- | C] () -- C:\Users\Chester\Desktop\rosota.jpg
[2012-11-24 22:03:35 | 000,938,565 | ---- | C] () -- C:\Users\Chester\Desktop\map the hague.jpg
[2012-11-24 18:34:45 | 000,130,165 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1068.PNG
[2012-11-23 22:54:39 | 000,122,013 | ---- | C] () -- C:\Users\Chester\Desktop\52.jpg
[2012-11-23 00:23:08 | 000,008,392 | ---- | C] () -- C:\Users\Chester\Desktop\ibm.png
[2012-11-21 20:10:53 | 001,283,310 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1041.JPG
[2012-11-21 20:10:49 | 001,296,175 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_1042.JPG
[2012-11-19 23:22:25 | 000,024,993 | ---- | C] () -- C:\Users\Chester\Desktop\running back.jpg
[2012-11-18 17:32:30 | 000,067,077 | ---- | C] () -- C:\Users\Chester\Desktop\42t5.png
[2012-11-16 18:12:43 | 000,537,063 | ---- | C] () -- C:\Users\Chester\Desktop\ro.jpg
[2012-11-15 21:04:41 | 038,248,631 | ---- | C] () -- C:\Users\Chester\Desktop\ecommerce.wmv
[2012-11-15 20:37:04 | 000,885,294 | ---- | C] () -- C:\Users\Chester\Desktop\E-Commerce strategy.wmv
[2012-11-15 03:09:15 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-15 03:02:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-11-14 22:25:00 | 004,014,727 | ---- | C] () -- C:\Users\Chester\Desktop\1352928097133.gif
[2012-11-14 15:47:06 | 002,640,907 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_0964.JPG
[2012-11-14 15:47:04 | 025,832,800 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_0962.MOV
[2012-11-13 21:27:25 | 000,500,701 | ---- | C] () -- C:\Users\Chester\Desktop\seskual.gif
[2012-11-13 21:23:41 | 000,875,170 | ---- | C] () -- C:\Users\Chester\Desktop\vnuchka.gif
[2012-11-13 21:07:18 | 002,791,568 | ---- | C] () -- C:\Users\Chester\Desktop\IMG_0943.JPG
[2012-03-11 20:29:30 | 000,017,408 | ---- | C] () -- C:\Users\Chester\AppData\Local\WebpageIcons.db
[2012-03-03 16:24:32 | 000,007,609 | ---- | C] () -- C:\Users\Chester\AppData\Local\Resmon.ResmonCfg
[2011-12-15 05:39:42 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011-12-05 00:53:38 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-12-05 00:53:37 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-11-29 00:42:22 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-09-19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011-08-20 21:46:31 | 000,000,294 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\net.telestream.ustreamproducer.prefs.xml
[2011-06-10 14:33:40 | 000,000,760 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\setup_ldm.iss
[2011-05-31 19:17:55 | 000,001,456 | ---- | C] () -- C:\Users\Chester\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011-05-31 18:38:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-05-26 14:38:24 | 000,000,132 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-05-24 16:54:00 | 000,000,041 | ---- | C] () -- C:\Users\Chester\AppData\Roaming\TheHunterSettings_live.cfg
[2011-05-24 15:18:02 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-05-24 15:18:02 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-05-24 15:18:01 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-05-24 15:18:01 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-05-24 15:18:01 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-05-24 12:59:48 | 000,000,019 | ---- | C] () -- C:\Users\Chester\AppData\Local\Run.ini

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O4 - HKLM..\Run: [] File not found
    O4 - HKU\S-1-5-21-3794437376-3695661613-713449860-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    IE:64bit: - HKLM\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
    IE - HKLM\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
    IE - HKU\S-1-5-21-3794437376-3695661613-713449860-1000\..\SearchScopes\{BA83D4CE-299C-48D0-BD63-23DBEF840605}: "URL" = http://nl.kelkoopart...tnerId=96913935
    [2012-07-27 18:38:02 | 000,013,951 | ---- | M] () (No name found) -- C:\Users\Chester\AppData\Roaming\mozilla\firefox\profiles\zormzb6w.default\extensions\[email protected]
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
  • 0

Advertisements


#11
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL did not create a log that I can find. Nothing opened automatically and the only OTL.txt on my desktop is the old log.

What it did do, however, was this:
Posted Image

These desktop.ini files are in every folder now and I have several ghost flash drives.

:(


edit: I removed an addon from firefox that I had no idea was installed and this fixed my initial problem.

How do I make it so the desktop.ini files disappear?

Thank you so much for your help, by the way! :)

Edited by ohgodhowdidthisgethere, 13 December 2012 - 08:51 PM.

  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello the desktop.ini files are normal but they are normally hidden - when we do the cleanup later they will be hidden again
  • 0

#13
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
And when can I start the clean up? My problem has been fixed and the only thing left to do is clean up and make sure the hidden files stay hidden!
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#15
ohgodhowdidthisgethere

ohgodhowdidthisgethere

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I uh... I have a lot of stuff installed that I never use. :P



ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X (10.1.4)
Amnesia: The Dark Descent
Any Video Converter Professional 3.4.2
Apple Application Support
Apple Software Update
ASIO4ALL
µTorrent
AVS Audio Converter version 6.3
AVS Audio Editor version 6.1
AVS Audio Recorder version 4.0
AVS Cover Editor 2.0.1.3
AVS Disc Creator version 5.0.1
AVS Document Converter 1.0.2
AVS DVD Copy version 4.1.1
AVS Image Converter 1.3.2.141
AVS Media Player 4.1.3.68
AVS Photo Editor
AVS Ringtone Maker version 1.6
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 7
AVS Video Editor 5
AVS Video Recorder 2.4
AVS Video ReMaker 4.0.2.126
AVS4YOU Software Navigator 1.4
Battlefield 2
Battlefield 2142 Deluxe Edition
Battlefield 3™
Battlelog Web Plugins
BS.Player PRO
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Compatibiliteitspakket voor het 2007 Microsoft Office system
CyberLink DVD Suite Deluxe
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX for Managed Code Update (Summer 2004)
DivX Setup
Download and Sa
Enhanced Multimedia Keyboard Solution(USB)
ESN Sonar
Exact Audio Copy 1.0beta2
F.lux
FL Studio 10
foobar2000 v1.1.6
Gebruikersregistratie voor Canon MG5100 series
Google Chrome
Google Drive
Google Earth Plug-in
Google Update Helper
Hi-Rez Studios Authenticate and Update Service
HP Advisor
HP Customer Experience Enhancements
HP Easy Backup
HP Games
HP MediaSmart DVD
HP MediaSmart Movie Themes
HP Odometer
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
IL Download Manager
Java 7 Update 9
Java Auto Updater
Java™ 6 Update 31
JavaFX 2.1.1
K-Lite Codec Pack 7.1.0 (Full)
Kaspersky Internet Security 2012
LabelPrint
Last.fm 1.5.4.27091
LightScribe System Software
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Dutch) 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (Dutch) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (Dutch) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (Dutch) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Language Pack 2010 - Dutch/Nederlands
Microsoft Office O MUI (Dutch) 2010
Microsoft Office OneNote MUI (Dutch) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (Dutch) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (Dutch) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (Dutch)
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Dutch) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (Dutch) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (Dutch) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (Dutch) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer MUI (Dutch) 2010
Microsoft Office Word MUI (Dutch) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office X MUI (Dutch) 2010
Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Minilyrics(remove only)
mIRC
mkv2vob
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
MSI Afterburner 2.2.0 Beta 15
MSI Kombustor 2.0.0
MSVCRT
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Octoshape add-in for Adobe Flash Player
Origin
PDF Settings CS5
Portal 2
Power2Go
PowerDirector
PowerRecover
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Rosetta Stone Version 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
SimCity 4 Deluxe
Skype Toolbars
Skype™ 5.10
SmartDraw 2013
SopCast 3.4.8
Steam
StreamTorrent 1.0
Super Meat Boy
System Requirements Lab
System Requirements Lab CYRI
System Requirements Lab Detection
theHunter (remove only)
Tribes Ascend
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Ustream Producer
VC80CRTRedist - 8.0.50727.6195
Veetle TV
Vegas Pro 10.0
VLC media player 1.1.10
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR 4.00 (32-bit)
Xfire (remove only)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP