Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Have Google Redirect Virus [Solved]


  • This topic is locked This topic is locked

#1
SallyMae

SallyMae

    Member

  • Member
  • PipPip
  • 88 posts
Thank you in advance 4 your help.



OTL logfile created on: 12/23/2012 11:46:48 AM - Run 6
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Acer\Desktop\Clean up tools
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 47.66% Memory free
7.49 Gb Paging File | 5.15 Gb Available in Paging File | 68.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.79 Gb Total Space | 167.27 Gb Free Space | 76.45% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: ACER-ASPIRE5552 | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/13 06:09:23 | 013,105,848 | ---- | M] (The Weather Channel) -- C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
PRC - [2012/12/12 00:53:35 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012/12/05 18:43:57 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/11/25 07:55:39 | 000,503,808 | ---- | M] (www.orangesoftware.net (email: gerryscat@gmail.com)) -- C:\Program Files (x86)\Pink Calendar\PinkCal.exe
PRC - [2012/02/29 21:32:49 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\Clean up tools\OTL.exe
PRC - [2011/01/17 17:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/08/10 04:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/08/10 04:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/08/10 04:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/28 18:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/12 00:53:27 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/12/05 18:43:18 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/16 10:25:42 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9fedec1f005f9e39f8dde611c4c27cab\UIAutomationProvider.ni.dll
MOD - [2012/11/16 10:25:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\fff1287f12f1ab73c271386342224a3a\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 10:19:43 | 001,880,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\7b9e229466be7e0bc584ea7b3de23523\System.Deployment.ni.dll
MOD - [2012/11/16 10:19:16 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll
MOD - [2012/11/16 09:17:03 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll
MOD - [2012/11/16 09:16:45 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
MOD - [2012/11/16 09:16:33 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
MOD - [2012/11/16 09:16:32 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll
MOD - [2012/11/16 09:12:06 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012/11/16 09:12:01 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012/11/16 09:11:40 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012/11/16 09:11:30 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012/11/16 09:11:29 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012/11/16 09:11:21 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012/03/19 18:27:38 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/06/28 18:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/10/14 14:58:16 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/10/27 22:38:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/11 16:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/12 00:53:36 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/05 18:43:56 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/15 11:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/11/01 12:08:08 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/10 04:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/04/03 18:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/10/27 23:11:44 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/27 22:03:38 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/23 19:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/08 22:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/17 04:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/06/16 16:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010/06/03 14:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/14 16:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2010/05/11 05:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/28 16:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/04/19 21:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/12/10 06:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20121250,6902,0,63,0"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..keyword.URL: "http://search.yahoo....6902,0,63,0&p="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/09/02 15:06:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/23 06:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Components: C:\Program Files (x86)\Netscape\Navigator 9\components [2012/12/23 06:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Plugins: C:\Program Files (x86)\Netscape\Navigator 9\plugins [2012/12/23 08:18:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/23 06:49:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/03/10 17:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Extensions
[2012/12/23 07:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions
[2012/12/14 04:22:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/12/05 18:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/05 18:43:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ACER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LKHYS26M.DEFAULT\EXTENSIONS\{3E9BB2A7-62CA-4EFA-A4E6-F6F6168A652D}.XPI
() (No name found) -- C:\USERS\ACER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LKHYS26M.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\USERS\ACER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LKHYS26M.DEFAULT\EXTENSIONS\ZZBJTASZER@ZZBJTASZER.ORG.XPI
[2012/12/05 18:43:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/10 20:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/10 20:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: PDFlite Browser Plugin (Enabled) = C:\Program Files (x86)\PDFlite\npPdfViewer.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: SiteAdvisor = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: Gmail = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/09 18:21:55 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe File not found
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DW7] C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKCU..\Run: [eyeBeam SIP Client] File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PinkCal.lnk = C:\Program Files (x86)\Pink Calendar\PinkCal.exe (www.orangesoftware.net (email: gerryscat@gmail.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{341B743B-AE3F-4A29-AC4A-46C9A75F863D}: DhcpNameServer = 10.10.11.11 68.105.29.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D19A225-0C37-49BB-B30D-8D4925768DAB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/12/23 08:11:16 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Apple Computer
[2012/12/23 07:08:21 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\Apple Computer
[2012/12/23 06:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/12/23 06:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/12/23 06:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/12/23 06:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/12/23 06:26:44 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\Apple
[2012/12/23 06:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/12/23 06:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/12/23 02:14:11 | 000,000,000 | ---D | C] -- C:\Users\Acer\.thumbnails
[2012/12/23 02:04:47 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\fontconfig
[2012/12/23 02:04:46 | 000,000,000 | ---D | C] -- C:\Users\Acer\.gimp-2.8
[2012/12/23 02:04:45 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\gegl-0.2
[2012/12/23 02:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012/12/15 16:42:19 | 000,000,000 | ---D | C] -- C:\Users\Acer\Desktop\Bohrer Stuff
[2012/12/14 04:22:14 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\FreeFileViewer
[2012/12/13 06:24:41 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\FreeFileViewer
[2012/12/13 06:09:14 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\FileTypeAssistant
[2012/12/13 06:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Assistant
[2012/12/13 06:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Weather Channel
[2012/12/13 06:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
[2012/12/13 06:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeFileViewer
[2012/12/13 06:07:40 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\The Weather Channel
[2012/12/05 18:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/25 07:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pink Calendar

========== Files - Modified Within 30 Days ==========

[2012/12/23 11:47:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/23 11:30:00 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2012/12/23 10:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/23 08:17:47 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/23 08:17:47 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/23 08:13:47 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2012/12/23 08:10:44 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/23 08:10:38 | 000,295,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/23 08:10:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/23 08:09:50 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/23 06:49:25 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/12/23 02:16:56 | 000,000,867 | ---- | M] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2012/12/23 02:05:36 | 000,001,454 | ---- | M] () -- C:\Users\Acer\Desktop\gimp-2.8 - Shortcut.lnk
[2012/12/22 18:01:22 | 000,081,835 | ---- | M] () -- C:\Users\Acer\Desktop\Barry_A_Switzer-f5620869da1fd5e.pdf
[2012/12/21 22:37:39 | 000,450,190 | ---- | M] () -- C:\Users\Acer\Desktop\non lethal weapons terms and references.pdf
[2012/12/21 10:46:24 | 000,030,509 | ---- | M] () -- C:\Users\Acer\Desktop\huffington pro gun comment.odt
[2012/12/21 06:03:45 | 000,525,865 | ---- | M] () -- C:\Users\Acer\Desktop\agenda 21 full text.zip
[2012/12/21 04:17:13 | 000,059,237 | ---- | M] () -- C:\sessionstore.js.js
[2012/12/21 03:32:00 | 000,014,875 | ---- | M] () -- C:\sessionstore.bak.bak
[2012/12/21 02:36:24 | 000,040,165 | ---- | M] () -- C:\Users\Acer\Desktop\alda goes after memoir ants chat.odt
[2012/12/20 23:28:14 | 000,027,504 | ---- | M] () -- C:\Users\Acer\Desktop\memoir alda fight chat.odt
[2012/12/20 21:52:26 | 023,683,290 | ---- | M] () -- C:\Users\Acer\Desktop\memoir fight with alda.mp3
[2012/12/19 15:06:52 | 000,062,982 | ---- | M] () -- C:\Users\Acer\Desktop\Kera_E_Wulbert-1dfc718faaff215.pdf
[2012/12/19 00:46:17 | 002,145,975 | ---- | M] () -- C:\Users\Acer\Desktop\Map of Targeted Individuals Across the Nation-2.pdf
[2012/12/18 19:07:58 | 000,387,777 | ---- | M] () -- C:\Users\Acer\Desktop\risperdal label mechanism of action unknown.pdf
[2012/12/17 20:32:15 | 000,061,414 | ---- | M] () -- C:\Users\Acer\Desktop\Margaret_K_Wulbert-BV.pdf
[2012/12/17 20:29:51 | 000,076,713 | ---- | M] () -- C:\Users\Acer\Desktop\Margaret Wulbert.pdf
[2012/12/16 20:10:26 | 000,872,878 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/16 20:10:26 | 000,726,718 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/16 20:10:26 | 000,146,704 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/14 09:45:22 | 000,198,018 | ---- | M] () -- C:\Users\Public\Documents\excaliber lcd chess operating manual.pdf
[2012/12/13 23:59:01 | 000,030,362 | ---- | M] () -- C:\Users\Public\Documents\chatgrabber talkshoe chuck finally calls me a killer.odt
[2012/12/13 22:31:04 | 000,132,702 | ---- | M] () -- C:\Users\Public\Documents\aquino paper mindwar.pdf
[2012/12/13 06:08:39 | 000,001,107 | ---- | M] () -- C:\Users\Acer\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2012/12/13 06:08:39 | 000,001,083 | ---- | M] () -- C:\Users\Acer\Desktop\FreeFileViewer.lnk
[2012/12/11 05:52:41 | 000,238,988 | ---- | M] () -- C:\Users\Public\Documents\NC3TF July09-Sept09 PRpt.pdf
[2012/12/09 03:19:16 | 009,302,490 | ---- | M] () -- C:\Users\Acer\Desktop\TS-397552 hidden sites w_personal info.mp3
[2012/12/09 00:52:44 | 000,026,950 | ---- | M] () -- C:\Users\Public\Documents\quotes from prozac article scientists 2 find studies.odt
[2012/12/08 00:53:51 | 000,177,955 | ---- | M] () -- C:\Users\Public\Documents\barry l jacobs curriculum vitae.pdf
[2012/12/07 17:24:54 | 001,469,502 | ---- | M] () -- C:\Users\Public\Documents\enironmental enrichment new neurons rats.pdf
[2012/12/03 15:55:18 | 000,532,645 | ---- | M] () -- C:\Users\Public\Documents\Theoretical+Causes+Affecting+the+Development+of+Schizophrenia.pdf
[2012/12/01 13:58:34 | 000,004,204 | ---- | M] () -- C:\Users\Public\Documents\get me out of this mess.drs
[2012/11/25 07:55:39 | 000,131,584 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/11/25 07:55:39 | 000,001,077 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PinkCal.lnk
[2012/11/25 07:55:39 | 000,001,041 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-Pink Calendar & Day Planner.dat
[2012/11/25 07:55:32 | 000,034,358 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-Pink Calendar & Day Planner.bmp
[2012/11/25 06:00:47 | 000,024,576 | ---- | M] () -- C:\savedbcd

========== Files Created - No Company Name ==========

[2012/12/23 06:49:25 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/12/23 06:26:42 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/12/23 02:16:56 | 000,000,867 | ---- | C] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2012/12/23 02:05:36 | 000,001,454 | ---- | C] () -- C:\Users\Acer\Desktop\gimp-2.8 - Shortcut.lnk
[2012/12/23 02:02:23 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/12/22 18:01:22 | 000,081,835 | ---- | C] () -- C:\Users\Acer\Desktop\Barry_A_Switzer-f5620869da1fd5e.pdf
[2012/12/21 22:37:39 | 000,450,190 | ---- | C] () -- C:\Users\Acer\Desktop\non lethal weapons terms and references.pdf
[2012/12/21 10:46:23 | 000,030,509 | ---- | C] () -- C:\Users\Acer\Desktop\huffington pro gun comment.odt
[2012/12/21 06:03:43 | 000,525,865 | ---- | C] () -- C:\Users\Acer\Desktop\agenda 21 full text.zip
[2012/12/21 04:31:46 | 000,059,237 | ---- | C] () -- C:\sessionstore.js.js
[2012/12/21 04:30:52 | 000,014,875 | ---- | C] () -- C:\sessionstore.bak.bak
[2012/12/21 02:36:23 | 000,040,165 | ---- | C] () -- C:\Users\Acer\Desktop\alda goes after memoir ants chat.odt
[2012/12/20 23:28:11 | 000,027,504 | ---- | C] () -- C:\Users\Acer\Desktop\memoir alda fight chat.odt
[2012/12/20 21:51:55 | 023,683,290 | ---- | C] () -- C:\Users\Acer\Desktop\memoir fight with alda.mp3
[2012/12/19 15:06:52 | 000,062,982 | ---- | C] () -- C:\Users\Acer\Desktop\Kera_E_Wulbert-1dfc718faaff215.pdf
[2012/12/19 00:46:17 | 002,145,975 | ---- | C] () -- C:\Users\Acer\Desktop\Map of Targeted Individuals Across the Nation-2.pdf
[2012/12/18 19:07:58 | 000,387,777 | ---- | C] () -- C:\Users\Acer\Desktop\risperdal label mechanism of action unknown.pdf
[2012/12/17 20:32:15 | 000,061,414 | ---- | C] () -- C:\Users\Acer\Desktop\Margaret_K_Wulbert-BV.pdf
[2012/12/17 20:29:51 | 000,076,713 | ---- | C] () -- C:\Users\Acer\Desktop\Margaret Wulbert.pdf
[2012/12/14 09:45:22 | 000,198,018 | ---- | C] () -- C:\Users\Public\Documents\excaliber lcd chess operating manual.pdf
[2012/12/13 23:58:59 | 000,030,362 | ---- | C] () -- C:\Users\Public\Documents\chatgrabber talkshoe chuck finally calls me a killer.odt
[2012/12/13 22:31:04 | 000,132,702 | ---- | C] () -- C:\Users\Public\Documents\aquino paper mindwar.pdf
[2012/12/13 06:08:59 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2012/12/13 06:08:39 | 000,001,107 | ---- | C] () -- C:\Users\Acer\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2012/12/13 06:08:39 | 000,001,083 | ---- | C] () -- C:\Users\Acer\Desktop\FreeFileViewer.lnk
[2012/12/11 05:52:41 | 000,238,988 | ---- | C] () -- C:\Users\Public\Documents\NC3TF July09-Sept09 PRpt.pdf
[2012/12/09 03:19:14 | 009,302,490 | ---- | C] () -- C:\Users\Acer\Desktop\TS-397552 hidden sites w_personal info.mp3
[2012/12/08 00:53:51 | 000,177,955 | ---- | C] () -- C:\Users\Public\Documents\barry l jacobs curriculum vitae.pdf
[2012/12/07 17:24:54 | 001,469,502 | ---- | C] () -- C:\Users\Public\Documents\enironmental enrichment new neurons rats.pdf
[2012/12/07 11:20:52 | 000,026,950 | ---- | C] () -- C:\Users\Public\Documents\quotes from prozac article scientists 2 find studies.odt
[2012/12/03 15:55:18 | 000,532,645 | ---- | C] () -- C:\Users\Public\Documents\Theoretical+Causes+Affecting+the+Development+of+Schizophrenia.pdf
[2012/11/25 07:55:39 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/11/25 07:55:39 | 000,034,358 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-Pink Calendar & Day Planner.bmp
[2012/11/25 07:55:39 | 000,001,077 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PinkCal.lnk
[2012/11/25 07:55:39 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-Pink Calendar & Day Planner.dat
[2012/11/25 06:00:46 | 000,024,576 | ---- | C] () -- C:\savedbcd
[2012/09/18 10:20:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012/04/19 18:28:58 | 000,000,592 | ---- | C] () -- C:\Windows\TimePassages.ini
[2012/03/01 07:48:49 | 000,870,466 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/01 11:55:59 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/11/01 11:55:59 | 000,191,688 | ---- | C] () -- C:\Windows\flicker.dll
[2011/11/01 11:55:59 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011/11/01 11:55:59 | 000,011,976 | ---- | C] () -- C:\Windows\setpwlin.exe
[2011/11/01 11:55:59 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011/11/01 11:55:59 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011/11/01 11:48:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== LOP Check ==========

[2012/11/15 10:37:39 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Amazon
[2012/12/14 04:25:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\FreeFileViewer
[2012/11/21 17:38:04 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\MicroST
[2012/09/18 10:20:26 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Netscape
[2012/03/19 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\OpenOffice.org
[2012/06/13 23:11:37 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\PDFlite
[2011/11/18 17:03:27 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SnapTeam
[2012/08/17 18:01:27 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Watchtower
[2012/08/21 08:02:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\webex
[2012/02/28 19:44:56 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\WildTangent
[2012/12/23 11:30:00 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2012/12/23 08:13:47 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
[2012/05/30 07:30:31 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
SallyMae

SallyMae

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts
Thank you so much for your time. Here are the log files you requested:

Security Check:


Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 33
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 11.5.502.135
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````


ADW:

# AdwCleaner v2.001 - Logfile created 12/23/2012 at 23:01:15
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Acer - ACER-ASPIRE5552
# Boot Mode : Normal
# Running from : C:\Users\Acer\Desktop\Clean up tools\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKLM\Software\Freeze.com

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\prefs.js

C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1347 octets] - [23/12/2012 23:01:15]

########## EOF - C:\AdwCleaner[S2].txt - [1407 octets] ##########


RogueCleaner:

RogueKiller V8.4.1 [Dec 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Acer [Admin rights]
Mode : Remove -- Date : 12/23/2012 23:09:33

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

˙ž1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVT-22A23T0 ATA Device +++++
--- User ---
[MBR] d4e268715a5fe6cd3fce2a1d3c345b66
[BSP] 5310c9ee4642070bccb925fc86b2812e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29362176 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29566976 | Size: 224037 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12232012_02d2309.txt >>
RKreport[1]_S_12232012_02d2308.txt ; RKreport[2]_D_12232012_02d2309.txt



Thanks again, eagerly awaiting your reply.
  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#5
SallyMae

SallyMae

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts
Pasted below is the combofix log. Just out of curiosity a did a Google search to see what would happen once Combofix was done. I Googled "handheld chess games". I clicked one of the links and I am still getting redirects. The pages I am being redirected to look like some of the many I found in a list for the Google Redirect Virus. Thank You again for your time.


Combofix log:

ComboFix 12-12-25.02 - Acer 12/25/2012 8:56.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2542 [GMT -5:00]
Running from: c:\users\Acer\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Acer\AppData\Roaming\MicroST
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DefaultTabUpdate
.
.
((((((((((((((((((((((((( Files Created from 2012-11-25 to 2012-12-25 )))))))))))))))))))))))))))))))
.
.
2012-12-25 14:36 . 2012-12-25 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-25 14:36 . 2012-12-25 14:36 -------- d-----w- c:\users\Administrator2\AppData\Local\temp
2012-12-25 05:51 . 2012-12-25 05:51 -------- d-----w- c:\users\Acer\AppData\Local\ElevatedDiagnostics
2012-12-25 04:27 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{512EA478-A0B3-4D1F-85AD-CA605CF1F988}\mpengine.dll
2012-12-24 04:13 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-23 13:11 . 2012-12-23 13:11 -------- d-----w- c:\users\Acer\AppData\Roaming\Apple Computer
2012-12-23 12:08 . 2012-12-23 12:08 -------- d-----w- c:\users\Acer\AppData\Local\Apple Computer
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-23 11:49 . 2012-12-23 11:49 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-23 11:49 . 2012-12-23 11:49 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-23 11:49 . 2012-12-23 11:49 -------- d-----w- c:\programdata\Apple Computer
2012-12-23 11:26 . 2012-12-23 11:26 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-12-23 11:26 . 2012-12-23 11:26 -------- d-----w- c:\users\Acer\AppData\Local\Apple
2012-12-23 11:26 . 2012-12-23 11:26 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-12-23 11:26 . 2012-12-23 11:26 -------- d-----w- c:\programdata\Apple
2012-12-23 07:14 . 2012-12-23 07:14 -------- d-----w- c:\users\Acer\.thumbnails
2012-12-23 07:04 . 2012-12-23 07:04 -------- d-----w- c:\users\Acer\AppData\Local\fontconfig
2012-12-23 07:04 . 2012-12-23 07:21 -------- d-----w- c:\users\Acer\.gimp-2.8
2012-12-23 07:04 . 2012-12-23 07:04 -------- d-----w- c:\users\Acer\AppData\Local\gegl-0.2
2012-12-23 07:00 . 2012-12-23 07:02 -------- d-----w- c:\program files\GIMP 2
2012-12-21 09:31 . 2012-12-21 09:17 59237 ----a-w- C:\sessionstore.js.js
2012-12-21 08:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 08:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 08:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 08:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 09:22 . 2012-12-14 09:25 -------- d-----w- c:\users\Acer\AppData\Roaming\FreeFileViewer
2012-12-13 11:24 . 2012-12-13 11:25 -------- d-----w- c:\users\Acer\AppData\Local\FreeFileViewer
2012-12-13 11:09 . 2012-12-21 11:19 -------- d-----w- c:\users\Acer\AppData\Local\FileTypeAssistant
2012-12-13 11:09 . 2012-12-25 11:11 -------- d-----w- c:\program files (x86)\File Type Assistant
2012-12-13 11:08 . 2012-12-13 11:08 -------- d-----w- c:\program files (x86)\FreeFileViewer
2012-12-13 11:07 . 2012-12-23 13:12 -------- d-----w- c:\users\Acer\AppData\Local\The Weather Channel
2012-12-11 20:01 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-11 20:01 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-11-28 08:38 . 2012-11-28 08:38 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53156F28-CC09-4411-862F-63C7E2153D50}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 08:02 . 2012-03-07 12:27 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 05:53 . 2012-04-28 12:08 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 05:53 . 2012-03-01 01:16 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-25 12:55 . 2012-11-25 12:55 131584 ----a-w- c:\windows\SysWow64\SpoonUninstall.exe
2012-10-25 08:12 . 2012-10-25 08:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 08:12 . 2012-10-25 08:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 04:14 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 04:14 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 04:14 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-15 23:15 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 23:15 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 23:15 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 23:15 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-11 20:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 23:15 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 23:15 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 23:15 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 23:15 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 23:15 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 23:15 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 23:15 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 23:15 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 23:15 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 23:15 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 23:15 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-30 00:54 . 2012-03-01 12:45 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-27 12:46 . 2012-06-12 19:56 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-21 5629312]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-28 98304]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
.
c:\users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
PinkCal.lnk - c:\program files (x86)\Pink Calendar\PinkCal.exe [2012-11-25 503808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-02 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-10-14 140672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-28 203264]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-14 384040]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-04-28 38528]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 05:53]
.
2012-12-25 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2012-12-13 16:16]
.
2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01 13:02]
.
2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01 13:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-21 11444840]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\ootag.exe" [2010-02-23 13856]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20121250,6902,0,63,0&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-eyeBeam SIP Client - (no file)
Wow6432Node-HKCU-Run-DW7 - c:\program files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-mwlDaemon - c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Pink Calendar & Day Planner - c:\windows\system32\SpoonUninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-12-25 10:36:44 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-25 15:36
.
Pre-Run: 179,628,859,392 bytes free
Post-Run: 181,054,963,712 bytes free
.
- - End Of File - - 45BFA86C3669F2BAE2BF2555882D4B65
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#7
SallyMae

SallyMae

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts
Um, I don't know if I did something wrong or what but for some reason I ended up with two log files from TDSSKiller. One is much smaller than the other and was produced about four minutes earlier. Should I post both?
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
yes go ahead and post both please



gringo
  • 0

#9
SallyMae

SallyMae

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts
TDSS log 1:

09:19:29.0201 4124 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:19:29.0713 4124 ============================================================
09:19:29.0714 4124 Current date / time: 2012/12/26 09:19:29.0713
09:19:29.0714 4124 SystemInfo:
09:19:29.0714 4124
09:19:29.0714 4124 OS Version: 6.1.7601 ServicePack: 1.0
09:19:29.0714 4124 Product type: Workstation
09:19:29.0714 4124 ComputerName: ACER-ASPIRE5552
09:19:29.0714 4124 UserName: Acer
09:19:29.0714 4124 Windows directory: C:\Windows
09:19:29.0715 4124 System windows directory: C:\Windows
09:19:29.0715 4124 Running under WOW64
09:19:29.0715 4124 Processor architecture: Intel x64
09:19:29.0715 4124 Number of processors: 2
09:19:29.0715 4124 Page size: 0x1000
09:19:29.0715 4124 Boot type: Normal boot
09:19:29.0715 4124 ============================================================
09:19:31.0553 4124 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:19:31.0558 4124 ============================================================
09:19:31.0558 4124 \Device\Harddisk0\DR0:
09:19:31.0559 4124 MBR partitions:
09:19:31.0559 4124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
09:19:31.0559 4124 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x1B592800
09:19:31.0559 4124 ============================================================
09:19:31.0629 4124 C: <-> \Device\Harddisk0\DR0\Partition2
09:19:31.0630 4124 ============================================================
09:19:31.0630 4124 Initialize success
09:19:31.0630 4124 ============================================================
09:20:31.0637 4540 Deinitialize success

TDSS Log 2:

09:23:02.0752 2940 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:23:03.0605 2940 ============================================================
09:23:03.0605 2940 Current date / time: 2012/12/26 09:23:03.0605
09:23:03.0605 2940 SystemInfo:
09:23:03.0605 2940
09:23:03.0605 2940 OS Version: 6.1.7601 ServicePack: 1.0
09:23:03.0605 2940 Product type: Workstation
09:23:03.0605 2940 ComputerName: ACER-ASPIRE5552
09:23:03.0606 2940 UserName: Acer
09:23:03.0606 2940 Windows directory: C:\Windows
09:23:03.0606 2940 System windows directory: C:\Windows
09:23:03.0606 2940 Running under WOW64
09:23:03.0606 2940 Processor architecture: Intel x64
09:23:03.0606 2940 Number of processors: 2
09:23:03.0606 2940 Page size: 0x1000
09:23:03.0606 2940 Boot type: Normal boot
09:23:03.0606 2940 ============================================================
09:23:09.0626 2940 BG loaded
09:23:22.0040 2940 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:22.0227 2940 ============================================================
09:23:22.0227 2940 \Device\Harddisk0\DR0:
09:23:22.0321 2940 MBR partitions:
09:23:22.0321 2940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
09:23:22.0321 2940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x1B592800
09:23:22.0321 2940 ============================================================
09:23:22.0596 2940 C: <-> \Device\Harddisk0\DR0\Partition2
09:23:22.0596 2940 ============================================================
09:23:22.0596 2940 Initialize success
09:23:22.0596 2940 ============================================================
09:26:57.0144 4912 ============================================================
09:26:57.0144 4912 Scan started
09:26:57.0144 4912 Mode: Manual; SigCheck; TDLFS;
09:26:57.0144 4912 ============================================================
09:26:58.0432 4912 ================ Scan system memory ========================
09:26:58.0432 4912 System memory - ok
09:26:58.0434 4912 ================ Scan services =============================
09:26:58.0544 4912 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:26:58.0613 4912 !SASCORE - ok
09:26:58.0837 4912 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:26:58.0920 4912 1394ohci - ok
09:26:59.0093 4912 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:26:59.0144 4912 ACDaemon - ok
09:26:59.0214 4912 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:26:59.0257 4912 ACPI - ok
09:26:59.0292 4912 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:26:59.0398 4912 AcpiPmi - ok
09:26:59.0599 4912 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:26:59.0631 4912 AdobeFlashPlayerUpdateSvc - ok
09:26:59.0707 4912 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:26:59.0746 4912 adp94xx - ok
09:26:59.0765 4912 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:26:59.0784 4912 adpahci - ok
09:26:59.0793 4912 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:26:59.0810 4912 adpu320 - ok
09:26:59.0843 4912 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:27:00.0045 4912 AeLookupSvc - ok
09:27:00.0152 4912 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
09:27:00.0186 4912 Afc - ok
09:27:00.0272 4912 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:27:00.0373 4912 AFD - ok
09:27:00.0423 4912 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:27:00.0441 4912 agp440 - ok
09:27:00.0501 4912 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:27:00.0587 4912 ALG - ok
09:27:00.0605 4912 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:27:00.0635 4912 aliide - ok
09:27:00.0669 4912 [ 9CB927E76D3F65A02741A4D9A690178C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:27:00.0745 4912 AMD External Events Utility - ok
09:27:00.0782 4912 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:27:00.0797 4912 amdide - ok
09:27:00.0822 4912 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:27:00.0899 4912 AmdK8 - ok
09:27:01.0178 4912 [ B8660FB5431F136635FB6446AC67FAAE ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:27:01.0443 4912 amdkmdag - ok
09:27:01.0527 4912 [ 5FC9D833F726383D9D60205F5A3CF16B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:27:01.0578 4912 amdkmdap - ok
09:27:01.0653 4912 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:27:01.0700 4912 AmdPPM - ok
09:27:01.0746 4912 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:27:01.0779 4912 amdsata - ok
09:27:01.0803 4912 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:27:01.0819 4912 amdsbs - ok
09:27:01.0835 4912 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:27:01.0848 4912 amdxata - ok
09:27:01.0883 4912 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:27:02.0100 4912 AppID - ok
09:27:02.0139 4912 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:27:02.0226 4912 AppIDSvc - ok
09:27:02.0256 4912 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:27:02.0336 4912 Appinfo - ok
09:27:02.0404 4912 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:27:02.0419 4912 arc - ok
09:27:02.0427 4912 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:27:02.0452 4912 arcsas - ok
09:27:02.0592 4912 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:27:02.0649 4912 aspnet_state - ok
09:27:02.0655 4912 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:27:02.0740 4912 AsyncMac - ok
09:27:02.0769 4912 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:27:02.0798 4912 atapi - ok
09:27:02.0887 4912 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:27:02.0988 4912 athr - ok
09:27:03.0064 4912 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:27:03.0099 4912 AtiHDAudioService - ok
09:27:03.0136 4912 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
09:27:03.0161 4912 AtiPcie - ok
09:27:03.0214 4912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:27:03.0320 4912 AudioEndpointBuilder - ok
09:27:03.0346 4912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:27:03.0389 4912 AudioSrv - ok
09:27:03.0419 4912 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:27:03.0521 4912 AxInstSV - ok
09:27:03.0567 4912 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:27:03.0631 4912 b06bdrv - ok
09:27:03.0655 4912 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:27:03.0693 4912 b57nd60a - ok
09:27:03.0857 4912 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:27:03.0948 4912 BCM43XX - ok
09:27:03.0981 4912 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:27:04.0037 4912 BDESVC - ok
09:27:04.0108 4912 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:27:04.0202 4912 Beep - ok
09:27:04.0256 4912 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:27:04.0335 4912 BFE - ok
09:27:04.0426 4912 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
09:27:04.0539 4912 BITS - ok
09:27:04.0607 4912 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:27:04.0639 4912 blbdrive - ok
09:27:04.0703 4912 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:27:04.0765 4912 bowser - ok
09:27:04.0798 4912 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:27:04.0872 4912 BrFiltLo - ok
09:27:04.0887 4912 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:27:04.0905 4912 BrFiltUp - ok
09:27:04.0922 4912 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:27:05.0023 4912 BridgeMP - ok
09:27:05.0062 4912 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:27:05.0095 4912 Browser - ok
09:27:05.0113 4912 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:27:05.0183 4912 Brserid - ok
09:27:05.0212 4912 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:27:05.0260 4912 BrSerWdm - ok
09:27:05.0279 4912 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:27:05.0342 4912 BrUsbMdm - ok
09:27:05.0351 4912 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:27:05.0374 4912 BrUsbSer - ok
09:27:05.0381 4912 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:27:05.0429 4912 BTHMODEM - ok
09:27:05.0475 4912 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:27:05.0547 4912 bthserv - ok
09:27:05.0593 4912 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:27:05.0675 4912 cdfs - ok
09:27:05.0745 4912 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:27:05.0792 4912 cdrom - ok
09:27:05.0835 4912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:27:05.0907 4912 CertPropSvc - ok
09:27:05.0932 4912 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:27:05.0961 4912 circlass - ok
09:27:06.0038 4912 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:27:06.0073 4912 CLFS - ok
09:27:06.0123 4912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:27:06.0153 4912 clr_optimization_v2.0.50727_32 - ok
09:27:06.0178 4912 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:27:06.0192 4912 clr_optimization_v2.0.50727_64 - ok
09:27:06.0268 4912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:27:06.0428 4912 clr_optimization_v4.0.30319_32 - ok
09:27:06.0482 4912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:27:06.0549 4912 clr_optimization_v4.0.30319_64 - ok
09:27:06.0614 4912 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:27:06.0655 4912 CmBatt - ok
09:27:06.0699 4912 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:27:06.0729 4912 cmdide - ok
09:27:06.0807 4912 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:27:06.0858 4912 CNG - ok
09:27:06.0887 4912 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:27:06.0899 4912 Compbatt - ok
09:27:06.0933 4912 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:27:06.0967 4912 CompositeBus - ok
09:27:06.0988 4912 COMSysApp - ok
09:27:07.0021 4912 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:27:07.0034 4912 crcdisk - ok
09:27:07.0074 4912 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:27:07.0108 4912 CryptSvc - ok
09:27:07.0167 4912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:27:07.0262 4912 DcomLaunch - ok
09:27:07.0311 4912 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:27:07.0400 4912 defragsvc - ok
09:27:07.0467 4912 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:27:07.0548 4912 DfsC - ok
09:27:07.0593 4912 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:27:07.0648 4912 Dhcp - ok
09:27:07.0678 4912 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:27:07.0748 4912 discache - ok
09:27:07.0798 4912 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:27:07.0830 4912 Disk - ok
09:27:07.0892 4912 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:27:07.0963 4912 Dnscache - ok
09:27:08.0013 4912 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:27:08.0082 4912 dot3svc - ok
09:27:08.0128 4912 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:27:08.0173 4912 DPS - ok
09:27:08.0198 4912 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:27:08.0225 4912 drmkaud - ok
09:27:08.0315 4912 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:27:08.0505 4912 DsiWMIService - ok
09:27:08.0605 4912 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:27:08.0640 4912 DXGKrnl - ok
09:27:08.0704 4912 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:27:08.0793 4912 EapHost - ok
09:27:08.0911 4912 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:27:09.0072 4912 ebdrv - ok
09:27:09.0123 4912 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:27:09.0189 4912 EFS - ok
09:27:09.0276 4912 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:27:09.0343 4912 ehRecvr - ok
09:27:09.0384 4912 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:27:09.0416 4912 ehSched - ok
09:27:09.0467 4912 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:27:09.0522 4912 elxstor - ok
09:27:09.0651 4912 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:27:09.0711 4912 ePowerSvc - ok
09:27:09.0748 4912 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:27:09.0786 4912 ErrDev - ok
09:27:09.0844 4912 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:27:09.0927 4912 EventSystem - ok
09:27:09.0951 4912 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:27:09.0999 4912 exfat - ok
09:27:10.0070 4912 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:27:10.0136 4912 fastfat - ok
09:27:10.0190 4912 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:27:10.0291 4912 Fax - ok
09:27:10.0317 4912 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:27:10.0350 4912 fdc - ok
09:27:10.0378 4912 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:27:10.0429 4912 fdPHost - ok
09:27:10.0444 4912 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:27:10.0538 4912 FDResPub - ok
09:27:10.0584 4912 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:27:10.0598 4912 FileInfo - ok
09:27:10.0621 4912 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:27:10.0684 4912 Filetrace - ok
09:27:10.0780 4912 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:27:10.0823 4912 FLEXnet Licensing Service - ok
09:27:10.0850 4912 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:27:10.0880 4912 flpydisk - ok
09:27:10.0929 4912 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:27:10.0962 4912 FltMgr - ok
09:27:11.0037 4912 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:27:11.0104 4912 FontCache - ok
09:27:11.0200 4912 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:27:11.0228 4912 FontCache3.0.0.0 - ok
09:27:11.0270 4912 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:27:11.0300 4912 FsDepends - ok
09:27:11.0365 4912 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:27:11.0395 4912 Fs_Rec - ok
09:27:11.0447 4912 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:27:11.0495 4912 fvevol - ok
09:27:11.0518 4912 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:27:11.0531 4912 gagp30kx - ok
09:27:11.0627 4912 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
09:27:11.0655 4912 GameConsoleService - ok
09:27:11.0729 4912 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:27:11.0815 4912 gpsvc - ok
09:27:11.0935 4912 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:27:11.0961 4912 gupdate - ok
09:27:11.0979 4912 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:27:11.0998 4912 gupdatem - ok
09:27:12.0018 4912 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:27:12.0071 4912 hcw85cir - ok
09:27:12.0135 4912 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:27:12.0183 4912 HdAudAddService - ok
09:27:12.0208 4912 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:27:12.0263 4912 HDAudBus - ok
09:27:12.0296 4912 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:27:12.0315 4912 HidBatt - ok
09:27:12.0323 4912 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:27:12.0354 4912 HidBth - ok
09:27:12.0363 4912 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:27:12.0382 4912 HidIr - ok
09:27:12.0420 4912 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:27:12.0501 4912 hidserv - ok
09:27:12.0562 4912 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:27:12.0594 4912 HidUsb - ok
09:27:12.0635 4912 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:27:12.0713 4912 hkmsvc - ok
09:27:12.0752 4912 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:27:12.0816 4912 HomeGroupListener - ok
09:27:12.0865 4912 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:27:12.0913 4912 HomeGroupProvider - ok
09:27:12.0956 4912 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:27:12.0989 4912 HpSAMD - ok
09:27:13.0030 4912 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:27:13.0108 4912 HTTP - ok
09:27:13.0149 4912 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:27:13.0178 4912 hwpolicy - ok
09:27:13.0222 4912 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:27:13.0249 4912 i8042prt - ok
09:27:13.0309 4912 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:27:13.0342 4912 iaStorV - ok
09:27:13.0413 4912 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:27:13.0491 4912 idsvc - ok
09:27:13.0521 4912 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:27:13.0534 4912 iirsp - ok
09:27:13.0594 4912 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:27:13.0668 4912 IKEEXT - ok
09:27:13.0797 4912 [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:27:13.0878 4912 IntcAzAudAddService - ok
09:27:13.0905 4912 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:27:13.0921 4912 intelide - ok
09:27:13.0944 4912 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:27:13.0971 4912 intelppm - ok
09:27:14.0009 4912 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:27:14.0068 4912 IPBusEnum - ok
09:27:14.0109 4912 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:27:14.0187 4912 IpFilterDriver - ok
09:27:14.0249 4912 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:27:14.0321 4912 iphlpsvc - ok
09:27:14.0361 4912 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:27:14.0380 4912 IPMIDRV - ok
09:27:14.0414 4912 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:27:14.0487 4912 IPNAT - ok
09:27:14.0504 4912 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:27:14.0609 4912 IRENUM - ok
09:27:14.0649 4912 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:27:14.0678 4912 isapnp - ok
09:27:14.0721 4912 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:27:14.0744 4912 iScsiPrt - ok
09:27:14.0851 4912 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
09:27:14.0893 4912 k57nd60a - ok
09:27:14.0912 4912 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:27:14.0937 4912 kbdclass - ok
09:27:14.0975 4912 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:27:15.0013 4912 kbdhid - ok
09:27:15.0035 4912 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:27:15.0065 4912 KeyIso - ok
09:27:15.0107 4912 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:27:15.0134 4912 KSecDD - ok
09:27:15.0168 4912 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:27:15.0191 4912 KSecPkg - ok
09:27:15.0229 4912 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:27:15.0299 4912 ksthunk - ok
09:27:15.0342 4912 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:27:15.0439 4912 KtmRm - ok
09:27:15.0511 4912 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:27:15.0595 4912 LanmanServer - ok
09:27:15.0636 4912 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:27:15.0702 4912 LanmanWorkstation - ok
09:27:15.0725 4912 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:27:15.0822 4912 lltdio - ok
09:27:15.0852 4912 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:27:15.0905 4912 lltdsvc - ok
09:27:15.0924 4912 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:27:15.0977 4912 lmhosts - ok
09:27:16.0038 4912 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:27:16.0073 4912 LSI_FC - ok
09:27:16.0084 4912 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:27:16.0105 4912 LSI_SAS - ok
09:27:16.0113 4912 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:27:16.0130 4912 LSI_SAS2 - ok
09:27:16.0139 4912 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:27:16.0159 4912 LSI_SCSI - ok
09:27:16.0208 4912 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:27:16.0291 4912 luafv - ok
09:27:16.0384 4912 [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
09:27:16.0421 4912 McAfee SiteAdvisor Service - ok
09:27:16.0456 4912 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:27:16.0497 4912 Mcx2Svc - ok
09:27:16.0519 4912 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:27:16.0537 4912 megasas - ok
09:27:16.0546 4912 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:27:16.0569 4912 MegaSR - ok
09:27:16.0598 4912 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:27:16.0665 4912 MMCSS - ok
09:27:16.0672 4912 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:27:16.0730 4912 Modem - ok
09:27:16.0778 4912 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:27:16.0827 4912 monitor - ok
09:27:16.0877 4912 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:27:16.0903 4912 mouclass - ok
09:27:16.0934 4912 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:27:16.0961 4912 mouhid - ok
09:27:16.0995 4912 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:27:17.0025 4912 mountmgr - ok
09:27:17.0131 4912 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:27:17.0161 4912 MozillaMaintenance - ok
09:27:17.0224 4912 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:27:17.0263 4912 MpFilter - ok
09:27:17.0304 4912 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:27:17.0319 4912 mpio - ok
09:27:17.0398 4912 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:27:17.0458 4912 mpsdrv - ok
09:27:17.0522 4912 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:27:17.0600 4912 MpsSvc - ok
09:27:17.0647 4912 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:27:17.0710 4912 MRxDAV - ok
09:27:17.0744 4912 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:27:17.0806 4912 mrxsmb - ok
09:27:17.0867 4912 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:27:17.0918 4912 mrxsmb10 - ok
09:27:17.0986 4912 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:27:18.0017 4912 mrxsmb20 - ok
09:27:18.0053 4912 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:27:18.0083 4912 msahci - ok
09:27:18.0106 4912 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:27:18.0135 4912 msdsm - ok
09:27:18.0170 4912 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:27:18.0220 4912 MSDTC - ok
09:27:18.0266 4912 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:27:18.0316 4912 Msfs - ok
09:27:18.0329 4912 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:27:18.0388 4912 mshidkmdf - ok
09:27:18.0434 4912 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:27:18.0461 4912 msisadrv - ok
09:27:18.0493 4912 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:27:18.0569 4912 MSiSCSI - ok
09:27:18.0575 4912 msiserver - ok
09:27:18.0595 4912 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:27:18.0652 4912 MSKSSRV - ok
09:27:18.0752 4912 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:27:18.0788 4912 MsMpSvc - ok
09:27:18.0804 4912 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:27:18.0855 4912 MSPCLOCK - ok
09:27:18.0869 4912 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:27:18.0920 4912 MSPQM - ok
09:27:18.0968 4912 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:27:19.0003 4912 MsRPC - ok
09:27:19.0036 4912 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:27:19.0058 4912 mssmbios - ok
09:27:19.0146 4912 MSSQL$SQLEXPRESS - ok
09:27:19.0231 4912 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:27:19.0263 4912 MSSQLServerADHelper100 - ok
09:27:19.0300 4912 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:27:19.0354 4912 MSTEE - ok
09:27:19.0368 4912 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:27:19.0398 4912 MTConfig - ok
09:27:19.0441 4912 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:27:19.0454 4912 Mup - ok
09:27:19.0493 4912 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:27:19.0535 4912 napagent - ok
09:27:19.0553 4912 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:27:19.0584 4912 NativeWifiP - ok
09:27:19.0627 4912 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:27:19.0661 4912 NDIS - ok
09:27:19.0679 4912 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:27:19.0732 4912 NdisCap - ok
09:27:19.0751 4912 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:27:19.0787 4912 NdisTapi - ok
09:27:19.0820 4912 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:27:19.0873 4912 Ndisuio - ok
09:27:19.0904 4912 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:27:19.0950 4912 NdisWan - ok
09:27:19.0989 4912 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:27:20.0040 4912 NDProxy - ok
09:27:20.0095 4912 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:27:20.0182 4912 NetBIOS - ok
09:27:20.0221 4912 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:27:20.0284 4912 NetBT - ok
09:27:20.0302 4912 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:27:20.0321 4912 Netlogon - ok
09:27:20.0367 4912 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:27:20.0455 4912 Netman - ok
09:27:20.0528 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:27:20.0585 4912 NetMsmqActivator - ok
09:27:20.0594 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:27:20.0605 4912 NetPipeActivator - ok
09:27:20.0640 4912 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:27:20.0694 4912 netprofm - ok
09:27:20.0701 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:27:20.0720 4912 NetTcpActivator - ok
09:27:20.0726 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:27:20.0746 4912 NetTcpPortSharing - ok
09:27:20.0781 4912 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:27:20.0794 4912 nfrd960 - ok
09:27:20.0855 4912 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:27:20.0891 4912 NisDrv - ok
09:27:20.0959 4912 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:27:20.0996 4912 NisSrv - ok
09:27:21.0019 4912 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:27:21.0050 4912 NlaSvc - ok
09:27:21.0121 4912 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:27:21.0179 4912 Npfs - ok
09:27:21.0212 4912 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:27:21.0295 4912 nsi - ok
09:27:21.0321 4912 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:27:21.0389 4912 nsiproxy - ok
09:27:21.0469 4912 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:27:21.0557 4912 Ntfs - ok
09:27:21.0672 4912 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:27:21.0700 4912 NTI IScheduleSvc - ok
09:27:21.0772 4912 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:27:21.0804 4912 NTIDrvr - ok
09:27:21.0820 4912 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:27:21.0897 4912 Null - ok
09:27:21.0943 4912 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:27:21.0973 4912 nvraid - ok
09:27:21.0988 4912 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:27:22.0003 4912 nvstor - ok
09:27:22.0021 4912 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:27:22.0036 4912 nv_agp - ok
09:27:22.0074 4912 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:27:22.0090 4912 ohci1394 - ok
09:27:22.0126 4912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:27:22.0164 4912 p2pimsvc - ok
09:27:22.0187 4912 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:27:22.0208 4912 p2psvc - ok
09:27:22.0238 4912 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:27:22.0254 4912 Parport - ok
09:27:22.0308 4912 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:27:22.0333 4912 partmgr - ok
09:27:22.0355 4912 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:27:22.0409 4912 PcaSvc - ok
09:27:22.0458 4912 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:27:22.0494 4912 pci - ok
09:27:22.0529 4912 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:27:22.0556 4912 pciide - ok
09:27:22.0597 4912 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:27:22.0631 4912 pcmcia - ok
09:27:22.0644 4912 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:27:22.0667 4912 pcw - ok
09:27:22.0736 4912 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:27:22.0794 4912 PEAUTH - ok
09:27:22.0919 4912 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:27:22.0968 4912 PerfHost - ok
09:27:23.0061 4912 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:27:23.0161 4912 pla - ok
09:27:23.0199 4912 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:27:23.0280 4912 PlugPlay - ok
09:27:23.0318 4912 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:27:23.0334 4912 PNRPAutoReg - ok
09:27:23.0359 4912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:27:23.0375 4912 PNRPsvc - ok
09:27:23.0428 4912 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:27:23.0536 4912 PolicyAgent - ok
09:27:23.0586 4912 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:27:23.0673 4912 Power - ok
09:27:23.0692 4912 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:27:23.0777 4912 PptpMiniport - ok
09:27:23.0796 4912 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:27:23.0829 4912 Processor - ok
09:27:23.0867 4912 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:27:23.0937 4912 ProfSvc - ok
09:27:23.0957 4912 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:27:23.0969 4912 ProtectedStorage - ok
09:27:24.0041 4912 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:27:24.0107 4912 Psched - ok
09:27:24.0156 4912 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:27:24.0215 4912 ql2300 - ok
09:27:24.0225 4912 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:27:24.0241 4912 ql40xx - ok
09:27:24.0275 4912 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:27:24.0336 4912 QWAVE - ok
09:27:24.0352 4912 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:27:24.0390 4912 QWAVEdrv - ok
09:27:24.0407 4912 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:27:24.0459 4912 RasAcd - ok
09:27:24.0504 4912 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:27:24.0542 4912 RasAgileVpn - ok
09:27:24.0574 4912 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:27:24.0631 4912 RasAuto - ok
09:27:24.0666 4912 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:27:24.0719 4912 Rasl2tp - ok
09:27:24.0765 4912 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:27:24.0838 4912 RasMan - ok
09:27:24.0870 4912 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:27:24.0978 4912 RasPppoe - ok
09:27:24.0986 4912 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:27:25.0046 4912 RasSstp - ok
09:27:25.0104 4912 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:27:25.0148 4912 rdbss - ok
09:27:25.0174 4912 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:27:25.0198 4912 rdpbus - ok
09:27:25.0215 4912 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:27:25.0288 4912 RDPCDD - ok
09:27:25.0304 4912 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:27:25.0368 4912 RDPENCDD - ok
09:27:25.0408 4912 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:27:25.0446 4912 RDPREFMP - ok
09:27:25.0492 4912 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:27:25.0549 4912 RDPWD - ok
09:27:25.0626 4912 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:27:25.0660 4912 rdyboost - ok
09:27:25.0681 4912 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:27:25.0782 4912 RemoteAccess - ok
09:27:25.0812 4912 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:27:25.0874 4912 RemoteRegistry - ok
09:27:25.0888 4912 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:27:25.0950 4912 RpcEptMapper - ok
09:27:25.0994 4912 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:27:26.0051 4912 RpcLocator - ok
09:27:26.0122 4912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
09:27:26.0189 4912 RpcSs - ok
09:27:26.0235 4912 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
09:27:26.0272 4912 RsFx0103 - ok
09:27:26.0303 4912 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:27:26.0366 4912 rspndr - ok
09:27:26.0457 4912 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
09:27:26.0499 4912 RSUSBSTOR - ok
09:27:26.0513 4912 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:27:26.0535 4912 SamSs - ok
09:27:26.0609 4912 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:27:26.0640 4912 SASDIFSV - ok
09:27:26.0663 4912 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:27:26.0694 4912 SASKUTIL - ok
09:27:26.0736 4912 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:27:26.0769 4912 sbp2port - ok
09:27:26.0812 4912 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:27:26.0877 4912 SCardSvr - ok
09:27:26.0908 4912 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:27:26.0986 4912 scfilter - ok
09:27:27.0050 4912 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:27:27.0148 4912 Schedule - ok
09:27:27.0190 4912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:27:27.0241 4912 SCPolicySvc - ok
09:27:27.0285 4912 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:27:27.0344 4912 SDRSVC - ok
09:27:27.0377 4912 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:27:27.0433 4912 secdrv - ok
09:27:27.0477 4912 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:27:27.0548 4912 seclogon - ok
09:27:27.0582 4912 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:27:27.0633 4912 SENS - ok
09:27:27.0650 4912 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:27:27.0714 4912 SensrSvc - ok
09:27:27.0729 4912 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:27:27.0759 4912 Serenum - ok
09:27:27.0782 4912 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:27:27.0802 4912 Serial - ok
09:27:27.0832 4912 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:27:27.0861 4912 sermouse - ok
09:27:27.0901 4912 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:27:27.0982 4912 SessionEnv - ok
09:27:28.0016 4912 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:27:28.0068 4912 sffdisk - ok
09:27:28.0093 4912 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:27:28.0127 4912 sffp_mmc - ok
09:27:28.0152 4912 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:27:28.0192 4912 sffp_sd - ok
09:27:28.0220 4912 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:27:28.0238 4912 sfloppy - ok
09:27:28.0275 4912 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:27:28.0352 4912 SharedAccess - ok
09:27:28.0395 4912 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:27:28.0478 4912 ShellHWDetection - ok
09:27:28.0531 4912 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:27:28.0545 4912 SiSRaid2 - ok
09:27:28.0552 4912 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:27:28.0566 4912 SiSRaid4 - ok
09:27:28.0575 4912 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:27:28.0633 4912 Smb - ok
09:27:28.0677 4912 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:27:28.0720 4912 SNMPTRAP - ok
09:27:28.0762 4912 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:27:28.0778 4912 spldr - ok
09:27:28.0826 4912 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:27:28.0870 4912 Spooler - ok
09:27:28.0992 4912 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:27:29.0100 4912 sppsvc - ok
09:27:29.0165 4912 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:27:29.0245 4912 sppuinotify - ok
09:27:29.0332 4912 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
09:27:29.0364 4912 SQLAgent$SQLEXPRESS - ok
09:27:29.0435 4912 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:27:29.0469 4912 SQLBrowser - ok
09:27:29.0549 4912 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:27:29.0581 4912 SQLWriter - ok
09:27:29.0653 4912 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:27:29.0728 4912 srv - ok
09:27:29.0796 4912 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:27:29.0831 4912 srv2 - ok
09:27:29.0906 4912 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:27:29.0938 4912 srvnet - ok
09:27:29.0983 4912 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:27:30.0080 4912 SSDPSRV - ok
09:27:30.0089 4912 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:27:30.0131 4912 SstpSvc - ok
09:27:30.0191 4912 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:27:30.0219 4912 stexstor - ok
09:27:30.0267 4912 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:27:30.0305 4912 stisvc - ok
09:27:30.0336 4912 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:27:30.0347 4912 swenum - ok
09:27:30.0393 4912 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:27:30.0479 4912 swprv - ok
09:27:30.0538 4912 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:27:30.0580 4912 SynTP - ok
09:27:30.0670 4912 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:27:30.0743 4912 SysMain - ok
09:27:30.0782 4912 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:27:30.0821 4912 TabletInputService - ok
09:27:30.0863 4912 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:27:30.0939 4912 TapiSrv - ok
09:27:30.0972 4912 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:27:31.0012 4912 TBS - ok
09:27:31.0097 4912 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:27:31.0188 4912 Tcpip - ok
09:27:31.0229 4912 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:27:31.0270 4912 TCPIP6 - ok
09:27:31.0355 4912 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:27:31.0405 4912 tcpipreg - ok
09:27:31.0458 4912 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:27:31.0516 4912 TDPIPE - ok
09:27:31.0542 4912 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:27:31.0597 4912 TDTCP - ok
09:27:31.0650 4912 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:27:31.0696 4912 tdx - ok
09:27:31.0752 4912 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:27:31.0780 4912 TermDD - ok
09:27:31.0835 4912 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:27:31.0886 4912 TermService - ok
09:27:31.0920 4912 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:27:31.0973 4912 Themes - ok
09:27:32.0010 4912 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:27:32.0069 4912 THREADORDER - ok
09:27:32.0087 4912 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:27:32.0151 4912 TrkWks - ok
09:27:32.0220 4912 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:27:32.0304 4912 TrustedInstaller - ok
09:27:32.0342 4912 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:27:32.0423 4912 tssecsrv - ok
09:27:32.0488 4912 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:27:32.0547 4912 TsUsbFlt - ok
09:27:32.0594 4912 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:27:32.0675 4912 tunnel - ok
09:27:32.0703 4912 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:27:32.0716 4912 uagp35 - ok
09:27:32.0763 4912 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:27:32.0781 4912 UBHelper - ok
09:27:32.0833 4912 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:27:32.0912 4912 udfs - ok
09:27:32.0953 4912 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:27:32.0971 4912 UI0Detect - ok
09:27:32.0989 4912 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:27:33.0003 4912 uliagpkx - ok
09:27:33.0061 4912 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:27:33.0103 4912 umbus - ok
09:27:33.0132 4912 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:27:33.0174 4912 UmPass - ok
09:27:33.0275 4912 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:27:33.0312 4912 Updater Service - ok
09:27:33.0349 4912 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:27:33.0417 4912 upnphost - ok
09:27:33.0502 4912 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:27:33.0544 4912 usbccgp - ok
09:27:33.0600 4912 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:27:33.0639 4912 usbcir - ok
09:27:33.0662 4912 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:27:33.0688 4912 usbehci - ok
09:27:33.0744 4912 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
09:27:33.0778 4912 usbfilter - ok
09:27:33.0826 4912 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:27:33.0875 4912 usbhub - ok
09:27:33.0945 4912 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:27:33.0983 4912 usbohci - ok
09:27:34.0014 4912 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:27:34.0047 4912 usbprint - ok
09:27:34.0066 4912 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:27:34.0093 4912 USBSTOR - ok
09:27:34.0105 4912 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:27:34.0130 4912 usbuhci - ok
09:27:34.0200 4912 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:27:34.0240 4912 usbvideo - ok
09:27:34.0264 4912 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:27:34.0345 4912 UxSms - ok
09:27:34.0368 4912 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:27:34.0396 4912 VaultSvc - ok
09:27:34.0427 4912 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:27:34.0442 4912 vdrvroot - ok
09:27:34.0495 4912 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:27:34.0589 4912 vds - ok
09:27:34.0626 4912 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:27:34.0661 4912 vga - ok
09:27:34.0680 4912 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:27:34.0750 4912 VgaSave - ok
09:27:34.0793 4912 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:27:34.0831 4912 vhdmp - ok
09:27:34.0875 4912 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:27:34.0904 4912 viaide - ok
09:27:34.0956 4912 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:27:34.0974 4912 volmgr - ok
09:27:35.0014 4912 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:27:35.0052 4912 volmgrx - ok
09:27:35.0074 4912 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:27:35.0092 4912 volsnap - ok
09:27:35.0117 4912 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:27:35.0133 4912 vsmraid - ok
09:27:35.0214 4912 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:27:35.0339 4912 VSS - ok
09:27:35.0352 4912 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:27:35.0399 4912 vwifibus - ok
09:27:35.0452 4912 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:27:35.0514 4912 vwififlt - ok
09:27:35.0557 4912 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:27:35.0618 4912 W32Time - ok
09:27:35.0652 4912 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:27:35.0687 4912 WacomPen - ok
09:27:35.0722 4912 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:27:35.0788 4912 WANARP - ok
09:27:35.0793 4912 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:27:35.0835 4912 Wanarpv6 - ok
09:27:35.0969 4912 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:27:36.0050 4912 WatAdminSvc - ok
09:27:36.0130 4912 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:27:36.0248 4912 wbengine - ok
09:27:36.0276 4912 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:27:36.0305 4912 WbioSrvc - ok
09:27:36.0343 4912 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:27:36.0388 4912 wcncsvc - ok
09:27:36.0408 4912 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:27:36.0428 4912 WcsPlugInService - ok
09:27:36.0463 4912 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:27:36.0476 4912 Wd - ok
09:27:36.0538 4912 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:27:36.0615 4912 Wdf01000 - ok
09:27:36.0641 4912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:27:36.0759 4912 WdiServiceHost - ok
09:27:36.0765 4912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:27:36.0796 4912 WdiSystemHost - ok
09:27:36.0827 4912 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:27:36.0868 4912 WebClient - ok
09:27:36.0896 4912 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:27:36.0955 4912 Wecsvc - ok
09:27:36.0977 4912 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:27:37.0035 4912 wercplsupport - ok
09:27:37.0044 4912 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:27:37.0095 4912 WerSvc - ok
09:27:37.0165 4912 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:27:37.0226 4912 WfpLwf - ok
09:27:37.0241 4912 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:27:37.0254 4912 WIMMount - ok
09:27:37.0273 4912 WinDefend - ok
09:27:37.0289 4912 WinHttpAutoProxySvc - ok
09:27:37.0394 4912 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:27:37.0464 4912 Winmgmt - ok
09:27:37.0539 4912 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:27:37.0654 4912 WinRM - ok
09:27:37.0731 4912 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:27:37.0762 4912 WinUsb - ok
09:27:37.0852 4912 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:27:37.0900 4912 Wlansvc - ok
09:27:37.0941 4912 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:27:37.0987 4912 WmiAcpi - ok
09:27:38.0086 4912 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:27:38.0146 4912 wmiApSrv - ok
09:27:38.0171 4912 WMPNetworkSvc - ok
09:27:38.0198 4912 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:27:38.0227 4912 WPCSvc - ok
09:27:38.0270 4912 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:27:38.0310 4912 WPDBusEnum - ok
09:27:38.0371 4912 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:27:38.0459 4912 ws2ifsl - ok
09:27:38.0560 4912 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:27:38.0620 4912 wscsvc - ok
09:27:38.0651 4912 WSearch - ok
09:27:38.0803 4912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:27:38.0862 4912 wuauserv - ok
09:27:38.0934 4912 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:27:39.0032 4912 WudfPf - ok
09:27:39.0112 4912 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:27:39.0156 4912 WUDFRd - ok
09:27:39.0210 4912 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:27:39.0266 4912 wudfsvc - ok
09:27:39.0297 4912 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:27:39.0342 4912 WwanSvc - ok
09:27:39.0376 4912 ================ Scan global ===============================
09:27:39.0425 4912 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:27:39.0466 4912 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
09:27:39.0477 4912 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
09:27:39.0530 4912 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:27:39.0555 4912 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:27:39.0563 4912 [Global] - ok
09:27:39.0565 4912 ================ Scan MBR ==================================
09:27:39.0591 4912 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:28:03.0640 4912 \Device\Harddisk0\DR0 - ok
09:28:03.0641 4912 ================ Scan VBR ==================================
09:28:03.0722 4912 [ A5FB44982CD85D0CE06BB4CF3AC355D9 ] \Device\Harddisk0\DR0\Partition1
09:28:03.0727 4912 \Device\Harddisk0\DR0\Partition1 - ok
09:28:03.0757 4912 [ 8FC449446537A7E13BC2600D985F7B94 ] \Device\Harddisk0\DR0\Partition2
09:28:03.0761 4912 \Device\Harddisk0\DR0\Partition2 - ok
09:28:03.0762 4912 ================ Scan active images ========================
09:28:03.0768 4912 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
09:28:03.0769 4912 C:\Windows\System32\drivers\crashdmp.sys - ok
09:28:03.0782 4912 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
09:28:03.0782 4912 C:\Windows\System32\drivers\Dumpata.sys - ok
09:28:03.0794 4912 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
09:28:03.0794 4912 C:\Windows\System32\drivers\dumpfve.sys - ok
09:28:03.0803 4912 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
09:28:03.0803 4912 C:\Windows\System32\drivers\msahci.sys - ok
09:28:03.0814 4912 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
09:28:03.0814 4912 C:\Windows\System32\drivers\beep.sys - ok
09:28:03.0822 4912 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
09:28:03.0822 4912 C:\Windows\System32\drivers\cdrom.sys - ok
09:28:03.0830 4912 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
09:28:03.0830 4912 C:\Windows\System32\drivers\null.sys - ok
09:28:03.0838 4912 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
09:28:03.0838 4912 C:\Windows\System32\drivers\RDPCDD.sys - ok
09:28:03.0845 4912 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
09:28:03.0845 4912 C:\Windows\System32\drivers\RDPENCDD.sys - ok
09:28:03.0853 4912 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
09:28:03.0853 4912 C:\Windows\System32\drivers\RDPREFMP.sys - ok
09:28:03.0859 4912 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
09:28:03.0860 4912 C:\Windows\System32\drivers\vga.sys - ok
09:28:03.0867 4912 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
09:28:03.0867 4912 C:\Windows\System32\drivers\videoprt.sys - ok
09:28:03.0873 4912 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
09:28:03.0873 4912 C:\Windows\System32\drivers\watchdog.sys - ok
09:28:03.0880 4912 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
09:28:03.0880 4912 C:\Windows\System32\drivers\msfs.sys - ok
09:28:03.0887 4912 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
09:28:03.0888 4912 C:\Windows\System32\drivers\npfs.sys - ok
09:28:03.0894 4912 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
09:28:03.0894 4912 C:\Windows\System32\drivers\tdi.sys - ok
09:28:03.0900 4912 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
09:28:03.0900 4912 C:\Windows\System32\drivers\tdx.sys - ok
09:28:03.0906 4912 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
09:28:03.0906 4912 C:\Windows\System32\drivers\afd.sys - ok
09:28:03.0913 4912 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
09:28:03.0913 4912 C:\Windows\System32\drivers\netbt.sys - ok
09:28:03.0920 4912 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
09:28:03.0920 4912 C:\Windows\System32\drivers\netbios.sys - ok
09:28:03.0926 4912 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
09:28:03.0926 4912 C:\Windows\System32\drivers\pacer.sys - ok
09:28:03.0929 4912 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
09:28:03.0930 4912 C:\Windows\System32\drivers\vwififlt.sys - ok
09:28:03.0938 4912 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
09:28:03.0938 4912 C:\Windows\System32\drivers\wfplwf.sys - ok
09:28:03.0944 4912 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
09:28:03.0944 4912 C:\Windows\System32\drivers\ws2ifsl.sys - ok
09:28:03.0951 4912 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
09:28:03.0951 4912 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
09:28:03.0957 4912 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
09:28:03.0957 4912 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
09:28:03.0964 4912 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
09:28:03.0964 4912 C:\Windows\System32\drivers\termdd.sys - ok
09:28:03.0970 4912 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
09:28:03.0970 4912 C:\Windows\System32\drivers\wanarp.sys - ok
09:28:03.0976 4912 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
09:28:03.0976 4912 C:\Windows\System32\drivers\nsiproxy.sys - ok
09:28:03.0984 4912 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
09:28:03.0984 4912 C:\Windows\System32\drivers\rdbss.sys - ok
09:28:03.0990 4912 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
09:28:03.0990 4912 C:\Windows\System32\drivers\mssmbios.sys - ok
09:28:03.0996 4912 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
09:28:03.0996 4912 C:\Windows\System32\drivers\discache.sys - ok
09:28:04.0008 4912 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
09:28:04.0008 4912 C:\Windows\System32\drivers\dfsc.sys - ok
09:28:04.0016 4912 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
09:28:04.0016 4912 C:\Windows\System32\drivers\blbdrive.sys - ok
09:28:04.0027 4912 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
09:28:04.0028 4912 C:\Windows\System32\drivers\tunnel.sys - ok
09:28:04.0035 4912 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
09:28:04.0035 4912 C:\Windows\System32\drivers\amdppm.sys - ok
09:28:04.0041 4912 [ 5FC9D833F726383D9D60205F5A3CF16B ] C:\Windows\System32\drivers\atikmpag.sys
09:28:04.0041 4912 C:\Windows\System32\drivers\atikmpag.sys - ok
09:28:04.0047 4912 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
09:28:04.0048 4912 C:\Windows\System32\ntdll.dll - ok
09:28:04.0054 4912 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
09:28:04.0054 4912 C:\Windows\System32\smss.exe - ok
09:28:04.0060 4912 [ B8660FB5431F136635FB6446AC67FAAE ] C:\Windows\System32\drivers\atikmdag.sys
09:28:04.0060 4912 C:\Windows\System32\drivers\atikmdag.sys - ok
09:28:04.0067 4912 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
09:28:04.0067 4912 C:\Windows\System32\autochk.exe - ok
09:28:04.0074 4912 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
09:28:04.0074 4912 C:\Windows\System32\drivers\dxgkrnl.sys - ok
09:28:04.0081 4912 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
09:28:04.0081 4912 C:\Windows\System32\drivers\dxgmms1.sys - ok
09:28:04.0088 4912 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
09:28:04.0088 4912 C:\Windows\System32\drivers\hdaudbus.sys - ok
09:28:04.0094 4912 [ 37E053A2CF8F0082B689ED74106E0CEC ] C:\Windows\System32\drivers\k57nd60a.sys
09:28:04.0094 4912 C:\Windows\System32\drivers\k57nd60a.sys - ok
09:28:04.0102 4912 [ 2D659B569A76CDB83B815675A80D7096 ] C:\Windows\System32\drivers\BCMWL664.SYS
09:28:04.0102 4912 C:\Windows\System32\drivers\BCMWL664.SYS - ok
09:28:04.0108 4912 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
09:28:04.0108 4912 C:\Windows\System32\drivers\vwifibus.sys - ok
09:28:04.0114 4912 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] C:\Windows\SysWOW64\drivers\afc.sys
09:28:04.0114 4912 C:\Windows\SysWOW64\drivers\afc.sys - ok
09:28:04.0120 4912 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] C:\Windows\System32\drivers\UBHelper.sys
09:28:04.0121 4912 C:\Windows\System32\drivers\UBHelper.sys - ok
09:28:04.0127 4912 [ EE3BA1024594D5D09E314F206B94069E ] C:\Windows\System32\drivers\NTIDrvr.sys
09:28:04.0127 4912 C:\Windows\System32\drivers\NTIDrvr.sys - ok
09:28:04.0134 4912 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
09:28:04.0134 4912 C:\Windows\System32\drivers\usbohci.sys - ok
09:28:04.0140 4912 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
09:28:04.0140 4912 C:\Windows\System32\drivers\usbport.sys - ok
09:28:04.0146 4912 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
09:28:04.0146 4912 C:\Windows\System32\drivers\usbehci.sys - ok
09:28:04.0154 4912 [ DC2B306861F42EEEB92EF525F4119F08 ] C:\Windows\System32\drivers\usbfilter.sys
09:28:04.0154 4912 C:\Windows\System32\drivers\usbfilter.sys - ok
09:28:04.0160 4912 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
09:28:04.0160 4912 C:\Windows\System32\drivers\i8042prt.sys - ok
09:28:04.0166 4912 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
09:28:04.0167 4912 C:\Windows\System32\drivers\kbdclass.sys - ok
09:28:04.0173 4912 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
09:28:04.0173 4912 C:\Windows\System32\drivers\usbd.sys - ok
09:28:04.0179 4912 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] C:\Windows\System32\drivers\SynTP.sys
09:28:04.0179 4912 C:\Windows\System32\drivers\SynTP.sys - ok
09:28:04.0184 4912 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
09:28:04.0184 4912 C:\Windows\System32\drivers\CmBatt.sys - ok
09:28:04.0192 4912 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
09:28:04.0192 4912 C:\Windows\System32\drivers\mouclass.sys - ok
09:28:04.0199 4912 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
09:28:04.0199 4912 C:\Windows\System32\drivers\wmiacpi.sys - ok
09:28:04.0205 4912 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
09:28:04.0205 4912 C:\Windows\System32\drivers\agilevpn.sys - ok
09:28:04.0211 4912 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
09:28:04.0212 4912 C:\Windows\System32\drivers\CompositeBus.sys - ok
09:28:04.0218 4912 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
09:28:04.0218 4912 C:\Windows\System32\drivers\ndistapi.sys - ok
09:28:04.0224 4912 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
09:28:04.0224 4912 C:\Windows\System32\drivers\rasl2tp.sys - ok
09:28:04.0231 4912 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
09:28:04.0231 4912 C:\Windows\System32\drivers\ndiswan.sys - ok
09:28:04.0237 4912 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
09:28:04.0237 4912 C:\Windows\System32\drivers\raspppoe.sys - ok
09:28:04.0243 4912 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
09:28:04.0243 4912 C:\Windows\System32\drivers\raspptp.sys - ok
09:28:04.0250 4912 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
09:28:04.0250 4912 C:\Windows\System32\drivers\rassstp.sys - ok
09:28:04.0256 4912 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
09:28:04.0256 4912 C:\Windows\System32\drivers\ks.sys - ok
09:28:04.0262 4912 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
09:28:04.0262 4912 C:\Windows\System32\drivers\swenum.sys - ok
09:28:04.0269 4912 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
09:28:04.0269 4912 C:\Windows\System32\drivers\umbus.sys - ok
09:28:04.0275 4912 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
09:28:04.0275 4912 C:\Windows\System32\Wldap32.dll - ok
09:28:04.0281 4912 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
09:28:04.0281 4912 C:\Windows\System32\drivers\usbhub.sys - ok
09:28:04.0287 4912 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
09:28:04.0288 4912 C:\Windows\System32\imm32.dll - ok
09:28:04.0296 4912 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
09:28:04.0297 4912 C:\Windows\System32\drivers\ndproxy.sys - ok
09:28:04.0300 4912 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
09:28:04.0301 4912 C:\Windows\System32\drivers\drmk.sys - ok
09:28:04.0307 4912 [ E02B26650ACC2F4901342D4A66774AD7 ] C:\Windows\System32\drivers\AtihdW76.sys
09:28:04.0307 4912 C:\Windows\System32\drivers\AtihdW76.sys - ok
09:28:04.0313 4912 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
09:28:04.0313 4912 C:\Windows\System32\drivers\ksthunk.sys - ok
09:28:04.0319 4912 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
09:28:04.0320 4912 C:\Windows\System32\drivers\portcls.sys - ok
09:28:04.0325 4912 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
09:28:04.0326 4912 C:\Windows\System32\shell32.dll - ok
09:28:04.0333 4912 [ D311E2DD59A34079D89C249B2A4D9FDB ] C:\Windows\System32\drivers\RTKVHD64.sys
09:28:04.0333 4912 C:\Windows\System32\drivers\RTKVHD64.sys - ok
09:28:04.0338 4912 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
09:28:04.0339 4912 C:\Windows\System32\drivers\cdfs.sys - ok
09:28:04.0344 4912 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
09:28:04.0345 4912 C:\Windows\System32\oleaut32.dll - ok
09:28:04.0351 4912 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
09:28:04.0351 4912 C:\Windows\System32\msvcrt.dll - ok
09:28:04.0357 4912 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
09:28:04.0357 4912 C:\Windows\System32\drivers\usbccgp.sys - ok
09:28:04.0363 4912 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
09:28:04.0364 4912 C:\Windows\System32\drivers\usbvideo.sys - ok
09:28:04.0370 4912 [ C41A504715F1BC09105D1FE8B46E9B2C ] C:\Windows\System32\iertutil.dll
09:28:04.0370 4912 C:\Windows\System32\iertutil.dll - ok
09:28:04.0376 4912 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
09:28:04.0376 4912 C:\Windows\System32\difxapi.dll - ok
09:28:04.0382 4912 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
09:28:04.0383 4912 C:\Windows\System32\sechost.dll - ok
09:28:04.0389 4912 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
09:28:04.0389 4912 C:\Windows\System32\advapi32.dll - ok
09:28:04.0395 4912 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
09:28:04.0395 4912 C:\Windows\System32\psapi.dll - ok
09:28:04.0401 4912 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
09:28:04.0401 4912 C:\Windows\System32\setupapi.dll - ok
09:28:04.0407 4912 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
09:28:04.0407 4912 C:\Windows\System32\user32.dll - ok
09:28:04.0413 4912 [ 74E96226CB92225E40AACC0E42D27AC0 ] C:\Windows\System32\urlmon.dll
09:28:04.0413 4912 C:\Windows\System32\urlmon.dll - ok
09:28:04.0420 4912 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
09:28:04.0420 4912 C:\Windows\System32\gdi32.dll - ok
09:28:04.0426 4912 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
09:28:04.0426 4912 C:\Windows\System32\rpcrt4.dll - ok
09:28:04.0429 4912 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
09:28:04.0429 4912 C:\Windows\System32\lpk.dll - ok
09:28:04.0436 4912 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
09:28:04.0436 4912 C:\Windows\System32\usp10.dll - ok
09:28:04.0442 4912 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
09:28:04.0442 4912 C:\Windows\System32\imagehlp.dll - ok
09:28:04.0449 4912 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
09:28:04.0449 4912 C:\Windows\System32\kernel32.dll - ok
09:28:04.0456 4912 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
09:28:04.0456 4912 C:\Windows\System32\msctf.dll - ok
09:28:04.0461 4912 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
09:28:04.0461 4912 C:\Windows\System32\comdlg32.dll - ok
09:28:04.0468 4912 [ 7E04D13661FB771CA4FDBB836AD0BA49 ] C:\Windows\System32\wininet.dll
09:28:04.0468 4912 C:\Windows\System32\wininet.dll - ok
09:28:04.0474 4912 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
09:28:04.0474 4912 C:\Windows\System32\ole32.dll - ok
09:28:04.0480 4912 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
09:28:04.0480 4912 C:\Windows\System32\ws2_32.dll - ok
09:28:04.0486 4912 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
09:28:04.0487 4912 C:\Windows\System32\shlwapi.dll - ok
09:28:04.0493 4912 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
09:28:04.0493 4912 C:\Windows\System32\clbcatq.dll - ok
09:28:04.0499 4912 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
09:28:04.0499 4912 C:\Windows\System32\cfgmgr32.dll - ok
09:28:04.0505 4912 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
09:28:04.0505 4912 C:\Windows\System32\KernelBase.dll - ok
09:28:04.0511 4912 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
09:28:04.0511 4912 C:\Windows\System32\normaliz.dll - ok
09:28:04.0518 4912 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
09:28:04.0518 4912 C:\Windows\System32\nsi.dll - ok
09:28:04.0524 4912 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
09:28:04.0524 4912 C:\Windows\System32\comctl32.dll - ok
09:28:04.0530 4912 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
09:28:04.0530 4912 C:\Windows\System32\wintrust.dll - ok
09:28:04.0536 4912 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
09:28:04.0537 4912 C:\Windows\System32\crypt32.dll - ok
09:28:04.0543 4912 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
09:28:04.0543 4912 C:\Windows\System32\devobj.dll - ok
09:28:04.0549 4912 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
09:28:04.0549 4912 C:\Windows\System32\msasn1.dll - ok
09:28:04.0555 4912 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
09:28:04.0555 4912 C:\Windows\SysWOW64\normaliz.dll - ok
09:28:04.0561 4912 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
09:28:04.0561 4912 C:\Windows\System32\drivers\dxapi.sys - ok
09:28:04.0567 4912 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
09:28:04.0568 4912 C:\Windows\System32\win32k.sys - ok
09:28:04.0573 4912 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
09:28:04.0574 4912 C:\Windows\System32\csrsrv.dll - ok
09:28:04.0580 4912 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
09:28:04.0580 4912 C:\Windows\System32\csrss.exe - ok
09:28:04.0586 4912 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
09:28:04.0586 4912 C:\Windows\System32\basesrv.dll - ok
09:28:04.0592 4912 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
09:28:04.0592 4912 C:\Windows\System32\winsrv.dll - ok
09:28:04.0599 4912 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
09:28:04.0599 4912 C:\Windows\System32\drivers\monitor.sys - ok
09:28:04.0605 4912 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
09:28:04.0605 4912 C:\Windows\System32\tsddd.dll - ok
09:28:04.0611 4912 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
09:28:04.0611 4912 C:\Windows\System32\sxssrv.dll - ok
09:28:04.0617 4912 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
09:28:04.0617 4912 C:\Windows\System32\wininit.exe - ok
09:28:04.0623 4912 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
09:28:04.0623 4912 C:\Windows\System32\cdd.dll - ok
09:28:04.0629 4912 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
09:28:04.0629 4912 C:\Windows\System32\profapi.dll - ok
09:28:04.0636 4912 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
09:28:04.0636 4912 C:\Windows\System32\KBDUS.DLL - ok
09:28:04.0642 4912 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
09:28:04.0642 4912 C:\Windows\System32\RpcRtRemote.dll - ok
09:28:04.0649 4912 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
09:28:04.0649 4912 C:\Windows\System32\WlS0WndH.dll - ok
09:28:04.0655 4912 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
09:28:04.0655 4912 C:\Windows\System32\sxs.dll - ok
09:28:04.0661 4912 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
09:28:04.0661 4912 C:\Windows\System32\cryptbase.dll - ok
09:28:04.0667 4912 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
09:28:04.0667 4912 C:\Windows\System32\apphelp.dll - ok
09:28:04.0673 4912 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
09:28:04.0673 4912 C:\Windows\System32\lsasrv.dll - ok
09:28:04.0679 4912 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
09:28:04.0679 4912 C:\Windows\System32\lsass.exe - ok
09:28:04.0683 4912 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
09:28:04.0683 4912 C:\Windows\System32\services.exe - ok
09:28:04.0689 4912 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
09:28:04.0690 4912 C:\Windows\System32\sspisrv.dll - ok
09:28:04.0695 4912 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
09:28:04.0695 4912 C:\Windows\System32\lsm.exe - ok
09:28:04.0702 4912 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
09:28:04.0702 4912 C:\Windows\System32\sspicli.dll - ok
09:28:04.0708 4912 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
09:28:04.0708 4912 C:\Windows\System32\sysntfy.dll - ok
09:28:04.0714 4912 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
09:28:04.0714 4912 C:\Windows\System32\wmsgapi.dll - ok
09:28:04.0720 4912 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
09:28:04.0721 4912 C:\Windows\System32\samsrv.dll - ok
09:28:04.0726 4912 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
09:28:04.0726 4912 C:\Windows\System32\scesrv.dll - ok
09:28:04.0732 4912 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
09:28:04.0733 4912 C:\Windows\System32\scext.dll - ok
09:28:04.0739 4912 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
09:28:04.0739 4912 C:\Windows\System32\secur32.dll - ok
09:28:04.0745 4912 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
09:28:04.0745 4912 C:\Windows\System32\cryptdll.dll - ok
09:28:04.0751 4912 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
09:28:04.0751 4912 C:\Windows\System32\wevtapi.dll - ok
09:28:04.0757 4912 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
09:28:04.0757 4912 C:\Windows\System32\authz.dll - ok
09:28:04.0763 4912 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
09:28:04.0763 4912 C:\Windows\System32\cngaudit.dll - ok
09:28:04.0770 4912 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
09:28:04.0770 4912 C:\Windows\System32\srvcli.dll - ok
09:28:04.0776 4912 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
09:28:04.0776 4912 C:\Windows\System32\ncrypt.dll - ok
09:28:04.0782 4912 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
09:28:04.0782 4912 C:\Windows\System32\bcrypt.dll - ok
09:28:04.0788 4912 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
09:28:04.0789 4912 C:\Windows\System32\msprivs.dll - ok
09:28:04.0795 4912 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
09:28:04.0795 4912 C:\Windows\System32\netjoin.dll - ok
09:28:04.0801 4912 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
09:28:04.0801 4912 C:\Windows\System32\kerberos.dll - ok
09:28:04.0807 4912 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
09:28:04.0807 4912 C:\Windows\System32\negoexts.dll - ok
09:28:04.0813 4912 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
09:28:04.0813 4912 C:\Windows\System32\cryptsp.dll - ok
09:28:04.0820 4912 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
09:28:04.0820 4912 C:\Windows\System32\mswsock.dll - ok
09:28:04.0826 4912 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
09:28:04.0826 4912 C:\Windows\System32\wship6.dll - ok
09:28:04.0833 4912 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
09:28:04.0833 4912 C:\Windows\System32\msv1_0.dll - ok
09:28:04.0839 4912 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
09:28:04.0839 4912 C:\Windows\System32\netlogon.dll - ok
09:28:04.0845 4912 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
09:28:04.0845 4912 C:\Windows\System32\dnsapi.dll - ok
09:28:04.0851 4912 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
09:28:04.0851 4912 C:\Windows\System32\logoncli.dll - ok
09:28:04.0857 4912 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
09:28:04.0857 4912 C:\Windows\System32\schannel.dll - ok
09:28:04.0863 4912 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
09:28:04.0863 4912 C:\Windows\System32\wdigest.dll - ok
09:28:04.0870 4912 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
09:28:04.0870 4912 C:\Windows\System32\rsaenh.dll - ok
09:28:04.0876 4912 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
09:28:04.0876 4912 C:\Windows\System32\TSpkg.dll - ok
09:28:04.0882 4912 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
09:28:04.0882 4912 C:\Windows\System32\pku2u.dll - ok
09:28:04.0888 4912 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
09:28:04.0888 4912 C:\Windows\System32\bcryptprimitives.dll - ok
09:28:04.0894 4912 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
09:28:04.0895 4912 C:\Windows\System32\credssp.dll - ok
09:28:04.0901 4912 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
09:28:04.0901 4912 C:\Windows\System32\efslsaext.dll - ok
09:28:04.0907 4912 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
09:28:04.0907 4912 C:\Windows\System32\scecli.dll - ok
09:28:04.0913 4912 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
09:28:04.0913 4912 C:\Windows\System32\ubpm.dll - ok
09:28:04.0919 4912 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
09:28:04.0920 4912 C:\Windows\System32\winsta.dll - ok
09:28:04.0925 4912 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
09:28:04.0925 4912 C:\Windows\System32\SPInf.dll - ok
09:28:04.0931 4912 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
09:28:04.0932 4912 C:\Windows\System32\svchost.exe - ok
09:28:04.0943 4912 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
09:28:04.0943 4912 C:\Windows\System32\umpnpmgr.dll - ok
09:28:04.0950 4912 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
09:28:04.0950 4912 C:\Windows\System32\devrtl.dll - ok
09:28:04.0960 4912 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
09:28:04.0960 4912 C:\Windows\System32\userenv.dll - ok
09:28:04.0966 4912 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
09:28:04.0967 4912 C:\Windows\System32\winlogon.exe - ok
09:28:04.0973 4912 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
09:28:04.0974 4912 C:\Windows\System32\gpapi.dll - ok
09:28:04.0979 4912 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
09:28:04.0979 4912 C:\Windows\System32\umpo.dll - ok
09:28:04.0986 4912 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
09:28:04.0986 4912 C:\Windows\System32\pcwum.dll - ok
09:28:04.0993 4912 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
09:28:04.0993 4912 C:\Windows\System32\powrprof.dll - ok
09:28:04.0999 4912 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
09:28:04.0999 4912 C:\Windows\System32\drivers\luafv.sys - ok
09:28:05.0006 4912 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
09:28:05.0006 4912 C:\Windows\System32\drivers\WUDFPf.sys - ok
09:28:05.0012 4912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
09:28:05.0012 4912 C:\Windows\System32\rpcss.dll - ok
09:28:05.0019 4912 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
09:28:05.0019 4912 C:\Windows\System32\RpcEpMap.dll - ok
09:28:05.0025 4912 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
09:28:05.0025 4912 C:\Windows\System32\wshqos.dll - ok
09:28:05.0031 4912 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
09:28:05.0031 4912 C:\Windows\System32\WSHTCPIP.DLL - ok
09:28:05.0038 4912 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
09:28:05.0039 4912 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
09:28:05.0045 4912 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:28:05.0045 4912 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
09:28:05.0052 4912 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
09:28:05.0052 4912 C:\Windows\System32\FirewallAPI.dll - ok
09:28:05.0058 4912 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
09:28:05.0058 4912 C:\Windows\System32\LogonUI.exe - ok
09:28:05.0064 4912 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
09:28:05.0064 4912 C:\Windows\System32\authui.dll - ok
09:28:05.0071 4912 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
09:28:05.0071 4912 C:\Windows\System32\version.dll - ok
09:28:05.0077 4912 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
09:28:05.0077 4912 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
09:28:05.0084 4912 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
09:28:05.0084 4912 C:\Windows\System32\wtsapi32.dll - ok
09:28:05.0090 4912 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
09:28:05.0091 4912 C:\Windows\System32\cryptui.dll - ok
09:28:05.0096 4912 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
09:28:05.0097 4912 C:\Windows\System32\ntmarta.dll - ok
09:28:05.0104 4912 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
09:28:05.0104 4912 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
09:28:05.0112 4912 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
09:28:05.0112 4912 C:\Windows\System32\samlib.dll - ok
09:28:05.0118 4912 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
09:28:05.0118 4912 C:\Windows\System32\shacct.dll - ok
09:28:05.0125 4912 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
09:28:05.0125 4912 C:\Windows\System32\propsys.dll - ok
09:28:05.0131 4912 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
09:28:05.0131 4912 C:\Windows\System32\uxtheme.dll - ok
09:28:05.0139 4912 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
09:28:05.0139 4912 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
09:28:05.0145 4912 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
09:28:05.0145 4912 C:\Windows\System32\dui70.dll - ok
09:28:05.0151 4912 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
09:28:05.0151 4912 C:\Windows\System32\duser.dll - ok
09:28:05.0159 4912 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
09:28:05.0159 4912 C:\Windows\System32\SndVolSSO.dll - ok
09:28:05.0165 4912 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
09:28:05.0165 4912 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
09:28:05.0173 4912 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
09:28:05.0173 4912 C:\Windows\System32\hid.dll - ok
09:28:05.0179 4912 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
09:28:05.0179 4912 C:\Windows\System32\MMDevAPI.dll - ok
09:28:05.0185 4912 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
09:28:05.0186 4912 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
09:28:05.0190 4912 [ 9CB927E76D3F65A02741A4D9A690178C ] C:\Windows\System32\atiesrxx.exe
09:28:05.0190 4912 C:\Windows\System32\atiesrxx.exe - ok
09:28:05.0196 4912 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
09:28:05.0196 4912 C:\Windows\System32\dwmapi.dll - ok
09:28:05.0203 4912 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
09:28:05.0203 4912 C:\Windows\System32\xmllite.dll - ok
09:28:05.0210 4912 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
09:28:05.0210 4912 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
09:28:05.0216 4912 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
09:28:05.0216 4912 C:\Windows\System32\WindowsCodecs.dll - ok
09:28:05.0223 4912 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
09:28:05.0223 4912 C:\Windows\System32\wevtsvc.dll - ok
09:28:05.0229 4912 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
09:28:05.0230 4912 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
09:28:05.0237 4912 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
09:28:05.0237 4912 C:\Windows\System32\drivers\MpFilter.sys - ok
09:28:05.0243 4912 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
09:28:05.0243 4912 C:\Windows\System32\fltLib.dll - ok
09:28:05.0249 4912 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
09:28:05.0250 4912 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
09:28:05.0257 4912 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F653312-E42E-4F19-9C60-3EECE047F06D}\mpengine.dll
09:28:05.0258 4912 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F653312-E42E-4F19-9C60-3EECE047F06D}\mpengine.dll - ok
09:28:05.0264 4912 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
09:28:05.0264 4912 C:\Windows\System32\adtschema.dll - ok
09:28:05.0271 4912 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
09:28:05.0271 4912 C:\Windows\System32\audiosrv.dll - ok
09:28:05.0277 4912 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
09:28:05.0277 4912 C:\Windows\System32\avrt.dll - ok
09:28:05.0283 4912 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
09:28:05.0283 4912 C:\Windows\System32\mmcss.dll - ok
09:28:05.0291 4912 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
09:28:05.0291 4912 C:\Windows\System32\VaultCredProvider.dll - ok
09:28:05.0297 4912 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
09:28:05.0297 4912 C:\Windows\System32\winbrand.dll - ok
09:28:05.0304 4912 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
09:28:05.0304 4912 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
09:28:05.0310 4912 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
09:28:05.0310 4912 C:\Windows\System32\netprofm.dll - ok
09:28:05.0316 4912 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
09:28:05.0316 4912 C:\Windows\System32\BioCredProv.dll - ok
09:28:05.0323 4912 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
09:28:05.0324 4912 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
09:28:05.0330 4912 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
09:28:05.0330 4912 C:\Windows\System32\wlansvc.dll - ok
09:28:05.0337 4912 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
09:28:05.0337 4912 C:\Windows\System32\winbio.dll - ok
09:28:05.0343 4912 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
09:28:05.0343 4912 C:\Windows\System32\credui.dll - ok
09:28:05.0349 4912 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
09:28:05.0349 4912 C:\Windows\System32\drivers\fltMgr.sys - ok
09:28:05.0356 4912 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
09:28:05.0357 4912 C:\Windows\System32\profsvc.dll - ok
09:28:05.0362 4912 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
09:28:05.0363 4912 C:\Windows\System32\audiodg.exe - ok
09:28:05.0369 4912 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
09:28:05.0369 4912 C:\Windows\System32\PSHED.DLL - ok
09:28:05.0376 4912 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
09:28:05.0376 4912 C:\Windows\System32\gpsvc.dll - ok
09:28:05.0382 4912 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
09:28:05.0382 4912 C:\Windows\System32\netapi32.dll - ok
09:28:05.0389 4912 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
09:28:05.0389 4912 C:\Windows\System32\vaultcli.dll - ok
09:28:05.0396 4912 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
09:28:05.0396 4912 C:\Windows\System32\MPSSVC.dll - ok
09:28:05.0402 4912 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
09:28:05.0402 4912 C:\Windows\System32\netutils.dll - ok
09:28:05.0408 4912 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
09:28:05.0408 4912 C:\Windows\System32\wkscli.dll - ok
09:28:05.0414 4912 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
09:28:05.0414 4912 C:\Windows\System32\samcli.dll - ok
09:28:05.0421 4912 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
09:28:05.0421 4912 C:\Windows\System32\certCredProvider.dll - ok
09:28:05.0428 4912 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
09:28:05.0428 4912 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
09:28:05.0435 4912 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
09:28:05.0436 4912 C:\Windows\System32\nlaapi.dll - ok
09:28:05.0440 4912 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
09:28:05.0440 4912 C:\Windows\System32\rasplap.dll - ok
09:28:05.0446 4912 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
09:28:05.0446 4912 C:\Windows\System32\atl.dll - ok
09:28:05.0452 4912 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
09:28:05.0452 4912 C:\Windows\System32\rasapi32.dll - ok
09:28:05.0459 4912 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
09:28:05.0459 4912 C:\Windows\System32\themeservice.dll - ok
09:28:05.0465 4912 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
09:28:05.0465 4912 C:\Windows\System32\dsrole.dll - ok
09:28:05.0472 4912 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
09:28:05.0472 4912 C:\Windows\System32\es.dll - ok
09:28:05.0479 4912 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
09:28:05.0479 4912 C:\Windows\System32\slc.dll - ok
09:28:05.0486 4912 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
09:28:05.0486 4912 C:\Windows\System32\rasman.dll - ok
09:28:05.0491 4912 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
09:28:05.0492 4912 C:\Windows\System32\rtutils.dll - ok
09:28:05.0497 4912 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
09:28:05.0498 4912 C:\Windows\System32\comres.dll - ok
09:28:05.0504 4912 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
09:28:05.0504 4912 C:\Windows\System32\Sens.dll - ok
09:28:05.0511 4912 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
09:28:05.0511 4912 C:\Windows\System32\uxsms.dll - ok
09:28:05.0519 4912 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
09:28:05.0519 4912 C:\Windows\System32\UXInit.dll - ok
09:28:05.0525 4912 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
09:28:05.0525 4912 C:\Windows\System32\WUDFPlatform.dll - ok
09:28:05.0531 4912 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
09:28:05.0531 4912 C:\Windows\System32\WUDFSvc.dll - ok
09:28:05.0538 4912 [ 6D0EC8263689C0297692586AFFE3424F ] C:\Windows\System32\atieclxx.exe
09:28:05.0538 4912 C:\Windows\System32\atieclxx.exe - ok
09:28:05.0545 4912 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
09:28:05.0545 4912 C:\Windows\System32\drivers\lltdio.sys - ok
09:28:05.0551 4912 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
09:28:05.0551 4912 C:\Windows\System32\drivers\nwifi.sys - ok
09:28:05.0559 4912 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
09:28:05.0559 4912 C:\Windows\System32\drivers\ndisuio.sys - ok
09:28:05.0565 4912 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
09:28:05.0565 4912 C:\Windows\System32\drivers\rspndr.sys - ok
09:28:05.0572 4912 [ 4E891E480EF6CF8BC0FF60A3ABB0D947 ] C:\Windows\System32\atiadlxx.dll
09:28:05.0572 4912 C:\Windows\System32\atiadlxx.dll - ok
09:28:05.0579 4912 [ F3E1C8A48ED82DFE93F5CA10AA3F7CEB ] C:\Windows\System32\atimuixx.dll
09:28:05.0579 4912 C:\Windows\System32\atimuixx.dll - ok
09:28:05.0585 4912 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
09:28:05.0585 4912 C:\Windows\System32\imageres.dll - ok
09:28:05.0592 4912 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
09:28:05.0592 4912 C:\Windows\System32\IPHLPAPI.DLL - ok
09:28:05.0598 4912 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
09:28:05.0598 4912 C:\Windows\System32\lmhsvc.dll - ok
09:28:05.0605 4912 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
09:28:05.0605 4912 C:\Windows\System32\nsisvc.dll - ok
09:28:05.0611 4912 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
09:28:05.0611 4912 C:\Windows\System32\dhcpcore.dll - ok
09:28:05.0617 4912 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
09:28:05.0617 4912 C:\Windows\System32\nrpsrv.dll - ok
09:28:05.0625 4912 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
09:28:05.0625 4912 C:\Windows\System32\winnsi.dll - ok
09:28:05.0631 4912 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
09:28:05.0631 4912 C:\Windows\System32\dnsrslvr.dll - ok
09:28:05.0638 4912 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
09:28:05.0638 4912 C:\Windows\System32\eapphost.dll - ok
09:28:05.0644 4912 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
09:28:05.0644 4912 C:\Windows\System32\eapsvc.dll - ok
09:28:05.0650 4912 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
09:28:05.0650 4912 C:\Windows\System32\keyiso.dll - ok
09:28:05.0657 4912 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
09:28:05.0658 4912 C:\Windows\System32\dhcpcore6.dll - ok
09:28:05.0664 4912 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
09:28:05.0664 4912 C:\Windows\System32\FWPUCLNT.DLL - ok
09:28:05.0670 4912 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
09:28:05.0670 4912 C:\Windows\System32\umb.dll - ok
09:28:05.0676 4912 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
09:28:05.0676 4912 C:\Windows\System32\dhcpcsvc.dll - ok
09:28:05.0682 4912 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
09:28:05.0682 4912 C:\Windows\System32\dnsext.dll - ok
09:28:05.0689 4912 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
09:28:05.0689 4912 C:\Windows\System32\wlanmsm.dll - ok
09:28:05.0692 4912 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
09:28:05.0693 4912 C:\Windows\System32\wlansec.dll - ok
09:28:05.0699 4912 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
09:28:05.0699 4912 C:\Windows\System32\onex.dll - ok
09:28:05.0706 4912 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
09:28:05.0706 4912 C:\Windows\System32\dhcpcsvc6.dll - ok
09:28:05.0712 4912 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
09:28:05.0712 4912 C:\Windows\System32\eappcfg.dll - ok
09:28:05.0719 4912 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
09:28:05.0719 4912 C:\Windows\System32\eappprxy.dll - ok
09:28:05.0726 4912 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
09:28:05.0726 4912 C:\Windows\System32\l2gpstore.dll - ok
09:28:05.0732 4912 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
09:28:05.0733 4912 C:\Windows\System32\WinSCard.dll - ok
09:28:05.0740 4912 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
09:28:05.0740 4912 C:\Windows\System32\wlanutil.dll - ok
09:28:05.0746 4912 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
09:28:05.0746 4912 C:\Windows\System32\wlgpclnt.dll - ok
09:28:05.0752 4912 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
09:28:05.0752 4912 C:\Windows\System32\msxml6.dll - ok
09:28:05.0760 4912 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
09:28:05.0760 4912 C:\Windows\System32\shsvcs.dll - ok
09:28:05.0766 4912 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
09:28:05.0766 4912 C:\Windows\System32\wlanext.exe - ok
09:28:05.0773 4912 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
09:28:05.0773 4912 C:\Windows\System32\conhost.exe - ok
09:28:05.0780 4912 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
09:28:05.0780 4912 C:\Windows\System32\schedsvc.dll - ok
09:28:05.0787 4912 [ 6562232C88FA8E900D9FECFD2F7D8699 ] C:\Windows\System32\bcmihvsrv64.dll
09:28:05.0787 4912 C:\Windows\System32\bcmihvsrv64.dll - ok
09:28:05.0793 4912 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
09:28:05.0793 4912 C:\Windows\System32\ktmw32.dll - ok
09:28:05.0799 4912 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
09:28:05.0799 4912 C:\Windows\System32\fveapi.dll - ok
09:28:05.0806 4912 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
09:28:05.0806 4912 C:\Windows\System32\fvecerts.dll - ok
09:28:05.0812 4912 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
09:28:05.0812 4912 C:\Windows\System32\taskcomp.dll - ok
09:28:05.0818 4912 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
09:28:05.0818 4912 C:\Windows\System32\tbs.dll - ok
09:28:05.0825 4912 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
09:28:05.0825 4912 C:\Windows\System32\wiarpc.dll - ok
09:28:05.0831 4912 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
09:28:05.0831 4912 C:\Windows\System32\drivers\http.sys - ok
09:28:05.0839 4912 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
09:28:05.0839 4912 C:\Windows\System32\spoolsv.exe - ok
09:28:05.0848 4912 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
09:28:05.0848 4912 C:\Windows\System32\BFE.DLL - ok
09:28:05.0852 4912 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
09:28:05.0852 4912 C:\Windows\System32\wlanapi.dll - ok
09:28:05.0860 4912 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
09:28:05.0860 4912 C:\Windows\System32\drivers\bowser.sys - ok
09:28:05.0866 4912 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
09:28:05.0866 4912 C:\Windows\System32\drivers\mpsdrv.sys - ok
09:28:05.0872 4912 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
09:28:05.0872 4912 C:\Windows\System32\netcfgx.dll - ok
09:28:05.0878 4912 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
09:28:05.0878 4912 C:\Windows\System32\drivers\mrxsmb.sys - ok
09:28:05.0884 4912 [ 325380E6EA9F558DEF1631A45FB6D041 ] C:\Windows\System32\keymgr.dll
09:28:05.0884 4912 C:\Windows\System32\keymgr.dll - ok
09:28:05.0891 4912 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
09:28:05.0891 4912 C:\Windows\System32\drivers\mrxsmb10.sys - ok
09:28:05.0897 4912 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
09:28:05.0897 4912 C:\Windows\System32\drivers\mrxsmb20.sys - ok
09:28:05.0903 4912 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
09:28:05.0904 4912 C:\Windows\System32\wkssvc.dll - ok
09:28:05.0909 4912 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
09:28:05.0910 4912 C:\Windows\System32\wfapigp.dll - ok
09:28:05.0916 4912 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:28:05.0916 4912 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE - ok
09:28:05.0922 4912 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
09:28:05.0922 4912 C:\Windows\System32\mscms.dll - ok
09:28:05.0928 4912 [ ADC420616C501B45D26C0FD3EF1E54E4 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:28:05.0929 4912 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - ok
09:28:05.0934 4912 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
09:28:05.0935 4912 C:\Windows\SysWOW64\ntdll.dll - ok
09:28:05.0941 4912 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
09:28:05.0941 4912 C:\Windows\System32\pcasvc.dll - ok
09:28:05.0945 4912 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
09:28:05.0945 4912 C:\Windows\System32\snmptrap.exe - ok
09:28:05.0951 4912 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
09:28:05.0951 4912 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
09:28:05.0958 4912 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
09:28:05.0958 4912 C:\Windows\System32\provsvc.dll - ok
09:28:05.0964 4912 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
09:28:05.0964 4912 C:\Windows\System32\wow64.dll - ok
09:28:05.0970 4912 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
09:28:05.0970 4912 C:\Windows\System32\wow64win.dll - ok
09:28:05.0976 4912 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
09:28:05.0976 4912 C:\Windows\System32\sstpsvc.dll - ok
09:28:05.0982 4912 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
09:28:05.0982 4912 C:\Windows\System32\wow64cpu.dll - ok
09:28:05.0988 4912 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
09:28:05.0989 4912 C:\Windows\SysWOW64\kernel32.dll - ok
09:28:05.0994 4912 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
09:28:05.0995 4912 C:\Windows\SysWOW64\KernelBase.dll - ok
09:28:06.0000 4912 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
09:28:06.0001 4912 C:\Windows\SysWOW64\shlwapi.dll - ok
09:28:06.0007 4912 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
09:28:06.0007 4912 C:\Windows\SysWOW64\gdi32.dll - ok
09:28:06.0013 4912 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
09:28:06.0013 4912 C:\Windows\SysWOW64\user32.dll - ok
09:28:06.0019 4912 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
09:28:06.0019 4912 C:\Windows\SysWOW64\advapi32.dll - ok
09:28:06.0025 4912 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
09:28:06.0025 4912 C:\Windows\SysWOW64\msvcrt.dll - ok
09:28:06.0031 4912 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
09:28:06.0031 4912 C:\Windows\SysWOW64\rpcrt4.dll - ok
09:28:06.0038 4912 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
09:28:06.0038 4912 C:\Windows\SysWOW64\sechost.dll - ok
09:28:06.0044 4912 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
09:28:06.0044 4912 C:\Windows\SysWOW64\cryptbase.dll - ok
09:28:06.0050 4912 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
09:28:06.0050 4912 C:\Windows\SysWOW64\lpk.dll - ok
09:28:06.0056 4912 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
09:28:06.0056 4912 C:\Windows\SysWOW64\sspicli.dll - ok
09:28:06.0062 4912 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
09:28:06.0062 4912 C:\Windows\SysWOW64\usp10.dll - ok
09:28:06.0068 4912 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
09:28:06.0068 4912 C:\Windows\SysWOW64\shell32.dll - ok
09:28:06.0075 4912 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
09:28:06.0075 4912 C:\Windows\SysWOW64\psapi.dll - ok
09:28:06.0081 4912 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
09:28:06.0081 4912 C:\Windows\SysWOW64\userenv.dll - ok
09:28:06.0087 4912 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
09:28:06.0087 4912 C:\Windows\SysWOW64\imm32.dll - ok
09:28:06.0093 4912 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
09:28:06.0093 4912 C:\Windows\SysWOW64\profapi.dll - ok
09:28:06.0099 4912 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
09:28:06.0099 4912 C:\Windows\SysWOW64\msctf.dll - ok
09:28:06.0105 4912 [ 9CF46FDF163E06B83D03FF929EF2296C ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:28:06.0106 4912 C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok
09:28:06.0112 4912 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
09:28:06.0112 4912 C:\Windows\System32\cryptsvc.dll - ok
09:28:06.0118 4912 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
09:28:06.0118 4912 C:\Windows\System32\dps.dll - ok
09:28:06.0124 4912 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
09:28:06.0124 4912 C:\Windows\SysWOW64\ole32.dll - ok
09:28:06.0130 4912 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
09:28:06.0130 4912 C:\Windows\System32\cryptnet.dll - ok
09:28:06.0136 4912 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
09:28:06.0136 4912 C:\Windows\System32\vssapi.dll - ok
09:28:06.0143 4912 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
09:28:06.0143 4912 C:\Windows\SysWOW64\setupapi.dll - ok
09:28:06.0149 4912 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
09:28:06.0149 4912 C:\Windows\SysWOW64\wtsapi32.dll - ok
09:28:06.0157 4912 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
09:28:06.0157 4912 C:\Windows\System32\taskschd.dll - ok
09:28:06.0162 4912 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
09:28:06.0162 4912 C:\Windows\SysWOW64\cfgmgr32.dll - ok
09:28:06.0168 4912 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
09:28:06.0168 4912 C:\Windows\System32\vsstrace.dll - ok
09:28:06.0175 4912 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
09:28:06.0175 4912 C:\Windows\SysWOW64\oleaut32.dll - ok
09:28:06.0181 4912 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
09:28:06.0181 4912 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
09:28:06.0187 4912 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
09:28:06.0187 4912 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
09:28:06.0191 4912 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
09:28:06.0191 4912 C:\Windows\System32\wscapi.dll - ok
09:28:06.0197 4912 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
09:28:06.0197 4912 C:\Windows\System32\cabinet.dll - ok
09:28:06.0204 4912 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
09:28:06.0204 4912 C:\Windows\System32\p2pcollab.dll - ok
09:28:06.0210 4912 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
09:28:06.0210 4912 C:\Windows\System32\QAGENTRT.DLL - ok
09:28:06.0216 4912 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
09:28:06.0216 4912 C:\Windows\System32\fveui.dll - ok
09:28:06.0222 4912 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
09:28:06.0223 4912 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
09:28:06.0228 4912 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
09:28:06.0229 4912 C:\Windows\System32\slwga.dll - ok
09:28:06.0234 4912 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
09:28:06.0234 4912 C:\Windows\System32\sppc.dll - ok
09:28:06.0241 4912 [ 66F34E55C30AB8B18240C72F41B7A3D4 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll
09:28:06.0241 4912 C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll - ok
09:28:06.0247 4912 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
09:28:06.0247 4912 C:\Windows\SysWOW64\devobj.dll - ok
09:28:06.0253 4912 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
09:28:06.0253 4912 C:\Windows\SysWOW64\winmm.dll - ok
09:28:06.0259 4912 [ 557A086A4659799D63A9CE474ADFEBE8 ] C:\Windows\SysWOW64\urlmon.dll
09:28:06.0260 4912 C:\Windows\SysWOW64\urlmon.dll - ok
09:28:06.0266 4912 [ 3EA2C4F68A782839D97B3C83595575B6 ] C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:28:06.0266 4912 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe - ok
09:28:06.0272 4912 [ 42C671E0525618E23371D0E68282F37C ] C:\Windows\SysWOW64\wininet.dll
09:28:06.0272 4912 C:\Windows\SysWOW64\wininet.dll - ok
09:28:06.0278 4912 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
09:28:06.0278 4912 C:\Windows\System32\dbghelp.dll - ok
09:28:06.0284 4912 [ C5D48985BADF6CFEDCBCCDD5D92F526D ] C:\Windows\SysWOW64\iertutil.dll
09:28:06.0284 4912 C:\Windows\SysWOW64\iertutil.dll - ok
09:28:06.0291 4912 [ 35F59EB9D0B09E6A8387337AC3133290 ] C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll
09:28:06.0291 4912 C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll - ok
09:28:06.0297 4912 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
09:28:06.0297 4912 C:\Windows\System32\oleacc.dll - ok
09:28:06.0303 4912 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
09:28:06.0303 4912 C:\Windows\System32\winspool.drv - ok
09:28:06.0310 4912 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
09:28:06.0310 4912 C:\Windows\SysWOW64\crypt32.dll - ok
09:28:06.0316 4912 [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] C:\PROGRA~2\McAfee\SITEAD~1\mcsacore.exe
09:28:06.0316 4912 C:\PROGRA~2\McAfee\SITEAD~1\mcsacore.exe - ok
09:28:06.0322 4912 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
09:28:06.0322 4912 C:\Windows\System32\FDResPub.dll - ok
09:28:06.0328 4912 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
09:28:06.0328 4912 C:\Windows\System32\IKEEXT.DLL - ok
09:28:06.0334 4912 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
09:28:06.0334 4912 C:\Windows\System32\WSDApi.dll - ok
09:28:06.0341 4912 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
09:28:06.0341 4912 C:\Windows\SysWOW64\msasn1.dll - ok
09:28:06.0347 4912 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
09:28:06.0347 4912 C:\Windows\SysWOW64\msi.dll - ok
09:28:06.0353 4912 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
09:28:06.0353 4912 C:\Windows\SysWOW64\version.dll - ok
09:28:06.0359 4912 [ 64ECE532B8ABD7E035803515E9C11DC9 ] C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll
09:28:06.0359 4912 C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll - ok
09:28:06.0365 4912 [ 00000000000000000000000000000000 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
09:28:06.0366 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe - ok
09:28:06.0372 4912 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
09:28:06.0373 4912 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
09:28:06.0379 4912 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
09:28:06.0379 4912 C:\Windows\System32\webservices.dll - ok
09:28:06.0385 4912 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
09:28:06.0385 4912 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
09:28:06.0392 4912 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
09:28:06.0392 4912 C:\Windows\System32\vpnikeapi.dll - ok
09:28:06.0398 4912 [ C87E88165D5ACBFAE7DF08BB4DF212EF ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll
09:28:06.0398 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll - ok
09:28:06.0405 4912 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
09:28:06.0405 4912 C:\Windows\System32\pdh.dll - ok
09:28:06.0411 4912 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
09:28:06.0411 4912 C:\Windows\SysWOW64\ntmarta.dll - ok
09:28:06.0417 4912 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
09:28:06.0417 4912 C:\Windows\System32\winmm.dll - ok
09:28:06.0423 4912 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
09:28:06.0423 4912 C:\Windows\SysWOW64\Wldap32.dll - ok
09:28:06.0429 4912 [ 83398851164292684C34F7FC9A236C2D ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll
09:28:06.0429 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll - ok
09:28:06.0436 4912 [ 759B3E957B35C2426B81B81FF62E9AB7 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll
09:28:06.0436 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll - ok
09:28:06.0442 4912 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
09:28:06.0442 4912 C:\Windows\System32\winhttp.dll - ok
09:28:06.0446 4912 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
09:28:06.0446 4912 C:\Windows\System32\webio.dll - ok
09:28:06.0452 4912 [ A0B9E5D9D00322705E804240E4A02684 ] C:\PROGRA~2\McAfee\SITEAD~1\saupkeep.dll
09:28:06.0452 4912 C:\PROGRA~2\McAfee\SITEAD~1\saupkeep.dll - ok
09:28:06.0459 4912 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
09:28:06.0459 4912 C:\Windows\System32\rundll32.exe - ok
09:28:06.0465 4912 [ B1C8444187B377E6A2B9183630B8D906 ] C:\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll
09:28:06.0465 4912 C:\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll - ok
09:28:06.0471 4912 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
09:28:06.0471 4912 C:\Windows\SysWOW64\rundll32.exe - ok
09:28:06.0478 4912 [ AAAF7B5CD55363C7F9F8E00C084E9B27 ] C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
09:28:06.0478 4912 C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll - ok
09:28:06.0484 4912 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
09:28:06.0484 4912 C:\Windows\SysWOW64\imagehlp.dll - ok
09:28:06.0490 4912 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
09:28:06.0490 4912 C:\Windows\System32\netman.dll - ok
09:28:06.0496 4912 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
09:28:06.0496 4912 C:\Windows\SysWOW64\apphelp.dll - ok
09:28:06.0502 4912 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
09:28:06.0502 4912 C:\Windows\AppPatch\AcLayers.dll - ok
09:28:06.0509 4912 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
09:28:06.0509 4912 C:\Windows\SysWOW64\mpr.dll - ok
09:28:06.0515 4912 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
09:28:06.0515 4912 C:\Windows\SysWOW64\winspool.drv - ok
09:28:06.0522 4912 [ E337DE8814EABEDEA01919B94D323078 ] C:\Windows\AppPatch\acwow64.dll
09:28:06.0522 4912 C:\Windows\AppPatch\acwow64.dll - ok
09:28:06.0527 4912 [ E84B3CB28AB4D95C07738AE9937C2734 ] C:\PROGRA~2\McAfee\SITEAD~1\sahook.dll
09:28:06.0527 4912 C:\PROGRA~2\McAfee\SITEAD~1\sahook.dll - ok
09:28:06.0534 4912 [ DB6D118B6E12C8B56D7A7707283763C8 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll
09:28:06.0534 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll - ok
09:28:06.0540 4912 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
09:28:06.0540 4912 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
09:28:06.0546 4912 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
09:28:06.0546 4912 C:\Windows\System32\nlasvc.dll - ok
09:28:06.0552 4912 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
09:28:06.0552 4912 C:\Windows\SysWOW64\uxtheme.dll - ok
09:28:06.0559 4912 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
09:28:06.0559 4912 C:\Windows\SysWOW64\clbcatq.dll - ok
09:28:06.0565 4912 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
09:28:06.0565 4912 C:\Windows\SysWOW64\dwmapi.dll - ok
09:28:06.0571 4912 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
09:28:06.0571 4912 C:\Windows\SysWOW64\cryptsp.dll - ok
09:28:06.0577 4912 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
09:28:06.0577 4912 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
09:28:06.0583 4912 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
09:28:06.0583 4912 C:\Windows\SysWOW64\rsaenh.dll - ok
09:28:06.0590 4912 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
09:28:06.0590 4912 C:\Windows\System32\ncsi.dll - ok
09:28:06.0596 4912 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
09:28:06.0596 4912 C:\Windows\System32\ssdpapi.dll - ok
09:28:06.0602 4912 [ 9A308FCDCCA98A15B6F62D36A272160E ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:28:06.0602 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe - ok
09:28:06.0608 4912 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
09:28:06.0609 4912 C:\Windows\SysWOW64\oleacc.dll - ok
09:28:06.0614 4912 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
09:28:06.0614 4912 C:\Windows\System32\aepic.dll - ok
09:28:06.0620 4912 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
09:28:06.0620 4912 C:\Windows\System32\sfc.dll - ok
09:28:06.0626 4912 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
09:28:06.0627 4912 C:\Windows\System32\sfc_os.dll - ok
09:28:06.0632 4912 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
09:28:06.0633 4912 C:\Windows\System32\drivers\PEAuth.sys - ok
09:28:06.0639 4912 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
09:28:06.0639 4912 C:\Windows\System32\drivers\secdrv.sys - ok
09:28:06.0645 4912 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
09:28:06.0645 4912 C:\Windows\System32\seclogon.dll - ok
09:28:06.0651 4912 [ 6D65985945B03CA59B67D0B73702FC7B ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:28:06.0651 4912 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
09:28:06.0658 4912 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
09:28:06.0658 4912 C:\Windows\System32\drivers\srvnet.sys - ok
09:28:06.0664 4912 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
09:28:06.0664 4912 C:\Windows\System32\httpapi.dll - ok
09:28:06.0670 4912 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
09:28:06.0670 4912 C:\Windows\System32\drivers\tcpipreg.sys - ok
09:28:06.0677 4912 [ 8B7CD1332CDD3B544288A9DA8BD71CF0 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.dll
09:28:06.0677 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.dll - ok
09:28:06.0683 4912 [ C4A00A0C27A6DDC7A7BAFF95C30D420D ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.dll
09:28:06.0683 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.dll - ok
09:28:06.0690 4912 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
09:28:06.0690 4912 C:\Windows\System32\wiaservc.dll - ok
09:28:06.0694 4912 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
09:28:06.0694 4912 C:\Windows\System32\wiatrace.dll - ok
09:28:06.0700 4912 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
09:28:06.0700 4912 C:\Windows\System32\sysmain.dll - ok
09:28:06.0707 4912 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:28:06.0707 4912 C:\Program Files\Acer\Acer Updater\UpdaterService.exe - ok
09:28:06.0713 4912 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
09:28:06.0713 4912 C:\Windows\System32\trkwks.dll - ok
09:28:06.0719 4912 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
09:28:06.0719 4912 C:\Windows\System32\wbem\WMIsvc.dll - ok
09:28:06.0725 4912 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
09:28:06.0725 4912 C:\Windows\System32\aeevts.dll - ok
09:28:06.0731 4912 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
09:28:06.0731 4912 C:\Windows\System32\drivers\srv2.sys - ok
09:28:06.0737 4912 [ 2D426C1E984FFDDB240AB4D4B842838B ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
09:28:06.0738 4912 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
09:28:06.0744 4912 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
09:28:06.0744 4912 C:\Windows\System32\fundisc.dll - ok
09:28:06.0750 4912 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
09:28:06.0750 4912 C:\Windows\System32\cscapi.dll - ok
09:28:06.0756 4912 [ 6C3CAD1816F6DEB7EFBFE73866657F13 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll
09:28:06.0757 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
09:28:06.0763 4912 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
09:28:06.0763 4912 C:\Windows\System32\wbemcomn.dll - ok
09:28:06.0769 4912 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
09:28:06.0769 4912 C:\Windows\System32\browcli.dll - ok
09:28:06.0776 4912 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
09:28:06.0776 4912 C:\Windows\System32\mscoree.dll - ok
09:28:06.0782 4912 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
09:28:06.0782 4912 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
09:28:06.0788 4912 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
09:28:06.0788 4912 C:\Windows\System32\wbem\WinMgmtR.dll - ok
09:28:06.0795 4912 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
09:28:06.0795 4912 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
09:28:06.0801 4912 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
09:28:06.0801 4912 C:\Windows\System32\wbem\fastprox.dll - ok
09:28:06.0807 4912 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
09:28:06.0807 4912 C:\Windows\System32\ntdsapi.dll - ok
09:28:06.0813 4912 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
09:28:06.0813 4912 C:\Windows\System32\wbem\wbemprox.dll - ok
09:28:06.0819 4912 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
09:28:06.0819 4912 C:\Windows\System32\wbem\wbemcore.dll - ok
09:28:06.0826 4912 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
09:28:06.0826 4912 C:\Windows\System32\wbem\esscli.dll - ok
09:28:06.0832 4912 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
09:28:06.0832 4912 C:\Windows\System32\wbem\wbemsvc.dll - ok
09:28:06.0838 4912 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
09:28:06.0838 4912 C:\Windows\System32\wbem\wmiutils.dll - ok
09:28:06.0845 4912 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
09:28:06.0845 4912 C:\Windows\System32\wbem\repdrvfs.dll - ok
09:28:06.0851 4912 [ B8F9C7DBA4DF81E9B47A5DD638C187E0 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.dll
09:28:06.0851 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.dll - ok
09:28:06.0858 4912 [ FE971397C742FAEEDC5D159D15C0338C ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
09:28:06.0858 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll - ok
09:28:06.0864 4912 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
09:28:06.0864 4912 C:\Windows\System32\drivers\srv.sys - ok
09:28:06.0870 4912 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
09:28:06.0870 4912 C:\Windows\System32\iphlpsvc.dll - ok
09:28:06.0877 4912 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
09:28:06.0877 4912 C:\Windows\System32\sqmapi.dll - ok
09:28:06.0887 4912 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
09:28:06.0887 4912 C:\Windows\System32\wdscore.dll - ok
09:28:06.0892 4912 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
09:28:06.0892 4912 C:\Windows\System32\srvsvc.dll - ok
09:28:06.0898 4912 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
09:28:06.0898 4912 C:\Windows\System32\browser.dll - ok
09:28:06.0904 4912 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
09:28:06.0904 4912 C:\Windows\System32\netmsg.dll - ok
09:28:06.0910 4912 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
09:28:06.0911 4912 C:\Windows\System32\sscore.dll - ok
09:28:06.0916 4912 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
09:28:06.0916 4912 C:\Windows\System32\hnetcfg.dll - ok
09:28:06.0923 4912 [ 9648B5A60D82ACE76963BDCAFE40855B ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll
09:28:06.0923 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll - ok
09:28:06.0930 4912 [ 20CF2EDDB3F3E059D1CE651221CB320F ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
09:28:06.0930 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll - ok
09:28:06.0936 4912 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
09:28:06.0936 4912 C:\Windows\SysWOW64\ws2_32.dll - ok
09:28:06.0942 4912 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
09:28:06.0943 4912 C:\Windows\SysWOW64\nsi.dll - ok
09:28:06.0946 4912 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
09:28:06.0946 4912 C:\Windows\SysWOW64\mswsock.dll - ok
09:28:06.0954 4912 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
09:28:06.0954 4912 C:\Windows\SysWOW64\netapi32.dll - ok
09:28:06.0959 4912 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
09:28:06.0959 4912 C:\Windows\SysWOW64\netutils.dll - ok
09:28:06.0965 4912 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
09:28:06.0965 4912 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
09:28:06.0971 4912 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
09:28:06.0971 4912 C:\Windows\System32\security.dll - ok
09:28:06.0978 4912 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
09:28:06.0978 4912 C:\Windows\System32\dssenh.dll - ok
09:28:06.0984 4912 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
09:28:06.0984 4912 C:\Windows\SysWOW64\srvcli.dll - ok
09:28:06.0990 4912 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
09:28:06.0990 4912 C:\Windows\System32\clusapi.dll - ok
09:28:07.0000 4912 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
09:28:07.0000 4912 C:\Windows\System32\resutils.dll - ok
09:28:07.0008 4912 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
09:28:07.0008 4912 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
09:28:07.0015 4912 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
09:28:07.0015 4912 C:\Windows\System32\ncobjapi.dll - ok
09:28:07.0023 4912 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
09:28:07.0023 4912 C:\Windows\System32\wbem\wbemess.dll - ok
09:28:07.0030 4912 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
09:28:07.0030 4912 C:\Windows\System32\tapisrv.dll - ok
09:28:07.0036 4912 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
09:28:07.0036 4912 C:\Windows\System32\rasmans.dll - ok
09:28:07.0042 4912 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
09:28:07.0042 4912 C:\Windows\System32\rasadhlp.dll - ok
09:28:07.0049 4912 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
09:28:07.0049 4912 C:\Windows\System32\rastapi.dll - ok
09:28:07.0055 4912 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
09:28:07.0055 4912 C:\Windows\System32\tapi32.dll - ok
09:28:07.0062 4912 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
09:28:07.0062 4912 C:\Windows\System32\unimdm.tsp - ok
09:28:07.0071 4912 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
09:28:07.0071 4912 C:\Windows\System32\uniplat.dll - ok
09:28:07.0076 4912 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
09:28:07.0076 4912 C:\Windows\System32\kmddsp.tsp - ok
09:28:07.0085 4912 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
09:28:07.0085 4912 C:\Windows\System32\ndptsp.tsp - ok
09:28:07.0094 4912 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
09:28:07.0094 4912 C:\Windows\System32\hidphone.tsp - ok
09:28:07.0101 4912 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
09:28:07.0101 4912 C:\Windows\System32\rasppp.dll - ok
09:28:07.0109 4912 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
09:28:07.0109 4912 C:\Windows\System32\vpnike.dll - ok
09:28:07.0116 4912 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
09:28:07.0116 4912 C:\Windows\SysWOW64\wkscli.dll - ok
09:28:07.0124 4912 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
09:28:07.0124 4912 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
09:28:07.0132 4912 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
09:28:07.0132 4912 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
09:28:07.0140 4912 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
09:28:07.0140 4912 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
09:28:07.0148 4912 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
09:28:07.0148 4912 C:\Windows\SysWOW64\winnsi.dll - ok
09:28:07.0155 4912 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
09:28:07.0155 4912 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
09:28:07.0163 4912 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
09:28:07.0163 4912 C:\Windows\SysWOW64\msimg32.dll - ok
09:28:07.0171 4912 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
09:28:07.0171 4912 C:\Windows\SysWOW64\wsock32.dll - ok
09:28:07.0179 4912 [ 7BFB290E8CD380FD474BF869478D000B ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll
09:28:07.0179 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll - ok
09:28:07.0186 4912 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
09:28:07.0186 4912 C:\Windows\SysWOW64\vssapi.dll - ok
09:28:07.0190 4912 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
09:28:07.0190 4912 C:\Windows\SysWOW64\atl.dll - ok
09:28:07.0197 4912 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
09:28:07.0197 4912 C:\Windows\SysWOW64\vsstrace.dll - ok
09:28:07.0203 4912 [ 326B01EDC880977E8599269F4274333F ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll
09:28:07.0203 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll - ok
09:28:07.0210 4912 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
09:28:07.0210 4912 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
09:28:07.0217 4912 [ C3D7F6870E6F4E0F31F6CA545F09D052 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll
09:28:07.0217 4912 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll - ok
09:28:07.0223 4912 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
09:28:07.0223 4912 C:\Windows\System32\raschap.dll - ok
09:28:07.0229 4912 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
09:28:07.0230 4912 C:\Windows\System32\ipnathlp.dll - ok
09:28:07.0238 4912 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
09:28:07.0238 4912 C:\Windows\System32\mprapi.dll - ok
09:28:07.0245 4912 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
09:28:07.0245 4912 C:\Windows\System32\netshell.dll - ok
09:28:07.0252 4912 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
09:28:07.0253 4912 C:\Windows\System32\ndiscapCfg.dll - ok
09:28:07.0260 4912 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
09:28:07.0260 4912 C:\Windows\System32\rascfg.dll - ok
09:28:07.0267 4912 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
09:28:07.0267 4912 C:\Windows\System32\mprmsg.dll - ok
09:28:07.0272 4912 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
09:28:07.0272 4912 C:\Windows\System32\wdi.dll - ok
09:28:07.0281 4912 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
09:28:07.0281 4912 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
09:28:07.0288 4912 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
09:28:07.0288 4912 C:\Windows\System32\diagperf.dll - ok
09:28:07.0295 4912 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
09:28:07.0296 4912 C:\Windows\System32\tcpipcfg.dll - ok
09:28:07.0303 4912 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
09:28:07.0303 4912 C:\Windows\System32\perftrack.dll - ok
09:28:07.0311 4912 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
09:28:07.0311 4912 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
09:28:07.0317 4912 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
09:28:07.0317 4912 C:\Windows\System32\wpdbusenum.dll - ok
09:28:07.0321 4912 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
09:28:07.0321 4912 C:\Windows\System32\taskhost.exe - ok
09:28:07.0328 4912 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
09:28:07.0328 4912 C:\Windows\System32\dimsjob.dll - ok
09:28:07.0334 4912 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
09:28:07.0335 4912 C:\Windows\System32\PortableDeviceApi.dll - ok
09:28:07.0341 4912 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
09:28:07.0341 4912 C:\Windows\System32\dllhost.exe - ok
09:28:07.0348 4912 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
09:28:07.0348 4912 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
09:28:07.0354 4912 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
09:28:07.0354 4912 C:\Windows\System32\pnpts.dll - ok
09:28:07.0362 4912 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
09:28:07.0362 4912 C:\Windows\System32\wdiasqmmodule.dll - ok
09:28:07.0370 4912 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
09:28:07.0370 4912 C:\Windows\System32\wer.dll - ok
09:28:07.0378 4912 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
09:28:07.0378 4912 C:\Windows\System32\IDStore.dll - ok
09:28:07.0385 4912 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
09:28:07.0385 4912 C:\Windows\System32\nci.dll - ok
09:28:07.0393 4912 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
09:28:07.0393 4912 C:\Windows\System32\wlaninst.dll - ok
09:28:07.0400 4912 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
09:28:07.0401 4912 C:\Windows\System32\wwaninst.dll - ok
09:28:07.0405 4912 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
09:28:07.0405 4912 C:\Windows\System32\Apphlpdm.dll - ok
09:28:07.0415 4912 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
09:28:07.0415 4912 C:\Windows\System32\aelupsvc.dll - ok
09:28:07.0419 4912 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
09:28:07.0419 4912 C:\Windows\System32\npmproxy.dll - ok
09:28:07.0425 4912 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
09:28:07.0425 4912 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
09:28:07.0433 4912 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{53156F28-CC09-4411-862F-63C7E2153D50}\gapaengine.dll
09:28:07.0433 4912 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{53156F28-CC09-4411-862F-63C7E2153D50}\gapaengine.dll - ok
09:28:07.0443 4912 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
09:28:07.0443 4912 C:\Windows\System32\taskeng.exe - ok
09:28:07.0447 4912 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
09:28:07.0447 4912 C:\Windows\System32\PlaySndSrv.dll - ok
09:28:07.0451 4912 [ D729084195C952B7ED14AA6DA4B44DCA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{53156F28-CC09-4411-862F-63C7E2153D50}\nisfull.vdm
09:28:07.0451 4912 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{53156F28-CC09-4411-862F-63C7E2153D50}\nisfull.vdm - ok
09:28:07.0457 4912 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
09:28:07.0457 4912 C:\Windows\System32\radardt.dll - ok
09:28:07.0464 4912 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
09:28:07.0464 4912 C:\Windows\System32\AtBroker.exe - ok
09:28:07.0470 4912 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
09:28:07.0470 4912 C:\Windows\System32\mpr.dll - ok
09:28:07.0476 4912 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
09:28:07.0476 4912 C:\Windows\System32\MsCtfMonitor.dll - ok
09:28:07.0483 4912 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
09:28:07.0483 4912 C:\Windows\System32\msutb.dll - ok
09:28:07.0488 4912 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
09:28:07.0489 4912 C:\Windows\System32\localspl.dll - ok
09:28:07.0495 4912 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
09:28:07.0495 4912 C:\Windows\System32\HotStartUserAgent.dll - ok
09:28:07.0501 4912 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
09:28:07.0501 4912 C:\Windows\System32\userinit.exe - ok
09:28:07.0507 4912 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
09:28:07.0508 4912 C:\Windows\System32\spoolss.dll - ok
09:28:07.0514 4912 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
09:28:07.0514 4912 C:\Windows\System32\PrintIsolationProxy.dll - ok
09:28:07.0520 4912 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
09:28:07.0520 4912 C:\Windows\System32\FXSMON.dll - ok
09:28:07.0526 4912 [ D2600D5000CFD439AA791E56BD763AD8 ] C:\Windows\System32\redmonnt.dll
09:28:07.0526 4912 C:\Windows\System32\redmonnt.dll - ok
09:28:07.0532 4912 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
09:28:07.0532 4912 C:\Windows\System32\dwm.exe - ok
09:28:07.0538 4912 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
09:28:07.0539 4912 C:\Windows\System32\tcpmon.dll - ok
09:28:07.0545 4912 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
09:28:07.0545 4912 C:\Windows\System32\dwmredir.dll - ok
09:28:07.0551 4912 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
09:28:07.0551 4912 C:\Windows\System32\snmpapi.dll - ok
09:28:07.0558 4912 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
09:28:07.0558 4912 C:\Windows\System32\wsnmp32.dll - ok
09:28:07.0564 4912 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
09:28:07.0564 4912 C:\Windows\System32\dwmcore.dll - ok
09:28:07.0570 4912 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
09:28:07.0570 4912 C:\Windows\System32\TSChannel.dll - ok
09:28:07.0577 4912 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
09:28:07.0577 4912 C:\Windows\System32\usbmon.dll - ok
09:28:07.0583 4912 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
09:28:07.0583 4912 C:\Windows\System32\d3d10_1.dll - ok
09:28:07.0589 4912 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
09:28:07.0590 4912 C:\Windows\System32\d3d10_1core.dll - ok
09:28:07.0596 4912 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
09:28:07.0596 4912 C:\Program Files\Windows Defender\MpClient.dll - ok
09:28:07.0602 4912 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
09:28:07.0602 4912 C:\Windows\System32\WSDMon.dll - ok
09:28:07.0609 4912 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
09:28:07.0609 4912 C:\Windows\System32\pautoenr.dll - ok
09:28:07.0615 4912 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
09:28:07.0615 4912 C:\Windows\System32\certcli.dll - ok
09:28:07.0621 4912 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
09:28:07.0621 4912 C:\Windows\System32\fdPnp.dll - ok
09:28:07.0628 4912 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
09:28:07.0628 4912 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
09:28:07.0634 4912 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
09:28:07.0634 4912 C:\Windows\System32\win32spl.dll - ok
09:28:07.0640 4912 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
09:28:07.0640 4912 C:\Windows\System32\dxgi.dll - ok
09:28:07.0647 4912 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
09:28:07.0647 4912 C:\Windows\System32\CertEnroll.dll - ok
09:28:07.0653 4912 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
09:28:07.0653 4912 C:\Windows\explorer.exe - ok
09:28:07.0659 4912 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
09:28:07.0659 4912 C:\Windows\System32\inetpp.dll - ok
09:28:07.0665 4912 [ 023DED9454F2D6F00624F12905962F87 ] C:\Windows\System32\atiuxp64.dll
09:28:07.0665 4912 C:\Windows\System32\atiuxp64.dll - ok
09:28:07.0671 4912 [ E8BF342BC2F5E2679ED94574199B4068 ] C:\Windows\System32\atidxx64.dll
09:28:07.0672 4912 C:\Windows\System32\atidxx64.dll - ok
09:28:07.0678 4912 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
09:28:07.0678 4912 C:\Windows\System32\spfileq.dll - ok
09:28:07.0684 4912 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:28:07.0684 4912 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
09:28:07.0691 4912 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
09:28:07.0691 4912 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
09:28:07.0697 4912 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
09:28:07.0697 4912 C:\Windows\System32\ExplorerFrame.dll - ok
09:28:07.0701 4912 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
09:28:07.0701 4912 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
09:28:07.0708 4912 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
09:28:07.0708 4912 C:\Windows\System32\NapiNSP.dll - ok
09:28:07.0714 4912 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
09:28:07.0714 4912 C:\Windows\System32\pnrpnsp.dll - ok
09:28:07.0720 4912 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
09:28:07.0721 4912 C:\Windows\SysWOW64\wintrust.dll - ok
09:28:07.0727 4912 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
09:28:07.0727 4912 C:\Windows\System32\winrnr.dll - ok
09:28:07.0733 4912 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
09:28:07.0733 4912 C:\Windows\SysWOW64\cscapi.dll - ok
09:28:07.0739 4912 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
09:28:07.0739 4912 C:\Windows\SysWOW64\dbghelp.dll - ok
09:28:07.0746 4912 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
09:28:07.0746 4912 C:\Windows\System32\EhStorShell.dll - ok
09:28:07.0752 4912 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
09:28:07.0752 4912 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
09:28:07.0759 4912 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
09:28:07.0759 4912 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
09:28:07.0765 4912 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
09:28:07.0765 4912 C:\Windows\System32\ntshrui.dll - ok
09:28:07.0772 4912 [ 52AB8D22229957EECD72C1A0ACBAEF76 ] C:\Program Files (x86)\File Type Assistant\tsassist.exe
09:28:07.0772 4912 C:\Program Files (x86)\File Type Assistant\tsassist.exe - ok
09:28:07.0778 4912 [ AD1D6D9736F109DBDBA254C0C74FA554 ] C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
09:28:07.0779 4912 C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe - ok
09:28:07.0784 4912 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
09:28:07.0785 4912 C:\Windows\System32\uDWM.dll - ok
09:28:07.0790 4912 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
09:28:07.0791 4912 C:\Windows\System32\IconCodecService.dll - ok
09:28:07.0797 4912 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
09:28:07.0797 4912 C:\Windows\System32\appinfo.dll - ok
09:28:07.0803 4912 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
09:28:07.0804 4912 C:\Windows\SysWOW64\mstask.dll - ok
09:28:07.0810 4912 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
09:28:07.0810 4912 C:\Windows\SysWOW64\propsys.dll - ok
09:28:07.0816 4912 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
09:28:07.0816 4912 C:\Windows\System32\runonce.exe - ok
09:28:07.0822 4912 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
09:28:07.0822 4912 C:\Windows\SysWOW64\runonce.exe - ok
09:28:07.0829 4912 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
09:28:07.0829 4912 C:\Windows\SysWOW64\cmd.exe - ok
09:28:07.0835 4912 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
09:28:07.0835 4912 C:\Windows\SysWOW64\winbrand.dll - ok
09:28:07.0841 4912 [ 37F358CBD2A1D82C56A542325DA6D368 ] C:\Windows\SysWOW64\ieframe.dll
09:28:07.0841 4912 C:\Windows\SysWOW64\ieframe.dll - ok
09:28:07.0847 4912 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
09:28:07.0848 4912 C:\Windows\SysWOW64\shdocvw.dll - ok
09:28:07.0854 4912 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Acer\AppData\Local\Temp\848E94C0-F224-4F9B-AF0B-E1904D6FD349.exe
09:28:07.0854 4912 C:\Users\Acer\AppData\Local\Temp\848E94C0-F224-4F9B-AF0B-E1904D6FD349.exe - ok
09:28:07.0860 4912 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
09:28:07.0860 4912 C:\Windows\SysWOW64\ncrypt.dll - ok
09:28:07.0866 4912 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
09:28:07.0867 4912 C:\Windows\SysWOW64\bcrypt.dll - ok
09:28:07.0872 4912 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
09:28:07.0873 4912 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
09:28:07.0879 4912 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
09:28:07.0879 4912 C:\Windows\SysWOW64\gpapi.dll - ok
09:28:07.0886 4912 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
09:28:07.0886 4912 C:\Windows\SysWOW64\cryptnet.dll - ok
09:28:07.0893 4912 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
09:28:07.0893 4912 C:\Windows\SysWOW64\SensApi.dll - ok
09:28:07.0899 4912 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
09:28:07.0899 4912 C:\Windows\SysWOW64\winhttp.dll - ok
09:28:07.0905 4912 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
09:28:07.0905 4912 C:\Windows\SysWOW64\webio.dll - ok
09:28:07.0912 4912 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
09:28:07.0912 4912 C:\Windows\SysWOW64\credssp.dll - ok
09:28:07.0918 4912 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
09:28:07.0918 4912 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
09:28:07.0924 4912 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
09:28:07.0924 4912 C:\Windows\SysWOW64\wship6.dll - ok
09:28:07.0930 4912 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
09:28:07.0931 4912 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
09:28:07.0937 4912 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
09:28:07.0937 4912 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
09:28:07.0943 4912 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
09:28:07.0943 4912 C:\Windows\SysWOW64\dnsapi.dll - ok
09:28:07.0949 4912 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
09:28:07.0949 4912 C:\Windows\SysWOW64\rasadhlp.dll - ok
09:28:07.0955 4912 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
09:28:07.0955 4912 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
09:28:07.0962 4912 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
09:28:07.0962 4912 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
09:28:07.0969 4912 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
09:28:07.0969 4912 C:\Windows\SysWOW64\EhStorShell.dll - ok
09:28:07.0975 4912 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
09:28:07.0975 4912 C:\Windows\SysWOW64\ntshrui.dll - ok
09:28:07.0981 4912 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
09:28:07.0981 4912 C:\Windows\SysWOW64\slc.dll - ok
09:28:07.0987 4912 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
09:28:07.0987 4912 C:\Windows\SysWOW64\imageres.dll - ok
09:28:07.0994 4912 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
09:28:07.0994 4912 C:\Windows\System32\SensApi.dll - ok
09:28:08.0000 4912 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
09:28:08.0000 4912 C:\Windows\SysWOW64\sfc.dll - ok
09:28:08.0006 4912 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
09:28:08.0006 4912 C:\Windows\SysWOW64\sfc_os.dll - ok
09:28:08.0012 4912 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
09:28:08.0012 4912 C:\Windows\SysWOW64\devrtl.dll - ok
09:28:08.0018 4912 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
09:28:08.0018 4912 C:\Windows\System32\iedkcs32.dll - ok
09:28:08.0024 4912 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
09:28:08.0024 4912 C:\Windows\System32\ie4uinit.exe - ok
09:28:08.0031 4912 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
09:28:08.0031 4912 C:\Windows\System32\timedate.cpl - ok
09:28:08.0037 4912 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
09:28:08.0037 4912 C:\Windows\System32\actxprxy.dll - ok
09:28:08.0043 4912 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
09:28:08.0043 4912 C:\Windows\System32\shdocvw.dll - ok
09:28:08.0049 4912 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
09:28:08.0049 4912 C:\Windows\System32\linkinfo.dll - ok
09:28:08.0055 4912 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
09:28:08.0056 4912 C:\Windows\System32\msftedit.dll - ok
09:28:08.0062 4912 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
09:28:08.0062 4912 C:\Windows\System32\gameux.dll - ok
09:28:08.0068 4912 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
09:28:08.0068 4912 C:\Windows\System32\msls31.dll - ok
09:28:08.0074 4912 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
09:28:08.0074 4912 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
09:28:08.0081 4912 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
09:28:08.0081 4912 C:\Windows\System32\DeviceCenter.dll - ok
09:28:08.0087 4912 [ 7BA914958ED15822874D21352A53CAAF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:28:08.0087 4912 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
09:28:08.0094 4912 [ 1A493ED42BA0FA488518A79C3A96B46A ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
09:28:08.0094 4912 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
09:28:08.0100 4912 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
09:28:08.0101 4912 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe - ok
09:28:08.0107 4912 [ 5A89395D7185A2B1B6A43870079D808F ] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
09:28:08.0107 4912 C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe - ok
09:28:08.0114 4912 [ E98138F7F31E477D30091B8F6ECAD350 ] C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll
09:28:08.0114 4912 C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll - ok
09:28:08.0120 4912 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
09:28:08.0120 4912 C:\Program Files\Microsoft Security Client\msseces.exe - ok
09:28:08.0127 4912 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
09:28:08.0127 4912 C:\Windows\System32\dxva2.dll - ok
09:28:08.0133 4912 [ E5C8F2AB30864C5BA0333E3046AF2784 ] C:\Program Files\Acer\Acer ePower Management\NetAdapterControl.dll
09:28:08.0133 4912 C:\Program Files\Acer\Acer ePower Management\NetAdapterControl.dll - ok
09:28:08.0139 4912 [ 6C12BD722FFC94584348DD34F4059FC5 ] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
09:28:08.0139 4912 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE - ok
09:28:08.0146 4912 [ F115967EFA00B5BD0F86A8E97D75EF95 ] C:\Program Files\Acer\Acer ePower Management\CommonControl.dll
09:28:08.0146 4912 C:\Program Files\Acer\Acer ePower Management\CommonControl.dll - ok
09:28:08.0152 4912 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
09:28:08.0153 4912 C:\Program Files\Windows Sidebar\sidebar.exe - ok
09:28:08.0159 4912 [ B22CB67919EBAD88B0E8BB9CDA446010 ] C:\Windows\System32\StikyNot.exe
09:28:08.0159 4912 C:\Windows\System32\StikyNot.exe - ok
09:28:08.0165 4912 [ 0DC4F0282238AAF4F044626B1BFBB1D4 ] C:\Windows\System32\SynCOM.dll
09:28:08.0165 4912 C:\Windows\System32\SynCOM.dll - ok
09:28:08.0171 4912 [ 0600CB2613BEA0C6C0987B58D56D77B9 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
09:28:08.0172 4912 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
09:28:08.0178 4912 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
09:28:08.0178 4912 C:\Windows\System32\msxml3.dll - ok
09:28:08.0184 4912 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
09:28:08.0184 4912 C:\Windows\System32\AudioSes.dll - ok
09:28:08.0190 4912 [ 94F80155B91B8DF7A0EAD527C853D377 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
09:28:08.0190 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe - ok
09:28:08.0197 4912 [ BE9320CEB453839E3C85615937C1D4F5 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
09:28:08.0197 4912 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
09:28:08.0200 4912 [ 10D333207797686BBAEF0E4879CB0EFC ] C:\Windows\System32\SynTPAPI.dll
09:28:08.0201 4912 C:\Windows\System32\SynTPAPI.dll - ok
09:28:08.0207 4912 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
09:28:08.0208 4912 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
09:28:08.0214 4912 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
09:28:08.0214 4912 C:\Windows\System32\consent.exe - ok
09:28:08.0221 4912 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
09:28:08.0221 4912 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
09:28:08.0228 4912 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
09:28:08.0228 4912 C:\Windows\System32\msimg32.dll - ok
09:28:08.0234 4912 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
09:28:08.0234 4912 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
09:28:08.0240 4912 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
09:28:08.0241 4912 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
09:28:08.0247 4912 [ EC760C14BC3F80399012CEC9E08A8A82 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0409\Lang.dll
09:28:08.0247 4912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0409\Lang.dll - ok
09:28:08.0254 4912 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
09:28:08.0254 4912 C:\Windows\System32\msiltcfg.dll - ok
09:28:08.0260 4912 [ AE18DCD6934D657EA0995E919FB0F4DD ] C:\Windows\System32\mshtml.dll
09:28:08.0260 4912 C:\Windows\System32\mshtml.dll - ok
09:28:08.0266 4912 [ CF2B44CBA42052EEC6A9037985392D87 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
09:28:08.0266 4912 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
09:28:08.0273 4912 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
09:28:08.0273 4912 C:\Windows\System32\msi.dll - ok
09:28:08.0280 4912 [ F7DCE54077EE9D8A351C4B1FFA866EE7 ] C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
09:28:08.0280 4912 C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - ok
09:28:08.0286 4912 [ AFAFD74780A0BB4EBE76CDE10C9CCE43 ] C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
09:28:08.0286 4912 C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll - ok
09:28:08.0293 4912 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
09:28:08.0293 4912 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
09:28:08.0299 4912 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
09:28:08.0299 4912 C:\Windows\System32\dsound.dll - ok
09:28:08.0305 4912 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
09:28:08.0306 4912 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
09:28:08.0312 4912 [ 11E8D8272FDBE213ADE3DAD91427CE35 ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
09:28:08.0312 4912 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe - ok
09:28:08.0318 4912 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
09:28:08.0318 4912 C:\Windows\System32\opengl32.dll - ok
09:28:08.0324 4912 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
09:28:08.0324 4912 C:\Windows\System32\wsock32.dll - ok
09:28:08.0331 4912 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\26714595.sys
09:28:08.0331 4912 C:\Windows\System32\drivers\26714595.sys - ok
09:28:08.0337 4912 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
09:28:08.0337 4912 C:\Windows\System32\thumbcache.dll - ok
09:28:08.0343 4912 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
09:28:08.0343 4912 C:\Windows\System32\glu32.dll - ok
09:28:08.0349 4912 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
09:28:08.0349 4912 C:\Windows\System32\ddraw.dll - ok
09:28:08.0355 4912 [ 38218E47372B77DDB3C9DDD4390CB960 ] C:\Program Files (x86)\Launch Manager\LManager.exe
09:28:08.0356 4912 C:\Program Files (x86)\Launch Manager\LManager.exe - ok
09:28:08.0362 4912 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
09:28:08.0362 4912 C:\Windows\System32\wbem\cimwin32.dll - ok
09:28:08.0369 4912 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
09:28:08.0369 4912 C:\Windows\System32\dciman32.dll - ok
09:28:08.0375 4912 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
09:28:08.0375 4912 C:\Windows\System32\oledlg.dll - ok
09:28:08.0381 4912 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
09:28:08.0381 4912 C:\Windows\System32\mstask.dll - ok
09:28:08.0387 4912 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
09:28:08.0387 4912 C:\Windows\System32\stobject.dll - ok
09:28:08.0394 4912 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
09:28:08.0394 4912 C:\Windows\System32\msimtf.dll - ok
09:28:08.0400 4912 [ ABB1B50F36CCBEF119FBEF8FDF14AD61 ] C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL
09:28:08.0400 4912 C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL - ok
09:28:08.0407 4912 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
09:28:08.0407 4912 C:\Windows\System32\esent.dll - ok
09:28:08.0413 4912 [ FB355B817AE641BBAE08607E58CB5CE2 ] C:\Windows\System32\hhctrl.ocx
09:28:08.0413 4912 C:\Windows\System32\hhctrl.ocx - ok
09:28:08.0419 4912 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
09:28:08.0419 4912 C:\Windows\SysWOW64\samcli.dll - ok
09:28:08.0425 4912 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:28:08.0425 4912 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
09:28:08.0432 4912 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
09:28:08.0432 4912 C:\Windows\System32\batmeter.dll - ok
09:28:08.0438 4912 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
09:28:08.0438 4912 C:\Windows\System32\SearchIndexer.exe - ok
09:28:08.0445 4912 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:28:08.0445 4912 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
09:28:08.0451 4912 [ 2337EC951C4AF6E1AF65D10BD9615BEB ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
09:28:08.0452 4912 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin - ok
09:28:08.0455 4912 [ 7BB6E72BC303FBBF2597413D24A96E9F ] C:\Windows\System32\RtkCfg64.dll
09:28:08.0455 4912 C:\Windows\System32\RtkCfg64.dll - ok
09:28:08.0462 4912 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
09:28:08.0462 4912 C:\Windows\SysWOW64\powrprof.dll - ok
09:28:08.0468 4912 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
09:28:08.0468 4912 C:\Windows\System32\UIAnimation.dll - ok
09:28:08.0474 4912 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
09:28:08.0474 4912 C:\Windows\SysWOW64\wlanapi.dll - ok
09:28:08.0481 4912 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
09:28:08.0481 4912 C:\Windows\System32\tquery.dll - ok
09:28:08.0487 4912 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
09:28:08.0487 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
09:28:08.0494 4912 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
09:28:08.0494 4912 C:\Windows\SysWOW64\wlanutil.dll - ok
09:28:08.0500 4912 [ D26CADF3C9EC80093156D3D8674EE15B ] C:\Windows\System32\RtkAPO64.dll
09:28:08.0500 4912 C:\Windows\System32\RtkAPO64.dll - ok
09:28:08.0506 4912 [ A07F12FA297F3F074D496B333C259AFA ] C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL
09:28:08.0506 4912 C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL - ok
09:28:08.0512 4912 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
09:28:08.0513 4912 C:\Windows\System32\mssrch.dll - ok
09:28:08.0519 4912 [ 632A6D75FEEABC846EE9AEC33345EF34 ] C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL
09:28:08.0519 4912 C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL - ok
09:28:08.0525 4912 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
09:28:08.0525 4912 C:\Windows\System32\framedynos.dll - ok
09:28:08.0532 4912 [ D2DAD71C96C113ED07F7BB79AD831C28 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:28:08.0532 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
09:28:08.0538 4912 [ 69259DD752862F5665413AFCFB4C0B0E ] C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL
09:28:08.0538 4912 C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL - ok
09:28:08.0545 4912 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
09:28:08.0545 4912 C:\Windows\System32\DXP.dll - ok
09:28:08.0551 4912 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
09:28:08.0551 4912 C:\Windows\System32\msidle.dll - ok
09:28:08.0557 4912 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
09:28:08.0557 4912 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
09:28:08.0563 4912 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
09:28:08.0564 4912 C:\Windows\System32\mssprxy.dll - ok
09:28:08.0570 4912 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
09:28:08.0570 4912 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
09:28:08.0577 4912 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
09:28:08.0577 4912 C:\Windows\System32\prnfldr.dll - ok
09:28:08.0583 4912 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
09:28:08.0583 4912 C:\Windows\System32\riched20.dll - ok
09:28:08.0589 4912 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
09:28:08.0589 4912 C:\Windows\System32\Syncreg.dll - ok
09:28:08.0595 4912 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
09:28:08.0595 4912 C:\Windows\System32\networkexplorer.dll - ok
09:28:08.0601 4912 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
09:28:08.0602 4912 C:\Windows\SysWOW64\comdlg32.dll - ok
09:28:08.0607 4912 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
09:28:08.0608 4912 C:\Windows\System32\wersvc.dll - ok
09:28:08.0618 4912 [ 0B81540A7A179F2C3A4ABF904E0B5B21 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
09:28:08.0619 4912 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
09:28:08.0622 4912 [ 80942B137077DA7D2375B3041DA9127F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
09:28:08.0622 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
09:28:08.0629 4912 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
09:28:08.0629 4912 C:\Windows\ehome\ehSSO.dll - ok
09:28:08.0635 4912 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
09:28:08.0635 4912 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
09:28:08.0641 4912 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
09:28:08.0641 4912 C:\Windows\System32\ActionCenter.dll - ok
09:28:08.0648 4912 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
09:28:08.0648 4912 C:\Windows\System32\wbem\unsecapp.exe - ok
09:28:08.0654 4912 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
09:28:08.0654 4912 C:\Windows\System32\en-US\tquery.dll.mui - ok
09:28:08.0661 4912 [ 7290A6DD34862278DF9E26D96E5A95D8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
09:28:08.0661 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
09:28:08.0668 4912 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
09:28:08.0668 4912 C:\Windows\System32\WPDShServiceObj.dll - ok
09:28:08.0674 4912 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
09:28:08.0674 4912 C:\Windows\System32\PortableDeviceTypes.dll - ok
09:28:08.0684 4912 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
09:28:08.0684 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
09:28:08.0690 4912 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
09:28:08.0690 4912 C:\Windows\System32\AltTab.dll - ok
09:28:08.0699 4912 [ F31104E717809B86FA283DDA192AB56B ] C:\Program Files (x86)\Pink Calendar\PinkCal.exe
09:28:08.0700 4912 C:\Program Files (x86)\Pink Calendar\PinkCal.exe - ok
09:28:08.0706 4912 [ 2FDFA845DCE5D6A843E413F18307561A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
09:28:08.0706 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
09:28:08.0714 4912 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
09:28:08.0714 4912 C:\Windows\System32\pnidui.dll - ok
09:28:08.0720 4912 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
09:28:08.0720 4912 C:\Windows\SysWOW64\MMDevAPI.dll - ok
09:28:08.0727 4912 [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
09:28:08.0728 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
09:28:08.0734 4912 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
09:28:08.0734 4912 C:\Windows\SysWOW64\wdmaud.drv - ok
09:28:08.0740 4912 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
09:28:08.0740 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
09:28:08.0750 4912 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
09:28:08.0750 4912 C:\Windows\SysWOW64\ksuser.dll - ok
09:28:08.0759 4912 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
09:28:08.0759 4912 C:\Windows\SysWOW64\avrt.dll - ok
09:28:08.0769 4912 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
09:28:08.0770 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
09:28:08.0778 4912 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
09:28:08.0778 4912 C:\Windows\System32\QUTIL.DLL - ok
09:28:08.0783 4912 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
09:28:08.0783 4912 C:\Windows\System32\wbem\NCProv.dll - ok
09:28:08.0789 4912 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
09:28:08.0789 4912 C:\Windows\SysWOW64\AudioSes.dll - ok
09:28:08.0796 4912 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
09:28:08.0796 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
09:28:08.0803 4912 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
09:28:08.0804 4912 C:\Windows\System32\srchadmin.dll - ok
09:28:08.0809 4912 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
09:28:08.0810 4912 C:\Windows\System32\FXSST.dll - ok
09:28:08.0817 4912 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
09:28:08.0817 4912 C:\Windows\SysWOW64\msacm32.drv - ok
09:28:08.0823 4912 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
09:28:08.0823 4912 C:\Windows\SysWOW64\msacm32.dll - ok
09:28:08.0830 4912 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
09:28:08.0831 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
09:28:08.0837 4912 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
09:28:08.0838 4912 C:\Windows\SysWOW64\midimap.dll - ok
09:28:08.0844 4912 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
09:28:08.0844 4912 C:\Windows\System32\wbem\wmiprov.dll - ok
09:28:08.0852 4912 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
09:28:08.0852 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
09:28:08.0858 4912 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
09:28:08.0858 4912 C:\Windows\System32\AudioEng.dll - ok
09:28:08.0866 4912 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
09:28:08.0866 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
09:28:08.0872 4912 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
09:28:08.0872 4912 C:\Windows\System32\AUDIOKSE.dll - ok
09:28:08.0879 4912 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
09:28:08.0879 4912 C:\Windows\System32\FXSAPI.dll - ok
09:28:08.0886 4912 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
09:28:08.0886 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
09:28:08.0892 4912 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
09:28:08.0893 4912 C:\Windows\System32\ksuser.dll - ok
09:28:08.0900 4912 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
09:28:08.0900 4912 C:\Windows\System32\FXSRESM.dll - ok
09:28:08.0907 4912 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
09:28:08.0907 4912 C:\Windows\System32\WMALFXGFXDSP.dll - ok
09:28:08.0913 4912 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
09:28:08.0914 4912 C:\Windows\System32\mfplat.dll - ok
09:28:08.0919 4912 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
09:28:08.0920 4912 C:\Windows\System32\bthprops.cpl - ok
09:28:08.0926 4912 [ 55E3C4F4D953D8518EBDC5EA9AD786CE ] C:\Windows\System32\ieframe.dll
09:28:08.0926 4912 C:\Windows\System32\ieframe.dll - ok
09:28:08.0934 4912 [ 844918E629C70EEF9C1D4CB08D630696 ] C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
09:28:08.0934 4912 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe - ok
09:28:08.0940 4912 [ EED9D3DDD65B76120EC81B670D15BB51 ] C:\Program Files\Acer\Acer ePower Management\SetAPM.exe
09:28:08.0940 4912 C:\Program Files\Acer\Acer ePower Management\SetAPM.exe - ok
09:28:08.0947 4912 [ AEAA1918C8603ED6E263A6646D6E9316 ] C:\Program Files\Acer\Acer ePower Management\SysHook.dll
09:28:08.0947 4912 C:\Program Files\Acer\Acer ePower Management\SysHook.dll - ok
09:28:08.0954 4912 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
09:28:08.0954 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
09:28:08.0958 4912 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
09:28:08.0958 4912 C:\Windows\System32\FXSSVC.exe - ok
09:28:08.0965 4912 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
09:28:08.0965 4912 C:\Windows\System32\rasdlg.dll - ok
09:28:08.0972 4912 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
09:28:08.0972 4912 C:\Windows\System32\dot3api.dll - ok
09:28:08.0978 4912 [ 25B50D384D3B6EBC782DC544502AB373 ] C:\Windows\System32\jscript.dll
09:28:08.0978 4912 C:\Windows\System32\jscript.dll - ok
09:28:08.0984 4912 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
09:28:08.0984 4912 C:\Windows\System32\wlanhlp.dll - ok
09:28:08.0990 4912 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
09:28:08.0990 4912 C:\Windows\System32\WWanAPI.dll - ok
09:28:08.0997 4912 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
09:28:08.0997 4912 C:\Windows\System32\wwapi.dll - ok
09:28:09.0004 4912 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
09:28:09.0004 4912 C:\Windows\System32\QAGENT.DLL - ok
09:28:09.0010 4912 [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\Windows\System32\LocationApi.dll
09:28:09.0010 4912 C:\Windows\System32\LocationApi.dll - ok
09:28:09.0018 4912 [ 9111354A308612483F8DA995A1DD1835 ] C:\Windows\System32\SensorsApi.dll
09:28:09.0018 4912 C:\Windows\System32\SensorsApi.dll - ok
09:28:09.0024 4912 [ F60B6FA0D353DD31A59E86D3D3FD8066 ] C:\Windows\System32\imgutil.dll
09:28:09.0024 4912 C:\Windows\System32\imgutil.dll - ok
09:28:09.0031 4912 [ 0728937194E98613051F4A72C7F1D4BF ] C:\Windows\System32\pngfilt.dll
09:28:09.0031 4912 C:\Windows\System32\pngfilt.dll - ok
09:28:09.0038 4912 [ 5CBD234B2F50F8CEBE1DA6A0E516B187 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
09:28:09.0038 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll - ok
09:28:09.0045 4912 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
09:28:09.0045 4912 C:\Windows\System32\mlang.dll - ok
09:28:09.0052 4912 [ 43600D39FA6DF51D90DF04D905BE4142 ] C:\Windows\System32\vbscript.dll
09:28:09.0052 4912 C:\Windows\System32\vbscript.dll - ok
09:28:09.0058 4912 [ 77DC1730503052CBB554FB2E67E760C0 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
09:28:09.0058 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll - ok
09:28:09.0065 4912 [ 671194B1BDC9EA7D4477B76D85B416D7 ] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
09:28:09.0065 4912 C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll - ok
09:28:09.0071 4912 [ 691771D7570A53130E7E885D8266E6C0 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
09:28:09.0071 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
09:28:09.0078 4912 [ 2E76FF14C5987BE45AB65A91332E3C58 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
09:28:09.0078 4912 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
09:28:09.0085 4912 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
09:28:09.0085 4912 C:\Windows\System32\wdmaud.drv - ok
09:28:09.0092 4912 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
09:28:09.0092 4912 C:\Windows\System32\msacm32.drv - ok
09:28:09.0098 4912 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
09:28:09.0099 4912 C:\Windows\System32\msacm32.dll - ok
09:28:09.0105 4912 [ DE0F0FA01E5BCBA71D84D58EA891FE52 ] C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
09:28:09.0105 4912 C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll - ok
09:28:09.0112 4912 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
09:28:09.0112 4912 C:\Windows\System32\midimap.dll - ok
09:28:09.0119 4912 [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll
09:28:09.0120 4912 C:\Windows\System32\zipfldr.dll - ok
09:28:09.0126 4912 [ DE9F2C467CC07190E1E178C64DC11968 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
09:28:09.0126 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok
09:28:09.0133 4912 [ 99992605023A4A5DC1B241BC0F744301 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
09:28:09.0133 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok
09:28:09.0140 4912 [ B7730A85438CAD990117E5E4A97233CF ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
09:28:09.0140 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll - ok
09:28:09.0147 4912 [ E389EA130C4A9A4DBA0F138222261056 ] C:\Program Files\SUPERAntiSpyware\SSUpdate64.exe
09:28:09.0147 4912 C:\Program Files\SUPERAntiSpyware\SSUpdate64.exe - ok
09:28:09.0154 4912 [ A53F59BC46766CE79E407AB6F451100D ] C:\Program Files (x86)\Launch Manager\WND2FILE.DLL
09:28:09.0154 4912 C:\Program Files (x86)\Launch Manager\WND2FILE.DLL - ok
09:28:09.0160 4912 [ 0B667C84F35697A3B4EC1F9EBBAFB4B1 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
09:28:09.0160 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok
09:28:09.0168 4912 [ 71FC112959B07D686E71541BD9D4F237 ] C:\Program Files (x86)\Launch Manager\PowerUtl.dll
09:28:09.0168 4912 C:\Program Files (x86)\Launch Manager\PowerUtl.dll - ok
09:28:09.0174 4912 [ 2D0157B482115B37F1D84D69A22790D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
09:28:09.0175 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
09:28:09.0182 4912 [ 3ED8EDA0FE2F045EFB0B308E94714CBF ] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
09:28:09.0182 4912 C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok
09:28:09.0188 4912 [ D55EEB24B3F5054649341A9AFE258090 ] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
09:28:09.0188 4912 C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll - ok
09:28:09.0194 4912 [ B49A2ACA3D742A0ACED30143EB5DD3B6 ] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
09:28:09.0195 4912 C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll - ok
09:28:09.0203 4912 [ 415AE0E1D863118F00DE540512549ED6 ] C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
09:28:09.0203 4912 C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll - ok
09:28:09.0210 4912 [ 20D30D8717E9DFF90224B5AB37410D9D ] C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL
09:28:09.0210 4912 C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL - ok
09:28:09.0215 4912 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
09:28:09.0215 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
09:28:09.0222 4912 [ 6F27B407BEBA27AA9DE992C56F997AAF ] C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
09:28:09.0222 4912 C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll - ok
09:28:09.0229 4912 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
09:28:09.0229 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
09:28:09.0236 4912 [ E8F932E855CBF23ED4632439A35E7354 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
09:28:09.0236 4912 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
09:28:09.0243 4912 [ FD5A0A28AAEA0421039242A9D592212B ] C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL
09:28:09.0243 4912 C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL - ok
09:28:09.0250 4912 [ 7F9F3DCBEF217715307E3A8CC28FA768 ] C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll
09:28:09.0251 4912 C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll - ok
09:28:09.0256 4912 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
09:28:09.0257 4912 C:\Windows\System32\mf.dll - ok
09:28:09.0263 4912 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
09:28:09.0263 4912 C:\Windows\SysWOW64\riched20.dll - ok
09:28:09.0270 4912 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
09:28:09.0270 4912 C:\Windows\System32\SearchProtocolHost.exe - ok
09:28:09.0276 4912 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
09:28:09.0276 4912 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
09:28:09.0284 4912 [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll
09:28:09.0284 4912 C:\Windows\System32\webcheck.dll - ok
09:28:09.0290 4912 [ 18C15258F1F013FA341B2C56E3805D5B ] C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
09:28:09.0290 4912 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe - ok
09:28:09.0297 4912 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
09:28:09.0297 4912 C:\Windows\System32\SyncCenter.dll - ok
09:28:09.0304 4912 [ F0F05608DFE83D6C3E495FE41FC79B05 ] C:\Program Files (x86)\Launch Manager\aipflib.dll
09:28:09.0304 4912 C:\Program Files (x86)\Launch Manager\aipflib.dll - ok
09:28:09.0310 4912 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
09:28:09.0310 4912 C:\Windows\SysWOW64\winsta.dll - ok
09:28:09.0317 4912 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
09:28:09.0317 4912 C:\Windows\SysWOW64\duser.dll - ok
09:28:09.0323 4912 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
09:28:09.0324 4912 C:\Windows\System32\msshooks.dll - ok
09:28:09.0330 4912 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
09:28:09.0330 4912 C:\Windows\SysWOW64\dui70.dll - ok
09:28:09.0337 4912 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
09:28:09.0337 4912 C:\Windows\System32\SearchFilterHost.exe - ok
09:28:09.0343 4912 [ 49154B3C86676049CA9F800CA7F4C2B7 ] C:\Program Files (x86)\Launch Manager\MMDUtl.dll
09:28:09.0343 4912 C:\Program Files (x86)\Launch Manager\MMDUtl.dll - ok
09:28:09.0351 4912 [ 1DB860CA1C72B0B953B9555BB390E554 ] C:\Program Files (x86)\Launch Manager\LMworker.exe
09:28:09.0351 4912 C:\Program Files (x86)\Launch Manager\LMworker.exe - ok
09:28:09.0358 4912 [ 4879B16C91F56DCA20DDC598A96D476D ] C:\Program Files (x86)\Launch Manager\LmSmbKel.dll
09:28:09.0358 4912 C:\Program Files (x86)\Launch Manager\LmSmbKel.dll - ok
09:28:09.0365 4912 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
09:28:09.0365 4912 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
09:28:09.0373 4912 [ BA13A771C46D5AAB61F80804A394E2D0 ] C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
09:28:09.0373 4912 C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll - ok
09:28:09.0380 4912 [ 7F8FBA5E762BC653641C66305788AD5C ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
09:28:09.0380 4912 C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok
09:28:09.0387 4912 [ 063F592B4C0AE7F786BC1A1460FB380E ] C:\Program Files (x86)\Launch Manager\VistaVol.dll
09:28:09.0388 4912 C:\Program Files (x86)\Launch Manager\VistaVol.dll - ok
09:28:09.0394 4912 [ A4334AA4F6AE2CB5639B806ECE67D68F ] C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
09:28:09.0394 4912 C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll - ok
09:28:09.0402 4912 [ 5A93458F3F3FA24F1CE5DC99E6B19253 ] C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
09:28:09.0402 4912 C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll - ok
09:28:09.0408 4912 [ 07BDE9690FDC796705E8BB811F61237B ] C:\Program Files (x86)\Launch Manager\NTKCUtl.dll
09:28:09.0408 4912 C:\Program Files (x86)\Launch Manager\NTKCUtl.dll - ok
09:28:09.0417 4912 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
09:28:09.0417 4912 C:\Windows\System32\imapi2.dll - ok
09:28:09.0422 4912 [ 4860790FA0F039A2C094BE4BF0CC5858 ] C:\Program Files (x86)\Launch Manager\CdDirIo.dll
09:28:09.0422 4912 C:\Program Files (x86)\Launch Manager\CdDirIo.dll - ok
09:28:09.0428 4912 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
09:28:09.0428 4912 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
09:28:09.0435 4912 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
09:28:09.0435 4912 C:\Windows\SysWOW64\wbemcomn.dll - ok
09:28:09.0441 4912 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
09:28:09.0441 4912 C:\Windows\System32\hgcpl.dll - ok
09:28:09.0448 4912 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
09:28:09.0448 4912 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
09:28:09.0455 4912 [ 42D4B9EC5487E9E32D2C11A4D00BA1E0 ] C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
09:28:09.0455 4912 C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll - ok
09:28:09.0461 4912 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
09:28:09.0461 4912 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
09:28:09.0466 4912 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
09:28:09.0466 4912 C:\Windows\SysWOW64\ntdsapi.dll - ok
09:28:09.0473 4912 [ 2725D1F308C4F4C842170401C8E7E745 ] C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
09:28:09.0473 4912 C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll - ok
09:28:09.0480 4912 [ 67ECE58796DC9139C4B8FA7C84F14880 ] C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
09:28:09.0480 4912 C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll - ok
09:28:09.0487 4912 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
09:28:09.0487 4912 C:\Windows\System32\wmploc.DLL - ok
09:28:09.0493 4912 [ 40CD4EC15CB9E12BE86A25FBCD3DC642 ] C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
09:28:09.0493 4912 C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll - ok
09:28:09.0501 4912 [ 102B70E4699472C3BE3BAF58ECB9D3D6 ] C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
09:28:09.0501 4912 C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll - ok
09:28:09.0507 4912 [ 2F06831BA2E8C744FC1BFC79C994BB0F ] C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
09:28:09.0507 4912 C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll - ok
09:28:09.0515 4912 [ 5D38014295E67F610DEA3EC2134BD9EC ] C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
09:28:09.0515 4912 C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll - ok
09:28:09.0521 4912 [ C4E5A15CC96C0B54C17EF05C1B58B46B ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
09:28:09.0521 4912 C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll - ok
09:28:09.0530 4912 [ 2606E3C5E63C23562560C820DB22A480 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
09:28:09.0530 4912 C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll - ok
09:28:09.0538 4912 [ E2E5DA33E3A5F4A9DFD2F5AAA3E4BA8D ] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
09:28:09.0538 4912 C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll - ok
09:28:09.0544 4912 [ C1D9E25FC988516DF703D6E12ACA915F ] C:\Program Files\Internet Explorer\ieproxy.dll
09:28:09.0544 4912 C:\Program Files\Internet Explorer\ieproxy.dll - ok
09:28:09.0552 4912 [ 237A6C6BAAD638608F1B38EDA9E480B6 ] C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
09:28:09.0552 4912 C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe - ok
09:28:09.0558 4912 [ 38825630080ED85C372B7ABFD51B8422 ] C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
09:28:09.0559 4912 C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll - ok
09:28:09.0566 4912 [ 642D2DD00D5033576B481A212B5F17E7 ] C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
09:28:09.0566 4912 C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll - ok
09:28:09.0573 4912 [ 0F5AC8E98E6471EA6F00D0604C1AC218 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
09:28:09.0573 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok
09:28:09.0580 4912 [ 2E00964233309384B953EA4DC39E33E2 ] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
09:28:09.0580 4912 C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll - ok
09:28:09.0587 4912 [ 99AF7D470D7290DD31C1FABC569509CD ] C:\Program Files\GIMP 2\bin\gimp-2.8.exe
09:28:09.0587 4912 C:\Program Files\GIMP 2\bin\gimp-2.8.exe - ok
09:28:09.0593 4912 [ F0395121A1F819F5CD35DAA730A64DAD ] C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll
09:28:09.0594 4912 C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll - ok
09:28:09.0601 4912 [ 7C27F5AD651035A99AA84CCF0F6E9B43 ] C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll
09:28:09.0601 4912 C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll - ok
09:28:09.0607 4912 [ 52AB36DE2F536F09BFD432680F67B0DC ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
09:28:09.0607 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll - ok
09:28:09.0614 4912 [ 215D00C90EF51771A0C7DF12880EC496 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
09:28:09.0614 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok
09:28:09.0621 4912 [ 8A7B16860461524D89F1A641DCDE7128 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
09:28:09.0621 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll - ok
09:28:09.0628 4912 [ 8D11B4A80C367AC5109F8F8FF7BA1E5C ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
09:28:09.0628 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll - ok
09:28:09.0636 4912 [ 5B15C444E4CF7855F2DFD111B5BF1C5E ] C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
09:28:09.0637 4912 C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll - ok
09:28:09.0642 4912 [ 6818BCE3980814C81896EB0047BDB6D1 ] C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
09:28:09.0642 4912 C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll - ok
09:28:09.0649 4912 [ 8F28598B1248B7E2FDF1D46AC4A22FB6 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
09:28:09.0650 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok
09:28:09.0656 4912 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
09:28:09.0656 4912 C:\Windows\SysWOW64\Faultrep.dll - ok
09:28:09.0662 4912 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
09:28:09.0662 4912 C:\Windows\SysWOW64\wer.dll - ok
09:28:09.0669 4912 [ CA130736477A2922AC451DCDA1AF82DB ] C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
09:28:09.0670 4912 C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll - ok
09:28:09.0676 4912 [ 61E72869C295BE87EC96977C752E71AE ] C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll
09:28:09.0676 4912 C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll - ok
09:28:09.0683 4912 [ 78B4E623DD2331CA1D901FB7377D3FC3 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
09:28:09.0683 4912 C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll - ok
09:28:09.0690 4912 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
09:28:09.0690 4912 C:\Windows\System32\mssph.dll - ok
09:28:09.0697 4912 [ 5D1AD852620BAE0402753FD7E29D1E58 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
09:28:09.0697 4912 C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll - ok
09:28:09.0703 4912 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
09:28:09.0703 4912 C:\Windows\System32\mapi32.dll - ok
09:28:09.0710 4912 [ 49496A4F0C0168D272A25D4DEF83AF2C ] C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
09:28:09.0710 4912 C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll - ok
09:28:09.0714 4912 [ 7C1FC871DBE749F75C0904E758EBD816 ] C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
09:28:09.0714 4912 C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll - ok
09:28:09.0722 4912 [ B70E04971E6ABCDE724FA453FCDDDD99 ] C:\Program Files (x86)\OpenOffice.org 3\program\filterconfig1.dll
09:28:09.0722 4912 C:\Program Files (x86)\OpenOffice.org 3\program\filterconfig1.dll - ok
09:28:09.0729 4912 [ CF465E01DF3FA34569746431D2194C3E ] C:\Program Files (x86)\OpenOffice.org 3\program\svxmi.dll
09:28:09.0729 4912 C:\Program Files (x86)\OpenOffice.org 3\program\svxmi.dll - ok
09:28:09.0737 4912 [ D7AE8F8C48E19F717A5F6AC76F646B9C ] C:\Program Files (x86)\OpenOffice.org 3\program\editengmi.dll
09:28:09.0738 4912 C:\Program Files (x86)\OpenOffice.org 3\program\editengmi.dll - ok
09:28:09.0744 4912 [ 2521FC21CD446D251E67075218CAFDC3 ] C:\Program Files (x86)\OpenOffice.org 3\program\xomi.dll
09:28:09.0744 4912 C:\Program Files (x86)\OpenOffice.org 3\program\xomi.dll - ok
09:28:09.0751 4912 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
09:28:09.0751 4912 C:\Windows\System32\Query.dll - ok
09:28:09.0757 4912 [ EB843974078F6985B504EABD50C6FBA2 ] C:\Program Files (x86)\OpenOffice.org 3\program\lngmi.dll
09:28:09.0758 4912 C:\Program Files (x86)\OpenOffice.org 3\program\lngmi.dll - ok
09:28:09.0765 4912 [ BD7E0E50C61C1936B28B8843B960972F ] C:\Program Files (x86)\OpenOffice.org 3\program\svxcoremi.dll
09:28:09.0765 4912 C:\Program Files (x86)\OpenOffice.org 3\program\svxcoremi.dll - ok
09:28:09.0772 4912 [ 033026ADE6616E1FCF6C0D5FBD5B7311 ] C:\Program Files (x86)\OpenOffice.org 3\program\avmediami.dll
09:28:09.0772 4912 C:\Program Files (x86)\OpenOffice.org 3\program\avmediami.dll - ok
09:28:09.0778 4912 [ DE60C6F59F63121D087835FF49F54BCF ] C:\Program Files (x86)\OpenOffice.org 3\program\drawinglayermi.dll
09:28:09.0778 4912 C:\Program Files (x86)\OpenOffice.org 3\program\drawinglayermi.dll - ok
09:28:09.0786 4912 [ C97AC445ED7806B9337A4740BC139C79 ] C:\Program Files (x86)\OpenOffice.org 3\program\canvastoolsmi.dll
09:28:09.0786 4912 C:\Program Files (x86)\OpenOffice.org 3\program\canvastoolsmi.dll - ok
09:28:09.0793 4912 [ 3520E7473FE3F33C30F8BC4E0F55ABC7 ] C:\Program Files (x86)\OpenOffice.org 3\program\aggmi.dll
09:28:09.0793 4912 C:\Program Files (x86)\OpenOffice.org 3\program\aggmi.dll - ok
09:28:09.0800 4912 [ 139B0A3A235477A6D64B07253B4EC34D ] C:\Program Files (x86)\OpenOffice.org 3\program\cppcanvasmi.dll
09:28:09.0800 4912 C:\Program Files (x86)\OpenOffice.org 3\program\cppcanvasmi.dll - ok
09:28:09.0807 4912 [ FC7557D4968916CC1D834BA5E7E32053 ] C:\Program Files (x86)\OpenOffice.org 3\program\package2.dll
09:28:09.0807 4912 C:\Program Files (x86)\OpenOffice.org 3\program\package2.dll - ok
09:28:09.0814 4912 [ 181B2891408130B49E0028E718F28CC2 ] C:\Program Files (x86)\OpenOffice.org 3\program\dnd.dll
09:28:09.0814 4912 C:\Program Files (x86)\OpenOffice.org 3\program\dnd.dll - ok
09:28:09.0821 4912 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
09:28:09.0821 4912 C:\Windows\System32\qmgr.dll - ok
09:28:09.0827 4912 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
09:28:09.0827 4912 C:\Windows\System32\bitsperf.dll - ok
09:28:09.0834 4912 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
09:28:09.0834 4912 C:\Windows\System32\bitsigd.dll - ok
09:28:09.0839 4912 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
09:28:09.0840 4912 C:\Windows\System32\upnp.dll - ok
09:28:09.0846 4912 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
09:28:09.0846 4912 C:\Windows\System32\ssdpsrv.dll - ok
09:28:09.0852 4912 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:28:09.0853 4912 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
09:28:09.0859 4912 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
09:28:09.0859 4912 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
09:28:09.0866 4912 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
09:28:09.0866 4912 C:\Windows\SysWOW64\mscoree.dll - ok
09:28:09.0873 4912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:28:09.0873 4912 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
09:28:09.0879 4912 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
09:28:09.0879 4912 C:\Windows\System32\msvcr100_clr0400.dll - ok
09:28:09.0887 4912 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
09:28:09.0887 4912 C:\Windows\System32\FntCache.dll - ok
09:28:09.0893 4912 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
09:28:09.0893 4912 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
09:28:09.0901 4912 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
09:28:09.0901 4912 C:\Windows\System32\sppsvc.exe - ok
09:28:09.0906 4912 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
09:28:09.0906 4912 C:\Windows\System32\drivers\spsys.sys - ok
09:28:09.0913 4912 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
09:28:09.0913 4912 C:\Windows\System32\wscsvc.dll - ok
09:28:09.0920 4912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
09:28:09.0920 4912 C:\Windows\System32\wuaueng.dll - ok
09:28:09.0926 4912 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
09:28:09.0926 4912 C:\Windows\System32\mspatcha.dll - ok
09:28:09.0933 4912 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
09:28:09.0934 4912 C:\Windows\System32\wuapi.dll - ok
09:28:09.0941 4912 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
09:28:09.0941 4912 C:\Windows\System32\wups.dll - ok
09:28:09.0949 4912 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
09:28:09.0949 4912 C:\Windows\System32\wups2.dll - ok
09:28:09.0954 4912 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
09:28:09.0954 4912 C:\Windows\System32\sppwinob.dll - ok
09:28:09.0960 4912 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
09:28:09.0960 4912 C:\Windows\System32\sppobjs.dll - ok
09:28:09.0967 4912 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
09:28:09.0968 4912 C:\Windows\System32\wscisvif.dll - ok
09:28:09.0974 4912 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
09:28:09.0974 4912 C:\Windows\System32\wscproxystub.dll - ok
09:28:09.0981 4912 [ 3700DCF541D592B004BDDC1DF7CB311D ] C:\Program Files (x86)\OpenOffice.org 3\program\uuimi.dll
09:28:09.0981 4912 C:\Program Files (x86)\OpenOffice.org 3\program\uuimi.dll - ok
09:28:09.0989 4912 [ 3DC46F2DC70DD44257824A7F1BBDA6F9 ] C:\Program Files (x86)\OpenOffice.org 3\program\localedata_en.dll
09:28:09.0989 4912 C:\Program Files (x86)\OpenOffice.org 3\program\localedata_en.dll - ok
09:28:09.0995 4912 [ D9DDDA9B89E9484ACB9F551D87A51135 ] C:\Program Files (x86)\OpenOffice.org 3\program\swmi.dll
09:28:09.0995 4912 C:\Program Files (x86)\OpenOffice.org 3\program\swmi.dll - ok
09:28:10.0003 4912 [ 989C3C1BD2505BC8B7078F7B73C18364 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reflection.uno.dll
09:28:10.0003 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reflection.uno.dll - ok
09:28:10.0010 4912 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
09:28:10.0010 4912 C:\Windows\SysWOW64\nlaapi.dll - ok
09:28:10.0017 4912 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
09:28:10.0017 4912 C:\Windows\SysWOW64\NapiNSP.dll - ok
09:28:10.0023 4912 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
09:28:10.0023 4912 C:\Windows\SysWOW64\pnrpnsp.dll - ok
09:28:10.0029 4912 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
09:28:10.0029 4912 C:\Windows\SysWOW64\winrnr.dll - ok
09:28:10.0037 4912 [ B41B15BD92FE8CEF5D47B9CC37E31B3F ] C:\Program Files (x86)\OpenOffice.org 3\program\fileacc.dll
09:28:10.0038 4912 C:\Program Files (x86)\OpenOffice.org 3\program\fileacc.dll - ok
09:28:10.0044 4912 [ 37367D2DAA74C9C3D6B4D157A81FB974 ] C:\Program Files (x86)\OpenOffice.org 3\program\xstor.dll
09:28:10.0044 4912 C:\Program Files (x86)\OpenOffice.org 3\program\xstor.dll - ok
09:28:10.0052 4912 [ C3724E339F53162BC72FFBD449723877 ] C:\Program Files (x86)\OpenOffice.org 3\program\sax.uno.dll
09:28:10.0052 4912 C:\Program Files (x86)\OpenOffice.org 3\program\sax.uno.dll - ok
09:28:10.0062 4912 [ 44CD4824018167D21FCC5466DA5E0363 ] C:\Program Files (x86)\OpenOffice.org 3\program\unordfmi.dll
09:28:10.0062 4912 C:\Program Files (x86)\OpenOffice.org 3\program\unordfmi.dll - ok
09:28:10.0066 4912 [ 101E67B173803D8BCB01882AD7FF6490 ] C:\Program Files (x86)\OpenOffice.org 3\program\librdf.dll
09:28:10.0066 4912 C:\Program Files (x86)\OpenOffice.org 3\program\librdf.dll - ok
09:28:10.0073 4912 [ 1683C93D7F3F51DB9C8E6BA59D4AD243 ] C:\Program Files (x86)\OpenOffice.org 3\program\libeay32.dll
09:28:10.0073 4912 C:\Program Files (x86)\OpenOffice.org 3\program\libeay32.dll - ok
09:28:10.0079 4912 [ 2BB168F38E57D1B6B4026E505D842817 ] C:\Program Files (x86)\OpenOffice.org 3\program\raptor.dll
09:28:10.0080 4912 C:\Program Files (x86)\OpenOffice.org 3\program\raptor.dll - ok
09:28:10.0087 4912 [ 67F613BE22EA1C2D1D2DB21B781D05CB ] C:\Program Files (x86)\OpenOffice.org 3\program\rasqal.dll
09:28:10.0087 4912 C:\Program Files (x86)\OpenOffice.org 3\program\rasqal.dll - ok
09:28:10.0094 4912 [ 5AFADD7224029D901C82C37B8858860A ] C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
09:28:10.0094 4912 C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll - ok
09:28:10.0102 4912 [ 4BD22C3731FE01793246E5B401FB2CCF ] C:\Program Files (x86)\OpenOffice.org 3\program\unoxmlmi.dll
09:28:10.0102 4912 C:\Program Files (x86)\OpenOffice.org 3\program\unoxmlmi.dll - ok
09:28:10.0109 4912 [ FCE8B78E2EB86D6BA6D05BA70B464D61 ] C:\Program Files (x86)\OpenOffice.org 3\program\xmlsecurity.dll
09:28:10.0109 4912 C:\Program Files (x86)\OpenOffice.org 3\program\xmlsecurity.dll - ok
09:28:10.0116 4912 [ A6014CA5CE95BE697A0E7AD9870BEA0C ] C:\Program Files (x86)\OpenOffice.org 3\program\sysdtrans.dll
09:28:10.0116 4912 C:\Program Files (x86)\OpenOffice.org 3\program\sysdtrans.dll - ok
09:28:10.0124 4912 [ B816108D12C8CCF80A62FA3A25B5E8E8 ] C:\Program Files (x86)\OpenOffice.org 3\program\fsstorage.uno.dll
09:28:10.0124 4912 C:\Program Files (x86)\OpenOffice.org 3\program\fsstorage.uno.dll - ok
09:28:10.0130 4912 [ 9DF21887DD7D78D8DFE82BFC99A67618 ] C:\PROGRA~2\McAfee\SITEAD~1\x64\MCSACO~1.DLL
09:28:10.0130 4912 C:\PROGRA~2\McAfee\SITEAD~1\x64\MCSACO~1.DLL - ok
09:28:10.0138 4912 [ 1331DE33E634035CA0825071794B9436 ] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmi.uno.dll
09:28:10.0138 4912 C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmi.uno.dll - ok
09:28:10.0145 4912 [ 1B81EC2A56F08F968156BE22513B0A62 ] C:\Program Files (x86)\OpenOffice.org 3\program\helplinkermi.dll
09:28:10.0145 4912 C:\Program Files (x86)\OpenOffice.org 3\program\helplinkermi.dll - ok
09:28:10.0153 4912 [ F7AD5E2489BA1F8CE02EE156E0C317C7 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucpexpand1.uno.dll
09:28:10.0153 4912 C:\Program Files (x86)\OpenOffice.org 3\program\ucpexpand1.uno.dll - ok
09:28:10.0159 4912 [ 71AEFD368C3D68CC07AAB3B3588261D9 ] C:\Program Files (x86)\OpenOffice.org 3\program\spellmi.dll
09:28:10.0159 4912 C:\Program Files (x86)\OpenOffice.org 3\program\spellmi.dll - ok
09:28:10.0166 4912 [ 6851A2FB9F5B5B7B232AA009DF7390EB ] C:\Program Files (x86)\OpenOffice.org 3\program\hyphenmi.dll
09:28:10.0166 4912 C:\Program Files (x86)\OpenOffice.org 3\program\hyphenmi.dll - ok
09:28:10.0173 4912 [ 54439C0C35DD24A0868857D27A259549 ] C:\Program Files (x86)\OpenOffice.org 3\program\lnthmi.dll
09:28:10.0173 4912 C:\Program Files (x86)\OpenOffice.org 3\program\lnthmi.dll - ok
09:28:10.0179 4912 [ DE71AB65E33A847E525D898D796B2AA2 ] C:\Windows\SysWOW64\atiadlxy.dll
09:28:10.0179 4912 C:\Windows\SysWOW64\atiadlxy.dll - ok
09:28:10.0186 4912 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
09:28:10.0186 4912 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
09:28:10.0192 4912 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
09:28:10.0192 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
09:28:10.0199 4912 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
09:28:10.0200 4912 C:\Windows\System32\shfolder.dll - ok
09:28:10.0206 4912 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
09:28:10.0207 4912 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
09:28:10.0213 4912 [ D80C7C0187B77BF2EB4BEA7777D9DF59 ] C:\Program Files (x86)\OpenOffice.org 3\program\updchk.uno.dll
09:28:10.0213 4912 C:\Program Files (x86)\OpenOffice.org 3\program\updchk.uno.dll - ok
09:28:10.0218 4912 [ E63EAF09FC29954D7F8EAB2DEF495062 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll
09:28:10.0218 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll - ok
09:28:10.0225 4912 [ C490C15D634FE80858F9951DB4B39E55 ] C:\Program Files (x86)\OpenOffice.org 3\program\libcurl.dll
09:28:10.0225 4912 C:\Program Files (x86)\OpenOffice.org 3\program\libcurl.dll - ok
09:28:10.0232 4912 [ CE3E148BB776CB51A366E69ACC3A70A1 ] C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
09:28:10.0232 4912 C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll - ok
09:28:10.0239 4912 [ E178E79270BAC0225DBECB3FCC32F059 ] C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
09:28:10.0240 4912 C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll - ok
09:28:10.0246 4912 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
09:28:10.0246 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
09:28:10.0253 4912 [ 3A9E2C1BDD67F49B1567056494ECB30B ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\introspection.uno.dll
09:28:10.0253 4912 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\introspection.uno.dll - ok
09:28:10.0260 4912 [ 79AA73BAAD7E444B3D7BB4F211CDDB4B ] C:\Program Files (x86)\OpenOffice.org 3\program\swdmi.dll
09:28:10.0260 4912 C:\Program Files (x86)\OpenOffice.org 3\program\swdmi.dll - ok
09:28:10.0267 4912 [ 74F58BABEB4EF5392884EE122746C849 ] C:\Program Files (x86)\OpenOffice.org 3\program\ftransl.dll
09:28:10.0268 4912 C:\Program Files (x86)\OpenOffice.org 3\program\ftransl.dll - ok
09:28:10.0275 4912 [ 39BA34FF9A6CF4559B6CE487B8A0C6C0 ] C:\Program Files (x86)\OpenOffice.org 3\program\mcnttype.dll
09:28:10.0275 4912 C:\Program Files (x86)\OpenOffice.org 3\program\mcnttype.dll - ok
09:28:10.0282 4912 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
09:28:10.0282 4912 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
09:28:10.0288 4912 [ C087B48F2FA304B653FE0D99B4BA10F7 ] C:\Windows\System32\atipdl64.dll
09:28:10.0288 4912 C:\Windows\System32\atipdl64.dll - ok
09:28:10.0295 4912 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
09:28:10.0295 4912 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
09:28:10.0303 4912 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
09:28:10.0303 4912 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
09:28:10.0309 4912 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
09:28:10.0309 4912 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
09:28:10.0316 4912 [ C2EFE31691B0220BA2D366F6ECD9EEBC ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
09:28:10.0316 4912 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
09:28:10.0323 4912 [ 4D8CAE21D3617DBC539F0A7ACEB66FAD ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
09:28:10.0323 4912 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
09:28:10.0329 4912 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
09:28:10.0329 4912 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
09:28:10.0337 4912 [ 2D64A5315260AAD1D6BEEE65D2681DB3 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
09:28:10.0337 4912 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
09:28:10.0343 4912 [ 6F255F96534FCF5FF4B611B52C1AB813 ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
09:28:10.0343 4912 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
09:28:10.0350 4912 [ 6B85D6ADEF244F9077BD7874610574A9 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
09:28:10.0350 4912 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
09:28:10.0357 4912 [ 15A9691C1F00631BC5475CEEF9A6EA62 ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
09:28:10.0357 4912 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
09:28:10.0363 4912 [ 0206166F245BE09DC9C1550AFB2C0B8D ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
09:28:10.0363 4912 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
09:28:10.0371 4912 [ 9F135327116E63D522BFEF39F37CB2E6 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
09:28:10.0371 4912 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
09:28:10.0377 4912 [ F5720ED4EEA3D62A3C9AF0950F2B7D23 ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
09:28:10.0377 4912 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
09:28:10.0384 4912 [ 3D2706E87D3E4433DB929B86207CA928 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
09:28:10.0384 4912 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
09:28:10.0391 4912 [ 52652560BCE03F232CE6AF381D82CE5F ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
09:28:10.0391 4912 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
09:28:10.0398 4912 [ A38B82A306CDDA0BB141225F92FC9F85 ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
09:28:10.0398 4912 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
09:28:10.0406 4912 [ 4C44A99BB7584D6B70507987BE786259 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
09:28:10.0406 4912 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
09:28:10.0413 4912 [ 4D774B94671141D491CFCB4CA3650EBF ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
09:28:10.0413 4912 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
09:28:10.0420 4912 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
09:28:10.0420 4912 C:\Windows\SysWOW64\DWrite.dll - ok
09:28:10.0426 4912 [ 520B9EF148145FDE39E4FB77E0C7FC48 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
09:28:10.0427 4912 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
09:28:10.0434 4912 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
09:28:10.0434 4912 C:\Windows\SysWOW64\wshqos.dll - ok
09:28:10.0440 4912 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
09:28:10.0440 4912 C:\Windows\SysWOW64\d3d10_1.dll - ok
09:28:10.0446 4912 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
09:28:10.0446 4912 C:\Windows\SysWOW64\d3d10_1core.dll - ok
09:28:10.0454 4912 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
09:28:10.0454 4912 C:\Windows\SysWOW64\dxgi.dll - ok
09:28:10.0460 4912 [ 9EFAF20E145611F37D148A6CB8691444 ] C:\Windows\SysWOW64\atiuxpag.dll
09:28:10.0460 4912 C:\Windows\SysWOW64\atiuxpag.dll - ok
09:28:10.0466 4912 [ 6C09202A499E5CA50752A46E5C5164A8 ] C:\Windows\SysWOW64\atidxx32.dll
09:28:10.0467 4912 C:\Windows\SysWOW64\atidxx32.dll - ok
09:28:10.0471 4912 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
09:28:10.0471 4912 C:\Windows\SysWOW64\d2d1.dll - ok
09:28:10.0477 4912 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
09:28:10.0477 4912 C:\Windows\SysWOW64\d3d10.dll - ok
09:28:10.0484 4912 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
09:28:10.0484 4912 C:\Windows\SysWOW64\d3d10core.dll - ok
09:28:10.0491 4912 [ 9662E514A77389EB6F7E846DB8B44C4D ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
09:28:10.0491 4912 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
09:28:10.0497 4912 [ CF7C83513AD0F22070B6795590F6BA68 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
09:28:10.0497 4912 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
09:28:10.0505 4912 [ D9FA57CBA32ABA63D5C30B854F660F07 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
09:28:10.0506 4912 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
09:28:10.0512 4912 [ 2944201BCD2BCC92897551A95757DDBE ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
09:28:10.0512 4912 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
09:28:10.0519 4912 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
09:28:10.0519 4912 C:\Windows\SysWOW64\mscms.dll - ok
09:28:10.0526 4912 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
09:28:10.0526 4912 C:\Windows\SysWOW64\feclient.dll - ok
09:28:10.0532 4912 [ 56554EB3AD01D73D67B810C639E15648 ] C:\Program Files (x86)\PDFlite\npPdfViewer.dll
09:28:10.0533 4912 C:\Program Files (x86)\PDFlite\npPdfViewer.dll - ok
09:28:10.0539 4912 [ 81D2A6253A4711856F6AC68904A0CB51 ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
09:28:10.0540 4912 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
09:28:10.0546 4912 [ 5170D04359E5D54A06B084AA5D833115 ] C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll
09:28:10.0546 4912 C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll - ok
09:28:10.0553 4912 [ 12AB9D4FC560A79B983D6021E8207785 ] C:\Program Files (x86)\OpenOffice.org 3\program\updatefeed.uno.dll
09:28:10.0553 4912 C:\Program Files (x86)\OpenOffice.org 3\program\updatefeed.uno.dll - ok
09:28:10.0560 4912 [ 1B7AA58E0A13B0524D08782EE481D7CF ] C:\Program Files (x86)\OpenOffice.org 3\program\onlinecheck.dll
09:28:10.0560 4912 C:\Program Files (x86)\OpenOffice.org 3\program\onlinecheck.dll - ok
09:28:10.0567 4912 [ 2E0BF170DFACB5BDEADF228F4C3F6AC1 ] C:\Program Files (x86)\OpenOffice.org 3\program\updchkmi.dll
09:28:10.0568 4912 C:\Program Files (x86)\OpenOffice.org 3\program\updchkmi.dll - ok
09:28:10.0574 4912 [ 9399FBF675C10EF9598765D6F19275D9 ] C:\Program Files (x86)\OpenOffice.org 3\program\resmi.dll
09:28:10.0574 4912 C:\Program Files (x86)\OpenOffice.org 3\program\resmi.dll - ok
09:28:10.0580 4912 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
09:28:10.0580 4912 C:\Windows\System32\schedcli.dll - ok
09:28:10.0588 4912 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
09:28:10.0588 4912 C:\Windows\System32\wbem\wmipcima.dll - ok
09:28:10.0594 4912 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
09:28:10.0594 4912 C:\Windows\System32\wmi.dll - ok
09:28:10.0601 4912 [ 60F070B968B428D48B6FDF12D7C03873 ] C:\Program Files (x86)\OpenOffice.org 3\program\dtrans.dll
09:28:10.0601 4912 C:\Program Files (x86)\OpenOffice.org 3\program\dtrans.dll - ok
09:28:10.0608 4912 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
09:28:10.0609 4912 C:\Windows\System32\wuauclt.exe - ok
09:28:10.0614 4912 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
09:28:10.0614 4912 C:\Windows\System32\wucltux.dll - ok
09:28:10.0622 4912 [ C142445B59C1DABA31F6397A34C42C74 ] C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
09:28:10.0622 4912 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe - ok
09:28:10.0628 4912 [ 54FC590185D7D00D65E53B9A5990DC14 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
09:28:10.0628 4912 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll - ok
09:28:10.0635 4912 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
09:28:10.0635 4912 C:\Windows\SysWOW64\dsound.dll - ok
09:28:10.0642 4912 [ 26807EED9A80328943CD8385BC7E6991 ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
09:28:10.0642 4912 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe - ok
09:28:10.0648 4912 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
09:28:10.0648 4912 C:\Windows\SysWOW64\secur32.dll - ok
09:28:10.0656 4912 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
09:28:10.0656 4912 C:\Windows\SysWOW64\mlang.dll - ok
09:28:10.0662 4912 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
09:28:10.0662 4912 C:\Windows\SysWOW64\schannel.dll - ok
09:28:10.0669 4912 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
09:28:10.0669 4912 C:\Windows\SysWOW64\icm32.dll - ok
09:28:10.0675 4912 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
09:28:10.0676 4912 C:\Windows\System32\wscinterop.dll - ok
09:28:10.0684 4912 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
09:28:10.0684 4912 C:\Windows\System32\wscui.cpl - ok
09:28:10.0690 4912 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
09:28:10.0690 4912 C:\Windows\System32\werconcpl.dll - ok
09:28:10.0699 4912 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
09:28:10.0699 4912 C:\Windows\System32\wercplsupport.dll - ok
09:28:10.0704 4912 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
09:28:10.0704 4912 C:\Windows\System32\hcproviders.dll - ok
09:28:10.0710 4912 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
09:28:10.0710 4912 C:\Windows\System32\wbem\WMIADAP.exe - ok
09:28:10.0718 4912 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
09:28:10.0718 4912 C:\Windows\System32\loadperf.dll - ok
09:28:10.0721 4912 [ 9EDB0A8337529D69F96DD1B2E70FA2F7 ] C:\Windows\System32\VAN.dll
09:28:10.0721 4912 C:\Windows\System32\VAN.dll - ok
09:28:10.0728 4912 [ 5D68F68E12B8BCD35ADE5A7B4FE5F456 ] C:\Windows\System32\wwanmm.dll
09:28:10.0728 4912 C:\Windows\System32\wwanmm.dll - ok
09:28:10.0736 4912 [ 18C27789FCFDDDB8D45C1EC4BC77CC8C ] C:\Windows\System32\RASMM.dll
09:28:10.0736 4912 C:\Windows\System32\RASMM.dll - ok
09:28:10.0743 4912 [ 448DE6CDB7976373B35CA03B6BF9BE48 ] C:\Windows\System32\WlanMM.dll
09:28:10.0743 4912 C:\Windows\System32\WlanMM.dll - ok
09:28:10.0749 4912 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
09:28:10.0749 4912 C:\Windows\System32\NaturalLanguage6.dll - ok
09:28:10.0756 4912 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
09:28:10.0756 4912 C:\Windows\System32\NlsData0009.dll - ok
09:28:10.0762 4912 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
09:28:10.0762 4912 C:\Windows\System32\NlsLexicons0009.dll - ok
09:28:10.0768 4912 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
09:28:10.0768 4912 C:\Windows\System32\ELSCore.dll - ok
09:28:10.0776 4912 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
09:28:10.0776 4912 C:\Windows\System32\elsTrans.dll - ok
09:28:10.0781 4912 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
09:28:10.0781 4912 C:\Windows\System32\elslad.dll - ok
09:28:10.0785 4912 ============================================================
09:28:10.0785 4912 Scan finished
09:28:10.0785 4912 ============================================================
09:28:10.0798 4904 Detected object count: 0
09:28:10.0798 4904 Actual detected object count: 0
09:34:14.0223 2888 Deinitialize success


aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-26 09:40:01
-----------------------------
09:40:01.479 OS Version: Windows x64 6.1.7601 Service Pack 1
09:40:01.479 Number of processors: 2 586 0x603
09:40:01.480 ComputerName: ACER-ASPIRE5552 UserName: Acer
09:40:03.310 Initialize success
09:42:24.205 AVAST engine defs: 12122600
09:43:16.489 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:43:16.495 Disk 0 Vendor: WDC_WD2500BEVT-22A23T0 01.01A01 Size: 238475MB BusType: 11
09:43:16.528 Disk 0 MBR read successfully
09:43:16.533 Disk 0 MBR scan
09:43:16.551 Disk 0 Windows 7 default MBR code
09:43:16.561 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
09:43:16.603 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
09:43:16.660 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 224037 MB offset 29566976
09:43:16.765 Disk 0 scanning C:\Windows\system32\drivers
09:43:36.281 Service scanning
09:44:44.025 Modules scanning
09:44:44.043 Disk 0 trace - called modules:
09:44:44.091 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:44:44.105 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042e6060]
09:44:44.117 3 CLASSPNP.SYS[fffff8800199143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004277060]
09:44:45.449 AVAST engine scan C:\Windows
09:44:52.882 AVAST engine scan C:\Windows\system32
09:52:15.316 AVAST engine scan C:\Windows\system32\drivers
09:52:38.203 AVAST engine scan C:\Users\Acer
10:05:28.485 File: C:\Users\Acer\Desktop\Clean up tools\OTL.exe **INFECTED** Win32:Malware-gen
10:07:58.511 AVAST engine scan C:\ProgramData
10:11:11.436 Scan finished successfully
10:23:38.225 Disk 0 MBR has been saved successfully to "C:\Users\Acer\Desktop\MBR.dat"
10:23:38.225 The log file has been saved successfully to "C:\Users\Acer\Desktop\aswMBR.txt"

I noticed when this scan was done that the default setting was a quick scan, not total scan. Hope that is ok. And, just curious about this but it seems 2 say my OTL tool is infected. Is that possible? Anyway, thanks again for all your help.
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
  • 0

Advertisements


#11
SallyMae

SallyMae

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts
otl.txt:

OTL logfile created on: 12/28/2012 7:14:13 AM - Run 7
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Acer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 62.68% Memory free
7.49 Gb Paging File | 5.64 Gb Available in Paging File | 75.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.79 Gb Total Space | 166.93 Gb Free Space | 76.30% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: ACER-ASPIRE5552 | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Acer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Pink Calendar\PinkCal.exe (www.orangesoftware.net (email: gerryscat@gmail.com))
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Group)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (GameConsoleService) -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7PRFB_enUS473
IE - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20121250,6902,0,63,0"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: zzbjtaszer%40zzbjtaszer.org:2.5
FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:1.8.1
FF - prefs.js..extensions.enabledAddons: %7B6e84150a-d526-41f1-a480-a67d3fed910d%7D:1.5.1
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....6902,0,63,0&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/09/02 15:06:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/23 06:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Components: C:\Program Files (x86)\Netscape\Navigator 9\components [2012/12/23 06:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Plugins: C:\Program Files (x86)\Netscape\Navigator 9\plugins [2012/12/23 08:18:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/23 06:49:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/03/10 17:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Extensions
[2012/12/23 07:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions
[2012/12/14 04:22:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/11/21 18:12:12 | 000,372,581 | ---- | M] () (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[1616/02/21 12:32:06 | 000,004,816 | ---- | M] () (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\zzbjtaszer@zzbjtaszer.org.xpi
[2012/09/24 16:25:19 | 000,049,607 | ---- | M] () (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi
[2012/07/31 10:34:40 | 000,081,104 | ---- | M] () (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi
[2012/12/05 18:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/05 18:43:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/12/05 18:43:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/10 20:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/10 20:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: PDFlite Browser Plugin (Enabled) = C:\Program Files (x86)\PDFlite\npPdfViewer.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: SiteAdvisor = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: Gmail = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/25 10:33:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe File not found
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PinkCal.lnk = C:\Program Files (x86)\Pink Calendar\PinkCal.exe (www.orangesoftware.net (email: gerryscat@gmail.com))
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{341B743B-AE3F-4A29-AC4A-46C9A75F863D}: DhcpNameServer = 10.10.11.11 68.105.29.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D19A225-0C37-49BB-B30D-8D4925768DAB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/28 07:12:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2012/12/25 10:33:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/12/25 08:54:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/25 08:54:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/25 08:54:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/25 08:53:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/25 08:53:33 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/25 00:51:41 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\ElevatedDiagnostics
[2012/12/23 23:07:31 | 000,000,000 | ---D | C] -- C:\Users\Acer\Desktop\RK_Quarantine
[2012/12/23 08:11:16 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Apple Computer
[2012/12/23 07:08:21 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\Apple Computer
[2012/12/23 06:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/12/23 06:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/12/23 06:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/12/23 06:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/12/23 06:26:44 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\Apple
[2012/12/23 06:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/12/23 06:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/12/23 02:14:11 | 000,000,000 | ---D | C] -- C:\Users\Acer\.thumbnails
[2012/12/23 02:04:47 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\fontconfig
[2012/12/23 02:04:46 | 000,000,000 | ---D | C] -- C:\Users\Acer\.gimp-2.8
[2012/12/23 02:04:45 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\gegl-0.2
[2012/12/23 02:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012/12/21 03:00:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/21 03:00:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/21 03:00:33 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/21 03:00:32 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/15 16:42:19 | 000,000,000 | ---D | C] -- C:\Users\Acer\Desktop\Bohrer Stuff
[2012/12/14 04:22:14 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\FreeFileViewer
[2012/12/13 06:24:41 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\FreeFileViewer
[2012/12/13 06:09:14 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\FileTypeAssistant
[2012/12/13 06:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Assistant
[2012/12/13 06:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
[2012/12/13 06:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeFileViewer
[2012/12/13 06:07:40 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\The Weather Channel
[2012/12/11 15:02:26 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/11 15:02:25 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/11 15:02:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/11 15:02:24 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/11 15:02:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/11 15:02:22 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/11 15:02:22 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/11 15:02:11 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/11 15:02:11 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/11 15:02:10 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/11 15:02:10 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/11 15:02:07 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/11 15:02:07 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/11 15:02:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/11 15:02:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/11 15:02:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/11 15:02:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/11 15:02:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/11 15:02:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/11 15:02:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/11 15:02:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/11 15:02:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/11 15:02:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/11 15:02:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/11 15:02:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/11 15:02:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/11 15:02:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/11 15:02:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/11 15:02:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/11 15:02:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/11 15:02:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/11 15:02:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/11 15:02:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/11 15:02:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/11 15:02:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/11 15:02:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/11 15:02:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/11 15:02:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/11 15:02:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/11 15:02:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/11 15:02:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/11 15:02:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/11 15:02:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/11 15:02:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/11 15:01:48 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/11 15:01:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/05 18:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2012/12/28 07:12:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2012/12/28 07:11:22 | 000,014,104 | ---- | M] () -- C:\Users\Acer\Desktop\g2g cleanup 122312.odt
[2012/12/28 07:11:22 | 000,000,125 | -H-- | M] () -- C:\Users\Acer\Desktop\.~lock.g2g cleanup 122312.odt#
[2012/12/28 06:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/28 06:47:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/28 06:41:22 | 095,567,176 | ---- | M] () -- C:\Users\Acer\Desktop\teas call where me and ant fight and others jump my [bleep].mp3
[2012/12/28 06:39:56 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/28 06:39:56 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/28 06:35:59 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2012/12/28 06:32:54 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/28 06:32:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/28 06:32:26 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/28 05:43:41 | 000,872,878 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/28 05:43:41 | 000,726,718 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/28 05:43:41 | 000,146,704 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/26 10:23:38 | 000,000,512 | ---- | M] () -- C:\Users\Acer\Desktop\MBR.dat
[2012/12/25 17:26:15 | 000,068,856 | ---- | M] () -- C:\Users\Acer\Desktop\William_D_Elrod-8b0804f25185b46.pdf
[2012/12/25 16:49:26 | 000,065,256 | ---- | M] () -- C:\Users\Acer\Desktop\Kathy_Riley-8b8c4dd21ace757.pdf
[2012/12/25 14:21:55 | 000,067,454 | ---- | M] () -- C:\Users\Acer\Desktop\Angela_S_Sullivan-1ce9245d6a67054.pdf
[2012/12/25 13:57:29 | 000,064,255 | ---- | M] () -- C:\Users\Acer\Desktop\Christy_T_Slocum-9afa944b598f54f.pdf
[2012/12/25 13:48:14 | 000,063,308 | ---- | M] () -- C:\Users\Acer\Desktop\Andrew_Carlton_Slocum-cd839cf0008509a.pdf
[2012/12/25 10:33:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/12/24 12:49:20 | 000,191,790 | ---- | M] () -- C:\Users\Public\Documents\MarjorieMSobel yahoo acct info.png
[2012/12/23 08:10:38 | 000,295,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/23 06:49:25 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/12/23 02:16:56 | 000,000,867 | ---- | M] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2012/12/23 02:05:36 | 000,001,454 | ---- | M] () -- C:\Users\Acer\Desktop\gimp-2.8 - Shortcut.lnk
[2012/12/22 18:01:22 | 000,081,835 | ---- | M] () -- C:\Users\Acer\Desktop\Barry_A_Switzer-f5620869da1fd5e.pdf
[2012/12/21 22:37:39 | 000,450,190 | ---- | M] () -- C:\Users\Acer\Desktop\non lethal weapons terms and references.pdf
[2012/12/21 10:46:24 | 000,030,509 | ---- | M] () -- C:\Users\Acer\Desktop\huffington pro gun comment.odt
[2012/12/21 06:03:45 | 000,525,865 | ---- | M] () -- C:\Users\Acer\Desktop\agenda 21 full text.zip
[2012/12/21 04:17:13 | 000,059,237 | ---- | M] () -- C:\sessionstore.js.js
[2012/12/21 03:32:00 | 000,014,875 | ---- | M] () -- C:\sessionstore.bak.bak
[2012/12/21 02:36:24 | 000,040,165 | ---- | M] () -- C:\Users\Acer\Desktop\alda goes after memoir ants chat.odt
[2012/12/20 23:28:14 | 000,027,504 | ---- | M] () -- C:\Users\Acer\Desktop\memoir alda fight chat.odt
[2012/12/20 21:52:26 | 023,683,290 | ---- | M] () -- C:\Users\Acer\Desktop\memoir fight with alda.mp3
[2012/12/19 15:06:52 | 000,062,982 | ---- | M] () -- C:\Users\Acer\Desktop\Kera_E_Wulbert-1dfc718faaff215.pdf
[2012/12/19 00:46:17 | 002,145,975 | ---- | M] () -- C:\Users\Acer\Desktop\Map of Targeted Individuals Across the Nation-2.pdf
[2012/12/18 19:07:58 | 000,387,777 | ---- | M] () -- C:\Users\Acer\Desktop\risperdal label mechanism of action unknown.pdf
[2012/12/17 20:32:15 | 000,061,414 | ---- | M] () -- C:\Users\Acer\Desktop\Margaret_K_Wulbert-BV.pdf
[2012/12/17 20:29:51 | 000,076,713 | ---- | M] () -- C:\Users\Acer\Desktop\Margaret Wulbert.pdf
[2012/12/16 12:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/16 09:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/16 09:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/16 09:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/14 09:45:22 | 000,198,018 | ---- | M] () -- C:\Users\Public\Documents\excaliber lcd chess operating manual.pdf
[2012/12/13 23:59:01 | 000,030,362 | ---- | M] () -- C:\Users\Public\Documents\chatgrabber talkshoe chuck finally calls me a killer.odt
[2012/12/13 22:31:04 | 000,132,702 | ---- | M] () -- C:\Users\Public\Documents\aquino paper mindwar.pdf
[2012/12/13 06:08:39 | 000,001,107 | ---- | M] () -- C:\Users\Acer\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2012/12/13 06:08:39 | 000,001,083 | ---- | M] () -- C:\Users\Acer\Desktop\FreeFileViewer.lnk
[2012/12/12 00:53:35 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/12 00:53:35 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/11 05:52:41 | 000,238,988 | ---- | M] () -- C:\Users\Public\Documents\NC3TF July09-Sept09 PRpt.pdf
[2012/12/09 03:19:16 | 009,302,490 | ---- | M] () -- C:\Users\Acer\Desktop\TS-397552 hidden sites w_personal info.mp3
[2012/12/09 00:52:44 | 000,026,950 | ---- | M] () -- C:\Users\Public\Documents\quotes from prozac article scientists 2 find studies.odt
[2012/12/08 00:53:51 | 000,177,955 | ---- | M] () -- C:\Users\Public\Documents\barry l jacobs curriculum vitae.pdf
[2012/12/07 17:24:54 | 001,469,502 | ---- | M] () -- C:\Users\Public\Documents\enironmental enrichment new neurons rats.pdf
[2012/12/03 15:55:18 | 000,532,645 | ---- | M] () -- C:\Users\Public\Documents\Theoretical+Causes+Affecting+the+Development+of+Schizophrenia.pdf
[2012/12/01 13:58:34 | 000,004,204 | ---- | M] () -- C:\Users\Public\Documents\get me out of this mess.drs

========== Files Created - No Company Name ==========

[2012/12/28 07:10:47 | 000,000,125 | -H-- | C] () -- C:\Users\Acer\Desktop\.~lock.g2g cleanup 122312.odt#
[2012/12/28 06:38:00 | 095,567,176 | ---- | C] () -- C:\Users\Acer\Desktop\teas call where me and ant fight and others jump my [bleep].mp3
[2012/12/26 10:23:38 | 000,000,512 | ---- | C] () -- C:\Users\Acer\Desktop\MBR.dat
[2012/12/25 17:26:15 | 000,068,856 | ---- | C] () -- C:\Users\Acer\Desktop\William_D_Elrod-8b0804f25185b46.pdf
[2012/12/25 16:49:26 | 000,065,256 | ---- | C] () -- C:\Users\Acer\Desktop\Kathy_Riley-8b8c4dd21ace757.pdf
[2012/12/25 14:21:55 | 000,067,454 | ---- | C] () -- C:\Users\Acer\Desktop\Angela_S_Sullivan-1ce9245d6a67054.pdf
[2012/12/25 13:57:29 | 000,064,255 | ---- | C] () -- C:\Users\Acer\Desktop\Christy_T_Slocum-9afa944b598f54f.pdf
[2012/12/25 13:48:14 | 000,063,308 | ---- | C] () -- C:\Users\Acer\Desktop\Andrew_Carlton_Slocum-cd839cf0008509a.pdf
[2012/12/25 08:54:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/25 08:54:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/25 08:54:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/25 08:54:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/25 08:54:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/24 12:49:20 | 000,191,790 | ---- | C] () -- C:\Users\Public\Documents\MarjorieMSobel yahoo acct info.png
[2012/12/23 22:47:54 | 000,014,104 | ---- | C] () -- C:\Users\Acer\Desktop\g2g cleanup 122312.odt
[2012/12/23 06:49:25 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/12/23 06:26:42 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/12/23 02:16:56 | 000,000,867 | ---- | C] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2012/12/23 02:05:36 | 000,001,454 | ---- | C] () -- C:\Users\Acer\Desktop\gimp-2.8 - Shortcut.lnk
[2012/12/23 02:02:23 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/12/22 18:01:22 | 000,081,835 | ---- | C] () -- C:\Users\Acer\Desktop\Barry_A_Switzer-f5620869da1fd5e.pdf
[2012/12/21 22:37:39 | 000,450,190 | ---- | C] () -- C:\Users\Acer\Desktop\non lethal weapons terms and references.pdf
[2012/12/21 10:46:23 | 000,030,509 | ---- | C] () -- C:\Users\Acer\Desktop\huffington pro gun comment.odt
[2012/12/21 06:03:43 | 000,525,865 | ---- | C] () -- C:\Users\Acer\Desktop\agenda 21 full text.zip
[2012/12/21 04:31:46 | 000,059,237 | ---- | C] () -- C:\sessionstore.js.js
[2012/12/21 04:30:52 | 000,014,875 | ---- | C] () -- C:\sessionstore.bak.bak
[2012/12/21 02:36:23 | 000,040,165 | ---- | C] () -- C:\Users\Acer\Desktop\alda goes after memoir ants chat.odt
[2012/12/20 23:28:11 | 000,027,504 | ---- | C] () -- C:\Users\Acer\Desktop\memoir alda fight chat.odt
[2012/12/20 21:51:55 | 023,683,290 | ---- | C] () -- C:\Users\Acer\Desktop\memoir fight with alda.mp3
[2012/12/19 15:06:52 | 000,062,982 | ---- | C] () -- C:\Users\Acer\Desktop\Kera_E_Wulbert-1dfc718faaff215.pdf
[2012/12/19 00:46:17 | 002,145,975 | ---- | C] () -- C:\Users\Acer\Desktop\Map of Targeted Individuals Across the Nation-2.pdf
[2012/12/18 19:07:58 | 000,387,777 | ---- | C] () -- C:\Users\Acer\Desktop\risperdal label mechanism of action unknown.pdf
[2012/12/17 20:32:15 | 000,061,414 | ---- | C] () -- C:\Users\Acer\Desktop\Margaret_K_Wulbert-BV.pdf
[2012/12/17 20:29:51 | 000,076,713 | ---- | C] () -- C:\Users\Acer\Desktop\Margaret Wulbert.pdf
[2012/12/14 09:45:22 | 000,198,018 | ---- | C] () -- C:\Users\Public\Documents\excaliber lcd chess operating manual.pdf
[2012/12/13 23:58:59 | 000,030,362 | ---- | C] () -- C:\Users\Public\Documents\chatgrabber talkshoe chuck finally calls me a killer.odt
[2012/12/13 22:31:04 | 000,132,702 | ---- | C] () -- C:\Users\Public\Documents\aquino paper mindwar.pdf
[2012/12/13 06:08:59 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2012/12/13 06:08:39 | 000,001,107 | ---- | C] () -- C:\Users\Acer\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2012/12/13 06:08:39 | 000,001,083 | ---- | C] () -- C:\Users\Acer\Desktop\FreeFileViewer.lnk
[2012/12/11 05:52:41 | 000,238,988 | ---- | C] () -- C:\Users\Public\Documents\NC3TF July09-Sept09 PRpt.pdf
[2012/12/09 03:19:14 | 009,302,490 | ---- | C] () -- C:\Users\Acer\Desktop\TS-397552 hidden sites w_personal info.mp3
[2012/12/08 00:53:51 | 000,177,955 | ---- | C] () -- C:\Users\Public\Documents\barry l jacobs curriculum vitae.pdf
[2012/12/07 17:24:54 | 001,469,502 | ---- | C] () -- C:\Users\Public\Documents\enironmental enrichment new neurons rats.pdf
[2012/12/07 11:20:52 | 000,026,950 | ---- | C] () -- C:\Users\Public\Documents\quotes from prozac article scientists 2 find studies.odt
[2012/12/03 15:55:18 | 000,532,645 | ---- | C] () -- C:\Users\Public\Documents\Theoretical+Causes+Affecting+the+Development+of+Schizophrenia.pdf
[2012/11/25 07:55:39 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/11/25 07:55:39 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-Pink Calendar & Day Planner.dat
[2012/09/18 14:32:14 | 000,000,892 | ---- | C] () -- C:\Users\Acer\jinitiator13122.trace
[2012/09/18 10:20:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012/04/19 18:28:58 | 000,000,592 | ---- | C] () -- C:\Windows\TimePassages.ini
[2012/03/01 07:48:49 | 000,870,466 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/01 11:55:59 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/11/01 11:55:59 | 000,191,688 | ---- | C] () -- C:\Windows\flicker.dll
[2011/11/01 11:55:59 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011/11/01 11:55:59 | 000,011,976 | ---- | C] () -- C:\Windows\setpwlin.exe
[2011/11/01 11:55:59 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011/11/01 11:55:59 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011/11/01 11:48:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


um, just out of curiosity. When those former scans came up saying my otl.exe file was infected, was that nothing to worry about? does otl.exe generate false positives sometimes? Sorry for what seems a stupid question since i guess it could be said that if you didn't see a problem with it, obviously there wasn't one. nonetheless, I am curious about why my otl.exe came up infected in that scan. Thanks again for all your hard work.
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box.
    :OTL
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe File not found
    O4 - HKU\S-1-5-21-2364574542-925858394-1894668847-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    FF - prefs.js..extensions.enabledAddons: zzbjtaszer%40zzbjtaszer.org:2.5
    [1616/02/21 12:32:06 | 000,004,816 | ---- | M] () (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\lkhys26m.default\extensions\zzbjtaszer@zzbjtaszer.org.xpi
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
  • 0

#13
SallyMae

SallyMae

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts
OK,no notepad file was open upon reboot. I do have an otl.txt on my desktop. would this be a new file with the old one from previous runs of otl.txt having been overwritten? should i post this one? Also, I have two faded out files on my desktop called desktop.ini and for some reason yahoo toolbar has installed itself on my firefox. unlike the old yahoo toolbar, there is no pencil for me to click to get rid of it. I don't want yahoo toolbar on my firefox. I did a quick google search and clicked all 10 of the top results and got no redirects, so this is definitely better than before when i got a redirect about every third time i clicked a link. For some reason my hard drive seems to stay quite busy. don't know what that is all about. Anyway, thank you again and please let me know if otl.txt is the right file to post.
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#15
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP