Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Kapersky Anti-virus reported Trojan.Win32.AutoRun.gen

Started by Condor124 , Jan 31 2013 08:48 PM

Please log in to reply

#1
Condor124

Posted 31 January 2013 - 08:48 PM

Member

Member
12 posts

OTL.Txt 148.67KB 116 downloads

OTL.Txt 148.67KB 116 downloadsI am upgrading to a new computer and during the process of preparing to migrate with a full image using PCmover, the Kapersky product that came with PCmover reported that I have Trojan.Win32.AutoRun.gen malware. the Kapersky product reported the following malware issue:

Trojan.Win32.AutoRun.gen
C:\Documents and Settings\John\AppData\Local\Temp\{8C9FECA2-BF8D-4F91-B0BB-C2DB4738DCD4}

I have Trend Micro Titanium Maximum Security 2012 installed and run weekly full scans. This issue was never identified by TrendMicro.

I have downloaded OTL and run a scan. (Trend Micro tried to block OTL download) The file is attached.

My machine has been running generally slow and has had unusual problems as of late (most frequent is that it does not automatically boot from the hard drive - have to use F12 key to manually select).

My desire is to clean the old machine completely before doing the image transfer. I request assitance in removing the Trojan.Win32.AutoRun.gen malware.

OTL logfile created on: 1/31/2013 9:16:41 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 3.27 Gb Available Physical Memory | 54.52% Memory free
17.99 Gb Paging File | 14.19 Gb Available in Paging File | 78.92% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142Z:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 473.43 Gb Free Space | 69.26% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.37 Gb Free Space | 49.12% Space Free | Partition Type: NTFS
Drive F: | 2794.52 Gb Total Space | 1743.34 Gb Free Space | 62.38% Space Free | Partition Type: NTFS
Drive Z: | 931.51 Gb Total Space | 823.03 Gb Free Space | 88.35% Space Free | Partition Type: NTFS

Computer Name: DELL_DESKTOP | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/31 20:55:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL (1).exe
PRC - [2013/01/28 20:18:08 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2013/01/19 09:07:01 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/01/08 11:27:24 | 000,026,600 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
PRC - [2012/12/28 18:02:24 | 028,539,392 | ---- | M] (Dropbox, Inc.) -- C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/17 17:14:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/12/17 17:14:10 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2012/12/17 16:48:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/10/22 14:37:14 | 002,379,160 | ---- | M] (SkyHawke) -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/11/20 07:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
PRC - [2010/10/19 12:09:04 | 001,795,488 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2010/09/06 02:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/05/17 13:45:32 | 001,615,176 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/05/07 18:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/03/03 18:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
PRC - [2010/03/03 18:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
PRC - [2009/05/20 20:02:56 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\FsLoader.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/09/14 21:21:22 | 003,831,068 | ---- | M] () -- C:\Program Files (x86)\nFinity\QuickVoice\qvrem.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/22 14:37:16 | 000,166,296 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
MOD - [2012/10/22 14:32:12 | 000,591,360 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
MOD - [2012/10/22 14:32:00 | 000,107,008 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/12 09:23:44 | 000,330,584 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2010/10/29 15:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
MOD - [2010/10/29 15:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
MOD - [2010/09/23 09:52:52 | 002,537,472 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll
MOD - [2010/09/13 00:12:38 | 000,744,448 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll
MOD - [2010/09/12 21:16:14 | 002,173,952 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll
MOD - [2010/09/12 20:30:18 | 009,814,016 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll
MOD - [2010/09/12 19:55:26 | 001,140,224 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll
MOD - [2010/09/12 19:51:28 | 000,399,360 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll
MOD - [2010/07/27 03:03:10 | 000,181,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\SharedBin\LvApi11.dll
MOD - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2009/06/22 13:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
MOD - [2009/04/22 16:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 18:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 17:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 17:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 17:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 17:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 17:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 17:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 17:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 17:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 17:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll
MOD - [2009/01/10 05:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
MOD - [2008/09/14 21:21:22 | 003,831,068 | ---- | M] () -- C:\Program Files (x86)\nFinity\QuickVoice\qvrem.exe

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/10/27 02:51:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/28 20:18:08 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/18 11:17:35 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/11/26 13:33:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/11/24 15:59:28 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/11/11 04:46:06 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/11/11 03:51:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/06 02:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/05/17 13:45:32 | 001,615,176 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 18:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010/02/12 06:09:18 | 002,227,216 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe -- (GenericMount Helper Service)
SRV - [2010/02/11 01:34:18 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/20 20:02:56 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\FsLoader.exe -- (Real time Backup Loader)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2007/09/12 17:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/24 22:01:12 | 000,107,048 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2012/09/24 22:00:36 | 000,077,184 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2012/09/24 22:00:00 | 000,173,504 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/10 05:50:06 | 000,210,704 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:64bit: - [2011/11/10 05:50:06 | 000,105,744 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2011/11/10 05:50:06 | 000,067,344 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/18 14:03:03 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/11/20 08:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010/11/20 06:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 05:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/11 03:55:31 | 000,194,640 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/27 02:14:24 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/27 08:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2010/07/27 08:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/03 18:59:22 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2010/02/12 06:10:12 | 000,066,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2010/02/11 01:34:46 | 000,170,032 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009/09/21 19:40:14 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VPROEVENTMONITOR)
DRV:64bit: - [2009/09/15 04:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/07/13 19:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 19:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 19:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/20 20:02:56 | 000,221,712 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\DCDisk.sys -- (DCDisk)
DRV:64bit: - [2009/05/20 20:02:56 | 000,088,592 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dcsnap.sys -- (dcsnap)
DRV:64bit: - [2009/05/08 11:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2009/05/06 02:34:52 | 000,639,512 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t3.sys -- (t3)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007/10/11 11:40:00 | 000,027,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MosIrUsb.sys -- (MosIrUsb)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA EB B1 78 7D 81 CB 01 [binary data]
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADRA_enUS502
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011/11/10 05:57:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/17 20:35:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension [2012/11/13 16:33:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/11/13 16:33:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/17 20:35:13 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.0.0.1280_0\npToolbarChrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Trend Micro Toolbar = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.4.0.1034_0\
CHR - Extension: Skype Click to Call = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3:64bit: - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CaddieSyncConduit] C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe (SkyHawke)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001..\Run: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe (Adobe Systems Incorporated)
O4 - HKLM..\RunOnce: [!DPLauncher] C:\Program Files (x86)\Microsoft\DefaultPack\DPLauncher.EXE (© 2012 Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..Trusted Domains: cleverreach.com ([novastor] http in Trusted sites)
O15 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..Trusted Domains: google-analytics.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..Trusted Domains: navy.mil ([webmail.east.nmci] https in Trusted sites)
O15 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..Trusted Domains: novastor.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3065872863-3284838871-378539591-1001\..Trusted Domains: novastor.com ([]https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{689CBF1A-0677-407D-BBAA-3528CAE1FE89}: DhcpNameServer = 68.105.28.11 68.105.29.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9117819C-23F2-4114-B418-F50D3CAA5052}: DhcpNameServer = 68.105.28.11 68.105.29.11
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 15:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2012/10/08 20:03:19 | 000,000,000 | -H-D | M] - F:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk F:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/31 20:54:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL (1).exe
[2013/01/29 07:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2013/01/29 06:55:55 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Uniblue
[2013/01/29 06:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2013/01/29 06:54:57 | 000,000,000 | ---D | C] -- Z:\Duplicate Photo Finder
[2013/01/29 06:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photo Finder
[2013/01/29 06:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Duplicate Photo Finder
[2013/01/29 06:46:10 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\EasyDuplicateFinder
[2013/01/29 06:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Duplicate Finder 4
[2013/01/28 20:41:35 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013/01/28 20:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/01/28 20:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/01/28 20:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Laplink
[2013/01/28 20:39:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Laplink
[2013/01/28 20:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover Professional
[2013/01/28 20:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Laplink
[2013/01/28 20:38:03 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Downloaded Installations
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/31 21:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/31 21:14:24 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2013/01/31 21:04:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/31 20:55:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL (1).exe
[2013/01/31 20:03:16 | 002,932,423 | ---- | M] () -- C:\Users\John\Desktop\HP Rnvy 1540T Manual.pdf
[2013/01/31 19:56:44 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/31 19:56:44 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/31 19:47:58 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/31 19:47:58 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\spmonitor.job
[2013/01/31 19:47:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/31 19:47:31 | 529,780,735 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/29 07:11:05 | 000,001,184 | ---- | M] () -- C:\Users\John\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2013/01/29 07:11:05 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\SpeedUpMyPC.lnk
[2013/01/29 06:53:11 | 000,001,175 | ---- | M] () -- C:\Users\Public\Desktop\Duplicate Photo Finder.lnk
[2013/01/29 06:46:06 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\Easy Duplicate Finder 4.lnk
[2013/01/28 20:41:27 | 000,001,087 | ---- | M] () -- C:\Users\John\Desktop\Kaspersky Security Scan.lnk
[2013/01/28 20:39:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Laplink PCmover Professional.lnk
[2013/01/21 07:56:02 | 000,002,289 | ---- | M] () -- C:\Users\John\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/12 22:04:03 | 000,004,096 | -HS- | M] () -- Z:\VSNAP.IDX
[2013/01/12 22:04:03 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2013/01/12 21:40:15 | 000,424,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/12 10:48:09 | 000,762,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/12 10:48:09 | 000,640,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/12 10:48:09 | 000,111,736 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/31 20:03:16 | 002,932,423 | ---- | C] () -- C:\Users\John\Desktop\HP Rnvy 1540T Manual.pdf
[2013/01/29 07:11:09 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\spmonitor.job
[2013/01/29 07:11:07 | 000,000,256 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2013/01/29 06:55:57 | 000,001,184 | ---- | C] () -- C:\Users\John\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2013/01/29 06:55:57 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\SpeedUpMyPC.lnk
[2013/01/29 06:53:11 | 000,001,175 | ---- | C] () -- C:\Users\Public\Desktop\Duplicate Photo Finder.lnk
[2013/01/29 06:46:06 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\Easy Duplicate Finder 4.lnk
[2013/01/28 20:41:35 | 000,001,087 | ---- | C] () -- C:\Users\John\Desktop\Kaspersky Security Scan.lnk
[2013/01/28 20:39:20 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Laplink PCmover Professional.lnk
[2012/10/15 17:44:41 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat.temp
[2012/10/15 17:13:48 | 000,228,999 | ---- | C] () -- C:\Windows\hpwins23.dat
[2012/10/15 17:13:48 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2012/03/02 14:16:12 | 000,004,096 | -H-- | C] () -- C:\Users\John\AppData\Local\keyfile3.drm
[2012/02/20 18:25:32 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/11/10 05:56:55 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/05 04:07:54 | 000,002,346 | ---- | C] () -- C:\Windows\CONTOUR.INI
[2011/05/08 18:15:06 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/06 13:26:29 | 000,745,484 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/04 10:09:42 | 000,012,288 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/26 15:04:43 | 000,000,189 | ---- | C] () -- C:\Users\John\AppData\Roaming\QV Prefs
[2010/11/26 12:54:24 | 000,000,097 | RHS- | C] () -- C:\ProgramData\1.12.0.lic
[2010/11/24 15:59:25 | 000,103,784 | ---- | C] () -- C:\Users\John\GoToAssistDownloadHelper.exe
[2010/11/11 05:48:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010/11/28 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/01/31 19:48:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Dropbox
[2010/11/17 09:26:54 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Easy Duplicate Finder
[2013/01/29 06:46:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\EasyDuplicateFinder
[2010/11/24 17:36:21 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GARMIN
[2010/12/20 18:56:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GetRightToGo
[2010/11/11 05:49:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Ilium Software
[2010/11/11 02:49:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leadertech
[2010/11/26 15:03:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\nFinity
[2011/11/13 08:55:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2010/11/26 15:29:50 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShadowProtect
[2011/09/19 18:49:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\StorageCraft
[2010/12/20 18:32:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TechSmith
[2013/01/29 06:55:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Uniblue
[2011/03/06 14:41:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\W Photo Studio Viewer
[2011/08/04 04:39:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WinBatch
[2010/11/26 15:00:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WindSolutions

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/12/18 09:28:18 | 000,558,791 | ---- | M] () MD5=A9983CC532F9B3FB1E87918D2313731D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.CSS >
[2010/08/31 18:40:56 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\ProgramData\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2010/08/31 18:40:56 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.INI >
[2010/08/31 18:40:56 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\ProgramData\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
[2010/08/31 18:40:56 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >

< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:BEC0D766
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:618D0840

< End of report >

Edited by maliprog, 01 February 2013 - 12:49 AM.

#2
RKinner

Posted 01 February 2013 - 12:13 PM

Malware Expert

Expert
24,625 posts

Using F12 to select the drive probably means the boot order is wrong. Go into BIOS or CMOS Setup (PC Logo screen should tell you what key to use) and change the boot order so that it looks at the hard drive first.

I don't see anything obvious. The file Kaspersky found is no doubt bad. The name is random which almost always means malware. Since it's slow let's run a few more scans and see if anything turns up:

First uninstall Kaspersky or Trend or somehow get Kaspersky to stop because you don't want to anti-virus products running at the same time. Really slows things down.

Then:

Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it by right clicking and Run As Admin.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Download ESET's Service Repair http://kb.eset.com/l...vicesRepair.exe and Save it then right click on it and Run As Admin.

If it doesn't do it for you:
Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application. VEW will overwrite the log at C:\vew.txt each time it runs so either post your System results before running VEW for Applications or copy the file c:\vew.txt to a new location.

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Now let's check for slowness:

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Go to http://www.speedtest.net/ and click on Begin Test

When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v

Ron

#3
Condor124

Posted 02 February 2013 - 05:03 PM

Member

Topic Starter
Member
12 posts

Ron,

First - let me say sincerely, thanks - his has been very helpful. How do I contribute or recognize your service?

Now, for the information you requested in reply:

OTL Extra file (not inlcuded in my original post:OTL Extras logfile created on: 1/31/2013 8:55:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 3.55 Gb Available Physical Memory | 59.20% Memory free
17.99 Gb Paging File | 14.35 Gb Available in Paging File | 79.79% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142Z:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 473.45 Gb Free Space | 69.26% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.37 Gb Free Space | 49.12% Space Free | Partition Type: NTFS
Drive F: | 2794.52 Gb Total Space | 1743.34 Gb Free Space | 62.38% Space Free | Partition Type: NTFS
Drive Z: | 931.51 Gb Total Space | 823.03 Gb Free Space | 88.35% Space Free | Partition Type: NTFS

Computer Name: DELL_DESKTOP | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E63C56-2CED-4813-AFAE-377F3808E42F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1C2142BD-D875-425E-B0B6-E9A1EC8613DB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D342CD2-114C-42FB-A4FF-140ACF8FE7A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{2F001ED8-72B2-4E3A-A487-6AED184FEEEE}" = rport=138 | protocol=17 | dir=out | app=system |
"{36543A39-1194-403C-A2F1-8DAECB99E817}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37689DD8-283F-47E2-904E-E9165D030E8B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3790FFA4-6E80-4C0B-92DF-60875F5A8B69}" = rport=445 | protocol=6 | dir=out | app=system |
"{386B16D0-9390-4E99-90F9-3359E9575D5E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43D249AD-89C7-4A33-947F-915A812B77C8}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{4E44F979-FC00-411E-954D-E5AA8DFE1D9F}" = lport=138 | protocol=17 | dir=in | app=system |
"{5200FA6B-F89E-4FA3-B989-F451F57C79BF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{691D0BCC-1765-4007-88B7-921F00274816}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{69485ACD-40E4-4377-9407-DA6C430DFB69}" = lport=10243 | protocol=6 | dir=in | app=system |
"{69F59EF8-6D2C-4F3E-8163-C3F80003BA36}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6A796531-509D-4316-B799-55262E5BB8A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{805EB375-3CB0-41AB-BD78-6FA7CBF848B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{852DF19F-A481-4FA4-9F35-9534EDA99AD5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F7DED26-D246-4539-B5F6-AA5B7288D290}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{913023C2-B96F-422F-AC9E-3C858AD868DA}" = lport=139 | protocol=6 | dir=in | app=system |
"{916C2E53-5D88-4875-9B5C-071CA67A4B9E}" = lport=137 | protocol=17 | dir=in | app=system |
"{91E3E265-8EEE-4FEC-B1C9-C12BCCB5E95C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A336859E-C861-41E9-B21D-9CCAEFEB30E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{C71B41DF-9466-4855-AFA6-BBB8A1CB78DA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CE02BB84-4E5E-49EA-8554-C62F3E2A7DD9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DED5FD46-492D-4594-9540-A67869925DFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{F334193F-2512-42DC-AE56-6668662F4BC7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FA7CCDF4-E7DE-4786-A688-F59AB434A6E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011DFE00-B391-43C1-9CE3-1B71EFDF3D5F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0223361E-2402-495B-B278-D9E0DFA1E641}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{06E597DF-8710-48A9-8A8E-D78B56B65A61}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{088E2097-355F-4510-9E45-469E76E53DC7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0D2A5F30-650C-4E3C-BF0D-CCBECF85469B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{0F971331-EE4C-4793-9734-1D90FACC9C35}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{14E0173C-B270-4769-8B84-E91CECF3B5BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{181EDFF1-AAAF-4FF9-83B5-88AB0C1C805C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1CEEF185-90AE-4845-8BD6-09C34E96657C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{1DA7AC1B-B254-4B6B-9020-6292C7D86C8D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1EF11137-1B6B-4849-8E51-E42AA5A24519}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26F6B4BE-D7E7-406F-B184-23895403D68A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2EF41600-2B80-4262-8CBD-4429EB699766}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3034E640-2106-44C7-8211-AE83FF019794}" = dir=in | app=c:\users\john\appdata\local\temp\7zs64d7\oj6500ve709_full_14\setup\hpznui40.exe |
"{3624B192-36A5-4894-88A0-47EF1089D91C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{37C0922C-E939-417D-88CC-2BE9E6C778CC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3B65F288-AD83-49C7-907A-C1B551F2CF34}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3BDE09A6-3625-4FAA-AA26-63CAEE47EEC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{3DD8E450-8D2E-4BC3-A139-5EE877DCA468}" = protocol=17 | dir=in | app=c:\users\john\appdata\roaming\dropbox\bin\dropbox.exe |
"{3E0BD0BD-024A-438B-B0A0-5DA348887192}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{430C2FF9-B49C-46E3-AAD3-D2005D4F8BF0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{45809FEF-6BA3-4896-A210-2F02B1C69E9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{485AE0E6-7625-4526-A773-758E52894C2E}" = protocol=6 | dir=out | app=system |
"{51674CCC-8E58-4F13-AF72-8A01925AD8DC}" = protocol=1 | dir=out | [email protected],-28544 |
"{547C5D39-DEE2-445F-B9D0-8A1AC9F8DF0D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{567CE083-D21D-4950-88FD-94622E574C0C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{56C23363-5C60-4FB9-B64A-B6F1EE1E5290}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A9E2339-454B-4252-99CB-C2511600A654}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{5DBA2800-E156-428B-9391-0D7BEB7C274D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{60230AD1-6BF8-479D-B5FB-30F6F013424F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6613C56C-8375-47C7-AE9F-F6975393D32F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{663FC971-B4DA-4A76-93C3-A14662F439F4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{6B04B0B5-97D1-4AD7-A0BF-2D530C4FAF2D}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{6C077DFE-93E1-40C8-A63B-149E164EC719}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7373493F-8F64-4967-8256-6B2F7C604873}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7847FCD9-02E5-4E5F-BDC1-0EB4094C8A6B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{79D30AC6-B53C-4A94-BA49-4963D8DE48D8}" = protocol=1 | dir=in | [email protected],-28543 |
"{7B7DE8F0-6B18-4E46-BFC5-9F4B3FE65DB5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{7C1F09FB-A8EF-4709-B7CF-F911D125AB93}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7D622A96-445C-4D7F-9222-4ADF4D25E8E0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{818C4A07-3C9A-4009-B7DA-DD57B3C86E8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{851BABC7-3902-40CB-945B-1CC2014C5E04}" = protocol=6 | dir=in | app=c:\users\john\appdata\roaming\dropbox\bin\dropbox.exe |
"{8DD41DD5-7B24-40F8-B263-04ADF895295C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8E51602C-9CA2-4288-8DBF-9B166698EAC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91927EE1-7AF5-401B-A476-04EBA2953B32}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{91C68C47-2D2C-4B2C-AE9F-029657B07709}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9358F16B-F4D9-4DE0-AA3A-88267303266C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{A1851CF5-87C9-4074-969C-3D49F800A183}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A200B229-C197-42F9-B116-C862855F5F8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{A3E8627A-F03F-4540-896F-7178C42E0D87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A6B94C73-E193-4FB0-B8AF-446728C1E1E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AAFA0DF1-58B4-4320-A40D-3DA75E7AFFA5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{AFB71235-A942-4AEC-8B23-D9A7CC18A14E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{B4B79679-6EE3-4BB0-A515-2F7AB726D828}" = dir=in | app=c:\program files (x86)\laplink\pcmover\pcmover.exe |
"{B57BC348-373C-402E-8BF5-381A086247BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{BDB7DFE9-43C7-4E6F-AB5E-6D24A7BCB97B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BFDE3EE6-8FF5-4CF7-AD46-FF3159904B20}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C105A9FC-B7CB-43E6-B475-D3670863D9C2}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{C59CA3AB-04A3-4850-B333-A3D28AB2C642}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{D00037B6-74CE-4436-B246-0B1E13D4CA87}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D27668EF-18B7-4084-81DA-3072B5E24ACB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{DA251889-A4FF-4ED8-90E5-0D1523C6BED8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E71B5A9E-6314-4DE0-B466-969BA82F60AC}" = protocol=58 | dir=out | [email protected],-28546 |
"{EC6C8FF8-9A31-4902-B627-7F3290277EAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{ECC78B87-06BF-47C3-89FD-4C87773E92AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF6739B9-4D51-4A53-B664-D3F90EF4F8F1}" = protocol=58 | dir=in | [email protected],-28545 |
"{F2203C92-8CB2-4AEF-AD99-270531206E0A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F2702FA4-CF58-4500-B8DB-F972E7BAA261}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{FE039DB1-36AC-460F-9E8B-489BEF62093A}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{0CE0CE03-2515-4728-A6A3-3FE3F34C119F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{36B1A02D-7708-4964-BA57-53EBFECAE277}E:\setup\easy_search.exe" = protocol=6 | dir=in | app=e:\setup\easy_search.exe |
"TCP Query User{686B102B-13A6-499C-9DFF-AF0FACD48D39}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{713289C1-1092-4712-8891-19503F0F7338}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{849CF620-A32D-4696-8E0D-295C0E864F36}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{9E7DE47D-326C-4BDA-9951-A7149C301142}C:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe |
"UDP Query User{147408E1-BA37-4FFA-91F5-84F73E85853A}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{1BC98F4B-18A0-4DF9-B2D9-06B09893B194}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{2CB76D28-073A-4C94-A5F2-A9553CC41F8E}E:\setup\easy_search.exe" = protocol=17 | dir=in | app=e:\setup\easy_search.exe |
"UDP Query User{C770856B-FD7D-4A09-A063-597A79BAFD9B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{DF6C89EF-6D26-4BF9-89AD-AC8F633EAB3D}C:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe |
"UDP Query User{F66F2AD6-DE58-475F-AE3E-1DDE77C6E3B0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{58D79E62-CFC8-4331-8469-3A1B16E1769C}" = HP Officejet 6500 E709 Series
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Easy Duplicate Finder 4_is1" = EasyDuplicateFinder v4.2
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan
"{12C8466B-9E6E-4C0C-BBA3-F05EDF5C8ECA}" = Polar WebLink 2.4.11
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D4EE8FE-F31C-4258-9360-5B8B8309B14B}" = Adobe Premiere Elements 9 Content
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FE80E58-0774-4EC3-B6BA-68876B88D4B9}" = TurboTax 2011 wvaiper
"{200ED131-24BB-4C5B-8F00-56219DA3CBB7}_is1" = Duplicate Photo Finder v. 3.2.0.49
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29D3EC4E-84FF-4590-9C30-D58707E7102E}" = SnowRanger North America
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3212AA30-4503-4D30-ADF3-F0DA00C3FDCC}" = Rosetta Stone Ltd Services
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37AB0223-AF54-49C5-92AA-BFC9648CD323}" = Adobe Premiere Elements 9 HD Content 3
"{3BE02281-FCCF-44BB-8413-AC4A633059EB}" = BPDSoftware
"{3CBBE028-978B-4876-ABC1-EF9ED6C20C4E}" = Adobe Premiere Elements 9 Content 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4010ADCB-1347-D570-FCF1-3002CABEBD2F}" = Rosetta Stone TOTALe
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{47CB8B6B-49DF-4058-AC2B-1596E3BE63EA}" = Garmin City Navigator North America 2009
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50D90C59-4F5C-48BC-AFB2-38475412F0CA}" = Adobe Premiere Elements 9 Content 1
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5414086B-AE06-4332-8A59-26FF0F630D1B}" = Garmin Trip and Waypoint Manager v3
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{5F9AAF4A-B9B0-489D-AE67-73470A4714FE}" = Adobe Premiere Elements 9 HD Content 1
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68654483-9629-4CF5-88FF-9FB70B3BECDE}" = ProductContext
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DDC3624-C631-49D1-B281-82EC3A27AA7C}" = Adobe Premiere Elements 9 Content 3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C60527-B637-4557-AB3D-72BB025F98A0}" = ShadowProtect Desktop
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJSTDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJSTDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJSTDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRJSTDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_VISPROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJSTDR_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{91120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{99F67894-9486-413F-94E1-8B12B1606EAB}" = BPDSoftware_Ini
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A519B6CE-9EDF-451A-B626-C3F8D2C9BFC2}" = Laplink PCmover Professional
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA787E05-E835-4812-AA3D-4048C8A46587}" = 6500_E709_eDocs
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AD4203ED-7683-435E-B436-C299773A9936}" = MapSource - US Topo v3.02
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB558CDC-C7BE-44D0-9260-B810D66702C4}" = 6500_E709n
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}" = Sound Blaster X-Fi
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D91C1B25-C284-4C1B-976C-9917EC50F5DD}" = QuickVoice
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E240C78D-8F35-456A-8876-15FF6901B7E0}" = Adobe Premiere Elements 9 HD Content 2
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = SpeedUpMyPC
"{E75594A0-B088-4635-B4F6-99654B5DDF96}" = V1 Home 2.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F53B432E-BD19-4400-BFA0-2BBD16410F8F}" = 6500_E709_Help
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe Premiere Elements 9 Content" = Adobe Premiere Elements 9 Content
"Adobe Premiere Elements 9 Content 1" = Adobe Premiere Elements 9 Content 1
"Adobe Premiere Elements 9 Content 2" = Adobe Premiere Elements 9 Content 2
"Adobe Premiere Elements 9 Content 3" = Adobe Premiere Elements 9 Content 3
"Adobe Premiere Elements 9 HD Content 1" = Adobe Premiere Elements 9 HD Content 1
"Adobe Premiere Elements 9 HD Content 2" = Adobe Premiere Elements 9 HD Content 2
"Adobe Premiere Elements 9 HD Content 3" = Adobe Premiere Elements 9 HD Content 3
"ALchemy" = Creative ALchemy
"AudibleDownloadManager" = Audible Download Manager
"AudioCS" = Creative Audio Control Panel
"CaddieSync Express" = CaddieSync Express 1.4.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.rosettastone.rosettastonetotale.8F5798B43604FA41C65B6F3DA7D3E38B6B065643.1" = Rosetta Stone TOTALe
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Diagnostics 4_5" = Creative Diagnostics
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist Corporate
"Host OpenAL" = Host OpenAL
"Ilium Software eWallet_is1" = eWallet 7.4 for Windows PCs
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{E75594A0-B088-4635-B4F6-99654B5DDF96}" = V1 Home 2.0
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logitech Vid" = Logitech Vid HD
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Offshore Navigator" = Offshore Navigator
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PremElem90" = Adobe Premiere Elements 9
"PRJSTDR" = Microsoft Office Project Standard 2007
"SkyCaddieDesktop" = SkyCaddie Desktop
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"TurboTax 2011" = TurboTax 2011
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"VISPROR" = Microsoft Office Visio Professional 2007
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/28/2012 11:37:31 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21

Error - 12/28/2012 11:37:31 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22

Error - 12/28/2012 11:37:31 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23

Error - 12/28/2012 11:37:31 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24

Error - 12/28/2012 11:39:49 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(00:f4:b9:25:f7:0c@fe80::2f4:b9ff:fe25:f70c._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 12/28/2012 11:39:49 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(00:f4:b9:25:f7:0c@fe80::2f4:b9ff:fe25:f70c._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 12/28/2012 11:40:16 AM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(4DB5825CDF4E91BC._appletv._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 12/28/2012 1:01:23 PM | Computer Name = Dell_Desktop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1850 Start
Time: 01cde51aeb35d758 Termination Time: 9 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 1/21/2013 12:32:14 PM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(00:f4:b9:25:f7:0c@fe80::2f4:b9ff:fe25:f70c._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 1/21/2013 12:33:09 PM | Computer Name = Dell_Desktop | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(4DB5825CDF4E91BC._appletv._tcp.local.)
active for over two minutes. This places considerable burden on the network.

[ System Events ]
Error - 1/27/2013 8:48:10 AM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

Error - 1/28/2013 7:10:23 PM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

Error - 1/28/2013 9:25:13 PM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

Error - 1/29/2013 12:49:06 PM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

Error - 1/29/2013 1:12:20 PM | Computer Name = Dell_Desktop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - 1/29/2013 1:12:26 PM | Computer Name = Dell_Desktop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - 1/30/2013 8:39:19 AM | Computer Name = Dell_Desktop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:43:45 PM on ?1/?29/?2013 was unexpected.

Error - 1/30/2013 8:39:25 AM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

Error - 1/31/2013 8:41:53 AM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

Error - 1/31/2013 8:47:43 PM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

< End of report >

Attached Files

aswMBR run with antivirus.txt 1.67KB 109 downloads
ComboFix.txt 24.01KB 127 downloads
TDSSKiller.2.8.15.0_02.02.2013_08.33.56_log.txt 287.08KB 106 downloads
TDSSKiller.2.8.15.0_02.02.2013_08.42.03_log.txt 612.69KB 120 downloads
mbam-log-2013-02-02 (08-55-45).txt 1.88KB 91 downloads
VEW.txt 1.16KB 107 downloads
VEW (application).txt 1.73KB 110 downloads
FSS.txt 2.08KB 124 downloads

#4
Condor124

Posted 02 February 2013 - 05:04 PM

Member

Topic Starter
Member
12 posts

aswMBR:
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-02 07:38:58
-----------------------------
07:38:58.956 OS Version: Windows x64 6.1.7601 Service Pack 1
07:38:58.956 Number of processors: 8 586 0x1A04
07:38:58.956 ComputerName: DELL_DESKTOP UserName: John
07:39:00.500 Initialize success
07:39:31.874 AVAST engine defs: 13020200
07:39:40.002 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-6
07:39:40.004 Disk 0 Vendor: WDC_WD7501AALS-75J7B0 05.00K05 Size: 715404MB BusType: 11
07:39:40.005 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP6T0L0-8
07:39:40.007 Disk 1 Vendor: ST31000524AS JC4A Size: 953869MB BusType: 11
07:39:40.020 Disk 0 MBR read successfully
07:39:40.023 Disk 0 MBR scan
07:39:40.026 Disk 0 Windows 7 default MBR code
07:39:40.061 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
07:39:40.088 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 145408
07:39:40.123 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 699972 MB offset 31602688
07:39:40.249 Disk 0 scanning C:\Windows\system32\drivers
07:39:54.127 Service scanning
07:40:17.304 Modules scanning
07:40:19.892 AVAST engine scan C:\Windows
07:40:22.755 AVAST engine scan C:\Windows\system32
07:42:53.104 AVAST engine scan C:\Windows\system32\drivers
07:43:08.157 AVAST engine scan C:\Users\John
07:44:41.721 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\Malware Incident\MBR.dat"
07:44:41.727 The log file has been saved successfully to "C:\Users\John\Desktop\Malware Incident\aswMBR run with antivirus.txt"

aswMBR run with antivirus.txt 1.67KB 109 downloads

aswMBR.txt 1.52KB 124 downloads

#5
Condor124

Posted 02 February 2013 - 05:05 PM

Member

Topic Starter
Member
12 posts

ComboFix
ComboFix 13-02-02.05 - John 02/02/2013 7:50.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.4021 [GMT -5:00]
Running from: c:\users\John\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\John\GoToAssistDownloadHelper.exe
c:\windows\SysWow64\SETF654.tmp
c:\windows\wininit.ini
D:\Autorun.inf
F:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2013-01-02 to 2013-02-02 )))))))))))))))))))))))))))))))
.
.
2013-01-29 11:55 . 2013-02-01 08:54 -------- d-----w- c:\users\John\AppData\Roaming\Uniblue
2013-01-29 11:55 . 2013-01-29 11:55 -------- d-----w- c:\program files (x86)\Uniblue
2013-01-29 11:53 . 2013-01-29 11:53 -------- d-----w- c:\program files (x86)\Duplicate Photo Finder
2013-01-29 11:46 . 2013-01-29 11:46 -------- d-----w- c:\users\John\AppData\Roaming\EasyDuplicateFinder
2013-01-29 11:46 . 2013-01-29 11:46 -------- d-----w- c:\program files\Easy Duplicate Finder 4
2013-01-29 01:39 . 2013-01-29 01:39 -------- d-----w- c:\programdata\Laplink
2013-01-29 01:39 . 2013-01-29 01:39 -------- d-----w- c:\program files (x86)\Common Files\Laplink
2013-01-29 01:39 . 2013-01-29 01:39 -------- d-----w- c:\program files (x86)\Laplink
2013-01-29 01:38 . 2013-01-29 01:38 -------- d-----w- c:\users\John\AppData\Local\Downloaded Installations
2013-01-12 14:53 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 14:53 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-12 14:53 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 14:53 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-12 14:53 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-12 14:53 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-12 14:53 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-12 14:53 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-04 01:44 . 2013-01-04 01:44 -------- d-----w- c:\users\Lorraine\AppData\Local\TechSmith
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-29 01:18 . 2012-04-07 13:27 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-29 01:18 . 2011-06-03 10:08 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 15:44 . 2010-11-11 08:19 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-22 00:22 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 00:22 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 00:22 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 00:22 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-12 13:01 . 2012-12-12 13:01 53248 ----a-r- c:\users\John\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-12-12 13:00 . 2012-12-12 13:00 8600656 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-12-12 12:57 . 2010-12-04 14:55 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-11-30 04:45 . 2013-01-12 14:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 23:29 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 23:29 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 23:29 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 23:29 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 23:29 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 23:29 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 23:29 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 23:29 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 23:29 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 23:29 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 23:29 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 23:29 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 23:29 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 23:29 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 23:29 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 23:29 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 23:29 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 23:29 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 23:29 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 23:29 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 23:29 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 23:29 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 13:03 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 13:03 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-07 12:28 . 2012-11-07 12:28 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-11-07 12:28 . 2011-10-31 21:49 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
"PhotoshopElements8SyncAgent"="c:\program files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe" [2010-09-06 1945536]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-11 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-12-17 59872]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-12-17 59872]
"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-12-17 59872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"CaddieSyncConduit"="c:\program files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe" [2012-10-22 2379160]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Norton Ghost 15.0"="c:\program files (x86)\Norton Ghost\Agent\VProTray.exe" [2010-03-03 2598760]
.
c:\users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe [2010-10-19 1795488]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
quickvoice reminders service (qvrem).lnk - c:\program files (x86)\nFinity\QuickVoice\qvrem.exe [2008-9-14 3831068]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 Backup Scheduler;Backup Scheduler;c:\program files (x86)\NovaStor\NovaStor NovaBACKUP\DR\CBP\DCSchdlerSRVC.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-11-26 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-11 79360]
R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2010-11-11 79360]
R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2010-02-12 2227216]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 27648]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe [x]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 9728]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\drivers\vpcuxd.sys [2010-11-20 16384]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-11 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 dcsnap;dcsnap; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-18 834544]
S1 DCDisk;DCDisk; [x]
S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2010-11-11 194640]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
S2 Real time Backup Loader;Real time Backup Loader;c:\program files (x86)\NovaStor\NovaStor NovaBACKUP\DR\Fsloader.exe [2009-05-21 90112]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2010-05-17 1615176]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2010-02-12 66608]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2010-07-27 339040]
S3 LVUVC64;QuickCam Pro for Notebooks(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2010-07-27 6465632]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
S3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2010-02-11 2963960]
S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-05-06 639512]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 01:04 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 01:18]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-11 08:08]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-11 08:08]
.
2013-02-02 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2013-01-29 16:27]
.
2013-02-02 c:\windows\Tasks\spmonitor.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2013-01-29 16:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: cleverreach.com\novastor
Trusted Zone: google-analytics.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: navy.mil\webmail.east.nmci
Trusted Zone: novastor.com
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Offshore Navigator - z:\program files (x86)\Maptech\Offshore Navigator\DeIsL1.isu
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Norton Ghost\Agent\VProSvc.exe
.
**************************************************************************
.
Completion time: 2013-02-02 08:20:40 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-02 13:20
.
Pre-Run: 508,626,378,752 bytes free
Post-Run: 523,693,432,832 bytes free
.
- - End Of File - - C6F16B6CA346D52322DACCC6FC4C9029

ComboFix.txt 24.01KB 104 downloads

#6
Condor124

Posted 02 February 2013 - 05:08 PM

Member

Topic Starter
Member
12 posts

TDSSKiller:
08:33:56.0567 6612 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:33:56.0805 6612 ============================================================
08:33:56.0806 6612 Current date / time: 2013/02/02 08:33:56.0805
08:33:56.0806 6612 SystemInfo:
08:33:56.0806 6612
08:33:56.0806 6612 OS Version: 6.1.7601 ServicePack: 1.0
08:33:56.0806 6612 Product type: Workstation
08:33:56.0806 6612 ComputerName: DELL_DESKTOP
08:33:56.0806 6612 UserName: John
08:33:56.0806 6612 Windows directory: C:\Windows
08:33:56.0806 6612 System windows directory: C:\Windows
08:33:56.0806 6612 Running under WOW64
08:33:56.0806 6612 Processor architecture: Intel x64
08:33:56.0806 6612 Number of processors: 8
08:33:56.0806 6612 Page size: 0x1000
08:33:56.0806 6612 Boot type: Normal boot
08:33:56.0806 6612 ============================================================
08:33:57.0797 6612 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:33:57.0820 6612 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:33:57.0825 6612 Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:33:57.0859 6612 ============================================================
08:33:57.0859 6612 \Device\Harddisk0\DR0:
08:33:57.0859 6612 MBR partitions:
08:33:57.0859 6612 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
08:33:57.0859 6612 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x55722000
08:33:57.0859 6612 \Device\Harddisk1\DR1:
08:33:57.0859 6612 MBR partitions:
08:33:57.0859 6612 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
08:33:57.0859 6612 \Device\Harddisk2\DR2:
08:33:57.0860 6612 MBR partitions:
08:33:57.0860 6612 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1200
08:33:57.0860 6612 ============================================================
08:33:57.0893 6612 C: <-> \Device\Harddisk0\DR0\Partition2
08:33:57.0922 6612 D: <-> \Device\Harddisk0\DR0\Partition1
08:33:57.0932 6612 F: <-> \Device\Harddisk2\DR2\Partition1
08:33:57.0958 6612 Z: <-> \Device\Harddisk1\DR1\Partition1
08:33:57.0958 6612 ============================================================
08:33:57.0958 6612 Initialize success
08:33:57.0958 6612 ============================================================
08:34:04.0331 1136 ============================================================
08:34:04.0331 1136 Scan started
08:34:04.0331 1136 Mode: Manual;
08:34:04.0331 1136 ============================================================
08:34:05.0089 1136 ================ Scan system memory ========================
08:34:05.0089 1136 System memory - ok
08:34:05.0090 1136 ================ Scan services =============================
08:34:05.0623 1136 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:34:05.0626 1136 1394ohci - ok
08:34:05.0665 1136 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
08:34:05.0666 1136 61883 - ok
08:34:05.0739 1136 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:34:05.0763 1136 ACPI - ok
08:34:05.0797 1136 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:34:05.0798 1136 AcpiPmi - ok
08:34:06.0006 1136 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:34:06.0008 1136 AdobeActiveFileMonitor9.0 - ok
08:34:06.0161 1136 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:34:06.0163 1136 AdobeARMservice - ok
08:34:06.0443 1136 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:34:06.0446 1136 AdobeFlashPlayerUpdateSvc - ok
08:34:06.0536 1136 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:34:06.0540 1136 adp94xx - ok
08:34:06.0557 1136 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:34:06.0560 1136 adpahci - ok
08:34:06.0571 1136 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:34:06.0573 1136 adpu320 - ok
08:34:06.0610 1136 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:34:06.0611 1136 AeLookupSvc - ok
08:34:06.0661 1136 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:34:06.0666 1136 AFD - ok
08:34:06.0697 1136 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:34:06.0698 1136 agp440 - ok
08:34:06.0728 1136 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:34:06.0729 1136 ALG - ok
08:34:06.0768 1136 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:34:06.0769 1136 aliide - ok
08:34:06.0811 1136 [ 54716D9BB43733578A5647E9B121141F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:34:06.0813 1136 AMD External Events Utility - ok
08:34:06.0826 1136 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:34:06.0827 1136 amdide - ok
08:34:06.0842 1136 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:34:06.0844 1136 AmdK8 - ok
08:34:07.0782 1136 [ 522A8BD1414CC7517FAEC907F138DB9C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:34:07.0845 1136 amdkmdag - ok
08:34:07.0856 1136 [ F712C26D40BF3CD2C020BB518E8150B1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:34:07.0857 1136 amdkmdap - ok
08:34:07.0869 1136 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:34:07.0871 1136 AmdPPM - ok
08:34:07.0913 1136 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:34:07.0915 1136 amdsata - ok
08:34:07.0925 1136 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:34:07.0927 1136 amdsbs - ok
08:34:07.0941 1136 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:34:07.0942 1136 amdxata - ok
08:34:07.0986 1136 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:34:07.0987 1136 AppID - ok
08:34:08.0027 1136 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:34:08.0028 1136 AppIDSvc - ok
08:34:08.0065 1136 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:34:08.0066 1136 Appinfo - ok
08:34:08.0167 1136 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:34:08.0168 1136 Apple Mobile Device - ok
08:34:08.0223 1136 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:34:08.0225 1136 AppMgmt - ok
08:34:08.0241 1136 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:34:08.0242 1136 arc - ok
08:34:08.0253 1136 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:34:08.0255 1136 arcsas - ok
08:34:08.0275 1136 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:34:08.0275 1136 AsyncMac - ok
08:34:08.0292 1136 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:34:08.0293 1136 atapi - ok
08:34:08.0373 1136 [ 522A8BD1414CC7517FAEC907F138DB9C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:34:08.0405 1136 atikmdag - ok
08:34:08.0452 1136 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:34:08.0458 1136 AudioEndpointBuilder - ok
08:34:08.0466 1136 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:34:08.0469 1136 AudioSrv - ok
08:34:08.0498 1136 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
08:34:08.0499 1136 Avc - ok
08:34:08.0533 1136 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:34:08.0535 1136 AxInstSV - ok
08:34:08.0567 1136 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:34:08.0572 1136 b06bdrv - ok
08:34:08.0611 1136 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:34:08.0614 1136 b57nd60a - ok
08:34:08.0663 1136 Backup Scheduler - ok
08:34:08.0757 1136 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:34:08.0759 1136 BBSvc - ok
08:34:08.0785 1136 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:34:08.0788 1136 BBUpdate - ok
08:34:08.0825 1136 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:34:08.0826 1136 BDESVC - ok
08:34:08.0832 1136 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:34:08.0833 1136 Beep - ok
08:34:08.0887 1136 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:34:08.0893 1136 BFE - ok
08:34:08.0937 1136 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
08:34:08.0945 1136 BITS - ok
08:34:08.0966 1136 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:34:08.0967 1136 blbdrive - ok
08:34:09.0059 1136 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:34:09.0063 1136 Bonjour Service - ok
08:34:09.0097 1136 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:34:09.0098 1136 bowser - ok
08:34:09.0113 1136 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:34:09.0114 1136 BrFiltLo - ok
08:34:09.0128 1136 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:34:09.0128 1136 BrFiltUp - ok
08:34:09.0139 1136 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:34:09.0141 1136 BridgeMP - ok
08:34:09.0175 1136 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:34:09.0177 1136 Browser - ok
08:34:09.0195 1136 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:34:09.0198 1136 Brserid - ok
08:34:09.0201 1136 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:34:09.0202 1136 BrSerWdm - ok
08:34:09.0216 1136 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:34:09.0216 1136 BrUsbMdm - ok
08:34:09.0227 1136 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:34:09.0228 1136 BrUsbSer - ok
08:34:09.0243 1136 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:34:09.0244 1136 BTHMODEM - ok
08:34:09.0280 1136 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:34:09.0281 1136 bthserv - ok
08:34:09.0284 1136 catchme - ok
08:34:09.0298 1136 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:34:09.0299 1136 cdfs - ok
08:34:09.0342 1136 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:34:09.0343 1136 cdrom - ok
08:34:09.0377 1136 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:34:09.0378 1136 CertPropSvc - ok
08:34:09.0403 1136 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:34:09.0404 1136 circlass - ok
08:34:09.0414 1136 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:34:09.0417 1136 CLFS - ok
08:34:09.0527 1136 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:34:09.0531 1136 clr_optimization_v2.0.50727_32 - ok
08:34:09.0608 1136 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:34:09.0610 1136 clr_optimization_v2.0.50727_64 - ok
08:34:09.0655 1136 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:34:09.0678 1136 clr_optimization_v4.0.30319_32 - ok
08:34:09.0705 1136 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:34:09.0707 1136 clr_optimization_v4.0.30319_64 - ok
08:34:09.0722 1136 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:34:09.0723 1136 CmBatt - ok
08:34:09.0732 1136 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:34:09.0733 1136 cmdide - ok
08:34:09.0769 1136 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:34:09.0773 1136 CNG - ok
08:34:09.0782 1136 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:34:09.0783 1136 Compbatt - ok
08:34:09.0820 1136 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:34:09.0820 1136 CompositeBus - ok
08:34:09.0835 1136 COMSysApp - ok
08:34:09.0852 1136 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:34:09.0853 1136 crcdisk - ok
08:34:09.0903 1136 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
08:34:09.0905 1136 Creative ALchemy AL6 Licensing Service - ok
08:34:09.0929 1136 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
08:34:09.0931 1136 Creative Audio Engine Licensing Service - ok
08:34:09.0965 1136 [ D03466C36EF0E5C7694FF38B45271D9D ] Creative Media Toolbox 6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
08:34:09.0966 1136 Creative Media Toolbox 6 Licensing Service - ok
08:34:10.0019 1136 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:34:10.0021 1136 CryptSvc - ok
08:34:10.0057 1136 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:34:10.0061 1136 CSC - ok
08:34:10.0133 1136 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:34:10.0140 1136 CscService - ok
08:34:10.0251 1136 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
08:34:10.0255 1136 CTAudSvcService - ok
08:34:10.0281 1136 [ 4F7AE5253AF9F99D2D145038B1751C05 ] DCDisk C:\Windows\system32\drivers\DCDisk.sys
08:34:10.0282 1136 DCDisk - ok
08:34:10.0317 1136 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:34:10.0322 1136 DcomLaunch - ok
08:34:10.0336 1136 [ 60CB17C60DED17373C35683A858FDAA7 ] dcsnap C:\Windows\system32\drivers\dcsnap.sys
08:34:10.0338 1136 dcsnap - ok
08:34:10.0384 1136 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:34:10.0387 1136 defragsvc - ok
08:34:10.0427 1136 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:34:10.0428 1136 DfsC - ok
08:34:10.0477 1136 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:34:10.0480 1136 Dhcp - ok
08:34:10.0491 1136 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:34:10.0492 1136 discache - ok
08:34:10.0516 1136 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:34:10.0517 1136 Disk - ok
08:34:10.0565 1136 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:34:10.0567 1136 Dnscache - ok
08:34:10.0603 1136 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:34:10.0606 1136 dot3svc - ok
08:34:10.0635 1136 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:34:10.0637 1136 DPS - ok
08:34:10.0666 1136 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:34:10.0667 1136 drmkaud - ok
08:34:10.0695 1136 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:34:10.0699 1136 DXGKrnl - ok
08:34:10.0743 1136 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:34:10.0744 1136 EapHost - ok
08:34:10.0916 1136 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:34:10.0953 1136 ebdrv - ok
08:34:10.0977 1136 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:34:10.0979 1136 EFS - ok
08:34:11.0027 1136 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:34:11.0033 1136 ehRecvr - ok
08:34:11.0066 1136 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:34:11.0067 1136 ehSched - ok
08:34:11.0103 1136 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:34:11.0108 1136 elxstor - ok
08:34:11.0124 1136 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:34:11.0125 1136 ErrDev - ok
08:34:11.0148 1136 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:34:11.0152 1136 EventSystem - ok
08:34:11.0175 1136 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:34:11.0177 1136 exfat - ok
08:34:11.0192 1136 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:34:11.0194 1136 fastfat - ok
08:34:11.0247 1136 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:34:11.0254 1136 Fax - ok
08:34:11.0268 1136 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:34:11.0269 1136 fdc - ok
08:34:11.0295 1136 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:34:11.0296 1136 fdPHost - ok
08:34:11.0307 1136 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:34:11.0308 1136 FDResPub - ok
08:34:11.0315 1136 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:34:11.0316 1136 FileInfo - ok
08:34:11.0327 1136 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:34:11.0328 1136 Filetrace - ok
08:34:11.0364 1136 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:34:11.0374 1136 FLEXnet Licensing Service - ok
08:34:11.0384 1136 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:34:11.0385 1136 flpydisk - ok
08:34:11.0423 1136 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:34:11.0425 1136 FltMgr - ok
08:34:11.0463 1136 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:34:11.0472 1136 FontCache - ok
08:34:11.0542 1136 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:34:11.0544 1136 FontCache3.0.0.0 - ok
08:34:11.0556 1136 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:34:11.0557 1136 FsDepends - ok
08:34:11.0582 1136 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:34:11.0583 1136 fssfltr - ok
08:34:11.0654 1136 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:34:11.0667 1136 fsssvc - ok
08:34:11.0695 1136 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:34:11.0696 1136 Fs_Rec - ok
08:34:11.0733 1136 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:34:11.0735 1136 fvevol - ok
08:34:11.0754 1136 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:34:11.0755 1136 gagp30kx - ok
08:34:11.0789 1136 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:34:11.0790 1136 GEARAspiWDM - ok
08:34:11.0830 1136 [ 9BA50351AF95C9DF28C8BCD382427D11 ] GenericMount C:\Windows\system32\DRIVERS\GenericMount.sys
08:34:11.0831 1136 GenericMount - ok
08:34:11.0976 1136 [ 9573DC01B6BAA0371ED4AFBAEBEE4DCC ] GenericMount Helper Service C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe
08:34:12.0005 1136 GenericMount Helper Service - ok
08:34:12.0078 1136 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
08:34:12.0080 1136 GoToAssist - ok
08:34:12.0129 1136 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:34:12.0136 1136 gpsvc - ok
08:34:12.0163 1136 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
08:34:12.0164 1136 grmnusb - ok
08:34:12.0263 1136 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:34:12.0264 1136 gupdate - ok
08:34:12.0279 1136 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:34:12.0279 1136 gupdatem - ok
08:34:12.0320 1136 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:34:12.0323 1136 gusvc - ok
08:34:12.0337 1136 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:34:12.0338 1136 hcw85cir - ok
08:34:12.0382 1136 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:34:12.0385 1136 HdAudAddService - ok
08:34:12.0426 1136 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:34:12.0427 1136 HDAudBus - ok
08:34:12.0442 1136 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:34:12.0443 1136 HidBatt - ok
08:34:12.0454 1136 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:34:12.0455 1136 HidBth - ok
08:34:12.0468 1136 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:34:12.0469 1136 HidIr - ok
08:34:12.0511 1136 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:34:12.0512 1136 hidserv - ok
08:34:12.0548 1136 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:34:12.0548 1136 HidUsb - ok
08:34:12.0569 1136 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:34:12.0571 1136 hkmsvc - ok
08:34:12.0617 1136 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:34:12.0620 1136 HomeGroupListener - ok
08:34:12.0654 1136 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:34:12.0657 1136 HomeGroupProvider - ok
08:34:12.0724 1136 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:34:12.0727 1136 hpqcxs08 - ok
08:34:12.0744 1136 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:34:12.0745 1136 hpqddsvc - ok
08:34:12.0761 1136 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:34:12.0762 1136 HpSAMD - ok
08:34:12.0833 1136 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:34:12.0842 1136 HPSLPSVC - ok
08:34:12.0881 1136 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:34:12.0887 1136 HTTP - ok
08:34:12.0928 1136 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:34:12.0928 1136 hwpolicy - ok
08:34:12.0962 1136 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:34:12.0964 1136 i8042prt - ok
08:34:12.0979 1136 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:34:12.0983 1136 iaStorV - ok
08:34:13.0018 1136 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:34:13.0026 1136 idsvc - ok
08:34:13.0049 1136 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:34:13.0050 1136 iirsp - ok
08:34:13.0077 1136 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:34:13.0084 1136 IKEEXT - ok
08:34:13.0098 1136 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:34:13.0099 1136 intelide - ok
08:34:13.0126 1136 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:34:13.0126 1136 intelppm - ok
08:34:13.0190 1136 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:34:13.0191 1136 IntuitUpdateServiceV4 - ok
08:34:13.0225 1136 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:34:13.0226 1136 IPBusEnum - ok
08:34:13.0265 1136 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:34:13.0267 1136 IpFilterDriver - ok
08:34:13.0308 1136 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:34:13.0313 1136 iphlpsvc - ok
08:34:13.0354 1136 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:34:13.0356 1136 IPMIDRV - ok
08:34:13.0372 1136 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:34:13.0374 1136 IPNAT - ok
08:34:13.0410 1136 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:34:13.0416 1136 iPod Service - ok
08:34:13.0467 1136 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda C:\Windows\system32\DRIVERS\irda.sys
08:34:13.0469 1136 irda - ok
08:34:13.0487 1136 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:34:13.0487 1136 IRENUM - ok
08:34:13.0495 1136 [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon C:\Windows\System32\irmon.dll
08:34:13.0496 1136 Irmon - ok
08:34:13.0534 1136 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:34:13.0535 1136 isapnp - ok
08:34:13.0576 1136 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:34:13.0579 1136 iScsiPrt - ok
08:34:13.0600 1136 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:34:13.0601 1136 kbdclass - ok
08:34:13.0652 1136 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:34:13.0653 1136 kbdhid - ok
08:34:13.0669 1136 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:34:13.0670 1136 KeyIso - ok
08:34:13.0706 1136 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:34:13.0708 1136 KSecDD - ok
08:34:13.0742 1136 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:34:13.0744 1136 KSecPkg - ok
08:34:13.0750 1136 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:34:13.0751 1136 ksthunk - ok
08:34:13.0788 1136 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:34:13.0792 1136 KtmRm - ok
08:34:13.0820 1136 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:34:13.0823 1136 LanmanServer - ok
08:34:13.0855 1136 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:34:13.0858 1136 LanmanWorkstation - ok
08:34:13.0970 1136 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:34:13.0973 1136 LBTServ - ok
08:34:14.0033 1136 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:34:14.0034 1136 LHidFilt - ok
08:34:14.0123 1136 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
08:34:14.0161 1136 LiveUpdate - ok
08:34:14.0180 1136 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:34:14.0181 1136 lltdio - ok
08:34:14.0212 1136 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:34:14.0216 1136 lltdsvc - ok
08:34:14.0230 1136 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:34:14.0231 1136 lmhosts - ok
08:34:14.0269 1136 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:34:14.0270 1136 LMouFilt - ok
08:34:14.0294 1136 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:34:14.0295 1136 LSI_FC - ok
08:34:14.0309 1136 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:34:14.0310 1136 LSI_SAS - ok
08:34:14.0324 1136 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:34:14.0325 1136 LSI_SAS2 - ok
08:34:14.0341 1136 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:34:14.0343 1136 LSI_SCSI - ok
08:34:14.0347 1136 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:34:14.0348 1136 luafv - ok
08:34:14.0396 1136 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:34:14.0396 1136 LVPr2M64 - ok
08:34:14.0399 1136 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:34:14.0399 1136 LVPr2Mon - ok
08:34:14.0420 1136 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
08:34:14.0422 1136 LVPrcS64 - ok
08:34:14.0476 1136 [ 224AB3850F573A419F921C41A15D7F5B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
08:34:14.0477 1136 LVRS64 - ok
08:34:14.0572 1136 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
08:34:14.0599 1136 LVUVC64 - ok
08:34:14.0633 1136 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:34:14.0635 1136 Mcx2Svc - ok
08:34:14.0642 1136 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:34:14.0643 1136 megasas - ok
08:34:14.0659 1136 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:34:14.0661 1136 MegaSR - ok
08:34:14.0708 1136 Microsoft SharePoint Workspace Audit Service - ok
08:34:14.0728 1136 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:34:14.0730 1136 MMCSS - ok
08:34:14.0733 1136 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:34:14.0733 1136 Modem - ok
08:34:14.0764 1136 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:34:14.0765 1136 monitor - ok
08:34:14.0790 1136 [ 54F44C3A4F6C1C4D00D4157FBD531EB1 ] MosIrUsb C:\Windows\system32\DRIVERS\MosIrUsb.sys
08:34:14.0791 1136 MosIrUsb - ok
08:34:14.0829 1136 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:34:14.0830 1136 mouclass - ok
08:34:14.0846 1136 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:34:14.0847 1136 mouhid - ok
08:34:14.0887 1136 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:34:14.0888 1136 mountmgr - ok
08:34:14.0920 1136 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:34:14.0922 1136 mpio - ok
08:34:14.0941 1136 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:34:14.0943 1136 mpsdrv - ok
08:34:14.0989 1136 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:34:14.0997 1136 MpsSvc - ok
08:34:15.0035 1136 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:34:15.0037 1136 MRxDAV - ok
08:34:15.0074 1136 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:34:15.0076 1136 mrxsmb - ok
08:34:15.0097 1136 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:34:15.0100 1136 mrxsmb10 - ok
08:34:15.0104 1136 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:34:15.0106 1136 mrxsmb20 - ok
08:34:15.0120 1136 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:34:15.0120 1136 msahci - ok
08:34:15.0153 1136 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:34:15.0155 1136 msdsm - ok
08:34:15.0174 1136 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:34:15.0176 1136 MSDTC - ok
08:34:15.0215 1136 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
08:34:15.0216 1136 MSDV - ok
08:34:15.0226 1136 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:34:15.0227 1136 Msfs - ok
08:34:15.0251 1136 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:34:15.0252 1136 mshidkmdf - ok
08:34:15.0284 1136 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:34:15.0284 1136 msisadrv - ok
08:34:15.0316 1136 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:34:15.0319 1136 MSiSCSI - ok
08:34:15.0322 1136 msiserver - ok
08:34:15.0337 1136 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:34:15.0337 1136 MSKSSRV - ok
08:34:15.0350 1136 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:34:15.0350 1136 MSPCLOCK - ok
08:34:15.0358 1136 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:34:15.0358 1136 MSPQM - ok
08:34:15.0403 1136 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:34:15.0406 1136 MsRPC - ok
08:34:15.0419 1136 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:34:15.0419 1136 mssmbios - ok
08:34:15.0432 1136 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:34:15.0433 1136 MSTEE - ok
08:34:15.0442 1136 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:34:15.0442 1136 MTConfig - ok
08:34:15.0453 1136 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:34:15.0454 1136 Mup - ok
08:34:15.0497 1136 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:34:15.0501 1136 napagent - ok
08:34:15.0514 1136 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:34:15.0517 1136 NativeWifiP - ok
08:34:15.0568 1136 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:34:15.0576 1136 NDIS - ok
08:34:15.0589 1136 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:34:15.0590 1136 NdisCap - ok
08:34:15.0609 1136 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:34:15.0610 1136 NdisTapi - ok
08:34:15.0648 1136 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:34:15.0649 1136 Ndisuio - ok
08:34:15.0686 1136 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:34:15.0687 1136 NdisWan - ok
08:34:15.0720 1136 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:34:15.0721 1136 NDProxy - ok
08:34:15.0760 1136 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:34:15.0761 1136 Net Driver HPZ12 - ok
08:34:15.0775 1136 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:34:15.0775 1136 NetBIOS - ok
08:34:15.0806 1136 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:34:15.0809 1136 NetBT - ok
08:34:15.0820 1136 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:34:15.0821 1136 Netlogon - ok
08:34:15.0869 1136 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:34:15.0873 1136 Netman - ok
08:34:15.0884 1136 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:34:15.0889 1136 netprofm - ok
08:34:15.0920 1136 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
08:34:15.0929 1136 netr28ux - ok
08:34:15.0957 1136 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:34:15.0959 1136 NetTcpPortSharing - ok
08:34:15.0996 1136 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:34:15.0997 1136 nfrd960 - ok
08:34:16.0013 1136 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:34:16.0016 1136 NlaSvc - ok
08:34:16.0128 1136 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
08:34:16.0195 1136 Norton Ghost - ok
08:34:16.0215 1136 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:34:16.0216 1136 Npfs - ok
08:34:16.0246 1136 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:34:16.0247 1136 nsi - ok
08:34:16.0259 1136 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:34:16.0260 1136 nsiproxy - ok
08:34:16.0317 1136 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:34:16.0332 1136 Ntfs - ok
08:34:16.0345 1136 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:34:16.0346 1136 Null - ok
08:34:16.0391 1136 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:34:16.0392 1136 nvraid - ok
08:34:16.0407 1136 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:34:16.0409 1136 nvstor - ok
08:34:16.0450 1136 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:34:16.0451 1136 nv_agp - ok
08:34:16.0515 1136 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:34:16.0519 1136 odserv - ok
08:34:16.0543 1136 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:34:16.0544 1136 ohci1394 - ok
08:34:16.0567 1136 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:34:16.0570 1136 ose - ok
08:34:16.0737 1136 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:34:16.0791 1136 osppsvc - ok
08:34:16.0832 1136 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:34:16.0835 1136 p2pimsvc - ok
08:34:16.0893 1136 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:34:16.0918 1136 p2psvc - ok
08:34:16.0934 1136 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:34:16.0935 1136 Parport - ok
08:34:16.0968 1136 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:34:16.0969 1136 partmgr - ok
08:34:16.0977 1136 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:34:16.0980 1136 PcaSvc - ok
08:34:17.0016 1136 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:34:17.0017 1136 pci - ok
08:34:17.0025 1136 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:34:17.0026 1136 pciide - ok
08:34:17.0040 1136 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:34:17.0043 1136 pcmcia - ok
08:34:17.0054 1136 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:34:17.0055 1136 pcw - ok
08:34:17.0074 1136 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:34:17.0079 1136 PEAUTH - ok
08:34:17.0131 1136 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:34:17.0143 1136 PeerDistSvc - ok
08:34:17.0238 1136 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:34:17.0239 1136 PerfHost - ok
08:34:17.0325 1136 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:34:17.0337 1136 pla - ok
08:34:17.0374 1136 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:34:17.0378 1136 PlugPlay - ok
08:34:17.0393 1136 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:34:17.0394 1136 Pml Driver HPZ12 - ok
08:34:17.0405 1136 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:34:17.0407 1136 PNRPAutoReg - ok
08:34:17.0412 1136 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:34:17.0414 1136 PNRPsvc - ok
08:34:17.0452 1136 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:34:17.0457 1136 PolicyAgent - ok
08:34:17.0496 1136 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:34:17.0498 1136 Power - ok
08:34:17.0539 1136 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:34:17.0541 1136 PptpMiniport - ok
08:34:17.0556 1136 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:34:17.0557 1136 Processor - ok
08:34:17.0589 1136 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:34:17.0592 1136 ProfSvc - ok
08:34:17.0603 1136 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:34:17.0604 1136 ProtectedStorage - ok
08:34:17.0646 1136 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:34:17.0647 1136 Psched - ok
08:34:17.0669 1136 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:34:17.0670 1136 PxHlpa64 - ok
08:34:17.0725 1136 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:34:17.0738 1136 ql2300 - ok
08:34:17.0759 1136 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:34:17.0761 1136 ql40xx - ok
08:34:17.0793 1136 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:34:17.0796 1136 QWAVE - ok
08:34:17.0805 1136 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:34:17.0806 1136 QWAVEdrv - ok
08:34:17.0896 1136 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
08:34:17.0898 1136 RapiMgr - ok
08:34:17.0914 1136 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:34:17.0915 1136 RasAcd - ok
08:34:17.0953 1136 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:34:17.0954 1136 RasAgileVpn - ok
08:34:17.0986 1136 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:34:17.0988 1136 RasAuto - ok
08:34:18.0023 1136 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:34:18.0024 1136 Rasl2tp - ok
08:34:18.0070 1136 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:34:18.0074 1136 RasMan - ok
08:34:18.0096 1136 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:34:18.0097 1136 RasPppoe - ok
08:34:18.0111 1136 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:34:18.0112 1136 RasSstp - ok
08:34:18.0123 1136 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:34:18.0126 1136 rdbss - ok
08:34:18.0132 1136 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:34:18.0132 1136 rdpbus - ok
08:34:18.0142 1136 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:34:18.0142 1136 RDPCDD - ok
08:34:18.0199 1136 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:34:18.0201 1136 RDPDR - ok
08:34:18.0226 1136 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:34:18.0227 1136 RDPENCDD - ok
08:34:18.0230 1136 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:34:18.0231 1136 RDPREFMP - ok
08:34:18.0304 1136 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:34:18.0320 1136 RdpVideoMiniport - ok
08:34:18.0412 1136 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:34:18.0414 1136 RDPWD - ok
08:34:18.0448 1136 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:34:18.0450 1136 rdyboost - ok
08:34:18.0492 1136 [ AE93D43564B0F5A565492BB06C69CDF3 ] Real time Backup Loader C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\Fsloader.exe
08:34:18.0493 1136 Real time Backup Loader - ok
08:34:18.0530 1136 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:34:18.0532 1136 RemoteAccess - ok
08:34:18.0547 1136 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:34:18.0549 1136 RemoteRegistry - ok
08:34:18.0632 1136 [ 7F7CA7DEEB68E68FD67870E9A5EC33E2 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
08:34:18.0645 1136 RosettaStoneDaemon - ok
08:34:18.0657 1136 Roxio UPnP Renderer 11 - ok
08:34:18.0685 1136 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:34:18.0686 1136 RpcEptMapper - ok
08:34:18.0718 1136 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:34:18.0719 1136 RpcLocator - ok
08:34:18.0750 1136 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
08:34:18.0753 1136 RpcSs - ok
08:34:18.0765 1136 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:34:18.0766 1136 rspndr - ok
08:34:18.0811 1136 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:34:18.0813 1136 RTL8167 - ok
08:34:18.0848 1136 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:34:18.0849 1136 s3cap - ok
08:34:18.0861 1136 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:34:18.0862 1136 SamSs - ok
08:34:18.0896 1136 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:34:18.0898 1136 sbp2port - ok
08:34:18.0911 1136 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:34:18.0914 1136 SCardSvr - ok
08:34:18.0943 1136 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:34:18.0944 1136 scfilter - ok
08:34:19.0001 1136 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:34:19.0011 1136 Schedule - ok
08:34:19.0028 1136 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:34:19.0029 1136 SCPolicySvc - ok
08:34:19.0045 1136 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:34:19.0047 1136 SDRSVC - ok
08:34:19.0076 1136 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:34:19.0077 1136 secdrv - ok
08:34:19.0111 1136 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:34:19.0113 1136 seclogon - ok
08:34:19.0158 1136 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:34:19.0160 1136 SENS - ok
08:34:19.0167 1136 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:34:19.0169 1136 SensrSvc - ok
08:34:19.0184 1136 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:34:19.0185 1136 Serenum - ok
08:34:19.0198 1136 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:34:19.0199 1136 Serial - ok
08:34:19.0230 1136 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:34:19.0231 1136 sermouse - ok
08:34:19.0275 1136 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:34:19.0277 1136 SessionEnv - ok
08:34:19.0310 1136 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:34:19.0311 1136 sffdisk - ok
08:34:19.0322 1136 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:34:19.0323 1136 sffp_mmc - ok
08:34:19.0334 1136 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:34:19.0335 1136 sffp_sd - ok
08:34:19.0351 1136 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:34:19.0352 1136 sfloppy - ok
08:34:19.0387 1136 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:34:19.0390 1136 SharedAccess - ok
08:34:19.0434 1136 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:34:19.0438 1136 ShellHWDetection - ok
08:34:19.0454 1136 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:34:19.0458 1136 SiSRaid2 - ok
08:34:19.0470 1136 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:34:19.0471 1136 SiSRaid4 - ok
08:34:19.0547 1136 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:34:19.0549 1136 SkypeUpdate - ok
08:34:19.0569 1136 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:34:19.0571 1136 Smb - ok
08:34:19.0610 1136 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:34:19.0612 1136 SNMPTRAP - ok
08:34:19.0622 1136 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:34:19.0623 1136 spldr - ok
08:34:19.0658 1136 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:34:19.0663 1136 Spooler - ok
08:34:19.0824 1136 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:34:19.0853 1136 sppsvc - ok
08:34:19.0869 1136 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:34:19.0871 1136 sppuinotify - ok
08:34:19.0906 1136 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
08:34:19.0906 1136 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
08:34:19.0908 1136 sptd ( LockedFile.Multi.Generic ) - warning
08:34:19.0908 1136 sptd - detected LockedFile.Multi.Generic (1)
08:34:19.0949 1136 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:34:19.0954 1136 srv - ok
08:34:19.0996 1136 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:34:19.0999 1136 srv2 - ok
08:34:20.0011 1136 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:34:20.0013 1136 srvnet - ok
08:34:20.0037 1136 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:34:20.0040 1136 SSDPSRV - ok
08:34:20.0071 1136 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:34:20.0073 1136 SstpSvc - ok
08:34:20.0088 1136 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:34:20.0089 1136 stexstor - ok
08:34:20.0109 1136 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:34:20.0110 1136 StillCam - ok
08:34:20.0145 1136 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:34:20.0151 1136 stisvc - ok
08:34:20.0190 1136 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:34:20.0191 1136 storflt - ok
08:34:20.0205 1136 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:34:20.0206 1136 storvsc - ok
08:34:20.0237 1136 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:34:20.0237 1136 swenum - ok
08:34:20.0248 1136 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:34:20.0253 1136 swprv - ok
08:34:20.0263 1136 Symantec SymSnap VSS Provider - ok
08:34:20.0300 1136 [ 2D9B2746F7DEA46D1572B84A06311566 ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
08:34:20.0303 1136 symsnap - ok
08:34:20.0673 1136 [ EA1A479651CA2E0409C29D586C91901D ] SymSnapService C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
08:34:20.0697 1136 SymSnapService - ok
08:34:20.0712 1136 Synth3dVsc - ok
08:34:20.0782 1136 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:34:20.0797 1136 SysMain - ok
08:34:20.0859 1136 [ 6B153E518DBE6EF59191152E1ECF7ED4 ] t3 C:\Windows\system32\drivers\t3.sys
08:34:20.0862 1136 t3 - ok
08:34:20.0895 1136 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:34:20.0897 1136 TabletInputService - ok
08:34:20.0931 1136 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:34:20.0935 1136 TapiSrv - ok
08:34:20.0976 1136 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:34:20.0977 1136 TBS - ok
08:34:21.0100 1136 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:34:21.0116 1136 Tcpip - ok
08:34:21.0140 1136 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:34:21.0148 1136 TCPIP6 - ok
08:34:21.0185 1136 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:34:21.0186 1136 tcpipreg - ok
08:34:21.0216 1136 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:34:21.0217 1136 TDPIPE - ok
08:34:21.0252 1136 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:34:21.0253 1136 TDTCP - ok
08:34:21.0291 1136 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:34:21.0293 1136 tdx - ok
08:34:21.0330 1136 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:34:21.0330 1136 TermDD - ok
08:34:21.0388 1136 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:34:21.0395 1136 TermService - ok
08:34:21.0407 1136 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:34:21.0408 1136 Themes - ok
08:34:21.0436 1136 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:34:21.0437 1136 THREADORDER - ok
08:34:21.0480 1136 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
08:34:21.0481 1136 tmlwf - ok
08:34:21.0490 1136 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:34:21.0492 1136 TrkWks - ok
08:34:21.0563 1136 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:34:21.0565 1136 TrustedInstaller - ok
08:34:21.0595 1136 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:34:21.0596 1136 tssecsrv - ok
08:34:21.0625 1136 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:34:21.0626 1136 TsUsbFlt - ok
08:34:21.0629 1136 tsusbhub - ok
08:34:21.0675 1136 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:34:21.0677 1136 tunnel - ok
08:34:21.0691 1136 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:34:21.0693 1136 uagp35 - ok
08:34:21.0726 1136 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:34:21.0730 1136 udfs - ok
08:34:21.0769 1136 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:34:21.0770 1136 UI0Detect - ok
08:34:21.0799 1136 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:34:21.0801 1136 uliagpkx - ok
08:34:21.0835 1136 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:34:21.0836 1136 umbus - ok
08:34:21.0855 1136 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:34:21.0856 1136 UmPass - ok
08:34:21.0874 1136 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:34:21.0877 1136 UmRdpService - ok
08:34:21.0889 1136 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:34:21.0893 1136 upnphost - ok
08:34:21.0934 1136 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:34:21.0936 1136 USBAAPL64 - ok
08:34:21.0985 1136 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:34:21.0986 1136 usbaudio - ok
08:34:21.0994 1136 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:34:21.0996 1136 usbccgp - ok
08:34:22.0040 1136 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:34:22.0041 1136 usbcir - ok
08:34:22.0054 1136 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:34:22.0055 1136 usbehci - ok
08:34:22.0129 1136 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:34:22.0133 1136 usbhub - ok
08:34:22.0168 1136 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:34:22.0169 1136 usbohci - ok
08:34:22.0184 1136 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:34:22.0185 1136 usbprint - ok
08:34:22.0200 1136 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
08:34:22.0200 1136 usbser - ok
08:34:22.0218 1136 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:34:22.0219 1136 USBSTOR - ok
08:34:22.0255 1136 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:34:22.0255 1136 usbuhci - ok
08:34:22.0280 1136 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:34:22.0283 1136 usbvideo - ok
08:34:22.0286 1136 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:34:22.0287 1136 UxSms - ok
08:34:22.0303 1136 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:34:22.0303 1136 VaultSvc - ok
08:34:22.0309 1136 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:34:22.0310 1136 vdrvroot - ok
08:34:22.0364 1136 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:34:22.0369 1136 vds - ok
08:34:22.0389 1136 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:34:22.0390 1136 vga - ok
08:34:22.0400 1136 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:34:22.0401 1136 VgaSave - ok
08:34:22.0403 1136 VGPU - ok
08:34:22.0408 1136 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:34:22.0410 1136 vhdmp - ok
08:34:22.0419 1136 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:34:22.0419 1136 viaide - ok
08:34:22.0435 1136 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:34:22.0437 1136 vmbus - ok
08:34:22.0451 1136 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:34:22.0451 1136 VMBusHID - ok
08:34:22.0459 1136 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:34:22.0460 1136 volmgr - ok
08:34:22.0497 1136 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:34:22.0501 1136 volmgrx - ok
08:34:22.0532 1136 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:34:22.0534 1136 volsnap - ok
08:34:22.0550 1136 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
08:34:22.0551 1136 vpcbus - ok
08:34:22.0580 1136 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
08:34:22.0581 1136 vpcnfltr - ok
08:34:22.0590 1136 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
08:34:22.0591 1136 vpcusb - ok
08:34:22.0621 1136 [ 63F4E10873BEB4124028C6D1A66B0968 ] vpcuxd C:\Windows\system32\drivers\vpcuxd.sys
08:34:22.0621 1136 vpcuxd - ok
08:34:22.0662 1136 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
08:34:22.0663 1136 vpcvmm - ok
08:34:22.0704 1136 [ 8B7454930230DB4BC4BA35A467BE09AA ] VPROEVENTMONITOR C:\Windows\system32\drivers\VProEventMonitor.sys
08:34:22.0704 1136 VPROEVENTMONITOR - ok
08:34:22.0779 1136 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:34:22.0781 1136 vsmraid - ok
08:34:22.0840 1136 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:34:22.0854 1136 VSS - ok
08:34:22.0871 1136 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:34:22.0871 1136 vwifibus - ok
08:34:22.0893 1136 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:34:22.0894 1136 vwififlt - ok
08:34:22.0934 1136 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:34:22.0938 1136 W32Time - ok
08:34:22.0953 1136 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:34:22.0955 1136 WacomPen - ok
08:34:22.0982 1136 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:34:22.0984 1136 WANARP - ok
08:34:22.0987 1136 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:34:22.0987 1136 Wanarpv6 - ok
08:34:23.0039 1136 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:34:23.0049 1136 WatAdminSvc - ok
08:34:23.0099 1136 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:34:23.0112 1136 wbengine - ok
08:34:23.0124 1136 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:34:23.0127 1136 WbioSrvc - ok
08:34:23.0165 1136 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
08:34:23.0169 1136 WcesComm - ok
08:34:23.0199 1136 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:34:23.0204 1136 wcncsvc - ok
08:34:23.0218 1136 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:34:23.0219 1136 WcsPlugInService - ok
08:34:23.0230 1136 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:34:23.0231 1136 Wd - ok
08:34:23.0272 1136 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:34:23.0279 1136 Wdf01000 - ok
08:34:23.0294 1136 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:34:23.0296 1136 WdiServiceHost - ok
08:34:23.0299 1136 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:34:23.0300 1136 WdiSystemHost - ok
08:34:23.0330 1136 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:34:23.0333 1136 WebClient - ok
08:34:23.0343 1136 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:34:23.0346 1136 Wecsvc - ok
08:34:23.0354 1136 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:34:23.0356 1136 wercplsupport - ok
08:34:23.0376 1136 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:34:23.0378 1136 WerSvc - ok
08:34:23.0384 1136 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:34:23.0385 1136 WfpLwf - ok
08:34:23.0426 1136 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:34:23.0428 1136 WimFltr - ok
08:34:23.0443 1136 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:34:23.0443 1136 WIMMount - ok
08:34:23.0463 1136 WinDefend - ok
08:34:23.0466 1136 WinHttpAutoProxySvc - ok
08:34:23.0568 1136 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:34:23.0571 1136 Winmgmt - ok
08:34:23.0626 1136 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:34:23.0662 1136 WinRM - ok
08:34:23.0724 1136 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:34:23.0725 1136 WinUsb - ok
08:34:23.0781 1136 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:34:23.0789 1136 Wlansvc - ok
08:34:23.0897 1136 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:34:23.0898 1136 wlcrasvc - ok
08:34:24.0042 1136 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:34:24.0069 1136 wlidsvc - ok
08:34:24.0131 1136 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:34:24.0131 1136 WmiAcpi - ok
08:34:24.0205 1136 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:34:24.0207 1136 wmiApSrv - ok
08:34:24.0224 1136 WMPNetworkSvc - ok
08:34:24.0232 1136 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:34:24.0233 1136 WPCSvc - ok
08:34:24.0262 1136 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:34:24.0265 1136 WPDBusEnum - ok
08:34:24.0271 1136 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:34:24.0271 1136 ws2ifsl - ok
08:34:24.0284 1136 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:34:24.0286 1136 wscsvc - ok
08:34:24.0288 1136 WSearch - ok
08:34:24.0520 1136 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:34:24.0541 1136 wuauserv - ok
08:34:24.0580 1136 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:34:24.0581 1136 WudfPf - ok
08:34:24.0608 1136 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:34:24.0610 1136 WUDFRd - ok
08:34:24.0651 1136 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:34:24.0653 1136 wudfsvc - ok
08:34:24.0696 1136 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:34:24.0699 1136 WwanSvc - ok
08:34:24.0713 1136 ================ Scan global ===============================
08:34:24.0746 1136 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:34:24.0776 1136 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
08:34:24.0783 1136 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
08:34:24.0817 1136 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:34:24.0877 1136 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:34:24.0881 1136 [Global] - ok
08:34:24.0882 1136 ================ Scan MBR ==================================
08:34:24.0897 1136 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:34:25.0447 1136 \Device\Harddisk0\DR0 - ok
08:34:25.0465 1136 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:34:25.0468 1136 \Device\Harddisk1\DR1 - ok
08:34:25.0478 1136 [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk2\DR2
08:34:27.0277 1136 \Device\Harddisk2\DR2 - ok
08:34:27.0278 1136 ================ Scan VBR ==================================
08:34:27.0290 1136 [ CDF879E8BFF9E481EAFFB54A1CB0D506 ] \Device\Harddisk0\DR0\Partition1
08:34:27.0293 1136 \Device\Harddisk0\DR0\Partition1 - ok
08:34:27.0317 1136 [ 3D81F03F44109C7CBDF3D3C801DBFA7F ] \Device\Harddisk0\DR0\Partition2
08:34:27.0319 1136 \Device\Harddisk0\DR0\Partition2 - ok
08:34:27.0321 1136 [ FE2EC47103871C8C4CB9B92B09F993A7 ] \Device\Harddisk1\DR1\Partition1
08:34:27.0323 1136 \Device\Harddisk1\DR1\Partition1 - ok
08:34:27.0325 1136 [ 0ECD9924DC6562461D0236A4941C63D4 ] \Device\Harddisk2\DR2\Partition1
08:34:27.0328 1136 \Device\Harddisk2\DR2\Partition1 - ok
08:34:27.0328 1136 ============================================================
08:34:27.0328 1136 Scan finished
08:34:27.0328 1136 ============================================================
08:34:27.0335 6608 Detected object count: 1
08:34:27.0335 6608 Actual detected object count: 1
08:34:58.0623 6608 sptd ( LockedFile.Multi.Generic ) - skipped by user
08:34:58.0623 6608 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
08:36:34.0341 4364 ============================================================
08:36:34.0341 4364 Scan started
08:36:34.0341 4364 Mode: Manual;
08:36:34.0341 4364 ============================================================
08:36:35.0046 4364 ================ Scan system memory ========================
08:36:35.0046 4364 System memory - ok
08:36:35.0047 4364 ================ Scan services =============================
08:36:35.0223 4364 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:36:35.0224 4364 1394ohci - ok
08:36:35.0248 4364 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
08:36:35.0248 4364 61883 - ok
08:36:35.0339 4364 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:36:35.0340 4364 ACPI - ok
08:36:35.0380 4364 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:36:35.0380 4364 AcpiPmi - ok
08:36:35.0572 4364 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:36:35.0573 4364 AdobeActiveFileMonitor9.0 - ok
08:36:35.0736 4364 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:36:35.0736 4364 AdobeARMservice - ok
08:36:35.0968 4364 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:36:35.0969 4364 AdobeFlashPlayerUpdateSvc - ok
08:36:36.0135 4364 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:36:36.0137 4364 adp94xx - ok
08:36:36.0198 4364 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:36:36.0200 4364 adpahci - ok
08:36:36.0220 4364 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:36:36.0221 4364 adpu320 - ok
08:36:36.0260 4364 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:36:36.0260 4364 AeLookupSvc - ok
08:36:36.0411 4364 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:36:36.0413 4364 AFD - ok
08:36:36.0446 4364 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:36:36.0446 4364 agp440 - ok
08:36:36.0461 4364 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:36:36.0462 4364 ALG - ok
08:36:36.0476 4364 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:36:36.0476 4364 aliide - ok
08:36:36.0493 4364 [ 54716D9BB43733578A5647E9B121141F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:36:36.0494 4364 AMD External Events Utility - ok
08:36:36.0509 4364 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:36:36.0509 4364 amdide - ok
08:36:36.0517 4364 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:36:36.0517 4364 AmdK8 - ok
08:36:36.0647 4364 [ 522A8BD1414CC7517FAEC907F138DB9C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:36:36.0679 4364 amdkmdag - ok
08:36:36.0697 4364 [ F712C26D40BF3CD2C020BB518E8150B1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:36:36.0698 4364 amdkmdap - ok
08:36:36.0711 4364 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:36:36.0711 4364 AmdPPM - ok
08:36:36.0746 4364 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:36:36.0746 4364 amdsata - ok
08:36:36.0757 4364 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:36:36.0758 4364 amdsbs - ok
08:36:36.0774 4364 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:36:36.0774 4364 amdxata - ok
08:36:36.0802 4364 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:36:36.0802 4364 AppID - ok
08:36:36.0818 4364 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:36:36.0818 4364 AppIDSvc - ok
08:36:36.0856 4364 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:36:36.0856 4364 Appinfo - ok
08:36:36.0942 4364 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:36:36.0942 4364 Apple Mobile Device - ok
08:36:36.0989 4364 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:36:36.0990 4364 AppMgmt - ok
08:36:37.0007 4364 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:36:37.0007 4364 arc - ok
08:36:37.0019 4364 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:36:37.0020 4364 arcsas - ok
08:36:37.0032 4364 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:36:37.0033 4364 AsyncMac - ok
08:36:37.0036 4364 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:36:37.0036 4364 atapi - ok
08:36:37.0156 4364 [ 522A8BD1414CC7517FAEC907F138DB9C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:36:37.0188 4364 atikmdag - ok
08:36:37.0235 4364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:36:37.0238 4364 AudioEndpointBuilder - ok
08:36:37.0246 4364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:36:37.0249 4364 AudioSrv - ok
08:36:37.0281 4364 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
08:36:37.0282 4364 Avc - ok
08:36:37.0341 4364 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:36:37.0342 4364 AxInstSV - ok
08:36:37.0475 4364 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:36:37.0477 4364 b06bdrv - ok
08:36:37.0494 4364 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:36:37.0495 4364 b57nd60a - ok
08:36:37.0579 4364 Backup Scheduler - ok
08:36:37.0732 4364 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:36:37.0732 4364 BBSvc - ok
08:36:37.0776 4364 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:36:37.0777 4364 BBUpdate - ok
08:36:37.0824 4364 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:36:37.0825 4364 BDESVC - ok
08:36:37.0832 4364 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:36:37.0832 4364 Beep - ok
08:36:37.0895 4364 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:36:37.0898 4364 BFE - ok
08:36:37.0987 4364 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
08:36:37.0991 4364 BITS - ok
08:36:38.0007 4364 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:36:38.0008 4364 blbdrive - ok
08:36:38.0100 4364 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:36:38.0102 4364 Bonjour Service - ok
08:36:38.0146 4364 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:36:38.0147 4364 bowser - ok
08:36:38.0163 4364 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:36:38.0163 4364 BrFiltLo - ok
08:36:38.0177 4364 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:36:38.0177 4364 BrFiltUp - ok
08:36:38.0197 4364 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:36:38.0198 4364 BridgeMP - ok
08:36:38.0250 4364 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:36:38.0250 4364 Browser - ok
08:36:38.0278 4364 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:36:38.0279 4364 Brserid - ok
08:36:38.0294 4364 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:36:38.0295 4364 BrSerWdm - ok
08:36:38.0315 4364 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:36:38.0315 4364 BrUsbMdm - ok
08:36:38.0335 4364 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:36:38.0335 4364 BrUsbSer - ok
08:36:38.0359 4364 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:36:38.0359 4364 BTHMODEM - ok
08:36:38.0404 4364 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:36:38.0405 4364 bthserv - ok
08:36:38.0407 4364 catchme - ok
08:36:38.0431 4364 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:36:38.0431 4364 cdfs - ok
08:36:38.0549 4364 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:36:38.0550 4364 cdrom - ok
08:36:38.0593 4364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:36:38.0593 4364 CertPropSvc - ok
08:36:38.0611 4364 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:36:38.0611 4364 circlass - ok
08:36:38.0672 4364 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:36:38.0673 4364 CLFS - ok
08:36:38.0860 4364 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:36:38.0861 4364 clr_optimization_v2.0.50727_32 - ok
08:36:38.0958 4364 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:36:38.0958 4364 clr_optimization_v2.0.50727_64 - ok
08:36:39.0038 4364 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:36:39.0039 4364 clr_optimization_v4.0.30319_32 - ok
08:36:39.0072 4364 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:36:39.0072 4364 clr_optimization_v4.0.30319_64 - ok
08:36:39.0088 4364 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:36:39.0089 4364 CmBatt - ok
08:36:39.0106 4364 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:36:39.0107 4364 cmdide - ok
08:36:39.0168 4364 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:36:39.0170 4364 CNG - ok
08:36:39.0182 4364 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:36:39.0182 4364 Compbatt - ok
08:36:39.0219 4364 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:36:39.0220 4364 CompositeBus - ok
08:36:39.0222 4364 COMSysApp - ok
08:36:39.0243 4364 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:36:39.0243 4364 crcdisk - ok
08:36:39.0335 4364 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
08:36:39.0336 4364 Creative ALchemy AL6 Licensing Service - ok
08:36:39.0387 4364 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
08:36:39.0388 4364 Creative Audio Engine Licensing Service - ok
08:36:39.0448 4364 [ D03466C36EF0E5C7694FF38B45271D9D ] Creative Media Toolbox 6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
08:36:39.0448 4364 Creative Media Toolbox 6 Licensing Service - ok
08:36:39.0502 4364 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:36:39.0503 4364 CryptSvc - ok
08:36:39.0556 4364 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:36:39.0558 4364 CSC - ok
08:36:39.0633 4364 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:36:39.0636 4364 CscService - ok
08:36:39.0767 4364 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
08:36:39.0769 4364 CTAudSvcService - ok
08:36:39.0822 4364 [ 4F7AE5253AF9F99D2D145038B1751C05 ] DCDisk C:\Windows\system32\drivers\DCDisk.sys
08:36:39.0823 4364 DCDisk - ok
08:36:39.0874 4364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:36:39.0877 4364 DcomLaunch - ok
08:36:39.0902 4364 [ 60CB17C60DED17373C35683A858FDAA7 ] dcsnap C:\Windows\system32\drivers\dcsnap.sys
08:36:39.0903 4364 dcsnap - ok
08:36:39.0958 4364 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:36:39.0959 4364 defragsvc - ok
08:36:40.0010 4364 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:36:40.0010 4364 DfsC - ok
08:36:40.0051 4364 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:36:40.0053 4364 Dhcp - ok
08:36:40.0107 4364 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:36:40.0108 4364 discache - ok
08:36:40.0140 4364 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:36:40.0141 4364 Disk - ok
08:36:40.0181 4364 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:36:40.0182 4364 Dnscache - ok
08:36:40.0235 4364 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:36:40.0237 4364 dot3svc - ok
08:36:40.0284 4364 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:36:40.0285 4364 DPS - ok
08:36:40.0341 4364 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:36:40.0341 4364 drmkaud - ok
08:36:40.0420 4364 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:36:40.0424 4364 DXGKrnl - ok
08:36:40.0459 4364 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:36:40.0460 4364 EapHost - ok
08:36:40.0915 4364 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:36:40.0928 4364 ebdrv - ok
08:36:40.0960 4364 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:36:40.0961 4364 EFS - ok
08:36:41.0084 4364 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:36:41.0087 4364 ehRecvr - ok
08:36:41.0124 4364 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:36:41.0124 4364 ehSched - ok
08:36:41.0285 4364 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:36:41.0288 4364 elxstor - ok
08:36:41.0307 4364 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:36:41.0307 4364 ErrDev - ok
08:36:41.0364 4364 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:36:41.0366 4364 EventSystem - ok
08:36:41.0408 4364 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:36:41.0409 4364 exfat - ok
08:36:41.0425 4364 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:36:41.0426 4364 fastfat - ok
08:36:41.0488 4364 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:36:41.0491 4364 Fax - ok
08:36:41.0517 4364 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:36:41.0518 4364 fdc - ok
08:36:41.0570 4364 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:36:41.0570 4364 fdPHost - ok
08:36:41.0615 4364 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:36:41.0615 4364 FDResPub - ok
08:36:41.0631 4364 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:36:41.0631 4364 FileInfo - ok
08:36:41.0660 4364 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:36:41.0660 4364 Filetrace - ok
08:36:41.0738 4364 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:36:41.0743 4364 FLEXnet Licensing Service - ok
08:36:41.0767 4364 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:36:41.0767 4364 flpydisk - ok
08:36:41.0822 4364 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:36:41.0823 4364 FltMgr - ok
08:36:41.0879 4364 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:36:41.0884 4364 FontCache - ok
08:36:41.0975 4364 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:36:41.0975 4364 FontCache3.0.0.0 - ok
08:36:41.0997 4364 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:36:41.0997 4364 FsDepends - ok
08:36:42.0023 4364 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:36:42.0024 4364 fssfltr - ok
08:36:42.0420 4364 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:36:42.0426 4364 fsssvc - ok
08:36:42.0478 4364 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:36:42.0478 4364 Fs_Rec - ok
08:36:42.0557 4364 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:36:42.0558 4364 fvevol - ok
08:36:42.0578 4364 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:36:42.0578 4364 gagp30kx - ok
08:36:42.0607 4364 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:36:42.0608 4364 GEARAspiWDM - ok
08:36:42.0663 4364 [ 9BA50351AF95C9DF28C8BCD382427D11 ] GenericMount C:\Windows\system32\DRIVERS\GenericMount.sys
08:36:42.0663 4364 GenericMount - ok
08:36:43.0241 4364 [ 9573DC01B6BAA0371ED4AFBAEBEE4DCC ] GenericMount Helper Service C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe
08:36:43.0250 4364 GenericMount Helper Service - ok
08:36:43.0311 4364 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
08:36:43.0311 4364 GoToAssist - ok
08:36:43.0370 4364 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:36:43.0376 4364 gpsvc - ok
08:36:43.0412 4364 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
08:36:43.0412 4364 grmnusb - ok
08:36:43.0503 4364 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:36:43.0504 4364 gupdate - ok
08:36:43.0507 4364 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:36:43.0508 4364 gupdatem - ok
08:36:43.0578 4364 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:36:43.0579 4364 gusvc - ok
08:36:43.0594 4364 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:36:43.0595 4364 hcw85cir - ok
08:36:43.0665 4364 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:36:43.0666 4364 HdAudAddService - ok
08:36:43.0717 4364 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:36:43.0717 4364 HDAudBus - ok
08:36:43.0733 4364 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:36:43.0733 4364 HidBatt - ok
08:36:43.0753 4364 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:36:43.0754 4364 HidBth - ok
08:36:43.0776 4364 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:36:43.0776 4364 HidIr - ok
08:36:43.0819 4364 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:36:43.0819 4364 hidserv - ok
08:36:43.0839 4364 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:36:43.0840 4364 HidUsb - ok
08:36:43.0894 4364 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:36:43.0895 4364 hkmsvc - ok
08:36:43.0966 4364 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:36:43.0968 4364 HomeGroupListener - ok
08:36:44.0012 4364 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:36:44.0014 4364 HomeGroupProvider - ok
08:36:44.0057 4364 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:36:44.0058 4364 hpqcxs08 - ok
08:36:44.0085 4364 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:36:44.0086 4364 hpqddsvc - ok
08:36:44.0135 4364 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:36:44.0135 4364 HpSAMD - ok
08:36:44.0216 4364 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:36:44.0221 4364 HPSLPSVC - ok
08:36:44.0280 4364 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:36:44.0283 4364 HTTP - ok
08:36:44.0327 4364 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:36:44.0327 4364 hwpolicy - ok
08:36:44.0378 4364 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:36:44.0379 4364 i8042prt - ok
08:36:44.0478 4364 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:36:44.0480 4364 iaStorV - ok
08:36:44.0626 4364 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:36:44.0630 4364 idsvc - ok
08:36:44.0790 4364 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:36:44.0790 4364 iirsp - ok
08:36:44.0851 4364 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:36:44.0855 4364 IKEEXT - ok
08:36:44.0872 4364 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:36:44.0872 4364 intelide - ok
08:36:44.0883 4364 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:36:44.0884 4364 intelppm - ok
08:36:44.0972 4364 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:36:44.0972 4364 IntuitUpdateServiceV4 - ok
08:36:45.0024 4364 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:36:45.0025 4364 IPBusEnum - ok
08:36:45.0065 4364 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:36:45.0065 4364 IpFilterDriver - ok
08:36:45.0133 4364 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:36:45.0135 4364 iphlpsvc - ok
08:36:45.0187 4364 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:36:45.0187 4364 IPMIDRV - ok
08:36:45.0213 4364 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:36:45.0214 4364 IPNAT - ok
08:36:45.0276 4364 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:36:45.0278 4364 iPod Service - ok
08:36:45.0292 4364 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda C:\Windows\system32\DRIVERS\irda.sys
08:36:45.0292 4364 irda - ok
08:36:45.0303 4364 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:36:45.0303 4364 IRENUM - ok
08:36:45.0344 4364 [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon C:\Windows\System32\irmon.dll
08:36:45.0345 4364 Irmon - ok
08:36:45.0400 4364 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:36:45.0401 4364 isapnp - ok
08:36:45.0492 4364 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:36:45.0493 4364 iScsiPrt - ok
08:36:45.0496 4364 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:36:45.0496 4364 kbdclass - ok
08:36:45.0543 4364 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:36:45.0543 4364 kbdhid - ok
08:36:45.0577 4364 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:36:45.0577 4364 KeyIso - ok
08:36:45.0614 4364 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:36:45.0614 4364 KSecDD - ok
08:36:45.0658 4364 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:36:45.0659 4364 KSecPkg - ok
08:36:45.0691 4364 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:36:45.0691 4364 ksthunk - ok
08:36:45.0812 4364 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:36:45.0814 4364 KtmRm - ok
08:36:45.0835 4364 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:36:45.0837 4364 LanmanServer - ok
08:36:45.0888 4364 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:36:45.0889 4364 LanmanWorkstation - ok
08:36:46.0002 4364 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:36:46.0004 4364 LBTServ - ok
08:36:46.0032 4364 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:36:46.0032 4364 LHidFilt - ok
08:36:46.0270 4364 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
08:36:46.0282 4364 LiveUpdate - ok
08:36:46.0286 4364 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:36:46.0286 4364 lltdio - ok
08:36:46.0369 4364 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:36:46.0370 4364 lltdsvc - ok
08:36:46.0403 4364 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:36:46.0404 4364 lmhosts - ok
08:36:46.0451 4364 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:36:46.0451 4364 LMouFilt - ok
08:36:46.0475 4364 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:36:46.0476 4364 LSI_FC - ok
08:36:46.0498 4364 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:36:46.0499 4364 LSI_SAS - ok
08:36:46.0522 4364 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:36:46.0523 4364 LSI_SAS2 - ok
08:36:46.0548 4364 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:36:46.0548 4364 LSI_SCSI - ok
08:36:46.0572 4364 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:36:46.0572 4364 luafv - ok
08:36:46.0619 4364 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:36:46.0619 4364 LVPr2M64 - ok
08:36:46.0621 4364 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:36:46.0622 4364 LVPr2Mon - ok
08:36:46.0685 4364 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
08:36:46.0686 4364 LVPrcS64 - ok
08:36:46.0732 4364 [ 224AB3850F573A419F921C41A15D7F5B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
08:36:46.0734 4364 LVRS64 - ok
08:36:47.0096 4364 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
08:36:47.0124 4364 LVUVC64 - ok
08:36:47.0173 4364 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:36:47.0174 4364 Mcx2Svc - ok
08:36:47.0190 4364 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:36:47.0191 4364 megasas - ok
08:36:47.0273 4364 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:36:47.0275 4364 MegaSR - ok
08:36:47.0423 4364 Microsoft SharePoint Workspace Audit Service - ok
08:36:47.0468 4364 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:36:47.0469 4364 MMCSS - ok
08:36:47.0483 4364 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:36:47.0483 4364 Modem - ok
08:36:47.0529 4364 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:36:47.0529 4364 monitor - ok
08:36:47.0555 4364 [ 54F44C3A4F6C1C4D00D4157FBD531EB1 ] MosIrUsb C:\Windows\system32\DRIVERS\MosIrUsb.sys
08:36:47.0555 4364 MosIrUsb - ok
08:36:47.0594 4364 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:36:47.0595 4364 mouclass - ok
08:36:47.0628 4364 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:36:47.0628 4364 mouhid - ok
08:36:47.0668 4364 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:36:47.0669 4364 mountmgr - ok
08:36:47.0734 4364 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:36:47.0735 4364 mpio - ok
08:36:47.0748 4364 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:36:47.0748 4364 mpsdrv - ok
08:36:47.0845 4364 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:36:47.0849 4364 MpsSvc - ok
08:36:47.0900 4364 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:36:47.0901 4364 MRxDAV - ok
08:36:47.0972 4364 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:36:47.0973 4364 mrxsmb - ok
08:36:48.0012 4364 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:36:48.0013 4364 mrxsmb10 - ok
08:36:48.0017 4364 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:36:48.0018 4364 mrxsmb20 - ok
08:36:48.0051 4364 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:36:48.0052 4364 msahci - ok
08:36:48.0135 4364 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:36:48.0135 4364 msdsm - ok
08:36:48.0197 4364 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:36:48.0198 4364 MSDTC - ok
08:36:48.0238 4364 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
08:36:48.0238 4364 MSDV - ok
08:36:48.0291 4364 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:36:48.0291 4364 Msfs - ok
08:36:48.0308 4364 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:36:48.0308 4364 mshidkmdf - ok
08:36:48.0340 4364 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:36:48.0341 4364 msisadrv - ok
08:36:48.0406 4364 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:36:48.0407 4364 MSiSCSI - ok
08:36:48.0410 4364 msiserver - ok
08:36:48.0443 4364 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:36:48.0443 4364 MSKSSRV - ok
08:36:48.0465 4364 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:36:48.0465 4364 MSPCLOCK - ok
08:36:48.0514 4364 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:36:48.0514 4364 MSPQM - ok
08:36:48.0568 4364 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:36:48.0569 4364 MsRPC - ok
08:36:48.0617 4364 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:36:48.0617 4364 mssmbios - ok
08:36:48.0664 4364 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:36:48.0664 4364 MSTEE - ok
08:36:48.0715 4364 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:36:48.0715 4364 MTConfig - ok
08:36:48.0735 4364 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:36:48.0735 4364 Mup - ok
08:36:48.0778 4364 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:36:48.0781 4364 napagent - ok
08:36:48.0862 4364 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:36:48.0864 4364 NativeWifiP - ok
08:36:48.0941 4364 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:36:48.0945 4364 NDIS - ok
08:36:48.0996 4364 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:36:48.0996 4364 NdisCap - ok
08:36:49.0008 4364 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:36:49.0008 4364 NdisTapi - ok
08:36:49.0046 4364 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:36:49.0047 4364 Ndisuio - ok
08:36:49.0092 4364 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:36:49.0093 4364 NdisWan - ok
08:36:49.0143 4364 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:36:49.0144 4364 NDProxy - ok
08:36:49.0200 4364 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:36:49.0200 4364 Net Driver HPZ12 - ok
08:36:49.0248 4364 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:36:49.0248 4364 NetBIOS - ok
08:36:49.0313 4364 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:36:49.0314 4364 NetBT - ok
08:36:49.0335 4364 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:36:49.0335 4364 Netlogon - ok
08:36:49.0383 4364 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:36:49.0385 4364 Netman - ok
08:36:49.0399 4364 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:36:49.0401 4364 netprofm - ok
08:36:49.0460 4364 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
08:36:49.0464 4364 netr28ux - ok
08:36:49.0514 4364 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:36:49.0514 4364 NetTcpPortSharing - ok
08:36:49.0586 4364 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:36:49.0586 4364 nfrd960 - ok
08:36:49.0627 4364 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:36:49.0629 4364 NlaSvc - ok
08:36:50.0000 4364 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
08:36:50.0018 4364 Norton Ghost - ok
08:36:50.0029 4364 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:36:50.0030 4364 Npfs - ok
08:36:50.0069 4364 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:36:50.0070 4364 nsi - ok
08:36:50.0124 4364 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:36:50.0125 4364 nsiproxy - ok
08:36:50.0199 4364 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:36:50.0205 4364 Ntfs - ok
08:36:50.0235 4364 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:36:50.0235 4364 Null - ok
08:36:50.0322 4364 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:36:50.0323 4364 nvraid - ok
08:36:50.0347 4364 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:36:50.0348 4364 nvstor - ok
08:36:50.0389 4364 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:36:50.0390 4364 nv_agp - ok
08:36:50.0588 4364 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:36:50.0590 4364 odserv - ok
08:36:50.0632 4364 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:36:50.0633 4364 ohci1394 - ok
08:36:50.0674 4364 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:36:50.0675 4364 ose - ok
08:36:50.0985 4364 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:36:51.0004 4364 osppsvc - ok
08:36:51.0047 4364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:36:51.0049 4364 p2pimsvc - ok
08:36:51.0117 4364 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:36:51.0119 4364 p2psvc - ok
08:36:51.0165 4364 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:36:51.0166 4364 Parport - ok
08:36:51.0208 4364 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:36:51.0208 4364 partmgr - ok
08:36:51.0242 4364 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:36:51.0243 4364 PcaSvc - ok
08:36:51.0289 4364 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:36:51.0290 4364 pci - ok
08:36:51.0323 4364 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:36:51.0324 4364 pciide - ok
08:36:51.0398 4364 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:36:51.0399 4364 pcmcia - ok
08:36:51.0453 4364 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:36:51.0453 4364 pcw - ok
08:36:51.0498 4364 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:36:51.0500 4364 PEAUTH - ok
08:36:51.0614 4364 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:36:51.0620 4364 PeerDistSvc - ok
08:36:51.0754 4364 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:36:51.0754 4364 PerfHost - ok
08:36:51.0816 4364 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:36:51.0822 4364 pla - ok
08:36:51.0889 4364 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:36:51.0892 4364 PlugPlay - ok
08:36:51.0912 4364 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:36:51.0913 4364 Pml Driver HPZ12 - ok
08:36:51.0963 4364 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:36:51.0964 4364 PNRPAutoReg - ok
08:36:51.0989 4364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:36:51.0991 4364 PNRPsvc - ok
08:36:52.0035 4364 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:36:52.0037 4364 PolicyAgent - ok
08:36:52.0087 4364 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:36:52.0088 4364 Power - ok
08:36:52.0139 4364 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:36:52.0139 4364 PptpMiniport - ok
08:36:52.0188 4364 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:36:52.0189 4364 Processor - ok
08:36:52.0247 4364 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:36:52.0248 4364 ProfSvc - ok
08:36:52.0260 4364 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:36:52.0261 4364 ProtectedStorage - ok
08:36:52.0311 4364 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:36:52.0312 4364 Psched - ok
08:36:52.0385 4364 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:36:52.0385 4364 PxHlpa64 - ok
08:36:52.0733 4364 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:36:52.0739 4364 ql2300 - ok
08:36:52.0784 4364 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:36:52.0784 4364 ql40xx - ok
08:36:52.0834 4364 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:36:52.0836 4364 QWAVE - ok
08:36:52.0854 4364 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:36:52.0855 4364 QWAVEdrv - ok
08:36:52.0970 4364 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
08:36:52.0971 4364 RapiMgr - ok
08:36:52.0988 4364 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:36:52.0989 4364 RasAcd - ok
08:36:53.0027 4364 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:36:53.0027 4364 RasAgileVpn - ok
08:36:53.0076 4364 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:36:53.0078 4364 RasAuto - ok
08:36:53.0122 4364 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:36:53.0122 4364 Rasl2tp - ok
08:36:53.0177 4364 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:36:53.0180 4364 RasMan - ok
08:36:53.0203 4364 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:36:53.0204 4364 RasPppoe - ok
08:36:53.0251 4364 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:36:53.0252 4364 RasSstp - ok
08:36:53.0305 4364 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:36:53.0307 4364 rdbss - ok
08:36:53.0398 4364 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:36:53.0398 4364 rdpbus - ok
08:36:53.0416 4364 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:36:53.0416 4364 RDPCDD - ok
08:36:53.0474 4364 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:36:53.0474 4364 RDPDR - ok
08:36:53.0525 4364 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:36:53.0525 4364 RDPENCDD - ok
08:36:53.0538 4364 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:36:53.0538 4364 RDPREFMP - ok
08:36:53.0636 4364 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:36:53.0636 4364 RdpVideoMiniport - ok
08:36:53.0720 4364 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:36:53.0721 4364 RDPWD - ok
08:36:53.0780 4364 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:36:53.0781 4364 rdyboost - ok
08:36:53.0908 4364 [ AE93D43564B0F5A565492BB06C69CDF3 ] Real time Backup Loader C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\Fsloader.exe
08:36:53.0909 4364 Real time Backup Loader - ok
08:36:53.0955 4364 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:36:53.0956 4364 RemoteAccess - ok
08:36:54.0004 4364 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:36:54.0006 4364 RemoteRegistry - ok
08:36:54.0081 4364 [ 7F7CA7DEEB68E68FD67870E9A5EC33E2 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
08:36:54.0087 4364 RosettaStoneDaemon - ok
08:36:54.0119 4364 Roxio UPnP Renderer 11 - ok
08:36:54.0167 4364 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:36:54.0168 4364 RpcEptMapper - ok
08:36:54.0208 4364 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:36:54.0209 4364 RpcLocator - ok
08:36:54.0258 4364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
08:36:54.0261 4364 RpcSs - ok
08:36:54.0306 4364 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:36:54.0307 4364 rspndr - ok
08:36:54.0352 4364 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:36:54.0353 4364 RTL8167 - ok
08:36:54.0397 4364 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:36:54.0398 4364 s3cap - ok
08:36:54.0410 4364 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:36:54.0411 4364 SamSs - ok
08:36:54.0453 4364 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:36:54.0454 4364 sbp2port - ok
08:36:54.0502 4364 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:36:54.0503 4364 SCardSvr - ok
08:36:54.0542 4364 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:36:54.0543 4364 scfilter - ok
08:36:54.0592 4364 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:36:54.0598 4364 Schedule - ok
08:36:54.0651 4364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:36:54.0652 4364 SCPolicySvc - ok
08:36:54.0727 4364 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:36:54.0729 4364 SDRSVC - ok
08:36:54.0767 4364 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:36:54.0767 4364 secdrv - ok
08:36:54.0802 4364 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:36:54.0803 4364 seclogon - ok
08:36:54.0841 4364 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:36:54.0842 4364 SENS - ok
08:36:54.0850 4364 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:36:54.0851 4364 SensrSvc - ok
08:36:54.0866 4364 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:36:54.0867 4364 Serenum - ok
08:36:54.0897 4364 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:36:54.0897 4364 Serial - ok
08:36:54.0913 4364 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:36:54.0913 4364 sermouse - ok
08:36:54.0966 4364 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:36:54.0967 4364 SessionEnv - ok
08:36:55.0009 4364 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:36:55.0009 4364 sffdisk - ok
08:36:55.0030 4364 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:36:55.0030 4364 sffp_mmc - ok
08:36:55.0058 4364 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:36:55.0059 4364 sffp_sd - ok
08:36:55.0100 4364 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:36:55.0101 4364 sfloppy - ok
08:36:55.0153 4364 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:36:55.0154 4364 SharedAccess - ok
08:36:55.0209 4364 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:36:55.0211 4364 ShellHWDetection - ok
08:36:55.0261 4364 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:36:55.0261 4364 SiSRaid2 - ok
08:36:55.0278 4364 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:36:55.0278 4364 SiSRaid4 - ok
08:36:55.0393 4364 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:36:55.0393 4364 SkypeUpdate - ok
08:36:55.0435 4364 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:36:55.0436 4364 Smb - ok
08:36:55.0459 4364 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:36:55.0460 4364 SNMPTRAP - ok
08:36:55.0563 4364 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:36:55.0563 4364 spldr - ok
08:36:55.0624 4364 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:36:55.0627 4364 Spooler - ok
08:36:55.0806 4364 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:36:55.0821 4364 sppsvc - ok
08:36:55.0835 4364 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:36:55.0836 4364 sppuinotify - ok
08:36:55.0889 4364 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
08:36:55.0889 4364 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
08:36:55.0890 4364 sptd ( LockedFile.Multi.Generic ) - warning
08:36:55.0890 4364 sptd - detected LockedFile.Multi.Generic (1)
08:36:55.0940 4364 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:36:55.0942 4364 srv - ok
08:36:55.0986 4364 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:36:55.0988 4364 srv2 - ok
08:36:56.0027 4364 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:36:56.0028 4364 srvnet - ok
08:36:56.0069 4364 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:36:56.0071 4364 SSDPSRV - ok
08:36:56.0112 4364 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:36:56.0113 4364 SstpSvc - ok
08:36:56.0162 4364 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:36:56.0162 4364 stexstor - ok
08:36:56.0193 4364 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:36:56.0193 4364 StillCam - ok
08:36:56.0260 4364 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:36:56.0264 4364 stisvc - ok
08:36:56.0314 4364 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:36:56.0314 4364 storflt - ok
08:36:56.0363 4364 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:36:56.0363 4364 storvsc - ok
08:36:56.0419 4364 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:36:56.0420 4364 swenum - ok
08:36:56.0463 4364 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:36:56.0466 4364 swprv - ok
08:36:56.0469 4364 Symantec SymSnap VSS Provider - ok
08:36:56.0516 4364 [ 2D9B2746F7DEA46D1572B84A06311566 ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
08:36:56.0517 4364 symsnap - ok
08:36:56.0739 4364 [ EA1A479651CA2E0409C29D586C91901D ] SymSnapService C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
08:36:56.0751 4364 SymSnapService - ok
08:36:56.0754 4364 Synth3dVsc - ok
08:36:56.0956 4364 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:36:56.0964 4364 SysMain - ok
08:36:57.0017 4364 [ 6B153E518DBE6EF59191152E1ECF7ED4 ] t3 C:\Windows\system32\drivers\t3.sys
08:36:57.0019 4364 t3 - ok
08:36:57.0061 4364 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:36:57.0062 4364 TabletInputService - ok
08:36:57.0147 4364 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:36:57.0149 4364 TapiSrv - ok
08:36:57.0200 4364 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:36:57.0201 4364 TBS - ok
08:36:57.0290 4364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:36:57.0299 4364 Tcpip - ok
08:36:57.0321 4364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:36:57.0328 4364 TCPIP6 - ok
08:36:57.0376 4364 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:36:57.0376 4364 tcpipreg - ok
08:36:57.0432 4364 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:36:57.0432 4364 TDPIPE - ok
08:36:57.0484 4364 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:36:57.0485 4364 TDTCP - ok
08:36:57.0532 4364 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:36:57.0533 4364 tdx - ok
08:36:57.0579 4364 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:36:57.0579 4364 TermDD - ok
08:36:57.0662 4364 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:36:57.0665 4364 TermService - ok
08:36:57.0706 4364 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:36:57.0707 4364 Themes - ok
08:36:57.0752 4364 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:36:57.0753 4364 THREADORDER - ok
08:36:57.0804 4364 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
08:36:57.0805 4364 tmlwf - ok
08:36:57.0856 4364 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:36:57.0857 4364 TrkWks - ok
08:36:57.0946 4364 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:36:57.0947 4364 TrustedInstaller - ok
08:36:57.0994 4364 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:36:57.0995 4364 tssecsrv - ok
08:36:58.0024 4364 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:36:58.0025 4364 TsUsbFlt - ok
08:36:58.0027 4364 tsusbhub - ok
08:36:58.0066 4364 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:36:58.0067 4364 tunnel - ok
08:36:58.0124 4364 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:36:58.0124 4364 uagp35 - ok
08:36:58.0225 4364 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:36:58.0227 4364 udfs - ok
08:36:58.0284 4364 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:36:58.0285 4364 UI0Detect - ok
08:36:58.0332 4364 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:36:58.0332 4364 uliagpkx - ok
08:36:58.0356 4364 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:36:58.0356 4364 umbus - ok
08:36:58.0404 4364 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:36:58.0404 4364 UmPass - ok
08:36:58.0431 4364 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:36:58.0433 4364 UmRdpService - ok
08:36:58.0538 4364 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:36:58.0540 4364 upnphost - ok
08:36:58.0599 4364 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:36:58.0600 4364 USBAAPL64 - ok
08:36:58.0667 4364 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:36:58.0668 4364 usbaudio - ok
08:36:58.0718 4364 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:36:58.0719 4364 usbccgp - ok
08:36:58.0772 4364 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:36:58.0772 4364 usbcir - ok
08:36:58.0819 4364 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:36:58.0820 4364 usbehci - ok
08:36:58.0870 4364 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:36:58.0871 4364 usbhub - ok
08:36:58.0917 4364 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:36:58.0918 4364 usbohci - ok
08:36:58.0958 4364 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:36:58.0958 4364 usbprint - ok
08:36:59.0015 4364 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
08:36:59.0016 4364 usbser - ok
08:36:59.0034 4364 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:36:59.0034 4364 USBSTOR - ok
08:36:59.0079 4364 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:36:59.0079 4364 usbuhci - ok
08:36:59.0146 4364 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:36:59.0147 4364 usbvideo - ok
08:36:59.0166 4364 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:36:59.0167 4364 UxSms - ok
08:36:59.0185 4364 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:36:59.0186 4364 VaultSvc - ok
08:36:59.0225 4364 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:36:59.0225 4364 vdrvroot - ok
08:36:59.0296 4364 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:36:59.0299 4364 vds - ok
08:36:59.0346 4364 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:36:59.0346 4364 vga - ok
08:36:59.0374 4364 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:36:59.0374 4364 VgaSave - ok
08:36:59.0377 4364 VGPU - ok
08:36:59.0441 4364 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:36:59.0442 4364 vhdmp - ok
08:36:59.0484 4364 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:36:59.0485 4364 viaide - ok
08:36:59.0575 4364 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:36:59.0576 4364 vmbus - ok
08:36:59.0600 4364 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:36:59.0600 4364 VMBusHID - ok
08:36:59.0625 4364 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:36:59.0625 4364 volmgr - ok
08:36:59.0729 4364 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:36:59.0731 4364 volmgrx - ok
08:36:59.0814 4364 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:36:59.0815 4364 volsnap - ok
08:36:59.0874 4364 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
08:36:59.0874 4364 vpcbus - ok
08:36:59.0921 4364 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
08:36:59.0921 4364 vpcnfltr - ok
08:36:59.0972 4364 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
08:36:59.0973 4364 vpcusb - ok
08:37:00.0003 4364 [ 63F4E10873BEB4124028C6D1A66B0968 ] vpcuxd C:\Windows\system32\drivers\vpcuxd.sys
08:37:00.0003 4364 vpcuxd - ok
08:37:00.0094 4364 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
08:37:00.0096 4364 vpcvmm - ok
08:37:00.0136 4364 [ 8B7454930230DB4BC4BA35A467BE09AA ] VPROEVENTMONITOR C:\Windows\system32\drivers\VProEventMonitor.sys
08:37:00.0136 4364 VPROEVENTMONITOR - ok
08:37:00.0211 4364 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:37:00.0212 4364 vsmraid - ok
08:37:00.0639 4364 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:37:00.0646 4364 VSS - ok
08:37:00.0661 4364 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:37:00.0662 4364 vwifibus - ok
08:37:00.0692 4364 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:37:00.0692 4364 vwififlt - ok
08:37:00.0800 4364 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:37:00.0802 4364 W32Time - ok
08:37:00.0844 4364 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:37:00.0844 4364 WacomPen - ok
08:37:00.0906 4364 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:37:00.0907 4364 WANARP - ok
08:37:00.0910 4364 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:37:00.0910 4364 Wanarpv6 - ok
08:37:01.0179 4364 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:37:01.0184 4364 WatAdminSvc - ok
08:37:01.0548 4364 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:37:01.0555 4364 wbengine - ok
08:37:01.0623 4364 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:37:01.0625 4364 WbioSrvc - ok
08:37:01.0772 4364 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
08:37:01.0774 4364 WcesComm - ok
08:37:01.0889 4364 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:37:01.0892 4364 wcncsvc - ok
08:37:01.0942 4364 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:37:01.0943 4364 WcsPlugInService - ok
08:37:01.0970 4364 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:37:01.0971 4364 Wd - ok
08:37:02.0021 4364 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:37:02.0025 4364 Wdf01000 - ok
08:37:02.0034 4364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:37:02.0036 4364 WdiServiceHost - ok
08:37:02.0039 4364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:37:02.0040 4364 WdiSystemHost - ok
08:37:02.0129 4364 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:37:02.0131 4364 WebClient - ok
08:37:02.0209 4364 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:37:02.0211 4364 Wecsvc - ok
08:37:02.0236 4364 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:37:02.0237 4364 wercplsupport - ok
08:37:02.0284 4364 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:37:02.0285 4364 WerSvc - ok
08:37:02.0333 4364 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:37:02.0333 4364 WfpLwf - ok
08:37:02.0416 4364 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:37:02.0417 4364 WimFltr - ok
08:37:02.0450 4364 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:37:02.0450 4364 WIMMount - ok
08:37:02.0479 4364 WinDefend - ok
08:37:02.0482 4364 WinHttpAutoProxySvc - ok
08:37:02.0584 4364 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:37:02.0585 4364 Winmgmt - ok
08:37:02.0692 4364 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:37:02.0700 4364 WinRM - ok
08:37:02.0740 4364 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:37:02.0740 4364 WinUsb - ok
08:37:02.0796 4364 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:37:02.0801 4364 Wlansvc - ok
08:37:02.0962 4364 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:37:02.0963 4364 wlcrasvc - ok
08:37:03.0166 4364 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:37:03.0175 4364 wlidsvc - ok
08:37:03.0196 4364 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:37:03.0197 4364 WmiAcpi - ok
08:37:03.0246 4364 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:37:03.0247 4364 wmiApSrv - ok
08:37:03.0291 4364 WMPNetworkSvc - ok
08:37:03.0331 4364 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:37:03.0332 4364 WPCSvc - ok
08:37:03.0378 4364 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:37:03.0379 4364 WPDBusEnum - ok
08:37:03.0420 4364 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:37:03.0420 4364 ws2ifsl - ok
08:37:03.0457 4364 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:37:03.0459 4364 wscsvc - ok
08:37:03.0461 4364 WSearch - ok
08:37:03.0602 4364 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:37:03.0613 4364 wuauserv - ok
08:37:03.0662 4364 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:37:03.0662 4364 WudfPf - ok
08:37:03.0715 4364 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:37:03.0716 4364 WUDFRd - ok
08:37:03.0775 4364 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:37:03.0777 4364 wudfsvc - ok
08:37:03.0820 4364 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:37:03.0822 4364 WwanSvc - ok
08:37:03.0826 4364 ================ Scan global ===============================
08:37:03.0870 4364 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:37:03.0925 4364 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
08:37:03.0930 4364 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
08:37:03.0966 4364 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:37:04.0010 4364 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:37:04.0012 4364 [Global] - ok
08:37:04.0012 4364 ================ Scan MBR ==================================
08:37:04.0020 4364 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:37:05.0985 4364 \Device\Harddisk0\DR0 - ok
08:37:05.0987 4364 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:37:05.0989 4364 \Device\Harddisk1\DR1 - ok
08:37:05.0999 4364 [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk2\DR2
08:37:07.0727 4364 \Device\Harddisk2\DR2 - ok
08:37:07.0727 4364 ================ Scan VBR ==================================
08:37:07.0756 4364 [ CDF879E8BFF9E481EAFFB54A1CB0D506 ] \Device\Harddisk0\DR0\Partition1
08:37:07.0758 4364 \Device\Harddisk0\DR0\Partition1 - ok
08:37:07.0774 4364 [ 3D81F03F44109C7CBDF3D3C801DBFA7F ] \Device\Harddisk0\DR0\Partition2
08:37:07.0776 4364 \Device\Harddisk0\DR0\Partition2 - ok
08:37:07.0778 4364 [ FE2EC47103871C8C4CB9B92B09F993A7 ] \Device\Harddisk1\DR1\Partition1
08:37:07.0779 4364 \Device\Harddisk1\DR1\Partition1 - ok
08:37:07.0782 4364 [ 0ECD9924DC6562461D0236A4941C63D4 ] \Device\Harddisk2\DR2\Partition1
08:37:07.0784 4364 \Device\Harddisk2\DR2\Partition1 - ok
08:37:07.0785 4364 ============================================================
08:37:07.0785 4364 Scan finished
08:37:07.0785 4364 ============================================================
08:37:07.0791 6772 Detected object count: 1
08:37:07.0791 6772 Actual detected object count: 1
08:37:42.0482 6772 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
08:37:42.0482 6772 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
08:37:42.0508 6772 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
08:37:42.0645 6772 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
08:37:42.0645 6772 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
08:37:47.0771 4148 Deinitialize success

#7
Condor124

Posted 02 February 2013 - 05:09 PM

Member

Topic Starter
Member
12 posts

TDSSKiller 2:
08:42:03.0475 7060 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:42:03.0770 7060 ============================================================
08:42:03.0770 7060 Current date / time: 2013/02/02 08:42:03.0770
08:42:03.0770 7060 SystemInfo:
08:42:03.0770 7060
08:42:03.0770 7060 OS Version: 6.1.7601 ServicePack: 1.0
08:42:03.0770 7060 Product type: Workstation
08:42:03.0770 7060 ComputerName: DELL_DESKTOP
08:42:03.0770 7060 UserName: John
08:42:03.0770 7060 Windows directory: C:\Windows
08:42:03.0770 7060 System windows directory: C:\Windows
08:42:03.0770 7060 Running under WOW64
08:42:03.0770 7060 Processor architecture: Intel x64
08:42:03.0770 7060 Number of processors: 8
08:42:03.0770 7060 Page size: 0x1000
08:42:03.0770 7060 Boot type: Normal boot
08:42:03.0770 7060 ============================================================
08:42:04.0603 7060 BG loaded
08:42:04.0947 7060 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:42:04.0967 7060 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:42:04.0972 7060 Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:42:05.0006 7060 ============================================================
08:42:05.0006 7060 \Device\Harddisk1\DR1:
08:42:05.0006 7060 MBR partitions:
08:42:05.0006 7060 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
08:42:05.0006 7060 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x55722000
08:42:05.0006 7060 \Device\Harddisk0\DR0:
08:42:05.0006 7060 MBR partitions:
08:42:05.0006 7060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
08:42:05.0006 7060 \Device\Harddisk2\DR2:
08:42:05.0007 7060 MBR partitions:
08:42:05.0007 7060 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1200
08:42:05.0007 7060 ============================================================
08:42:05.0059 7060 C: <-> \Device\Harddisk1\DR1\Partition2
08:42:05.0130 7060 D: <-> \Device\Harddisk1\DR1\Partition1
08:42:05.0139 7060 F: <-> \Device\Harddisk2\DR2\Partition1
08:42:05.0163 7060 Z: <-> \Device\Harddisk0\DR0\Partition1
08:42:05.0163 7060 ============================================================
08:42:05.0163 7060 Initialize success
08:42:05.0163 7060 ============================================================
08:42:29.0036 7164 ============================================================
08:42:29.0036 7164 Scan started
08:42:29.0036 7164 Mode: Manual; SigCheck; TDLFS;
08:42:29.0036 7164 ============================================================
08:42:29.0827 7164 ================ Scan system memory ========================
08:42:29.0827 7164 System memory - ok
08:42:29.0828 7164 ================ Scan services =============================
08:42:30.0031 7164 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:42:30.0133 7164 1394ohci - ok
08:42:30.0165 7164 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
08:42:30.0256 7164 61883 - ok
08:42:30.0306 7164 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:42:30.0319 7164 ACPI - ok
08:42:30.0355 7164 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:42:30.0440 7164 AcpiPmi - ok
08:42:30.0539 7164 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:42:30.0548 7164 AdobeActiveFileMonitor9.0 - ok
08:42:30.0695 7164 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:42:30.0703 7164 AdobeARMservice - ok
08:42:30.0843 7164 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:42:30.0855 7164 AdobeFlashPlayerUpdateSvc - ok
08:42:30.0910 7164 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:42:30.0926 7164 adp94xx - ok
08:42:30.0948 7164 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:42:30.0962 7164 adpahci - ok
08:42:30.0979 7164 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:42:30.0990 7164 adpu320 - ok
08:42:31.0027 7164 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:42:31.0188 7164 AeLookupSvc - ok
08:42:31.0236 7164 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:42:31.0311 7164 AFD - ok
08:42:31.0338 7164 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:42:31.0347 7164 agp440 - ok
08:42:31.0361 7164 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:42:31.0441 7164 ALG - ok
08:42:31.0460 7164 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:42:31.0468 7164 aliide - ok
08:42:31.0494 7164 [ 54716D9BB43733578A5647E9B121141F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:42:31.0572 7164 AMD External Events Utility - ok
08:42:31.0584 7164 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:42:31.0593 7164 amdide - ok
08:42:31.0601 7164 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:42:31.0664 7164 AmdK8 - ok
08:42:31.0807 7164 [ 522A8BD1414CC7517FAEC907F138DB9C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:42:31.0907 7164 amdkmdag - ok
08:42:31.0939 7164 [ F712C26D40BF3CD2C020BB518E8150B1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:42:31.0994 7164 amdkmdap - ok
08:42:32.0028 7164 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:42:32.0069 7164 AmdPPM - ok
08:42:32.0138 7164 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:42:32.0148 7164 amdsata - ok
08:42:32.0158 7164 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:42:32.0169 7164 amdsbs - ok
08:42:32.0183 7164 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:42:32.0192 7164 amdxata - ok
08:42:32.0235 7164 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:42:32.0400 7164 AppID - ok
08:42:32.0435 7164 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:42:32.0502 7164 AppIDSvc - ok
08:42:32.0564 7164 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:42:32.0616 7164 Appinfo - ok
08:42:32.0742 7164 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:42:32.0749 7164 Apple Mobile Device - ok
08:42:32.0798 7164 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:42:32.0821 7164 AppMgmt - ok
08:42:32.0832 7164 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:42:32.0842 7164 arc - ok
08:42:32.0853 7164 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:42:32.0863 7164 arcsas - ok
08:42:32.0883 7164 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:42:32.0934 7164 AsyncMac - ok
08:42:32.0959 7164 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:42:32.0967 7164 atapi - ok
08:42:33.0099 7164 [ 522A8BD1414CC7517FAEC907F138DB9C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:42:33.0168 7164 atikmdag - ok
08:42:33.0243 7164 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:42:33.0367 7164 AudioEndpointBuilder - ok
08:42:33.0375 7164 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:42:33.0404 7164 AudioSrv - ok
08:42:33.0482 7164 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
08:42:33.0660 7164 Avc - ok
08:42:33.0925 7164 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:42:34.0092 7164 AxInstSV - ok
08:42:34.0267 7164 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:42:34.0313 7164 b06bdrv - ok
08:42:34.0386 7164 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:42:34.0486 7164 b57nd60a - ok
08:42:34.0681 7164 Backup Scheduler - ok
08:42:34.0933 7164 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:42:34.0943 7164 BBSvc - ok
08:42:35.0136 7164 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:42:35.0148 7164 BBUpdate - ok
08:42:35.0226 7164 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:42:35.0395 7164 BDESVC - ok
08:42:35.0583 7164 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:42:35.0828 7164 Beep - ok
08:42:36.0289 7164 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:42:36.0364 7164 BFE - ok
08:42:36.0494 7164 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
08:42:36.0697 7164 BITS - ok
08:42:36.0800 7164 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:42:36.0865 7164 blbdrive - ok
08:42:37.0310 7164 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:42:37.0321 7164 Bonjour Service - ok
08:42:37.0472 7164 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:42:37.0558 7164 bowser - ok
08:42:37.0655 7164 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:42:37.0811 7164 BrFiltLo - ok
08:42:37.0862 7164 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:42:37.0883 7164 BrFiltUp - ok
08:42:38.0165 7164 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:42:38.0277 7164 BridgeMP - ok
08:42:38.0395 7164 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:42:38.0486 7164 Browser - ok
08:42:38.0555 7164 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:42:38.0658 7164 Brserid - ok
08:42:38.0687 7164 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:42:38.0756 7164 BrSerWdm - ok
08:42:38.0800 7164 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:42:38.0848 7164 BrUsbMdm - ok
08:42:38.0869 7164 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:42:38.0940 7164 BrUsbSer - ok
08:42:38.0993 7164 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:42:39.0063 7164 BTHMODEM - ok
08:42:39.0147 7164 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:42:39.0239 7164 bthserv - ok
08:42:39.0316 7164 catchme - ok
08:42:39.0332 7164 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:42:39.0417 7164 cdfs - ok
08:42:39.0496 7164 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:42:39.0549 7164 cdrom - ok
08:42:39.0644 7164 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:42:39.0790 7164 CertPropSvc - ok
08:42:39.0837 7164 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:42:39.0865 7164 circlass - ok
08:42:39.0917 7164 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:42:39.0931 7164 CLFS - ok
08:42:40.0103 7164 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:42:40.0134 7164 clr_optimization_v2.0.50727_32 - ok
08:42:40.0209 7164 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:42:40.0236 7164 clr_optimization_v2.0.50727_64 - ok
08:42:40.0322 7164 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:42:40.0391 7164 clr_optimization_v4.0.30319_32 - ok
08:42:40.0471 7164 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:42:40.0479 7164 clr_optimization_v4.0.30319_64 - ok
08:42:40.0539 7164 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:42:40.0604 7164 CmBatt - ok
08:42:40.0641 7164 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:42:40.0665 7164 cmdide - ok
08:42:40.0770 7164 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:42:40.0790 7164 CNG - ok
08:42:40.0825 7164 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:42:40.0854 7164 Compbatt - ok
08:42:40.0928 7164 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:42:40.0984 7164 CompositeBus - ok
08:42:41.0028 7164 COMSysApp - ok
08:42:41.0052 7164 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:42:41.0079 7164 crcdisk - ok
08:42:41.0220 7164 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
08:42:41.0297 7164 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:42:41.0297 7164 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:42:41.0397 7164 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
08:42:41.0523 7164 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:42:41.0524 7164 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:42:41.0607 7164 [ D03466C36EF0E5C7694FF38B45271D9D ] Creative Media Toolbox 6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
08:42:41.0672 7164 Creative Media Toolbox 6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:42:41.0672 7164 Creative Media Toolbox 6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:42:41.0778 7164 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:42:42.0036 7164 CryptSvc - ok
08:42:42.0199 7164 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:42:42.0295 7164 CSC - ok
08:42:42.0376 7164 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:42:42.0443 7164 CscService - ok
08:42:42.0704 7164 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
08:42:42.0740 7164 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
08:42:42.0740 7164 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
08:42:42.0819 7164 [ 4F7AE5253AF9F99D2D145038B1751C05 ] DCDisk C:\Windows\system32\drivers\DCDisk.sys
08:42:42.0833 7164 DCDisk - ok
08:42:42.0943 7164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:42:43.0005 7164 DcomLaunch - ok
08:42:43.0028 7164 [ 60CB17C60DED17373C35683A858FDAA7 ] dcsnap C:\Windows\system32\drivers\dcsnap.sys
08:42:43.0056 7164 dcsnap - ok
08:42:43.0137 7164 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:42:43.0196 7164 defragsvc - ok
08:42:43.0269 7164 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:42:43.0343 7164 DfsC - ok
08:42:43.0422 7164 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:42:43.0607 7164 Dhcp - ok
08:42:43.0641 7164 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:42:43.0688 7164 discache - ok
08:42:43.0733 7164 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:42:43.0763 7164 Disk - ok
08:42:43.0868 7164 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:42:44.0028 7164 Dnscache - ok
08:42:44.0105 7164 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:42:44.0168 7164 dot3svc - ok
08:42:44.0239 7164 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:42:44.0297 7164 DPS - ok
08:42:44.0375 7164 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:42:44.0444 7164 drmkaud - ok
08:42:44.0537 7164 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:42:44.0556 7164 DXGKrnl - ok
08:42:44.0610 7164 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:42:44.0678 7164 EapHost - ok
08:42:44.0901 7164 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:42:44.0982 7164 ebdrv - ok
08:42:45.0019 7164 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:42:45.0089 7164 EFS - ok
08:42:45.0152 7164 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:42:45.0232 7164 ehRecvr - ok
08:42:45.0266 7164 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:42:45.0339 7164 ehSched - ok
08:42:45.0386 7164 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:42:45.0402 7164 elxstor - ok
08:42:45.0416 7164 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:42:45.0454 7164 ErrDev - ok
08:42:45.0507 7164 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:42:45.0564 7164 EventSystem - ok
08:42:45.0617 7164 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:42:45.0672 7164 exfat - ok
08:42:45.0701 7164 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:42:45.0756 7164 fastfat - ok
08:42:45.0831 7164 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:42:45.0899 7164 Fax - ok
08:42:45.0918 7164 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:42:45.0955 7164 fdc - ok
08:42:45.0983 7164 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:42:46.0009 7164 fdPHost - ok
08:42:46.0041 7164 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:42:46.0097 7164 FDResPub - ok
08:42:46.0132 7164 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:42:46.0141 7164 FileInfo - ok
08:42:46.0152 7164 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:42:46.0178 7164 Filetrace - ok
08:42:46.0214 7164 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:42:46.0235 7164 FLEXnet Licensing Service - ok
08:42:46.0251 7164 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:42:46.0261 7164 flpydisk - ok
08:42:46.0298 7164 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:42:46.0309 7164 FltMgr - ok
08:42:46.0346 7164 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:42:46.0369 7164 FontCache - ok
08:42:46.0434 7164 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:42:46.0441 7164 FontCache3.0.0.0 - ok
08:42:46.0456 7164 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:42:46.0465 7164 FsDepends - ok
08:42:46.0491 7164 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:42:46.0498 7164 fssfltr - ok
08:42:46.0562 7164 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:42:46.0590 7164 fsssvc - ok
08:42:46.0620 7164 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:42:46.0629 7164 Fs_Rec - ok
08:42:46.0675 7164 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:42:46.0689 7164 fvevol - ok
08:42:46.0704 7164 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:42:46.0714 7164 gagp30kx - ok
08:42:46.0723 7164 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:42:46.0729 7164 GEARAspiWDM - ok
08:42:46.0772 7164 [ 9BA50351AF95C9DF28C8BCD382427D11 ] GenericMount C:\Windows\system32\DRIVERS\GenericMount.sys
08:42:46.0779 7164 GenericMount - ok
08:42:47.0151 7164 [ 9573DC01B6BAA0371ED4AFBAEBEE4DCC ] GenericMount Helper Service C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe
08:42:47.0188 7164 GenericMount Helper Service - ok
08:42:47.0245 7164 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
08:42:47.0252 7164 GoToAssist - ok
08:42:47.0295 7164 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:42:47.0357 7164 gpsvc - ok
08:42:47.0405 7164 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
08:42:47.0412 7164 grmnusb - ok
08:42:47.0546 7164 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:42:47.0553 7164 gupdate - ok
08:42:47.0579 7164 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:42:47.0585 7164 gupdatem - ok
08:42:47.0629 7164 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:42:47.0638 7164 gusvc - ok
08:42:47.0678 7164 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:42:47.0742 7164 hcw85cir - ok
08:42:47.0790 7164 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:42:47.0804 7164 HdAudAddService - ok
08:42:47.0859 7164 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:42:47.0896 7164 HDAudBus - ok
08:42:47.0926 7164 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:42:47.0936 7164 HidBatt - ok
08:42:47.0946 7164 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:42:47.0958 7164 HidBth - ok
08:42:47.0968 7164 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:42:47.0979 7164 HidIr - ok
08:42:48.0019 7164 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:42:48.0072 7164 hidserv - ok
08:42:48.0116 7164 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:42:48.0124 7164 HidUsb - ok
08:42:48.0161 7164 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:42:48.0219 7164 hkmsvc - ok
08:42:48.0292 7164 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:42:48.0312 7164 HomeGroupListener - ok
08:42:48.0346 7164 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:42:48.0387 7164 HomeGroupProvider - ok
08:42:48.0474 7164 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:42:48.0482 7164 hpqcxs08 - ok
08:42:48.0503 7164 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:42:48.0509 7164 hpqddsvc - ok
08:42:48.0544 7164 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:42:48.0553 7164 HpSAMD - ok
08:42:48.0675 7164 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:42:48.0710 7164 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
08:42:48.0710 7164 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
08:42:48.0764 7164 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:42:48.0826 7164 HTTP - ok
08:42:48.0869 7164 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:42:48.0878 7164 hwpolicy - ok
08:42:48.0912 7164 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:42:48.0923 7164 i8042prt - ok
08:42:48.0937 7164 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:42:48.0951 7164 iaStorV - ok
08:42:48.0985 7164 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:42:49.0004 7164 idsvc - ok
08:42:49.0040 7164 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:42:49.0050 7164 iirsp - ok
08:42:49.0077 7164 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:42:49.0141 7164 IKEEXT - ok
08:42:49.0181 7164 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:42:49.0190 7164 intelide - ok
08:42:49.0201 7164 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:42:49.0241 7164 intelppm - ok
08:42:49.0340 7164 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:42:49.0346 7164 IntuitUpdateServiceV4 - ok
08:42:49.0383 7164 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:42:49.0445 7164 IPBusEnum - ok
08:42:49.0507 7164 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:42:49.0533 7164 IpFilterDriver - ok
08:42:49.0575 7164 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:42:49.0598 7164 iphlpsvc - ok
08:42:49.0629 7164 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:42:49.0668 7164 IPMIDRV - ok
08:42:49.0697 7164 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:42:49.0752 7164 IPNAT - ok
08:42:49.0810 7164 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:42:49.0826 7164 iPod Service - ok
08:42:49.0851 7164 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda C:\Windows\system32\DRIVERS\irda.sys
08:42:49.0896 7164 irda - ok
08:42:49.0928 7164 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:42:49.0941 7164 IRENUM - ok
08:42:49.0945 7164 [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon C:\Windows\System32\irmon.dll
08:42:49.0982 7164 Irmon - ok
08:42:50.0043 7164 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:42:50.0052 7164 isapnp - ok
08:42:50.0093 7164 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:42:50.0105 7164 iScsiPrt - ok
08:42:50.0134 7164 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:42:50.0142 7164 kbdclass - ok
08:42:50.0158 7164 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:42:50.0189 7164 kbdhid - ok
08:42:50.0227 7164 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:42:50.0237 7164 KeyIso - ok
08:42:50.0273 7164 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:42:50.0282 7164 KSecDD - ok
08:42:50.0317 7164 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:42:50.0328 7164 KSecPkg - ok
08:42:50.0333 7164 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:42:50.0388 7164 ksthunk - ok
08:42:50.0430 7164 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:42:50.0501 7164 KtmRm - ok
08:42:50.0561 7164 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:42:50.0618 7164 LanmanServer - ok
08:42:50.0680 7164 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:42:50.0735 7164 LanmanWorkstation - ok
08:42:50.0878 7164 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:42:50.0891 7164 LBTServ - ok
08:42:50.0941 7164 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:42:50.0949 7164 LHidFilt - ok
08:42:51.0038 7164 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
08:42:51.0100 7164 LiveUpdate - ok
08:42:51.0138 7164 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:42:51.0194 7164 lltdio - ok
08:42:51.0278 7164 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:42:51.0327 7164 lltdsvc - ok
08:42:51.0354 7164 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:42:51.0380 7164 lmhosts - ok
08:42:51.0418 7164 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:42:51.0426 7164 LMouFilt - ok
08:42:51.0451 7164 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:42:51.0461 7164 LSI_FC - ok
08:42:51.0474 7164 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:42:51.0484 7164 LSI_SAS - ok
08:42:51.0498 7164 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:42:51.0508 7164 LSI_SAS2 - ok
08:42:51.0523 7164 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:42:51.0533 7164 LSI_SCSI - ok
08:42:51.0547 7164 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:42:51.0604 7164 luafv - ok
08:42:51.0670 7164 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:42:51.0677 7164 LVPr2M64 - ok
08:42:51.0679 7164 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:42:51.0685 7164 LVPr2Mon - ok
08:42:51.0719 7164 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
08:42:51.0726 7164 LVPrcS64 - ok
08:42:51.0775 7164 [ 224AB3850F573A419F921C41A15D7F5B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
08:42:51.0784 7164 LVRS64 - ok
08:42:51.0947 7164 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
08:42:52.0023 7164 LVUVC64 - ok
08:42:52.0058 7164 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:42:52.0069 7164 Mcx2Svc - ok
08:42:52.0084 7164 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:42:52.0093 7164 megasas - ok
08:42:52.0109 7164 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:42:52.0121 7164 MegaSR - ok
08:42:52.0166 7164 Microsoft SharePoint Workspace Audit Service - ok
08:42:52.0211 7164 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:42:52.0238 7164 MMCSS - ok
08:42:52.0241 7164 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:42:52.0267 7164 Modem - ok
08:42:52.0298 7164 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:42:52.0340 7164 monitor - ok
08:42:52.0390 7164 [ 54F44C3A4F6C1C4D00D4157FBD531EB1 ] MosIrUsb C:\Windows\system32\DRIVERS\MosIrUsb.sys
08:42:52.0453 7164 MosIrUsb - ok
08:42:52.0504 7164 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:42:52.0513 7164 mouclass - ok
08:42:52.0530 7164 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:42:52.0569 7164 mouhid - ok
08:42:52.0628 7164 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:42:52.0638 7164 mountmgr - ok
08:42:52.0670 7164 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:42:52.0680 7164 mpio - ok
08:42:52.0700 7164 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:42:52.0727 7164 mpsdrv - ok
08:42:52.0772 7164 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:42:52.0835 7164 MpsSvc - ok
08:42:52.0877 7164 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:42:52.0923 7164 MRxDAV - ok
08:42:52.0974 7164 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:42:53.0043 7164 mrxsmb - ok
08:42:53.0064 7164 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:42:53.0106 7164 mrxsmb10 - ok
08:42:53.0110 7164 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:42:53.0119 7164 mrxsmb20 - ok
08:42:53.0153 7164 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:42:53.0161 7164 msahci - ok
08:42:53.0195 7164 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:42:53.0206 7164 msdsm - ok
08:42:53.0224 7164 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:42:53.0236 7164 MSDTC - ok
08:42:53.0273 7164 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
08:42:53.0285 7164 MSDV - ok
08:42:53.0288 7164 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:42:53.0314 7164 Msfs - ok
08:42:53.0335 7164 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:42:53.0391 7164 mshidkmdf - ok
08:42:53.0434 7164 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:42:53.0442 7164 msisadrv - ok
08:42:53.0475 7164 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:42:53.0529 7164 MSiSCSI - ok
08:42:53.0532 7164 msiserver - ok
08:42:53.0570 7164 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:42:53.0597 7164 MSKSSRV - ok
08:42:53.0616 7164 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:42:53.0669 7164 MSPCLOCK - ok
08:42:53.0699 7164 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:42:53.0750 7164 MSPQM - ok
08:42:53.0803 7164 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:42:53.0816 7164 MsRPC - ok
08:42:53.0827 7164 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:42:53.0836 7164 mssmbios - ok
08:42:53.0849 7164 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:42:53.0903 7164 MSTEE - ok
08:42:53.0950 7164 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:42:53.0960 7164 MTConfig - ok
08:42:53.0970 7164 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:42:53.0980 7164 Mup - ok
08:42:54.0022 7164 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:42:54.0081 7164 napagent - ok
08:42:54.0114 7164 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:42:54.0158 7164 NativeWifiP - ok
08:42:54.0234 7164 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:42:54.0256 7164 NDIS - ok
08:42:54.0273 7164 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:42:54.0300 7164 NdisCap - ok
08:42:54.0318 7164 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:42:54.0344 7164 NdisTapi - ok
08:42:54.0382 7164 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:42:54.0407 7164 Ndisuio - ok
08:42:54.0444 7164 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:42:54.0496 7164 NdisWan - ok
08:42:54.0554 7164 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:42:54.0579 7164 NDProxy - ok
08:42:54.0618 7164 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:42:54.0622 7164 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:42:54.0622 7164 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:42:54.0625 7164 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:42:54.0677 7164 NetBIOS - ok
08:42:54.0723 7164 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:42:54.0780 7164 NetBT - ok
08:42:54.0811 7164 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:42:54.0820 7164 Netlogon - ok
08:42:54.0869 7164 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:42:54.0927 7164 Netman - ok
08:42:54.0967 7164 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:42:55.0025 7164 netprofm - ok
08:42:55.0078 7164 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
08:42:55.0106 7164 netr28ux - ok
08:42:55.0141 7164 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:42:55.0149 7164 NetTcpPortSharing - ok
08:42:55.0163 7164 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:42:55.0172 7164 nfrd960 - ok
08:42:55.0187 7164 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:42:55.0227 7164 NlaSvc - ok
08:42:55.0336 7164 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
08:42:55.0389 7164 Norton Ghost - ok
08:42:55.0398 7164 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:42:55.0424 7164 Npfs - ok
08:42:55.0454 7164 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:42:55.0481 7164 nsi - ok
08:42:55.0493 7164 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:42:55.0519 7164 nsiproxy - ok
08:42:55.0576 7164 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:42:55.0609 7164 Ntfs - ok
08:42:55.0620 7164 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:42:55.0646 7164 Null - ok
08:42:55.0690 7164 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:42:55.0701 7164 nvraid - ok
08:42:55.0715 7164 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:42:55.0726 7164 nvstor - ok
08:42:55.0766 7164 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:42:55.0776 7164 nv_agp - ok
08:42:55.0840 7164 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:42:55.0854 7164 odserv - ok
08:42:55.0876 7164 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:42:55.0886 7164 ohci1394 - ok
08:42:55.0909 7164 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:42:55.0918 7164 ose - ok
08:42:56.0062 7164 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:42:56.0154 7164 osppsvc - ok
08:42:56.0198 7164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:42:56.0267 7164 p2pimsvc - ok
08:42:56.0310 7164 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:42:56.0322 7164 p2psvc - ok
08:42:56.0359 7164 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:42:56.0369 7164 Parport - ok
08:42:56.0410 7164 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:42:56.0419 7164 partmgr - ok
08:42:56.0427 7164 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:42:56.0471 7164 PcaSvc - ok
08:42:56.0516 7164 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:42:56.0527 7164 pci - ok
08:42:56.0542 7164 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:42:56.0550 7164 pciide - ok
08:42:56.0565 7164 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:42:56.0577 7164 pcmcia - ok
08:42:56.0595 7164 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:42:56.0604 7164 pcw - ok
08:42:56.0624 7164 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:42:56.0688 7164 PEAUTH - ok
08:42:56.0756 7164 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:42:56.0850 7164 PeerDistSvc - ok
08:42:56.0946 7164 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:42:56.0987 7164 PerfHost - ok
08:42:57.0075 7164 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:42:57.0148 7164 pla - ok
08:42:57.0215 7164 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:42:57.0286 7164 PlugPlay - ok
08:42:57.0322 7164 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:42:57.0356 7164 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:42:57.0356 7164 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:42:57.0397 7164 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:42:57.0406 7164 PNRPAutoReg - ok
08:42:57.0415 7164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:42:57.0426 7164 PNRPsvc - ok
08:42:57.0469 7164 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:42:57.0498 7164 PolicyAgent - ok
08:42:57.0538 7164 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:42:57.0595 7164 Power - ok
08:42:57.0656 7164 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:42:57.0683 7164 PptpMiniport - ok
08:42:57.0714 7164 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:42:57.0751 7164 Processor - ok
08:42:57.0806 7164 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:42:57.0869 7164 ProfSvc - ok
08:42:57.0878 7164 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:42:57.0887 7164 ProtectedStorage - ok
08:42:57.0929 7164 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:42:57.0985 7164 Psched - ok
08:42:58.0027 7164 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:42:58.0035 7164 PxHlpa64 - ok
08:42:58.0092 7164 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:42:58.0123 7164 ql2300 - ok
08:42:58.0143 7164 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:42:58.0153 7164 ql40xx - ok
08:42:58.0185 7164 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:42:58.0201 7164 QWAVE - ok
08:42:58.0213 7164 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:42:58.0253 7164 QWAVEdrv - ok
08:42:58.0354 7164 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
08:42:58.0363 7164 RapiMgr - ok
08:42:58.0372 7164 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:42:58.0431 7164 RasAcd - ok
08:42:58.0486 7164 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:42:58.0513 7164 RasAgileVpn - ok
08:42:58.0560 7164 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:42:58.0616 7164 RasAuto - ok
08:42:58.0656 7164 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:42:58.0682 7164 Rasl2tp - ok
08:42:58.0720 7164 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:42:58.0777 7164 RasMan - ok
08:42:58.0821 7164 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:42:58.0873 7164 RasPppoe - ok
08:42:58.0910 7164 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:42:58.0965 7164 RasSstp - ok
08:42:59.0014 7164 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:42:59.0043 7164 rdbss - ok
08:42:59.0048 7164 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:42:59.0060 7164 rdpbus - ok
08:42:59.0067 7164 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:42:59.0121 7164 RDPCDD - ok
08:42:59.0166 7164 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:42:59.0189 7164 RDPDR - ok
08:42:59.0209 7164 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:42:59.0266 7164 RDPENCDD - ok
08:42:59.0297 7164 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:42:59.0323 7164 RDPREFMP - ok
08:42:59.0395 7164 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:42:59.0499 7164 RdpVideoMiniport - ok
08:42:59.0529 7164 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:42:59.0551 7164 RDPWD - ok
08:42:59.0589 7164 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:42:59.0601 7164 rdyboost - ok
08:42:59.0659 7164 [ AE93D43564B0F5A565492BB06C69CDF3 ] Real time Backup Loader C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\Fsloader.exe
08:42:59.0688 7164 Real time Backup Loader ( UnsignedFile.Multi.Generic ) - warning
08:42:59.0688 7164 Real time Backup Loader - detected UnsignedFile.Multi.Generic (1)
08:42:59.0730 7164 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:42:59.0789 7164 RemoteAccess - ok
08:42:59.0830 7164 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:42:59.0886 7164 RemoteRegistry - ok
08:42:59.0990 7164 [ 7F7CA7DEEB68E68FD67870E9A5EC33E2 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
08:43:00.0012 7164 RosettaStoneDaemon - ok
08:43:00.0028 7164 Roxio UPnP Renderer 11 - ok
08:43:00.0034 7164 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:43:00.0088 7164 RpcEptMapper - ok
08:43:00.0134 7164 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:43:00.0171 7164 RpcLocator - ok
08:43:00.0242 7164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
08:43:00.0272 7164 RpcSs - ok
08:43:00.0315 7164 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:43:00.0342 7164 rspndr - ok
08:43:00.0394 7164 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:43:00.0426 7164 RTL8167 - ok
08:43:00.0456 7164 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:43:00.0492 7164 s3cap - ok
08:43:00.0503 7164 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:43:00.0512 7164 SamSs - ok
08:43:00.0546 7164 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:43:00.0556 7164 sbp2port - ok
08:43:00.0619 7164 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:43:00.0648 7164 SCardSvr - ok
08:43:00.0693 7164 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:43:00.0755 7164 scfilter - ok
08:43:00.0868 7164 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:43:00.0926 7164 Schedule - ok
08:43:00.0969 7164 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:43:00.0994 7164 SCPolicySvc - ok
08:43:01.0061 7164 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:43:01.0132 7164 SDRSVC - ok
08:43:01.0176 7164 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:43:01.0202 7164 secdrv - ok
08:43:01.0228 7164 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:43:01.0260 7164 seclogon - ok
08:43:01.0275 7164 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:43:01.0301 7164 SENS - ok
08:43:01.0308 7164 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:43:01.0331 7164 SensrSvc - ok
08:43:01.0350 7164 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:43:01.0386 7164 Serenum - ok
08:43:01.0414 7164 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:43:01.0424 7164 Serial - ok
08:43:01.0455 7164 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:43:01.0497 7164 sermouse - ok
08:43:01.0549 7164 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:43:01.0612 7164 SessionEnv - ok
08:43:01.0651 7164 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:43:01.0718 7164 sffdisk - ok
08:43:01.0730 7164 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:43:01.0768 7164 sffp_mmc - ok
08:43:01.0801 7164 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:43:01.0844 7164 sffp_sd - ok
08:43:01.0876 7164 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:43:01.0885 7164 sfloppy - ok
08:43:01.0936 7164 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:43:02.0004 7164 SharedAccess - ok
08:43:02.0109 7164 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:43:02.0137 7164 ShellHWDetection - ok
08:43:02.0153 7164 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:43:02.0163 7164 SiSRaid2 - ok
08:43:02.0178 7164 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:43:02.0188 7164 SiSRaid4 - ok
08:43:02.0264 7164 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:43:02.0271 7164 SkypeUpdate - ok
08:43:02.0294 7164 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:43:02.0321 7164 Smb - ok
08:43:02.0368 7164 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:43:02.0409 7164 SNMPTRAP - ok
08:43:02.0439 7164 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:43:02.0447 7164 spldr - ok
08:43:02.0566 7164 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:43:02.0645 7164 Spooler - ok
08:43:03.0340 7164 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:43:03.0415 7164 sppsvc - ok
08:43:03.0444 7164 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:43:03.0501 7164 sppuinotify - ok
08:43:03.0649 7164 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:43:03.0723 7164 srv - ok
08:43:03.0762 7164 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:43:03.0800 7164 srv2 - ok
08:43:03.0836 7164 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:43:03.0876 7164 srvnet - ok
08:43:03.0945 7164 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:43:04.0006 7164 SSDPSRV - ok
08:43:04.0038 7164 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:43:04.0064 7164 SstpSvc - ok
08:43:04.0104 7164 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:43:04.0112 7164 stexstor - ok
08:43:04.0135 7164 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:43:04.0172 7164 StillCam - ok
08:43:04.0219 7164 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:43:04.0265 7164 stisvc - ok
08:43:04.0331 7164 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:43:04.0340 7164 storflt - ok
08:43:04.0355 7164 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:43:04.0364 7164 storvsc - ok
08:43:04.0395 7164 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:43:04.0403 7164 swenum - ok
08:43:04.0414 7164 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:43:04.0478 7164 swprv - ok
08:43:04.0512 7164 Symantec SymSnap VSS Provider - ok
08:43:04.0550 7164 [ 2D9B2746F7DEA46D1572B84A06311566 ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
08:43:04.0559 7164 symsnap - ok
08:43:04.0698 7164 [ EA1A479651CA2E0409C29D586C91901D ] SymSnapService C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
08:43:04.0735 7164 SymSnapService - ok
08:43:04.0746 7164 Synth3dVsc - ok
08:43:04.0799 7164 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:43:04.0853 7164 SysMain - ok
08:43:04.0901 7164 [ 6B153E518DBE6EF59191152E1ECF7ED4 ] t3 C:\Windows\system32\drivers\t3.sys
08:43:04.0914 7164 t3 - ok
08:43:04.0945 7164 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:43:04.0959 7164 TabletInputService - ok
08:43:04.0997 7164 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:43:05.0055 7164 TapiSrv - ok
08:43:05.0101 7164 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:43:05.0128 7164 TBS - ok
08:43:05.0191 7164 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:43:05.0238 7164 Tcpip - ok
08:43:05.0266 7164 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:43:05.0295 7164 TCPIP6 - ok
08:43:05.0317 7164 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:43:05.0353 7164 tcpipreg - ok
08:43:05.0399 7164 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:43:05.0467 7164 TDPIPE - ok
08:43:05.0501 7164 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:43:05.0538 7164 TDTCP - ok
08:43:05.0608 7164 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:43:05.0632 7164 tdx - ok
08:43:05.0646 7164 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:43:05.0655 7164 TermDD - ok
08:43:05.0696 7164 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:43:05.0729 7164 TermService - ok
08:43:05.0740 7164 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:43:05.0784 7164 Themes - ok
08:43:05.0827 7164 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:43:05.0853 7164 THREADORDER - ok
08:43:05.0896 7164 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
08:43:05.0905 7164 tmlwf - ok
08:43:05.0915 7164 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:43:05.0972 7164 TrkWks - ok
08:43:06.0063 7164 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:43:06.0130 7164 TrustedInstaller - ok
08:43:06.0178 7164 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:43:06.0234 7164 tssecsrv - ok
08:43:06.0275 7164 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:43:06.0339 7164 TsUsbFlt - ok
08:43:06.0341 7164 tsusbhub - ok
08:43:06.0383 7164 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:43:06.0434 7164 tunnel - ok
08:43:06.0466 7164 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:43:06.0476 7164 uagp35 - ok
08:43:06.0509 7164 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:43:06.0563 7164 udfs - ok
08:43:06.0593 7164 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:43:06.0604 7164 UI0Detect - ok
08:43:06.0641 7164 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:43:06.0651 7164 uliagpkx - ok
08:43:06.0685 7164 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:43:06.0694 7164 umbus - ok
08:43:06.0713 7164 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:43:06.0747 7164 UmPass - ok
08:43:06.0790 7164 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:43:06.0832 7164 UmRdpService - ok
08:43:06.0880 7164 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:43:06.0936 7164 upnphost - ok
08:43:07.0000 7164 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:43:07.0086 7164 USBAAPL64 - ok
08:43:07.0143 7164 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:43:07.0155 7164 usbaudio - ok
08:43:07.0227 7164 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:43:07.0303 7164 usbccgp - ok
08:43:07.0356 7164 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:43:07.0367 7164 usbcir - ok
08:43:07.0387 7164 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:43:07.0424 7164 usbehci - ok
08:43:07.0487 7164 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:43:07.0516 7164 usbhub - ok
08:43:07.0551 7164 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:43:07.0561 7164 usbohci - ok
08:43:07.0575 7164 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:43:07.0614 7164 usbprint - ok
08:43:07.0674 7164 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
08:43:07.0737 7164 usbser - ok
08:43:07.0751 7164 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:43:07.0816 7164 USBSTOR - ok
08:43:07.0846 7164 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:43:07.0886 7164 usbuhci - ok
08:43:07.0947 7164 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:43:07.0959 7164 usbvideo - ok
08:43:07.0993 7164 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:43:08.0020 7164 UxSms - ok
08:43:08.0036 7164 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:43:08.0044 7164 VaultSvc - ok
08:43:08.0092 7164 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:43:08.0100 7164 vdrvroot - ok
08:43:08.0138 7164 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:43:08.0196 7164 vds - ok
08:43:08.0238 7164 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:43:08.0250 7164 vga - ok
08:43:08.0266 7164 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:43:08.0322 7164 VgaSave - ok
08:43:08.0324 7164 VGPU - ok
08:43:08.0329 7164 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:43:08.0341 7164 vhdmp - ok
08:43:08.0368 7164 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:43:08.0377 7164 viaide - ok
08:43:08.0418 7164 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:43:08.0429 7164 vmbus - ok
08:43:08.0442 7164 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:43:08.0451 7164 VMBusHID - ok
08:43:08.0467 7164 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:43:08.0477 7164 volmgr - ok
08:43:08.0513 7164 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:43:08.0528 7164 volmgrx - ok
08:43:08.0540 7164 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:43:08.0553 7164 volsnap - ok
08:43:08.0574 7164 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
08:43:08.0584 7164 vpcbus - ok
08:43:08.0613 7164 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
08:43:08.0636 7164 vpcnfltr - ok
08:43:08.0648 7164 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
08:43:08.0685 7164 vpcusb - ok
08:43:08.0728 7164 [ 63F4E10873BEB4124028C6D1A66B0968 ] vpcuxd C:\Windows\system32\drivers\vpcuxd.sys
08:43:08.0737 7164 vpcuxd - ok
08:43:08.0778 7164 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
08:43:08.0790 7164 vpcvmm - ok
08:43:08.0836 7164 [ 8B7454930230DB4BC4BA35A467BE09AA ] VPROEVENTMONITOR C:\Windows\system32\drivers\VProEventMonitor.sys
08:43:08.0843 7164 VPROEVENTMONITOR - ok
08:43:08.0879 7164 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:43:08.0890 7164 vsmraid - ok
08:43:08.0948 7164 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:43:09.0017 7164 VSS - ok
08:43:09.0045 7164 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:43:09.0082 7164 vwifibus - ok
08:43:09.0109 7164 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:43:09.0121 7164 vwififlt - ok
08:43:09.0159 7164 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:43:09.0221 7164 W32Time - ok
08:43:09.0253 7164 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:43:09.0286 7164 WacomPen - ok
08:43:09.0340 7164 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:43:09.0393 7164 WANARP - ok
08:43:09.0396 7164 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:43:09.0421 7164 Wanarpv6 - ok
08:43:09.0489 7164 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:43:09.0516 7164 WatAdminSvc - ok
08:43:09.0567 7164 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:43:09.0651 7164 wbengine - ok
08:43:09.0667 7164 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:43:09.0682 7164 WbioSrvc - ok
08:43:09.0715 7164 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
08:43:09.0727 7164 WcesComm - ok
08:43:09.0758 7164 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:43:09.0776 7164 wcncsvc - ok
08:43:09.0785 7164 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:43:09.0804 7164 WcsPlugInService - ok
08:43:09.0814 7164 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:43:09.0823 7164 Wd - ok
08:43:09.0865 7164 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:43:09.0886 7164 Wdf01000 - ok
08:43:09.0894 7164 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:43:09.0947 7164 WdiServiceHost - ok
08:43:09.0950 7164 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:43:09.0964 7164 WdiSystemHost - ok
08:43:09.0997 7164 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:43:10.0044 7164 WebClient - ok
08:43:10.0077 7164 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:43:10.0135 7164 Wecsvc - ok
08:43:10.0171 7164 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:43:10.0199 7164 wercplsupport - ok
08:43:10.0218 7164 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:43:10.0252 7164 WerSvc - ok
08:43:10.0261 7164 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:43:10.0287 7164 WfpLwf - ok
08:43:10.0326 7164 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:43:10.0338 7164 WimFltr - ok
08:43:10.0351 7164 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:43:10.0360 7164 WIMMount - ok
08:43:10.0380 7164 WinDefend - ok
08:43:10.0383 7164 WinHttpAutoProxySvc - ok
08:43:10.0452 7164 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:43:10.0480 7164 Winmgmt - ok
08:43:10.0543 7164 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:43:10.0635 7164 WinRM - ok
08:43:10.0725 7164 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:43:10.0736 7164 WinUsb - ok
08:43:10.0781 7164 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:43:10.0827 7164 Wlansvc - ok
08:43:10.0906 7164 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:43:10.0913 7164 wlcrasvc - ok
08:43:11.0001 7164 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:43:11.0031 7164 wlidsvc - ok
08:43:11.0073 7164 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:43:11.0108 7164 WmiAcpi - ok
08:43:11.0156 7164 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:43:11.0197 7164 wmiApSrv - ok
08:43:11.0226 7164 WMPNetworkSvc - ok
08:43:11.0249 7164 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:43:11.0265 7164 WPCSvc - ok
08:43:11.0296 7164 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:43:11.0308 7164 WPDBusEnum - ok
08:43:11.0346 7164 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:43:11.0373 7164 ws2ifsl - ok
08:43:11.0384 7164 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:43:11.0426 7164 wscsvc - ok
08:43:11.0429 7164 WSearch - ok
08:43:11.0504 7164 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:43:11.0538 7164 wuauserv - ok
08:43:11.0580 7164 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:43:11.0644 7164 WudfPf - ok
08:43:11.0658 7164 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:43:11.0694 7164 WUDFRd - ok
08:43:11.0743 7164 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:43:11.0784 7164 wudfsvc - ok
08:43:11.0830 7164 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:43:11.0878 7164 WwanSvc - ok
08:43:11.0913 7164 ================ Scan global ===============================
08:43:11.0947 7164 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:43:11.0985 7164 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
08:43:11.0990 7164 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
08:43:12.0026 7164 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:43:12.0070 7164 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:43:12.0072 7164 [Global] - ok
08:43:12.0072 7164 ================ Scan MBR ==================================
08:43:12.0089 7164 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:43:12.0383 7164 \Device\Harddisk1\DR1 - ok
08:43:12.0385 7164 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:43:12.0456 7164 \Device\Harddisk0\DR0 - ok
08:43:12.0466 7164 [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk2\DR2
08:43:14.0337 7164 \Device\Harddisk2\DR2 - ok
08:43:14.0338 7164 ================ Scan VBR ==================================
08:43:14.0366 7164 [ CDF879E8BFF9E481EAFFB54A1CB0D506 ] \Device\Harddisk1\DR1\Partition1
08:43:14.0368 7164 \Device\Harddisk1\DR1\Partition1 - ok
08:43:14.0401 7164 [ 3D81F03F44109C7CBDF3D3C801DBFA7F ] \Device\Harddisk1\DR1\Partition2
08:43:14.0403 7164 \Device\Harddisk1\DR1\Partition2 - ok
08:43:14.0405 7164 [ FE2EC47103871C8C4CB9B92B09F993A7 ] \Device\Harddisk0\DR0\Partition1
08:43:14.0406 7164 \Device\Harddisk0\DR0\Partition1 - ok
08:43:14.0409 7164 [ 0ECD9924DC6562461D0236A4941C63D4 ] \Device\Harddisk2\DR2\Partition1
08:43:14.0411 7164 \Device\Harddisk2\DR2\Partition1 - ok
08:43:14.0411 7164 ================ Scan active images ========================
08:43:14.0413 7164 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
08:43:14.0413 7164 C:\Windows\System32\drivers\crashdmp.sys - ok
08:43:14.0415 7164 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
08:43:14.0415 7164 C:\Windows\System32\drivers\Dumpata.sys - ok
08:43:14.0418 7164 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
08:43:14.0418 7164 C:\Windows\System32\drivers\msahci.sys - ok
08:43:14.0421 7164 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
08:43:14.0421 7164 C:\Windows\System32\drivers\dumpfve.sys - ok
08:43:14.0423 7164 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
08:43:14.0424 7164 C:\Windows\System32\drivers\beep.sys - ok
08:43:14.0426 7164 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
08:43:14.0426 7164 C:\Windows\System32\drivers\cdrom.sys - ok
08:43:14.0429 7164 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
08:43:14.0429 7164 C:\Windows\System32\drivers\null.sys - ok
08:43:14.0432 7164 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
08:43:14.0432 7164 C:\Windows\System32\drivers\RDPCDD.sys - ok
08:43:14.0434 7164 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
08:43:14.0434 7164 C:\Windows\System32\drivers\RDPENCDD.sys - ok
08:43:14.0437 7164 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
08:43:14.0437 7164 C:\Windows\System32\drivers\vga.sys - ok
08:43:14.0439 7164 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
08:43:14.0439 7164 C:\Windows\System32\drivers\videoprt.sys - ok
08:43:14.0442 7164 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
08:43:14.0442 7164 C:\Windows\System32\drivers\watchdog.sys - ok
08:43:14.0445 7164 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
08:43:14.0445 7164 C:\Windows\System32\drivers\msfs.sys - ok
08:43:14.0447 7164 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
08:43:14.0447 7164 C:\Windows\System32\drivers\RDPREFMP.sys - ok
08:43:14.0450 7164 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
08:43:14.0450 7164 C:\Windows\System32\drivers\npfs.sys - ok
08:43:14.0453 7164 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
08:43:14.0453 7164 C:\Windows\System32\drivers\tdi.sys - ok
08:43:14.0455 7164 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
08:43:14.0455 7164 C:\Windows\System32\drivers\tdx.sys - ok
08:43:14.0458 7164 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
08:43:14.0458 7164 C:\Windows\System32\drivers\afd.sys - ok
08:43:14.0460 7164 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
08:43:14.0460 7164 C:\Windows\System32\drivers\netbt.sys - ok
08:43:14.0463 7164 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
08:43:14.0463 7164 C:\Windows\System32\drivers\wfplwf.sys - ok
08:43:14.0466 7164 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
08:43:14.0466 7164 C:\Windows\System32\drivers\ws2ifsl.sys - ok
08:43:14.0468 7164 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
08:43:14.0468 7164 C:\Windows\System32\drivers\pacer.sys - ok
08:43:14.0471 7164 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
08:43:14.0471 7164 C:\Windows\System32\drivers\netbios.sys - ok
08:43:14.0474 7164 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] C:\Windows\System32\drivers\tmlwf.sys
08:43:14.0474 7164 C:\Windows\System32\drivers\tmlwf.sys - ok
08:43:14.0476 7164 [ E675FB2B48C54F09895482E2253B289C ] C:\Windows\System32\drivers\vpcnfltr.sys
08:43:14.0476 7164 C:\Windows\System32\drivers\vpcnfltr.sys - ok
08:43:14.0479 7164 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
08:43:14.0479 7164 C:\Windows\System32\drivers\vwififlt.sys - ok
08:43:14.0482 7164 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
08:43:14.0482 7164 C:\Windows\System32\drivers\wanarp.sys - ok
08:43:14.0484 7164 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
08:43:14.0484 7164 C:\Windows\System32\drivers\nsiproxy.sys - ok
08:43:14.0487 7164 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
08:43:14.0487 7164 C:\Windows\System32\drivers\rdbss.sys - ok
08:43:14.0489 7164 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
08:43:14.0489 7164 C:\Windows\System32\drivers\termdd.sys - ok
08:43:14.0492 7164 [ 207B6539799CC1C112661A9B620DD233 ] C:\Windows\System32\drivers\vpcvmm.sys
08:43:14.0492 7164 C:\Windows\System32\drivers\vpcvmm.sys - ok
08:43:14.0495 7164 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
08:43:14.0495 7164 C:\Windows\System32\drivers\csc.sys - ok
08:43:14.0497 7164 [ 4F7AE5253AF9F99D2D145038B1751C05 ] C:\Windows\System32\drivers\DCDisk.sys
08:43:14.0497 7164 C:\Windows\System32\drivers\DCDisk.sys - ok
08:43:14.0500 7164 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
08:43:14.0500 7164 C:\Windows\System32\drivers\dfsc.sys - ok
08:43:14.0503 7164 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
08:43:14.0503 7164 C:\Windows\System32\drivers\discache.sys - ok
08:43:14.0506 7164 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
08:43:14.0506 7164 C:\Windows\System32\drivers\mssmbios.sys - ok
08:43:14.0508 7164 [ F712C26D40BF3CD2C020BB518E8150B1 ] C:\Windows\System32\drivers\atikmpag.sys
08:43:14.0508 7164 C:\Windows\System32\drivers\atikmpag.sys - ok
08:43:14.0511 7164 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
08:43:14.0511 7164 C:\Windows\System32\drivers\blbdrive.sys - ok
08:43:14.0514 7164 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
08:43:14.0514 7164 C:\Windows\System32\drivers\intelppm.sys - ok
08:43:14.0516 7164 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
08:43:14.0516 7164 C:\Windows\System32\drivers\tunnel.sys - ok
08:43:14.0519 7164 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
08:43:14.0519 7164 C:\Windows\System32\ntdll.dll - ok
08:43:14.0522 7164 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
08:43:14.0522 7164 C:\Windows\System32\smss.exe - ok
08:43:14.0524 7164 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
08:43:14.0524 7164 C:\Windows\System32\autochk.exe - ok
08:43:14.0527 7164 [ 522A8BD1414CC7517FAEC907F138DB9C ] C:\Windows\System32\drivers\atikmdag.sys
08:43:14.0527 7164 C:\Windows\System32\drivers\atikmdag.sys - ok
08:43:14.0529 7164 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
08:43:14.0529 7164 C:\Windows\System32\drivers\dxgkrnl.sys - ok
08:43:14.0532 7164 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
08:43:14.0532 7164 C:\Windows\System32\drivers\dxgmms1.sys - ok
08:43:14.0535 7164 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
08:43:14.0535 7164 C:\Windows\System32\drivers\hdaudbus.sys - ok
08:43:14.0538 7164 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
08:43:14.0538 7164 C:\Windows\System32\rpcrt4.dll - ok
08:43:14.0540 7164 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
08:43:14.0540 7164 C:\Windows\System32\Wldap32.dll - ok
08:43:14.0543 7164 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
08:43:14.0543 7164 C:\Windows\System32\wininet.dll - ok
08:43:14.0545 7164 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
08:43:14.0545 7164 C:\Windows\System32\difxapi.dll - ok
08:43:14.0548 7164 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
08:43:14.0548 7164 C:\Windows\System32\ws2_32.dll - ok
08:43:14.0550 7164 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
08:43:14.0550 7164 C:\Windows\System32\msctf.dll - ok
08:43:14.0553 7164 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
08:43:14.0553 7164 C:\Windows\System32\urlmon.dll - ok
08:43:14.0556 7164 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
08:43:14.0556 7164 C:\Windows\System32\drivers\1394ohci.sys - ok
08:43:14.0558 7164 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] C:\Windows\System32\drivers\Rt64win7.sys
08:43:14.0558 7164 C:\Windows\System32\drivers\Rt64win7.sys - ok
08:43:14.0561 7164 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
08:43:14.0561 7164 C:\Windows\System32\drivers\usbehci.sys - ok
08:43:14.0564 7164 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
08:43:14.0564 7164 C:\Windows\System32\drivers\usbport.sys - ok
08:43:14.0566 7164 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
08:43:14.0566 7164 C:\Windows\System32\drivers\usbuhci.sys - ok
08:43:14.0569 7164 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
08:43:14.0569 7164 C:\Windows\System32\drivers\CompositeBus.sys - ok
08:43:14.0572 7164 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
08:43:14.0572 7164 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
08:43:14.0574 7164 [ 9BA50351AF95C9DF28C8BCD382427D11 ] C:\Windows\System32\drivers\GenericMount.sys
08:43:14.0574 7164 C:\Windows\System32\drivers\GenericMount.sys - ok
08:43:14.0577 7164 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
08:43:14.0577 7164 C:\Windows\System32\drivers\ks.sys - ok
08:43:14.0579 7164 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
08:43:14.0579 7164 C:\Windows\System32\drivers\ksthunk.sys - ok
08:43:14.0582 7164 [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
08:43:14.0582 7164 C:\Windows\System32\drivers\serscan.sys - ok
08:43:14.0585 7164 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
08:43:14.0585 7164 C:\Windows\System32\drivers\wmiacpi.sys - ok
08:43:14.0587 7164 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
08:43:14.0587 7164 C:\Windows\System32\drivers\agilevpn.sys - ok
08:43:14.0590 7164 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
08:43:14.0590 7164 C:\Windows\System32\drivers\ndistapi.sys - ok
08:43:14.0593 7164 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
08:43:14.0593 7164 C:\Windows\System32\drivers\rasl2tp.sys - ok
08:43:14.0595 7164 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
08:43:14.0596 7164 C:\Windows\System32\drivers\ndiswan.sys - ok
08:43:14.0598 7164 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
08:43:14.0598 7164 C:\Windows\System32\drivers\raspppoe.sys - ok
08:43:14.0601 7164 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
08:43:14.0601 7164 C:\Windows\System32\drivers\raspptp.sys - ok
08:43:14.0603 7164 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
08:43:14.0604 7164 C:\Windows\System32\drivers\rassstp.sys - ok
08:43:14.0606 7164 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
08:43:14.0606 7164 C:\Windows\System32\drivers\rdpbus.sys - ok
08:43:14.0609 7164 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
08:43:14.0609 7164 C:\Windows\System32\drivers\kbdclass.sys - ok
08:43:14.0612 7164 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
08:43:14.0612 7164 C:\Windows\System32\drivers\mouclass.sys - ok
08:43:14.0614 7164 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
08:43:14.0614 7164 C:\Windows\System32\drivers\swenum.sys - ok
08:43:14.0617 7164 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
08:43:14.0617 7164 C:\Windows\System32\drivers\circlass.sys - ok
08:43:14.0620 7164 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
08:43:14.0620 7164 C:\Windows\System32\drivers\umbus.sys - ok
08:43:14.0622 7164 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
08:43:14.0622 7164 C:\Windows\System32\drivers\usbd.sys - ok
08:43:14.0625 7164 [ C3EC945DEC43C00E2AD4C98DDDD064C7 ] C:\Windows\System32\drivers\usbrpm.sys
08:43:14.0625 7164 C:\Windows\System32\drivers\usbrpm.sys - ok
08:43:14.0627 7164 [ 5FB42082B0D19A0268705F1DD343DF20 ] C:\Windows\System32\drivers\vpcusb.sys
08:43:14.0628 7164 C:\Windows\System32\drivers\vpcusb.sys - ok
08:43:14.0630 7164 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] C:\Windows\System32\drivers\vpchbus.sys
08:43:14.0630 7164 C:\Windows\System32\drivers\vpchbus.sys - ok
08:43:14.0633 7164 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
08:43:14.0633 7164 C:\Windows\System32\drivers\usbhub.sys - ok
08:43:14.0636 7164 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
08:43:14.0636 7164 C:\Windows\System32\advapi32.dll - ok
08:43:14.0638 7164 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
08:43:14.0638 7164 C:\Windows\System32\oleaut32.dll - ok
08:43:14.0641 7164 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
08:43:14.0641 7164 C:\Windows\System32\shlwapi.dll - ok
08:43:14.0643 7164 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
08:43:14.0643 7164 C:\Windows\System32\clbcatq.dll - ok
08:43:14.0646 7164 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
08:43:14.0646 7164 C:\Windows\System32\imagehlp.dll - ok
08:43:14.0649 7164 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
08:43:14.0649 7164 C:\Windows\System32\normaliz.dll - ok
08:43:14.0651 7164 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
08:43:14.0651 7164 C:\Windows\System32\psapi.dll - ok
08:43:14.0654 7164 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
08:43:14.0654 7164 C:\Windows\System32\kernel32.dll - ok
08:43:14.0656 7164 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
08:43:14.0656 7164 C:\Windows\System32\drivers\ndproxy.sys - ok
08:43:14.0659 7164 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
08:43:14.0659 7164 C:\Windows\System32\drivers\drmk.sys - ok
08:43:14.0662 7164 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
08:43:14.0662 7164 C:\Windows\System32\drivers\HdAudio.sys - ok
08:43:14.0664 7164 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
08:43:14.0664 7164 C:\Windows\System32\drivers\portcls.sys - ok
08:43:14.0667 7164 [ 6B153E518DBE6EF59191152E1ECF7ED4 ] C:\Windows\System32\drivers\t3.sys
08:43:14.0667 7164 C:\Windows\System32\drivers\t3.sys - ok
08:43:14.0669 7164 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
08:43:14.0669 7164 C:\Windows\System32\comdlg32.dll - ok
08:43:14.0672 7164 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
08:43:14.0672 7164 C:\Windows\System32\sechost.dll - ok
08:43:14.0674 7164 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
08:43:14.0674 7164 C:\Windows\System32\usp10.dll - ok
08:43:14.0677 7164 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
08:43:14.0677 7164 C:\Windows\System32\setupapi.dll - ok
08:43:14.0680 7164 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
08:43:14.0680 7164 C:\Windows\System32\gdi32.dll - ok
08:43:14.0682 7164 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
08:43:14.0682 7164 C:\Windows\System32\user32.dll - ok
08:43:14.0684 7164 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
08:43:14.0684 7164 C:\Windows\System32\drivers\usbccgp.sys - ok
08:43:14.0687 7164 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
08:43:14.0687 7164 C:\Windows\System32\drivers\hidclass.sys - ok
08:43:14.0690 7164 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
08:43:14.0690 7164 C:\Windows\System32\drivers\hidparse.sys - ok
08:43:14.0692 7164 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
08:43:14.0692 7164 C:\Windows\System32\drivers\hidusb.sys - ok
08:43:14.0695 7164 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
08:43:14.0695 7164 C:\Windows\System32\drivers\kbdhid.sys - ok
08:43:14.0697 7164 [ 241F2648ADF090E2A10095BD6D6F5DCB ] C:\Windows\System32\drivers\LHidFilt.Sys
08:43:14.0697 7164 C:\Windows\System32\drivers\LHidFilt.Sys - ok
08:43:14.0700 7164 [ 342ED5A4B3326014438F36D22D803737 ] C:\Windows\System32\drivers\LMouFilt.Sys
08:43:14.0700 7164 C:\Windows\System32\drivers\LMouFilt.Sys - ok
08:43:14.0703 7164 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
08:43:14.0703 7164 C:\Windows\System32\drivers\mouhid.sys - ok
08:43:14.0705 7164 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
08:43:14.0705 7164 C:\Windows\System32\lpk.dll - ok
08:43:14.0708 7164 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
08:43:14.0708 7164 C:\Windows\System32\shell32.dll - ok
08:43:14.0711 7164 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] C:\Windows\System32\drivers\netr28ux.sys
08:43:14.0711 7164 C:\Windows\System32\drivers\netr28ux.sys - ok
08:43:14.0714 7164 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
08:43:14.0714 7164 C:\Windows\System32\drivers\vwifibus.sys - ok
08:43:14.0717 7164 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
08:43:14.0717 7164 C:\Windows\System32\iertutil.dll - ok
08:43:14.0719 7164 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
08:43:14.0719 7164 C:\Windows\System32\imm32.dll - ok
08:43:14.0722 7164 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
08:43:14.0722 7164 C:\Windows\System32\nsi.dll - ok
08:43:14.0724 7164 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
08:43:14.0724 7164 C:\Windows\System32\ole32.dll - ok
08:43:14.0727 7164 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
08:43:14.0727 7164 C:\Windows\System32\msvcrt.dll - ok
08:43:14.0729 7164 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
08:43:14.0729 7164 C:\Windows\System32\drivers\USBSTOR.SYS - ok
08:43:14.0732 7164 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
08:43:14.0732 7164 C:\Windows\System32\crypt32.dll - ok
08:43:14.0735 7164 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
08:43:14.0735 7164 C:\Windows\System32\devobj.dll - ok
08:43:14.0737 7164 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
08:43:14.0737 7164 C:\Windows\System32\cfgmgr32.dll - ok
08:43:14.0740 7164 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
08:43:14.0740 7164 C:\Windows\System32\wintrust.dll - ok
08:43:14.0742 7164 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
08:43:14.0742 7164 C:\Windows\System32\comctl32.dll - ok
08:43:14.0745 7164 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
08:43:14.0745 7164 C:\Windows\System32\KernelBase.dll - ok
08:43:14.0748 7164 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
08:43:14.0748 7164 C:\Windows\System32\msasn1.dll - ok
08:43:14.0750 7164 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
08:43:14.0750 7164 C:\Windows\SysWOW64\normaliz.dll - ok
08:43:14.0753 7164 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
08:43:14.0753 7164 C:\Windows\System32\drivers\dxapi.sys - ok
08:43:14.0755 7164 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys
08:43:14.0756 7164 C:\Windows\System32\win32k.sys - ok
08:43:14.0758 7164 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
08:43:14.0758 7164 C:\Windows\System32\csrsrv.dll - ok
08:43:14.0761 7164 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
08:43:14.0761 7164 C:\Windows\System32\csrss.exe - ok
08:43:14.0763 7164 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
08:43:14.0763 7164 C:\Windows\System32\basesrv.dll - ok
08:43:14.0766 7164 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll
08:43:14.0766 7164 C:\Windows\System32\winsrv.dll - ok
08:43:14.0768 7164 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
08:43:14.0768 7164 C:\Windows\System32\drivers\monitor.sys - ok
08:43:14.0771 7164 [ AF0892A803FDDA7492F595368E3B68E7 ] C:\Windows\System32\drivers\usbcir.sys
08:43:14.0771 7164 C:\Windows\System32\drivers\usbcir.sys - ok
08:43:14.0774 7164 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] C:\Windows\System32\drivers\lvuvc64.sys
08:43:14.0774 7164 C:\Windows\System32\drivers\lvuvc64.sys - ok
08:43:14.0776 7164 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
08:43:14.0776 7164 C:\Windows\System32\drivers\USBAUDIO.sys - ok
08:43:14.0779 7164 [ 224AB3850F573A419F921C41A15D7F5B ] C:\Windows\System32\drivers\lvrs64.sys
08:43:14.0779 7164 C:\Windows\System32\drivers\lvrs64.sys - ok
08:43:14.0782 7164 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
08:43:14.0782 7164 C:\Windows\System32\drivers\hidir.sys - ok
08:43:14.0784 7164 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
08:43:14.0784 7164 C:\Windows\System32\tsddd.dll - ok
08:43:14.0787 7164 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
08:43:14.0787 7164 C:\Windows\System32\sxssrv.dll - ok
08:43:14.0789 7164 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
08:43:14.0789 7164 C:\Windows\System32\wininit.exe - ok
08:43:14.0792 7164 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
08:43:14.0792 7164 C:\Windows\System32\cdd.dll - ok
08:43:14.0794 7164 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
08:43:14.0794 7164 C:\Windows\System32\KBDUS.DLL - ok
08:43:14.0796 7164 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
08:43:14.0796 7164 C:\Windows\System32\profapi.dll - ok
08:43:14.0799 7164 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
08:43:14.0799 7164 C:\Windows\System32\RpcRtRemote.dll - ok
08:43:14.0801 7164 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
08:43:14.0801 7164 C:\Windows\System32\sxs.dll - ok
08:43:14.0804 7164 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
08:43:14.0804 7164 C:\Windows\System32\WlS0WndH.dll - ok
08:43:14.0807 7164 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
08:43:14.0807 7164 C:\Windows\System32\cryptbase.dll - ok
08:43:14.0809 7164 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
08:43:14.0809 7164 C:\Windows\System32\apphelp.dll - ok
08:43:14.0812 7164 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
08:43:14.0812 7164 C:\Windows\System32\lsasrv.dll - ok
08:43:14.0814 7164 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
08:43:14.0814 7164 C:\Windows\System32\lsass.exe - ok
08:43:14.0817 7164 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
08:43:14.0817 7164 C:\Windows\System32\lsm.exe - ok
08:43:14.0819 7164 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
08:43:14.0819 7164 C:\Windows\System32\services.exe - ok
08:43:14.0822 7164 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
08:43:14.0822 7164 C:\Windows\System32\sspicli.dll - ok
08:43:14.0824 7164 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
08:43:14.0824 7164 C:\Windows\System32\sspisrv.dll - ok
08:43:14.0827 7164 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
08:43:14.0827 7164 C:\Windows\System32\samsrv.dll - ok
08:43:14.0830 7164 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
08:43:14.0830 7164 C:\Windows\System32\scesrv.dll - ok
08:43:14.0832 7164 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
08:43:14.0832 7164 C:\Windows\System32\scext.dll - ok
08:43:14.0835 7164 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
08:43:14.0835 7164 C:\Windows\System32\secur32.dll - ok
08:43:14.0837 7164 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
08:43:14.0837 7164 C:\Windows\System32\sysntfy.dll - ok
08:43:14.0840 7164 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
08:43:14.0840 7164 C:\Windows\System32\wmsgapi.dll - ok
08:43:14.0842 7164 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
08:43:14.0842 7164 C:\Windows\System32\srvcli.dll - ok
08:43:14.0845 7164 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
08:43:14.0845 7164 C:\Windows\System32\cryptdll.dll - ok
08:43:14.0847 7164 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
08:43:14.0847 7164 C:\Windows\System32\wevtapi.dll - ok
08:43:14.0850 7164 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
08:43:14.0850 7164 C:\Windows\System32\authz.dll - ok
08:43:14.0853 7164 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
08:43:14.0853 7164 C:\Windows\System32\cngaudit.dll - ok
08:43:14.0855 7164 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
08:43:14.0855 7164 C:\Windows\System32\ncrypt.dll - ok
08:43:14.0858 7164 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
08:43:14.0858 7164 C:\Windows\System32\bcrypt.dll - ok
08:43:14.0860 7164 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
08:43:14.0860 7164 C:\Windows\System32\msprivs.dll - ok
08:43:14.0863 7164 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
08:43:14.0863 7164 C:\Windows\System32\netjoin.dll - ok
08:43:14.0866 7164 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] C:\Windows\System32\drivers\TsUsbFlt.sys
08:43:14.0866 7164 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
08:43:14.0868 7164 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
08:43:14.0868 7164 C:\Windows\System32\kerberos.dll - ok
08:43:14.0871 7164 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
08:43:14.0871 7164 C:\Windows\System32\negoexts.dll - ok
08:43:14.0873 7164 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
08:43:14.0873 7164 C:\Windows\System32\cryptsp.dll - ok
08:43:14.0876 7164 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
08:43:14.0876 7164 C:\Windows\System32\mswsock.dll - ok
08:43:14.0879 7164 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
08:43:14.0879 7164 C:\Windows\System32\msv1_0.dll - ok
08:43:14.0881 7164 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
08:43:14.0881 7164 C:\Windows\System32\wship6.dll - ok
08:43:14.0884 7164 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
08:43:14.0884 7164 C:\Windows\System32\netlogon.dll - ok
08:43:14.0886 7164 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
08:43:14.0886 7164 C:\Windows\System32\dnsapi.dll - ok
08:43:14.0889 7164 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
08:43:14.0889 7164 C:\Windows\System32\logoncli.dll - ok
08:43:14.0891 7164 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
08:43:14.0891 7164 C:\Windows\System32\schannel.dll - ok
08:43:14.0894 7164 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
08:43:14.0894 7164 C:\Windows\System32\wdigest.dll - ok
08:43:14.0896 7164 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
08:43:14.0896 7164 C:\Windows\System32\LIVESSP.DLL - ok
08:43:14.0899 7164 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
08:43:14.0899 7164 C:\Windows\System32\pku2u.dll - ok
08:43:14.0902 7164 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
08:43:14.0902 7164 C:\Windows\System32\rsaenh.dll - ok
08:43:14.0904 7164 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
08:43:14.0904 7164 C:\Windows\System32\TSpkg.dll - ok
08:43:14.0907 7164 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
08:43:14.0907 7164 C:\Windows\System32\bcryptprimitives.dll - ok
08:43:14.0909 7164 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
08:43:14.0909 7164 C:\Windows\System32\credssp.dll - ok
08:43:14.0912 7164 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
08:43:14.0912 7164 C:\Windows\System32\efslsaext.dll - ok
08:43:14.0914 7164 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
08:43:14.0914 7164 C:\Windows\System32\scecli.dll - ok
08:43:14.0917 7164 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
08:43:14.0917 7164 C:\Windows\System32\ubpm.dll - ok
08:43:14.0920 7164 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
08:43:14.0920 7164 C:\Windows\System32\winsta.dll - ok
08:43:14.0922 7164 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
08:43:14.0922 7164 C:\Windows\System32\svchost.exe - ok
08:43:14.0925 7164 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
08:43:14.0925 7164 C:\Windows\System32\umpnpmgr.dll - ok
08:43:14.0927 7164 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
08:43:14.0927 7164 C:\Windows\System32\devrtl.dll - ok
08:43:14.0930 7164 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
08:43:14.0930 7164 C:\Windows\System32\SPInf.dll - ok
08:43:14.0932 7164 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
08:43:14.0932 7164 C:\Windows\System32\userenv.dll - ok
08:43:14.0935 7164 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
08:43:14.0935 7164 C:\Windows\System32\gpapi.dll - ok
08:43:14.0937 7164 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
08:43:14.0937 7164 C:\Windows\System32\pcwum.dll - ok
08:43:14.0940 7164 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
08:43:14.0940 7164 C:\Windows\System32\umpo.dll - ok
08:43:14.0942 7164 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
08:43:14.0942 7164 C:\Windows\System32\powrprof.dll - ok
08:43:14.0945 7164 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
08:43:14.0945 7164 C:\Windows\System32\drivers\luafv.sys - ok
08:43:14.0948 7164 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
08:43:14.0948 7164 C:\Windows\System32\RpcEpMap.dll - ok
08:43:14.0950 7164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
08:43:14.0950 7164 C:\Windows\System32\rpcss.dll - ok
08:43:14.0953 7164 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
08:43:14.0953 7164 C:\Windows\System32\wshqos.dll - ok
08:43:14.0955 7164 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
08:43:14.0955 7164 C:\Windows\System32\WSHTCPIP.DLL - ok
08:43:14.0958 7164 [ 54716D9BB43733578A5647E9B121141F ] C:\Windows\System32\atiesrxx.exe
08:43:14.0958 7164 C:\Windows\System32\atiesrxx.exe - ok
08:43:14.0960 7164 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
08:43:14.0960 7164 C:\Windows\System32\FirewallAPI.dll - ok
08:43:14.0963 7164 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
08:43:14.0963 7164 C:\Windows\System32\wtsapi32.dll - ok
08:43:14.0966 7164 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
08:43:14.0966 7164 C:\Windows\System32\version.dll - ok
08:43:14.0968 7164 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
08:43:14.0968 7164 C:\Windows\System32\winlogon.exe - ok
08:43:14.0971 7164 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
08:43:14.0971 7164 C:\Windows\System32\wevtsvc.dll - ok
08:43:14.0973 7164 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
08:43:14.0973 7164 C:\Windows\System32\ntmarta.dll - ok
08:43:14.0976 7164 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
08:43:14.0976 7164 C:\Windows\System32\audiosrv.dll - ok
08:43:14.0978 7164 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
08:43:14.0978 7164 C:\Windows\System32\netprofm.dll - ok
08:43:14.0981 7164 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
08:43:14.0981 7164 C:\Windows\System32\avrt.dll - ok
08:43:14.0983 7164 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
08:43:14.0983 7164 C:\Windows\System32\mmcss.dll - ok
08:43:14.0986 7164 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
08:43:14.0986 7164 C:\Windows\System32\MMDevAPI.dll - ok
08:43:14.0989 7164 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
08:43:14.0989 7164 C:\Windows\System32\propsys.dll - ok
08:43:14.0991 7164 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
08:43:14.0991 7164 C:\Windows\System32\adtschema.dll - ok
08:43:14.0994 7164 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
08:43:14.0994 7164 C:\Windows\System32\MPSSVC.dll - ok
08:43:14.0997 7164 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
08:43:14.0997 7164 C:\Windows\System32\audiodg.exe - ok
08:43:14.0999 7164 [ 07BA6D17E66879018B30B6C3F976EBED ] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
08:43:14.0999 7164 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe - ok
08:43:15.0002 7164 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
08:43:15.0002 7164 C:\Windows\SysWOW64\ntdll.dll - ok
08:43:15.0004 7164 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
08:43:15.0004 7164 C:\Windows\System32\wow64.dll - ok
08:43:15.0007 7164 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
08:43:15.0007 7164 C:\Windows\System32\wow64cpu.dll - ok
08:43:15.0009 7164 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
08:43:15.0009 7164 C:\Windows\System32\wow64win.dll - ok
08:43:15.0012 7164 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
08:43:15.0012 7164 C:\Windows\SysWOW64\kernel32.dll - ok
08:43:15.0015 7164 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
08:43:15.0015 7164 C:\Windows\System32\LogonUI.exe - ok
08:43:15.0017 7164 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
08:43:15.0017 7164 C:\Windows\System32\authui.dll - ok
08:43:15.0020 7164 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
08:43:15.0020 7164 C:\Windows\System32\cryptui.dll - ok
08:43:15.0023 7164 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
08:43:15.0023 7164 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
08:43:15.0025 7164 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
08:43:15.0025 7164 C:\Windows\System32\samlib.dll - ok
08:43:15.0028 7164 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
08:43:15.0028 7164 C:\Windows\System32\shacct.dll - ok
08:43:15.0030 7164 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
08:43:15.0031 7164 C:\Windows\System32\uxtheme.dll - ok
08:43:15.0033 7164 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
08:43:15.0033 7164 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
08:43:15.0036 7164 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
08:43:15.0036 7164 C:\Windows\System32\dui70.dll - ok
08:43:15.0039 7164 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
08:43:15.0039 7164 C:\Windows\System32\duser.dll - ok
08:43:15.0041 7164 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
08:43:15.0041 7164 C:\Windows\System32\winmm.dll - ok
08:43:15.0044 7164 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
08:43:15.0044 7164 C:\Windows\System32\ksuser.dll - ok
08:43:15.0046 7164 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
08:43:15.0046 7164 C:\Windows\System32\SndVolSSO.dll - ok
08:43:15.0048 7164 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
08:43:15.0048 7164 C:\Windows\System32\wdmaud.drv - ok
08:43:15.0051 7164 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
08:43:15.0051 7164 C:\Windows\System32\dwmapi.dll - ok
08:43:15.0053 7164 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
08:43:15.0053 7164 C:\Windows\System32\hid.dll - ok
08:43:15.0056 7164 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
08:43:15.0056 7164 C:\Windows\System32\xmllite.dll - ok
08:43:15.0059 7164 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
08:43:15.0059 7164 C:\Windows\System32\AudioSes.dll - ok
08:43:15.0061 7164 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
08:43:15.0061 7164 C:\Windows\System32\AudioEng.dll - ok
08:43:15.0064 7164 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
08:43:15.0064 7164 C:\Windows\System32\midimap.dll - ok
08:43:15.0066 7164 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
08:43:15.0066 7164 C:\Windows\System32\msacm32.dll - ok
08:43:15.0069 7164 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
08:43:15.0069 7164 C:\Windows\System32\msacm32.drv - ok
08:43:15.0071 7164 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
08:43:15.0071 7164 C:\Windows\System32\WindowsCodecs.dll - ok
08:43:15.0074 7164 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
08:43:15.0074 7164 C:\Windows\System32\AUDIOKSE.dll - ok
08:43:15.0076 7164 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
08:43:15.0076 7164 C:\Windows\System32\IPHLPAPI.DLL - ok
08:43:15.0079 7164 [ F75A1234E259B6A534985FFC60DFC42B ] C:\Windows\System32\T3APO64.dll
08:43:15.0079 7164 C:\Windows\System32\T3APO64.dll - ok
08:43:15.0081 7164 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
08:43:15.0081 7164 C:\Windows\System32\winnsi.dll - ok
08:43:15.0084 7164 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
08:43:15.0084 7164 C:\Windows\System32\winbrand.dll - ok
08:43:15.0086 7164 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
08:43:15.0086 7164 C:\Windows\System32\VaultCredProvider.dll - ok
08:43:15.0089 7164 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
08:43:15.0089 7164 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
08:43:15.0092 7164 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
08:43:15.0092 7164 C:\Windows\System32\BioCredProv.dll - ok
08:43:15.0094 7164 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
08:43:15.0094 7164 C:\Windows\System32\winbio.dll - ok
08:43:15.0097 7164 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
08:43:15.0097 7164 C:\Windows\System32\credui.dll - ok
08:43:15.0099 7164 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
08:43:15.0099 7164 C:\Windows\System32\vaultcli.dll - ok
08:43:15.0102 7164 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
08:43:15.0102 7164 C:\Windows\System32\netapi32.dll - ok
08:43:15.0104 7164 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
08:43:15.0104 7164 C:\Windows\System32\netutils.dll - ok
08:43:15.0107 7164 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
08:43:15.0107 7164 C:\Windows\System32\wkscli.dll - ok
08:43:15.0109 7164 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
08:43:15.0109 7164 C:\Windows\System32\samcli.dll - ok
08:43:15.0112 7164 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
08:43:15.0112 7164 C:\Windows\System32\certCredProvider.dll - ok
08:43:15.0115 7164 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
08:43:15.0115 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
08:43:15.0117 7164 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
08:43:15.0117 7164 C:\Windows\System32\rasplap.dll - ok
08:43:15.0120 7164 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
08:43:15.0120 7164 C:\Windows\System32\rasapi32.dll - ok
08:43:15.0123 7164 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
08:43:15.0123 7164 C:\Windows\System32\rasman.dll - ok
08:43:15.0125 7164 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
08:43:15.0125 7164 C:\Windows\System32\rtutils.dll - ok
08:43:15.0128 7164 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
08:43:15.0128 7164 C:\Windows\System32\oleacc.dll - ok
08:43:15.0130 7164 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
08:43:15.0130 7164 C:\Windows\System32\UIAutomationCore.dll - ok
08:43:15.0133 7164 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
08:43:15.0133 7164 C:\Windows\SysWOW64\KernelBase.dll - ok
08:43:15.0136 7164 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
08:43:15.0136 7164 C:\Windows\SysWOW64\user32.dll - ok
08:43:15.0138 7164 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
08:43:15.0138 7164 C:\Windows\SysWOW64\gdi32.dll - ok
08:43:15.0141 7164 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
08:43:15.0141 7164 C:\Windows\SysWOW64\lpk.dll - ok
08:43:15.0143 7164 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
08:43:15.0143 7164 C:\Windows\SysWOW64\usp10.dll - ok
08:43:15.0146 7164 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
08:43:15.0146 7164 C:\Windows\SysWOW64\msvcrt.dll - ok
08:43:15.0149 7164 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
08:43:15.0149 7164 C:\Windows\SysWOW64\advapi32.dll - ok
08:43:15.0151 7164 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
08:43:15.0151 7164 C:\Windows\SysWOW64\sechost.dll - ok
08:43:15.0154 7164 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
08:43:15.0154 7164 C:\Windows\SysWOW64\rpcrt4.dll - ok
08:43:15.0156 7164 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
08:43:15.0156 7164 C:\Windows\SysWOW64\sspicli.dll - ok
08:43:15.0159 7164 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
08:43:15.0159 7164 C:\Windows\SysWOW64\cryptbase.dll - ok
08:43:15.0162 7164 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
08:43:15.0162 7164 C:\Windows\SysWOW64\winspool.drv - ok
08:43:15.0164 7164 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
08:43:15.0164 7164 C:\Windows\SysWOW64\shell32.dll - ok
08:43:15.0167 7164 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
08:43:15.0167 7164 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
08:43:15.0170 7164 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
08:43:15.0170 7164 C:\Windows\System32\profsvc.dll - ok
08:43:15.0172 7164 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
08:43:15.0172 7164 C:\Windows\System32\wlansvc.dll - ok
08:43:15.0175 7164 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
08:43:15.0175 7164 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
08:43:15.0178 7164 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
08:43:15.0178 7164 C:\Windows\System32\WUDFPlatform.dll - ok
08:43:15.0180 7164 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
08:43:15.0180 7164 C:\Windows\System32\drivers\fltMgr.sys - ok
08:43:15.0183 7164 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
08:43:15.0183 7164 C:\Windows\System32\PSHED.DLL - ok
08:43:15.0186 7164 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
08:43:15.0186 7164 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
08:43:15.0189 7164 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
08:43:15.0189 7164 C:\Windows\SysWOW64\shlwapi.dll - ok
08:43:15.0191 7164 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
08:43:15.0191 7164 C:\Windows\SysWOW64\ole32.dll - ok
08:43:15.0194 7164 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
08:43:15.0194 7164 C:\Windows\SysWOW64\oleaut32.dll - ok
08:43:15.0196 7164 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
08:43:15.0196 7164 C:\Windows\SysWOW64\dsound.dll - ok
08:43:15.0198 7164 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
08:43:15.0198 7164 C:\Windows\SysWOW64\winmm.dll - ok
08:43:15.0201 7164 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
08:43:15.0201 7164 C:\Windows\SysWOW64\powrprof.dll - ok
08:43:15.0204 7164 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
08:43:15.0204 7164 C:\Windows\SysWOW64\setupapi.dll - ok
08:43:15.0206 7164 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
08:43:15.0206 7164 C:\Windows\SysWOW64\cfgmgr32.dll - ok
08:43:15.0209 7164 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
08:43:15.0209 7164 C:\Windows\SysWOW64\devobj.dll - ok
08:43:15.0211 7164 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
08:43:15.0211 7164 C:\Windows\SysWOW64\oleacc.dll - ok
08:43:15.0214 7164 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
08:43:15.0214 7164 C:\Windows\SysWOW64\crypt32.dll - ok
08:43:15.0216 7164 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
08:43:15.0216 7164 C:\Windows\SysWOW64\msasn1.dll - ok
08:43:15.0219 7164 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
08:43:15.0219 7164 C:\Windows\SysWOW64\imm32.dll - ok
08:43:15.0222 7164 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
08:43:15.0222 7164 C:\Windows\SysWOW64\msctf.dll - ok
08:43:15.0224 7164 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
08:43:15.0224 7164 C:\Windows\System32\cscsvc.dll - ok
08:43:15.0227 7164 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
08:43:15.0227 7164 C:\Windows\System32\gpsvc.dll - ok
08:43:15.0229 7164 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
08:43:15.0229 7164 C:\Windows\System32\nlaapi.dll - ok
08:43:15.0232 7164 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
08:43:15.0232 7164 C:\Windows\System32\atl.dll - ok
08:43:15.0234 7164 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
08:43:15.0234 7164 C:\Windows\System32\themeservice.dll - ok
08:43:15.0237 7164 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
08:43:15.0237 7164 C:\Windows\System32\dsrole.dll - ok
08:43:15.0239 7164 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
08:43:15.0239 7164 C:\Windows\System32\slc.dll - ok
08:43:15.0242 7164 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
08:43:15.0242 7164 C:\Windows\System32\PeerDist.dll - ok
08:43:15.0244 7164 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
08:43:15.0244 7164 C:\Windows\System32\es.dll - ok
08:43:15.0247 7164 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
08:43:15.0247 7164 C:\Windows\System32\taskschd.dll - ok
08:43:15.0250 7164 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
08:43:15.0250 7164 C:\Windows\System32\comres.dll - ok
08:43:15.0252 7164 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
08:43:15.0252 7164 C:\Windows\System32\Sens.dll - ok
08:43:15.0255 7164 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
08:43:15.0255 7164 C:\Windows\System32\mstask.dll - ok
08:43:15.0257 7164 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
08:43:15.0257 7164 C:\Windows\System32\uxsms.dll - ok
08:43:15.0260 7164 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] C:\Windows\System32\drivers\irda.sys
08:43:15.0260 7164 C:\Windows\System32\drivers\irda.sys - ok
08:43:15.0262 7164 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
08:43:15.0262 7164 C:\Windows\System32\drivers\lltdio.sys - ok
08:43:15.0265 7164 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
08:43:15.0265 7164 C:\Windows\System32\drivers\nwifi.sys - ok
08:43:15.0268 7164 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
08:43:15.0268 7164 C:\Windows\System32\drivers\ndisuio.sys - ok
08:43:15.0270 7164 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
08:43:15.0270 7164 C:\Windows\System32\drivers\rspndr.sys - ok
08:43:15.0273 7164 [ 3848384AB383F0A8F506C4370635C1F9 ] C:\Windows\System32\irmon.dll
08:43:15.0273 7164 C:\Windows\System32\irmon.dll - ok
08:43:15.0275 7164 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
08:43:15.0275 7164 C:\Windows\System32\lmhsvc.dll - ok
08:43:15.0278 7164 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
08:43:15.0278 7164 C:\Windows\System32\nrpsrv.dll - ok
08:43:15.0280 7164 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
08:43:15.0280 7164 C:\Windows\System32\nsisvc.dll - ok
08:43:15.0283 7164 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
08:43:15.0283 7164 C:\Windows\System32\dhcpcore.dll - ok
08:43:15.0286 7164 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
08:43:15.0286 7164 C:\Windows\System32\keyiso.dll - ok
08:43:15.0288 7164 [ 11A087ED1D82FF01F74CEA03CF25E348 ] C:\Windows\System32\wshirda.dll
08:43:15.0288 7164 C:\Windows\System32\wshirda.dll - ok
08:43:15.0291 7164 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
08:43:15.0291 7164 C:\Windows\System32\dnsrslvr.dll - ok
08:43:15.0293 7164 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
08:43:15.0293 7164 C:\Windows\System32\eapsvc.dll - ok
08:43:15.0296 7164 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
08:43:15.0296 7164 C:\Windows\System32\eapphost.dll - ok
08:43:15.0298 7164 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
08:43:15.0298 7164 C:\Windows\System32\dhcpcore6.dll - ok
08:43:15.0300 7164 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
08:43:15.0300 7164 C:\Windows\System32\FWPUCLNT.DLL - ok
08:43:15.0303 7164 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
08:43:15.0303 7164 C:\Windows\System32\dhcpcsvc6.dll - ok
08:43:15.0305 7164 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
08:43:15.0306 7164 C:\Windows\System32\umb.dll - ok
08:43:15.0308 7164 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
08:43:15.0308 7164 C:\Windows\System32\wlanmsm.dll - ok
08:43:15.0311 7164 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
08:43:15.0311 7164 C:\Windows\System32\dhcpcsvc.dll - ok
08:43:15.0313 7164 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
08:43:15.0313 7164 C:\Windows\System32\dnsext.dll - ok
08:43:15.0316 7164 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
08:43:15.0316 7164 C:\Windows\System32\wlansec.dll - ok
08:43:15.0318 7164 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
08:43:15.0318 7164 C:\Windows\System32\onex.dll - ok
08:43:15.0321 7164 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
08:43:15.0321 7164 C:\Windows\System32\eappprxy.dll - ok
08:43:15.0323 7164 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
08:43:15.0323 7164 C:\Windows\System32\eappcfg.dll - ok
08:43:15.0326 7164 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
08:43:15.0326 7164 C:\Windows\System32\wlgpclnt.dll - ok
08:43:15.0328 7164 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
08:43:15.0328 7164 C:\Windows\System32\l2gpstore.dll - ok
08:43:15.0331 7164 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
08:43:15.0331 7164 C:\Windows\System32\wlanutil.dll - ok
08:43:15.0334 7164 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
08:43:15.0334 7164 C:\Windows\System32\WinSCard.dll - ok
08:43:15.0336 7164 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
08:43:15.0336 7164 C:\Windows\System32\msxml6.dll - ok
08:43:15.0339 7164 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
08:43:15.0339 7164 C:\Windows\System32\UXInit.dll - ok
08:43:15.0341 7164 [ 34988E1741CA36740284D902F8CC5A2E ] C:\Windows\System32\atieclxx.exe
08:43:15.0341 7164 C:\Windows\System32\atieclxx.exe - ok
08:43:15.0344 7164 [ 9C998DB6710BE03FAA3C7D2E506FA774 ] C:\Windows\System32\atiadlxx.dll
08:43:15.0344 7164 C:\Windows\System32\atiadlxx.dll - ok
08:43:15.0346 7164 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
08:43:15.0347 7164 C:\Windows\System32\shsvcs.dll - ok
08:43:15.0349 7164 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
08:43:15.0349 7164 C:\Windows\System32\schedsvc.dll - ok
08:43:15.0352 7164 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
08:43:15.0352 7164 C:\Windows\System32\ktmw32.dll - ok
08:43:15.0354 7164 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
08:43:15.0354 7164 C:\Windows\System32\netcfgx.dll - ok
08:43:15.0357 7164 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
08:43:15.0357 7164 C:\Windows\System32\taskcomp.dll - ok
08:43:15.0359 7164 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
08:43:15.0359 7164 C:\Windows\System32\imageres.dll - ok
08:43:15.0362 7164 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
08:43:15.0362 7164 C:\Windows\System32\drivers\http.sys - ok
08:43:15.0364 7164 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
08:43:15.0364 7164 C:\Windows\System32\fveapi.dll - ok
08:43:15.0367 7164 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
08:43:15.0367 7164 C:\Windows\System32\fvecerts.dll - ok
08:43:15.0369 7164 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
08:43:15.0369 7164 C:\Windows\System32\tbs.dll - ok
08:43:15.0372 7164 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
08:43:15.0372 7164 C:\Windows\System32\spoolsv.exe - ok
08:43:15.0374 7164 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
08:43:15.0374 7164 C:\Windows\System32\SCardSvr.dll - ok
08:43:15.0377 7164 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
08:43:15.0377 7164 C:\Windows\System32\BFE.DLL - ok
08:43:15.0379 7164 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
08:43:15.0379 7164 C:\Windows\System32\wiarpc.dll - ok
08:43:15.0382 7164 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
08:43:15.0382 7164 C:\Windows\System32\drivers\bowser.sys - ok
08:43:15.0385 7164 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
08:43:15.0385 7164 C:\Windows\System32\drivers\mpsdrv.sys - ok
08:43:15.0387 7164 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
08:43:15.0387 7164 C:\Windows\System32\drivers\mrxsmb.sys - ok
08:43:15.0390 7164 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
08:43:15.0390 7164 C:\Windows\System32\drivers\mrxsmb10.sys - ok
08:43:15.0393 7164 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
08:43:15.0393 7164 C:\Windows\System32\drivers\mrxsmb20.sys - ok
08:43:15.0395 7164 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
08:43:15.0395 7164 C:\Windows\System32\wkssvc.dll - ok
08:43:15.0398 7164 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
08:43:15.0398 7164 C:\Windows\System32\wfapigp.dll - ok
08:43:15.0401 7164 [ C004F38974F4D321B4C20A240E1175C0 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:43:15.0401 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe - ok
08:43:15.0403 7164 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
08:43:15.0403 7164 C:\Windows\System32\mscms.dll - ok
08:43:15.0406 7164 [ B4C6840939D5030B63A7D64645F4D983 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL
08:43:15.0406 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL - ok
08:43:15.0409 7164 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
08:43:15.0409 7164 C:\Windows\SysWOW64\mswsock.dll - ok
08:43:15.0411 7164 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
08:43:15.0411 7164 C:\Windows\System32\pcasvc.dll - ok
08:43:15.0414 7164 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
08:43:15.0414 7164 C:\Windows\SysWOW64\ws2_32.dll - ok
08:43:15.0416 7164 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
08:43:15.0416 7164 C:\Windows\System32\snmptrap.exe - ok
08:43:15.0419 7164 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
08:43:15.0419 7164 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
08:43:15.0422 7164 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
08:43:15.0422 7164 C:\Windows\SysWOW64\nsi.dll - ok
08:43:15.0425 7164 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
08:43:15.0425 7164 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
08:43:15.0427 7164 [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdcBase.exe
08:43:15.0427 7164 C:\Windows\WindowsMobile\wmdcBase.exe - ok
08:43:15.0430 7164 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
08:43:15.0430 7164 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
08:43:15.0433 7164 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
08:43:15.0433 7164 C:\Windows\System32\conhost.exe - ok
08:43:15.0436 7164 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
08:43:15.0436 7164 C:\Windows\SysWOW64\profapi.dll - ok
08:43:15.0438 7164 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:43:15.0438 7164 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
08:43:15.0441 7164 [ 0BA4D8CE0C214F7208E72B3B8F8B7895 ] C:\Windows\System32\vpc.exe
08:43:15.0441 7164 C:\Windows\System32\vpc.exe - ok
08:43:15.0444 7164 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
08:43:15.0444 7164 C:\Windows\SysWOW64\ntmarta.dll - ok
08:43:15.0446 7164 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
08:43:15.0446 7164 C:\Windows\SysWOW64\Wldap32.dll - ok
08:43:15.0449 7164 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
08:43:15.0449 7164 C:\Windows\SysWOW64\wintrust.dll - ok
08:43:15.0451 7164 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:43:15.0452 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
08:43:15.0455 7164 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
08:43:15.0455 7164 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
08:43:15.0458 7164 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
08:43:15.0458 7164 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
08:43:15.0460 7164 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
08:43:15.0460 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
08:43:15.0463 7164 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
08:43:15.0463 7164 C:\Windows\SysWOW64\version.dll - ok
08:43:15.0466 7164 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
08:43:15.0466 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
08:43:15.0469 7164 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
08:43:15.0469 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
08:43:15.0472 7164 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
08:43:15.0472 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
08:43:15.0475 7164 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
08:43:15.0475 7164 C:\Windows\SysWOW64\wsock32.dll - ok
08:43:15.0478 7164 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
08:43:15.0478 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
08:43:15.0481 7164 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
08:43:15.0481 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
08:43:15.0484 7164 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
08:43:15.0484 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
08:43:15.0486 7164 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
08:43:15.0486 7164 C:\Windows\System32\PeerDistSh.dll - ok
08:43:15.0489 7164 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
08:43:15.0489 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
08:43:15.0492 7164 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
08:43:15.0492 7164 C:\Windows\System32\provsvc.dll - ok
08:43:15.0495 7164 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
08:43:15.0495 7164 C:\Windows\System32\sstpsvc.dll - ok
08:43:15.0498 7164 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
08:43:15.0498 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
08:43:15.0500 7164 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
08:43:15.0500 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
08:43:15.0503 7164 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
08:43:15.0503 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
08:43:15.0506 7164 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
08:43:15.0506 7164 C:\Windows\SysWOW64\userenv.dll - ok
08:43:15.0509 7164 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
08:43:15.0509 7164 C:\Windows\SysWOW64\wtsapi32.dll - ok
08:43:15.0511 7164 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
08:43:15.0511 7164 C:\Windows\SysWOW64\dnssd.dll - ok
08:43:15.0514 7164 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
08:43:15.0514 7164 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
08:43:15.0517 7164 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
08:43:15.0517 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
08:43:15.0519 7164 [ F48FEB7DA35821DA15E0B006DCB9A169 ] C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
08:43:15.0519 7164 C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE - ok
08:43:15.0522 7164 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
08:43:15.0522 7164 C:\Windows\SysWOW64\msi.dll - ok
08:43:15.0524 7164 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
08:43:15.0524 7164 C:\Windows\SysWOW64\wininet.dll - ok
08:43:15.0527 7164 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
08:43:15.0527 7164 C:\Windows\SysWOW64\iertutil.dll - ok
08:43:15.0530 7164 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
08:43:15.0530 7164 C:\Windows\SysWOW64\urlmon.dll - ok
08:43:15.0532 7164 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
08:43:15.0532 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
08:43:15.0535 7164 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
08:43:15.0535 7164 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
08:43:15.0538 7164 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
08:43:15.0538 7164 C:\Windows\SysWOW64\winnsi.dll - ok
08:43:15.0540 7164 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
08:43:15.0540 7164 C:\Windows\SysWOW64\SensApi.dll - ok
08:43:15.0543 7164 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
08:43:15.0543 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
08:43:15.0546 7164 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
08:43:15.0546 7164 C:\Program Files\Bonjour\mDNSResponder.exe - ok
08:43:15.0547 7164 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
08:43:15.0547 7164 C:\Windows\SysWOW64\clbcatq.dll - ok
08:43:15.0550 7164 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
08:43:15.0550 7164 C:\Windows\System32\cryptsvc.dll - ok
08:43:15.0553 7164 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
08:43:15.0553 7164 C:\Windows\System32\dps.dll - ok
08:43:15.0555 7164 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
08:43:15.0556 7164 C:\Windows\System32\efscore.dll - ok
08:43:15.0558 7164 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
08:43:15.0558 7164 C:\Windows\System32\efssvc.dll - ok
08:43:15.0561 7164 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
08:43:15.0561 7164 C:\Windows\System32\FDResPub.dll - ok
08:43:15.0563 7164 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
08:43:15.0563 7164 C:\Windows\System32\WSDApi.dll - ok
08:43:15.0566 7164 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
08:43:15.0566 7164 C:\Windows\SysWOW64\cryptsp.dll - ok
08:43:15.0568 7164 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
08:43:15.0568 7164 C:\Windows\SysWOW64\svchost.exe - ok
08:43:15.0571 7164 [ DC7E73583CEC3F95BFA0F0C7B318E286 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
08:43:15.0571 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
08:43:15.0574 7164 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:43:15.0574 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
08:43:15.0577 7164 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
08:43:15.0577 7164 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe - ok
08:43:15.0580 7164 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
08:43:15.0580 7164 C:\Windows\System32\efsutil.dll - ok
08:43:15.0582 7164 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
08:43:15.0582 7164 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
08:43:15.0585 7164 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
08:43:15.0585 7164 C:\Windows\SysWOW64\rsaenh.dll - ok
08:43:15.0587 7164 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
08:43:15.0587 7164 C:\Windows\System32\cryptnet.dll - ok
08:43:15.0590 7164 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
08:43:15.0590 7164 C:\Windows\System32\vssapi.dll - ok
08:43:15.0593 7164 [ 18234EC42C951403BF889A9754FF1835 ] C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
08:43:15.0593 7164 C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe - ok
08:43:15.0596 7164 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
08:43:15.0596 7164 C:\Windows\System32\webservices.dll - ok
08:43:15.0598 7164 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
08:43:15.0598 7164 C:\Windows\System32\fundisc.dll - ok
08:43:15.0601 7164 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
08:43:15.0601 7164 C:\Windows\SysWOW64\sxs.dll - ok
08:43:15.0603 7164 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
08:43:15.0603 7164 C:\Windows\System32\vsstrace.dll - ok
08:43:15.0606 7164 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
08:43:15.0606 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
08:43:15.0609 7164 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
08:43:15.0609 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
08:43:15.0612 7164 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
08:43:15.0612 7164 C:\Windows\System32\winhttp.dll - ok
08:43:15.0614 7164 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
08:43:15.0614 7164 C:\Windows\System32\webio.dll - ok
08:43:15.0617 7164 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
08:43:15.0617 7164 C:\Windows\System32\httpapi.dll - ok
08:43:15.0620 7164 [ 140B7A235B0623D3891BEC74D633CBEC ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ssleay32.dll
08:43:15.0620 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ssleay32.dll - ok
08:43:15.0623 7164 [ 89002AFDEA5BFF12CF92A1007B584998 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\libeay32.dll
08:43:15.0623 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\libeay32.dll - ok
08:43:15.0625 7164 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
08:43:15.0625 7164 C:\Windows\System32\msi.dll - ok
08:43:15.0628 7164 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
08:43:15.0628 7164 C:\Windows\System32\msiexec.exe - ok
08:43:15.0631 7164 [ 3306930FD3AC4ABB17A6DFC9222467F1 ] C:\Windows\AppPatch\AppPatch64\AcLayers.dll
08:43:15.0631 7164 C:\Windows\AppPatch\AppPatch64\AcLayers.dll - ok
08:43:15.0633 7164 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
08:43:15.0633 7164 C:\Windows\System32\winspool.drv - ok
08:43:15.0636 7164 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
08:43:15.0636 7164 C:\Windows\SysWOW64\netapi32.dll - ok
08:43:15.0639 7164 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
08:43:15.0639 7164 C:\Windows\SysWOW64\netutils.dll - ok
08:43:15.0641 7164 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
08:43:15.0641 7164 C:\Windows\SysWOW64\srvcli.dll - ok
08:43:15.0644 7164 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
08:43:15.0644 7164 C:\Windows\SysWOW64\wkscli.dll - ok
08:43:15.0646 7164 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
08:43:15.0646 7164 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
08:43:15.0649 7164 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
08:43:15.0649 7164 C:\Windows\System32\mpr.dll - ok
08:43:15.0651 7164 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
08:43:15.0651 7164 C:\Windows\System32\sfc.dll - ok
08:43:15.0654 7164 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
08:43:15.0654 7164 C:\Windows\System32\sfc_os.dll - ok
08:43:15.0657 7164 [ A1787754952A0B700E386DC7C5FA5726 ] C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
08:43:15.0657 7164 C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe - ok
08:43:15.0659 7164 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
08:43:15.0659 7164 C:\Windows\System32\HPZinw12.dll - ok
08:43:15.0662 7164 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
08:43:15.0662 7164 C:\Windows\System32\ncsi.dll - ok
08:43:15.0664 7164 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
08:43:15.0664 7164 C:\Windows\System32\nlasvc.dll - ok
08:43:15.0667 7164 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
08:43:15.0667 7164 C:\Windows\System32\wsock32.dll - ok
08:43:15.0669 7164 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
08:43:15.0669 7164 C:\Windows\System32\ssdpapi.dll - ok
08:43:15.0672 7164 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
08:43:15.0672 7164 C:\Windows\SysWOW64\clusapi.dll - ok
08:43:15.0674 7164 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
08:43:15.0674 7164 C:\Windows\SysWOW64\psapi.dll - ok
08:43:15.0676 7164 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
08:43:15.0676 7164 C:\Windows\SysWOW64\cryptdll.dll - ok
08:43:15.0679 7164 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
08:43:15.0679 7164 C:\Windows\SysWOW64\dbghelp.dll - ok
08:43:15.0681 7164 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
08:43:15.0681 7164 C:\Windows\SysWOW64\mpr.dll - ok
08:43:15.0684 7164 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
08:43:15.0684 7164 C:\Windows\System32\netman.dll - ok
08:43:15.0686 7164 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
08:43:15.0686 7164 C:\Windows\SysWOW64\msxml3.dll - ok
08:43:15.0689 7164 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
08:43:15.0689 7164 C:\Windows\SysWOW64\shfolder.dll - ok
08:43:15.0691 7164 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
08:43:15.0691 7164 C:\Windows\System32\aepic.dll - ok
08:43:15.0694 7164 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
08:43:15.0694 7164 C:\Windows\System32\drivers\PEAuth.sys - ok
08:43:15.0697 7164 [ AE93D43564B0F5A565492BB06C69CDF3 ] C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\FsLoader.exe
08:43:15.0697 7164 C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\FsLoader.exe - ok
08:43:15.0699 7164 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
08:43:15.0699 7164 C:\Windows\System32\HPZipm12.dll - ok
08:43:15.0702 7164 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
08:43:15.0702 7164 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
08:43:15.0705 7164 [ B03846745EC42A459B9CFB81C38B6327 ] C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\CallProMode.dll
08:43:15.0705 7164 C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\CallProMode.dll - ok
08:43:15.0708 7164 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
08:43:15.0708 7164 C:\Windows\SysWOW64\msiltcfg.dll - ok
08:43:15.0711 7164 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
08:43:15.0711 7164 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
08:43:15.0715 7164 [ 7F7CA7DEEB68E68FD67870E9A5EC33E2 ] C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
08:43:15.0715 7164 C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe - ok
08:43:15.0718 7164 [ E4A348B63D22FC5FB6CAB5305A873193 ] C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.dll
08:43:15.0718 7164 C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.dll - ok
08:43:15.0721 7164 [ 8EE9E41D9D237A35EACDC4C8B9F33BD3 ] C:\Program Files (x86)\RosettaStoneLtdServices\ActivationDaemonPlugin.dll
08:43:15.0721 7164 C:\Program Files (x86)\RosettaStoneLtdServices\ActivationDaemonPlugin.dll - ok
08:43:15.0724 7164 [ 2393E1DA9F4083A292C72DA2105CA9EF ] C:\Program Files (x86)\RosettaStoneLtdServices\FNInterface.dll
08:43:15.0724 7164 C:\Program Files (x86)\RosettaStoneLtdServices\FNInterface.dll - ok
08:43:15.0727 7164 [ 30C0932DAD28FE1F1D222684F6C7069F ] C:\Program Files (x86)\RosettaStoneLtdServices\SREDaemonPlugin.dll
08:43:15.0727 7164 C:\Program Files (x86)\RosettaStoneLtdServices\SREDaemonPlugin.dll - ok
08:43:15.0730 7164 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
08:43:15.0730 7164 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
08:43:15.0733 7164 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
08:43:15.0733 7164 C:\Windows\SysWOW64\sfc.dll - ok
08:43:15.0736 7164 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
08:43:15.0736 7164 C:\Windows\SysWOW64\sfc_os.dll - ok
08:43:15.0739 7164 [ 747DCA1CDD16DA2E76EAC5AAC057888B ] C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProObj.dll
08:43:15.0739 7164 C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProObj.dll - ok
08:43:15.0742 7164 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
08:43:15.0742 7164 C:\Windows\SysWOW64\comdlg32.dll - ok
08:43:15.0745 7164 [ 59EF0E75E8CFF14BEFA264DEC72F736A ] C:\Program Files (x86)\RosettaStoneLtdServices\FNP_Act_Installer.dll
08:43:15.0745 7164 C:\Program Files (x86)\RosettaStoneLtdServices\FNP_Act_Installer.dll - ok
08:43:15.0747 7164 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
08:43:15.0747 7164 C:\Windows\SysWOW64\wship6.dll - ok
08:43:15.0750 7164 [ 5C0721BE7F12859F4E42D741968D182E ] C:\Program Files (x86)\RosettaStoneLtdServices\DataInstaller.dll
08:43:15.0750 7164 C:\Program Files (x86)\RosettaStoneLtdServices\DataInstaller.dll - ok
08:43:15.0753 7164 [ 2BCE077A01B8E8647B9E3F926C8BCA47 ] C:\Program Files (x86)\RosettaStoneLtdServices\DataInstallerDaemonPlugin.dll
08:43:15.0753 7164 C:\Program Files (x86)\RosettaStoneLtdServices\DataInstallerDaemonPlugin.dll - ok
08:43:15.0756 7164 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
08:43:15.0756 7164 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
08:43:15.0758 7164 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
08:43:15.0758 7164 C:\Windows\System32\drivers\secdrv.sys - ok
08:43:15.0761 7164 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
08:43:15.0761 7164 C:\Windows\System32\seclogon.dll - ok
08:43:15.0764 7164 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
08:43:15.0764 7164 C:\Windows\System32\drivers\srvnet.sys - ok
08:43:15.0766 7164 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
08:43:15.0766 7164 C:\Windows\System32\drivers\tcpipreg.sys - ok
08:43:15.0769 7164 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
08:43:15.0769 7164 C:\Windows\System32\sysmain.dll - ok
08:43:15.0771 7164 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
08:43:15.0772 7164 C:\Windows\System32\wiaservc.dll - ok
08:43:15.0774 7164 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
08:43:15.0774 7164 C:\Windows\System32\wiatrace.dll - ok
08:43:15.0777 7164 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
08:43:15.0777 7164 C:\Windows\System32\fdPnp.dll - ok
08:43:15.0779 7164 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
08:43:15.0779 7164 C:\Windows\System32\wbem\WMIsvc.dll - ok
08:43:15.0782 7164 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
08:43:15.0782 7164 C:\Windows\System32\wsdchngr.dll - ok
08:43:15.0785 7164 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
08:43:15.0785 7164 C:\Windows\System32\wbemcomn.dll - ok
08:43:15.0787 7164 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:43:15.0787 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
08:43:15.0790 7164 [ 71F4B56C167C48FD50018C091A69CAE4 ] C:\Windows\System32\hpwwiax5.dll
08:43:15.0790 7164 C:\Windows\System32\hpwwiax5.dll - ok
08:43:15.0793 7164 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
08:43:15.0793 7164 C:\Windows\System32\aeevts.dll - ok
08:43:15.0796 7164 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
08:43:15.0796 7164 C:\Windows\System32\wbem\WinMgmtR.dll - ok
08:43:15.0797 7164 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
08:43:15.0797 7164 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
08:43:15.0800 7164 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
08:43:15.0800 7164 C:\Windows\System32\ntdsapi.dll - ok
08:43:15.0803 7164 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
08:43:15.0803 7164 C:\Windows\System32\wbem\fastprox.dll - ok
08:43:15.0806 7164 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
08:43:15.0806 7164 C:\Windows\System32\wbem\wbemprox.dll - ok
08:43:15.0808 7164 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
08:43:15.0808 7164 C:\Windows\System32\wbem\wbemcore.dll - ok
08:43:15.0811 7164 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
08:43:15.0811 7164 C:\Windows\System32\wbem\esscli.dll - ok
08:43:15.0813 7164 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
08:43:15.0814 7164 C:\Windows\System32\wbem\wbemsvc.dll - ok
08:43:15.0816 7164 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
08:43:15.0816 7164 C:\Windows\System32\wbem\wmiutils.dll - ok
08:43:15.0819 7164 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
08:43:15.0819 7164 C:\Windows\System32\wbem\repdrvfs.dll - ok
08:43:15.0822 7164 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
08:43:15.0822 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
08:43:15.0825 7164 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
08:43:15.0825 7164 C:\Windows\System32\SensApi.dll - ok
08:43:15.0827 7164 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
08:43:15.0827 7164 C:\Windows\System32\wer.dll - ok
08:43:15.0830 7164 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
08:43:15.0830 7164 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
08:43:15.0833 7164 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
08:43:15.0833 7164 C:\Windows\System32\drivers\srv2.sys - ok
08:43:15.0835 7164 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
08:43:15.0835 7164 C:\Windows\System32\iphlpsvc.dll - ok
08:43:15.0838 7164 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
08:43:15.0838 7164 C:\Windows\System32\sqmapi.dll - ok
08:43:15.0840 7164 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
08:43:15.0840 7164 C:\Windows\System32\wdscore.dll - ok
08:43:15.0843 7164 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
08:43:15.0843 7164 C:\Windows\System32\drivers\srv.sys - ok
08:43:15.0846 7164 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
08:43:15.0846 7164 C:\Windows\System32\msxml3.dll - ok
08:43:15.0848 7164 [ 35D6691E5E0B4CF57774DFDF8D8E4A9F ] C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\NotifyHandler.dll
08:43:15.0848 7164 C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\NotifyHandler.dll - ok
08:43:15.0851 7164 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
08:43:15.0851 7164 C:\Program Files\Windows Defender\MpSvc.dll - ok
08:43:15.0854 7164 [ 3CAF2DC78DDB8736A734DC2311C16BEC ] C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProScheduler.dll
08:43:15.0854 7164 C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProScheduler.dll - ok
08:43:15.0857 7164 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
08:43:15.0857 7164 C:\Windows\System32\hnetcfg.dll - ok
08:43:15.0859 7164 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
08:43:15.0859 7164 C:\Windows\System32\srvsvc.dll - ok
08:43:15.0862 7164 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
08:43:15.0862 7164 C:\Windows\System32\browser.dll - ok
08:43:15.0864 7164 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
08:43:15.0864 7164 C:\Windows\System32\clusapi.dll - ok
08:43:15.0867 7164 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
08:43:15.0867 7164 C:\Windows\System32\netmsg.dll - ok
08:43:15.0869 7164 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
08:43:15.0869 7164 C:\Windows\System32\sscore.dll - ok
08:43:15.0872 7164 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
08:43:15.0872 7164 C:\Windows\System32\resutils.dll - ok
08:43:15.0874 7164 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
08:43:15.0874 7164 C:\Windows\System32\dllhost.exe - ok
08:43:15.0877 7164 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
08:43:15.0877 7164 C:\Windows\System32\tapisrv.dll - ok
08:43:15.0879 7164 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
08:43:15.0879 7164 C:\Windows\System32\rasmans.dll - ok
08:43:15.0882 7164 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
08:43:15.0882 7164 C:\Windows\System32\rastapi.dll - ok
08:43:15.0884 7164 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
08:43:15.0884 7164 C:\Windows\System32\tapi32.dll - ok
08:43:15.0887 7164 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
08:43:15.0887 7164 C:\Windows\System32\unimdm.tsp - ok
08:43:15.0889 7164 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
08:43:15.0889 7164 C:\Windows\System32\uniplat.dll - ok
08:43:15.0892 7164 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
08:43:15.0892 7164 C:\Windows\System32\kmddsp.tsp - ok
08:43:15.0894 7164 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
08:43:15.0894 7164 C:\Windows\System32\hidphone.tsp - ok
08:43:15.0897 7164 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
08:43:15.0897 7164 C:\Windows\System32\ndptsp.tsp - ok
08:43:15.0899 7164 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
08:43:15.0899 7164 C:\Windows\System32\rasppp.dll - ok
08:43:15.0902 7164 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
08:43:15.0902 7164 C:\Windows\System32\vpnike.dll - ok
08:43:15.0904 7164 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
08:43:15.0904 7164 C:\Windows\System32\raschap.dll - ok
08:43:15.0907 7164 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
08:43:15.0907 7164 C:\Windows\System32\ipnathlp.dll - ok
08:43:15.0909 7164 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
08:43:15.0909 7164 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
08:43:15.0912 7164 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
08:43:15.0912 7164 C:\Program Files\Windows Defender\MpClient.dll - ok
08:43:15.0915 7164 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
08:43:15.0915 7164 C:\Windows\System32\mprapi.dll - ok
08:43:15.0917 7164 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
08:43:15.0917 7164 C:\Windows\System32\netshell.dll - ok
08:43:15.0920 7164 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
08:43:15.0920 7164 C:\Program Files\Bonjour\mdnsNSP.dll - ok
08:43:15.0923 7164 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
08:43:15.0923 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
08:43:15.0926 7164 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
08:43:15.0926 7164 C:\Windows\System32\IDStore.dll - ok
08:43:15.0928 7164 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
08:43:15.0928 7164 C:\Windows\System32\rasadhlp.dll - ok
08:43:15.0931 7164 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
08:43:15.0931 7164 C:\Windows\System32\taskhost.exe - ok
08:43:15.0933 7164 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
08:43:15.0934 7164 C:\Windows\SysWOW64\winsta.dll - ok
08:43:15.0936 7164 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
08:43:15.0936 7164 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
08:43:15.0939 7164 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
08:43:15.0939 7164 C:\Windows\System32\ncobjapi.dll - ok
08:43:15.0942 7164 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
08:43:15.0942 7164 C:\Windows\System32\wbem\wbemess.dll - ok
08:43:15.0944 7164 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
08:43:15.0944 7164 C:\Windows\System32\taskeng.exe - ok
08:43:15.0947 7164 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
08:43:15.0947 7164 C:\Windows\System32\localspl.dll - ok
08:43:15.0949 7164 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
08:43:15.0950 7164 C:\Windows\System32\esent.dll - ok
08:43:15.0952 7164 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
08:43:15.0952 7164 C:\Windows\System32\dssenh.dll - ok
08:43:15.0955 7164 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
08:43:15.0955 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
08:43:15.0958 7164 [ A53682CB78FB2329371ABDEB67216F53 ] C:\Program Files (x86)\Common Files\Symantec Shared\rpAccess\RPAM.dll
08:43:15.0958 7164 C:\Program Files (x86)\Common Files\Symantec Shared\rpAccess\RPAM.dll - ok
08:43:15.0960 7164 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
08:43:15.0961 7164 C:\Windows\System32\spoolss.dll - ok
08:43:15.0963 7164 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
08:43:15.0963 7164 C:\Windows\System32\FXSMON.dll - ok
08:43:15.0966 7164 [ 9DA93C9EC5B84CA11BEB6F35C3A1224B ] C:\Windows\System32\hpf3l02t.dll
08:43:15.0966 7164 C:\Windows\System32\hpf3l02t.dll - ok
08:43:15.0968 7164 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
08:43:15.0968 7164 C:\Windows\System32\PrintIsolationProxy.dll - ok
08:43:15.0971 7164 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
08:43:15.0971 7164 C:\Windows\System32\tcpmon.dll - ok
08:43:15.0974 7164 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
08:43:15.0974 7164 C:\Windows\System32\snmpapi.dll - ok
08:43:15.0977 7164 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
08:43:15.0977 7164 C:\Windows\System32\usbmon.dll - ok
08:43:15.0979 7164 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
08:43:15.0979 7164 C:\Windows\System32\WSDMon.dll - ok
08:43:15.0982 7164 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
08:43:15.0982 7164 C:\Windows\System32\wsnmp32.dll - ok
08:43:15.0985 7164 [ 3A26618C0E59C83D01FACA625986C51F ] C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll
08:43:15.0985 7164 C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll - ok
08:43:15.0987 7164 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
08:43:15.0987 7164 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
08:43:15.0990 7164 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
08:43:15.0990 7164 C:\Windows\System32\win32spl.dll - ok
08:43:15.0993 7164 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
08:43:15.0993 7164 C:\Windows\System32\inetpp.dll - ok
08:43:15.0995 7164 [ 97AAC45A375168C6A2297BEEB9692E31 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:43:15.0995 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
08:43:15.0998 7164 [ B3944D06EB4B64D57BD7E5FE89415F58 ] C:\Windows\System32\drivers\LVPr2M64.sys
08:43:15.0998 7164 C:\Windows\System32\drivers\LVPr2M64.sys - ok
08:43:16.0001 7164 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
08:43:16.0001 7164 C:\Windows\System32\npmproxy.dll - ok
08:43:16.0003 7164 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:43:16.0003 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok
08:43:16.0006 7164 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
08:43:16.0006 7164 C:\Windows\System32\hidserv.dll - ok
08:43:16.0009 7164 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
08:43:16.0009 7164 C:\Windows\System32\wdi.dll - ok
08:43:16.0011 7164 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
08:43:16.0011 7164 C:\Windows\System32\wpdbusenum.dll - ok
08:43:16.0014 7164 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
08:43:16.0014 7164 C:\Windows\System32\Apphlpdm.dll - ok
08:43:16.0016 7164 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
08:43:16.0016 7164 C:\Windows\System32\MsCtfMonitor.dll - ok
08:43:16.0019 7164 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
08:43:16.0019 7164 C:\Windows\System32\msutb.dll - ok
08:43:16.0022 7164 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
08:43:16.0022 7164 C:\Windows\System32\TSChannel.dll - ok
08:43:16.0025 7164 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
08:43:16.0025 7164 C:\Windows\System32\AtBroker.exe - ok
08:43:16.0027 7164 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
08:43:16.0027 7164 C:\Windows\System32\cscapi.dll - ok
08:43:16.0030 7164 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
08:43:16.0030 7164 C:\Windows\System32\drprov.dll - ok
08:43:16.0032 7164 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
08:43:16.0032 7164 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
08:43:16.0035 7164 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
08:43:16.0035 7164 C:\Windows\System32\dimsjob.dll - ok
08:43:16.0038 7164 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
08:43:16.0038 7164 C:\Windows\System32\HotStartUserAgent.dll - ok
08:43:16.0040 7164 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
08:43:16.0040 7164 C:\Windows\System32\PlaySndSrv.dll - ok
08:43:16.0043 7164 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
08:43:16.0043 7164 C:\Windows\System32\mgmtapi.dll - ok
08:43:16.0046 7164 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
08:43:16.0046 7164 C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
08:43:16.0048 7164 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
08:43:16.0048 7164 C:\Windows\System32\tcpmib.dll - ok
08:43:16.0050 7164 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
08:43:16.0050 7164 C:\Windows\System32\dxva2.dll - ok
08:43:16.0053 7164 [ EDBB173269D9E382CDE34C2E6A9E58F4 ] C:\Windows\System32\spool\drivers\x64\3\hpfui02t.dll
08:43:16.0053 7164 C:\Windows\System32\spool\drivers\x64\3\hpfui02t.dll - ok
08:43:16.0056 7164 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
08:43:16.0056 7164 C:\Windows\System32\sti.dll - ok
08:43:16.0058 7164 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
08:43:16.0058 7164 C:\Windows\System32\icm32.dll - ok
08:43:16.0061 7164 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
08:43:16.0061 7164 C:\Windows\System32\ndiscapCfg.dll - ok
08:43:16.0063 7164 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
08:43:16.0063 7164 C:\Windows\System32\rascfg.dll - ok
08:43:16.0066 7164 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
08:43:16.0066 7164 C:\Windows\System32\mprmsg.dll - ok
08:43:16.0068 7164 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
08:43:16.0068 7164 C:\Windows\System32\tcpipcfg.dll - ok
08:43:16.0071 7164 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
08:43:16.0071 7164 C:\Windows\System32\IPSECSVC.DLL - ok
08:43:16.0074 7164 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
08:43:16.0074 7164 C:\Windows\System32\FwRemoteSvr.dll - ok
08:43:16.0076 7164 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
08:43:16.0076 7164 C:\Windows\System32\FXSRESM.dll - ok
08:43:16.0079 7164 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
08:43:16.0079 7164 C:\Windows\System32\ntlanman.dll - ok
08:43:16.0082 7164 [ 19F92CE322611D04C962259E53FAAC95 ] C:\Windows\System32\spool\drivers\x64\3\hpfst02t.dll
08:43:16.0082 7164 C:\Windows\System32\spool\drivers\x64\3\hpfst02t.dll - ok
08:43:16.0084 7164 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
08:43:16.0084 7164 C:\Windows\System32\davclnt.dll - ok
08:43:16.0087 7164 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
08:43:16.0087 7164 C:\Windows\System32\davhlpr.dll - ok
08:43:16.0090 7164 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
08:43:16.0090 7164 C:\Windows\System32\NapiNSP.dll - ok
08:43:16.0092 7164 [ DF2B67EBB5DB11B6AC7C5775F2582DD2 ] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
08:43:16.0092 7164 C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe - ok
08:43:16.0095 7164 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
08:43:16.0095 7164 C:\Windows\System32\pautoenr.dll - ok
08:43:16.0098 7164 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
08:43:16.0098 7164 C:\Windows\System32\pnrpnsp.dll - ok
08:43:16.0100 7164 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
08:43:16.0100 7164 C:\Windows\System32\certcli.dll - ok
08:43:16.0103 7164 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
08:43:16.0103 7164 C:\Windows\System32\winrnr.dll - ok
08:43:16.0106 7164 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
08:43:16.0106 7164 C:\Windows\System32\CertEnroll.dll - ok
08:43:16.0108 7164 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
08:43:16.0108 7164 C:\Windows\System32\nci.dll - ok
08:43:16.0111 7164 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
08:43:16.0111 7164 C:\Windows\System32\wlaninst.dll - ok
08:43:16.0113 7164 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
08:43:16.0113 7164 C:\Windows\System32\wwaninst.dll - ok
08:43:16.0116 7164 [ F7ED28D7AAA45B1DF15A6914FD6AD51E ] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
08:43:16.0116 7164 C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe - ok
08:43:16.0119 7164 [ 9EED626B07EECE150B1992A5A55A904C ] C:\Windows\System32\spool\drivers\x64\3\hpfvu02t.dll
08:43:16.0119 7164 C:\Windows\System32\spool\drivers\x64\3\hpfvu02t.dll - ok
08:43:16.0121 7164 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
08:43:16.0122 7164 C:\Windows\System32\diagperf.dll - ok
08:43:16.0124 7164 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
08:43:16.0124 7164 C:\Windows\System32\PortableDeviceApi.dll - ok
08:43:16.0127 7164 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
08:43:16.0127 7164 C:\Windows\System32\pnpts.dll - ok
08:43:16.0129 7164 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
08:43:16.0129 7164 C:\Windows\System32\wdiasqmmodule.dll - ok
08:43:16.0132 7164 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
08:43:16.0132 7164 C:\Windows\System32\radardt.dll - ok
08:43:16.0134 7164 [ FF6A8F58A1ADF6A0C32D79C319E1F4A8 ] C:\Windows\System32\spool\drivers\x64\3\hpwj65n3.dll
08:43:16.0134 7164 C:\Windows\System32\spool\drivers\x64\3\hpwj65n3.dll - ok
08:43:16.0137 7164 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
08:43:16.0137 7164 C:\Windows\SysWOW64\msimg32.dll - ok
08:43:16.0140 7164 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
08:43:16.0140 7164 C:\Windows\SysWOW64\secur32.dll - ok
08:43:16.0142 7164 [ 5C8BBD629ABC472EE09A399BE0834A56 ] C:\Windows\System32\spool\drivers\x64\3\hpfev02t.dll
08:43:16.0142 7164 C:\Windows\System32\spool\drivers\x64\3\hpfev02t.dll - ok
08:43:16.0145 7164 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:16.0145 7164 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
08:43:16.0148 7164 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
08:43:16.0148 7164 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
08:43:16.0151 7164 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
08:43:16.0151 7164 C:\Windows\SysWOW64\uxtheme.dll - ok
08:43:16.0153 7164 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
08:43:16.0153 7164 C:\Windows\System32\CertPolEng.dll - ok
08:43:16.0156 7164 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
08:43:16.0156 7164 C:\Windows\System32\userinit.exe - ok
08:43:16.0159 7164 [ CB924A5D2CA5EB1DD3412EB65724D6B3 ] C:\Windows\System32\spool\drivers\x64\3\hpf3r02t.dll
08:43:16.0159 7164 C:\Windows\System32\spool\drivers\x64\3\hpf3r02t.dll - ok
08:43:16.0161 7164 [ 4F6EDD48D6EC42ECD43CC8CA11C8E563 ] C:\Windows\System32\spool\drivers\x64\3\hpfie02t.dll
08:43:16.0162 7164 C:\Windows\System32\spool\drivers\x64\3\hpfie02t.dll - ok
08:43:16.0164 7164 [ A690720C743BD564E121638925EE25E7 ] C:\Windows\System32\spool\drivers\x64\3\hpfrs02t.dll
08:43:16.0164 7164 C:\Windows\System32\spool\drivers\x64\3\hpfrs02t.dll - ok
08:43:16.0167 7164 [ 6D5D668F1D0B242836F1FFB04C136436 ] C:\Windows\System32\spool\drivers\x64\3\HPCDMC64.dll
08:43:16.0167 7164 C:\Windows\System32\spool\drivers\x64\3\HPCDMC64.dll - ok
08:43:16.0170 7164 [ A6189F9CBE3D0CCF546CFCF1238533A1 ] C:\Windows\System32\spool\drivers\x64\3\unires.dll
08:43:16.0170 7164 C:\Windows\System32\spool\drivers\x64\3\unires.dll - ok
08:43:16.0173 7164 [ 8BE4BC548212981DEF45CF74F96A2AA1 ] C:\Windows\System32\spool\drivers\x64\3\hpfpr02t.dll
08:43:16.0173 7164 C:\Windows\System32\spool\drivers\x64\3\hpfpr02t.dll - ok
08:43:16.0175 7164 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
08:43:16.0176 7164 C:\Windows\explorer.exe - ok
08:43:16.0178 7164 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
08:43:16.0178 7164 C:\Windows\System32\perftrack.dll - ok
08:43:16.0181 7164 [ 414B83D32D75D6360C70851D0A332A5A ] C:\Program Files (x86)\Norton Ghost\Shared\sqlite3.dll
08:43:16.0181 7164 C:\Program Files (x86)\Norton Ghost\Shared\sqlite3.dll - ok
08:43:16.0184 7164 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
08:43:16.0184 7164 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
08:43:16.0186 7164 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
08:43:16.0186 7164 C:\Windows\SysWOW64\NapiNSP.dll - ok
08:43:16.0189 7164 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
08:43:16.0189 7164 C:\Windows\SysWOW64\nlaapi.dll - ok
08:43:16.0192 7164 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
08:43:16.0192 7164 C:\Windows\SysWOW64\pnrpnsp.dll - ok
08:43:16.0194 7164 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
08:43:16.0194 7164 C:\Windows\SysWOW64\dnsapi.dll - ok
08:43:16.0197 7164 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
08:43:16.0197 7164 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
08:43:16.0200 7164 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
08:43:16.0200 7164 C:\Windows\SysWOW64\winrnr.dll - ok
08:43:16.0202 7164 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
08:43:16.0202 7164 C:\Windows\System32\dwm.exe - ok
08:43:16.0205 7164 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
08:43:16.0205 7164 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
08:43:16.0207 7164 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
08:43:16.0207 7164 C:\Windows\System32\drivers\WUDFRd.sys - ok
08:43:16.0210 7164 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
08:43:16.0210 7164 C:\Windows\System32\dwmredir.dll - ok
08:43:16.0212 7164 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
08:43:16.0212 7164 C:\Windows\System32\dwmcore.dll - ok
08:43:16.0215 7164 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
08:43:16.0215 7164 C:\Windows\System32\d3d10_1.dll - ok
08:43:16.0217 7164 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
08:43:16.0217 7164 C:\Windows\System32\d3d10_1core.dll - ok
08:43:16.0220 7164 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
08:43:16.0220 7164 C:\Windows\System32\dxgi.dll - ok
08:43:16.0222 7164 [ 73B1901F324E07D6CB46F5CDB2FFE37A ] C:\Windows\System32\aticfx64.dll
08:43:16.0222 7164 C:\Windows\System32\aticfx64.dll - ok
08:43:16.0224 7164 [ 142D78D1D776122DFB0ECFFC0809E4C6 ] C:\Windows\System32\atidxx64.dll
08:43:16.0224 7164 C:\Windows\System32\atidxx64.dll - ok
08:43:16.0227 7164 [ F0C432F39962CC51F357619BA785A74C ] C:\Windows\System32\atiuxp64.dll
08:43:16.0227 7164 C:\Windows\System32\atiuxp64.dll - ok
08:43:16.0229 7164 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
08:43:16.0229 7164 C:\Windows\System32\uDWM.dll - ok
08:43:16.0232 7164 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
08:43:16.0232 7164 C:\Windows\System32\spfileq.dll - ok
08:43:16.0234 7164 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
08:43:16.0234 7164 C:\Windows\System32\rundll32.exe - ok
08:43:16.0237 7164 [ 21DBFD7D1C1F5A70A40362E08FE8E1A9 ] C:\Program Files (x86)\Norton Ghost\Shared\FileBackup.dll
08:43:16.0237 7164 C:\Program Files (x86)\Norton Ghost\Shared\FileBackup.dll - ok
08:43:16.0240 7164 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
08:43:16.0240 7164 C:\Windows\SysWOW64\imagehlp.dll - ok
08:43:16.0242 7164 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
08:43:16.0242 7164 C:\Windows\System32\drivers\WUDFPf.sys - ok
08:43:16.0245 7164 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
08:43:16.0245 7164 C:\Windows\System32\WUDFSvc.dll - ok
08:43:16.0248 7164 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
08:43:16.0248 7164 C:\Windows\SysWOW64\cscapi.dll - ok
08:43:16.0250 7164 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
08:43:16.0250 7164 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
08:43:16.0253 7164 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
08:43:16.0253 7164 C:\Windows\SysWOW64\apphelp.dll - ok
08:43:16.0256 7164 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
08:43:16.0256 7164 C:\Windows\System32\WUDFHost.exe - ok
08:43:16.0258 7164 [ 41131740DEBACDF62509F5FC6ADDC457 ] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\locale\en\en.dll
08:43:16.0258 7164 C:\Program Files (x86)\Uniblue\SpeedUpMyPC\locale\en\en.dll - ok
08:43:16.0261 7164 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
08:43:16.0261 7164 C:\Windows\SysWOW64\dwmapi.dll - ok
08:43:16.0264 7164 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
08:43:16.0264 7164 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
08:43:16.0267 7164 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
08:43:16.0267 7164 C:\Windows\System32\WUDFx.dll - ok
08:43:16.0269 7164 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
08:43:16.0269 7164 C:\Windows\System32\dbghelp.dll - ok
08:43:16.0272 7164 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
08:43:16.0272 7164 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
08:43:16.0274 7164 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
08:43:16.0274 7164 C:\Windows\SysWOW64\wbemcomn.dll - ok
08:43:16.0277 7164 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
08:43:16.0277 7164 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
08:43:16.0280 7164 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
08:43:16.0280 7164 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
08:43:16.0283 7164 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
08:43:16.0283 7164 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
08:43:16.0285 7164 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
08:43:16.0285 7164 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
08:43:16.0288 7164 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
08:43:16.0288 7164 C:\Windows\SysWOW64\ntdsapi.dll - ok
08:43:16.0291 7164 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
08:43:16.0291 7164 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
08:43:16.0293 7164 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
08:43:16.0293 7164 C:\Windows\SysWOW64\mstask.dll - ok
08:43:16.0296 7164 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
08:43:16.0296 7164 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
08:43:16.0298 7164 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
08:43:16.0298 7164 C:\Windows\System32\WMVCORE.DLL - ok
08:43:16.0301 7164 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
08:43:16.0301 7164 C:\Windows\System32\WMASF.DLL - ok
08:43:16.0303 7164 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
08:43:16.0303 7164 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
08:43:16.0306 7164 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
08:43:16.0306 7164 C:\Windows\System32\PortableDeviceTypes.dll - ok
08:43:16.0309 7164 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
08:43:16.0309 7164 C:\Windows\System32\ExplorerFrame.dll - ok
08:43:16.0312 7164 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
08:43:16.0312 7164 C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
08:43:16.0314 7164 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
08:43:16.0314 7164 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
08:43:16.0317 7164 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
08:43:16.0317 7164 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
08:43:16.0320 7164 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
08:43:16.0320 7164 C:\Windows\System32\wbem\cimwin32.dll - ok
08:43:16.0323 7164 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
08:43:16.0323 7164 C:\Windows\System32\EhStorShell.dll - ok
08:43:16.0325 7164 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
08:43:16.0325 7164 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL - ok
08:43:16.0328 7164 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
08:43:16.0328 7164 C:\Windows\System32\framedynos.dll - ok
08:43:16.0331 7164 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
08:43:16.0331 7164 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF - ok
08:43:16.0334 7164 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
08:43:16.0334 7164 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
08:43:16.0337 7164 [ F1387F5674697F2D8EB6DE2266477860 ] C:\Windows\System32\dskquota.dll
08:43:16.0337 7164 C:\Windows\System32\dskquota.dll - ok
08:43:16.0340 7164 [ 66E3C667D853DF349E310568F60B9B6A ] C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
08:43:16.0340 7164 C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll - ok
08:43:16.0342 7164 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
08:43:16.0342 7164 C:\Windows\System32\cscui.dll - ok
08:43:16.0345 7164 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
08:43:16.0345 7164 C:\Windows\System32\cscdll.dll - ok
08:43:16.0347 7164 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
08:43:16.0347 7164 C:\Windows\System32\IconCodecService.dll - ok
08:43:16.0350 7164 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
08:43:16.0350 7164 C:\Windows\System32\appinfo.dll - ok
08:43:16.0353 7164 [ 245020BE00C7EF264ECB2B4E8AD24904 ] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\InstallerExtensions.dll
08:43:16.0353 7164 C:\Program Files (x86)\Uniblue\SpeedUpMyPC\InstallerExtensions.dll - ok
08:43:16.0356 7164 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
08:43:16.0356 7164 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
08:43:16.0358 7164 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
08:43:16.0358 7164 C:\Windows\SysWOW64\ncobjapi.dll - ok
08:43:16.0361 7164 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
08:43:16.0361 7164 C:\Windows\SysWOW64\pdh.dll - ok
08:43:16.0363 7164 [ E6410546E86DC2C8068DCA88065BD7AB ] C:\Windows\SysWOW64\wbem\WmiPerfClass.dll
08:43:16.0363 7164 C:\Windows\SysWOW64\wbem\WmiPerfClass.dll - ok
08:43:16.0366 7164 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
08:43:16.0366 7164 C:\Windows\SysWOW64\wevtapi.dll - ok
08:43:16.0369 7164 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
08:43:16.0369 7164 C:\Windows\System32\security.dll - ok
08:43:16.0371 7164 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
08:43:16.0371 7164 C:\Windows\System32\browcli.dll - ok
08:43:16.0374 7164 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
08:43:16.0374 7164 C:\Windows\System32\schedcli.dll - ok
08:43:16.0376 7164 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
08:43:16.0376 7164 C:\Windows\System32\aelupsvc.dll - ok
08:43:16.0379 7164 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
08:43:16.0379 7164 C:\Windows\System32\wmi.dll - ok
08:43:16.0381 7164 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
08:43:16.0381 7164 C:\Windows\System32\runonce.exe - ok
08:43:16.0384 7164 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
08:43:16.0384 7164 C:\Windows\SysWOW64\runonce.exe - ok
08:43:16.0387 7164 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
08:43:16.0387 7164 C:\Windows\SysWOW64\propsys.dll - ok
08:43:16.0389 7164 [ 660C8E78B94F483E44B0243A774A4746 ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
08:43:16.0389 7164 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL - ok
08:43:16.0392 7164 [ 78B62E4C13378F737603136975A07E1A ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
08:43:16.0392 7164 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok
08:43:16.0395 7164 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
08:43:16.0395 7164 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF - ok
08:43:16.0398 7164 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
08:43:16.0398 7164 C:\Windows\SysWOW64\cmd.exe - ok
08:43:16.0400 7164 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
08:43:16.0400 7164 C:\Windows\SysWOW64\winbrand.dll - ok
08:43:16.0403 7164 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
08:43:16.0403 7164 C:\Windows\SysWOW64\ieframe.dll - ok
08:43:16.0406 7164 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
08:43:16.0406 7164 C:\Windows\SysWOW64\shdocvw.dll - ok
08:43:16.0408 7164 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\John\AppData\Local\Temp\8F5AE006-0710-47BE-B623-22F6DC9BFEC2.exe
08:43:16.0408 7164 C:\Users\John\AppData\Local\Temp\8F5AE006-0710-47BE-B623-22F6DC9BFEC2.exe - ok
08:43:16.0411 7164 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
08:43:16.0411 7164 C:\Windows\SysWOW64\ncrypt.dll - ok
08:43:16.0414 7164 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
08:43:16.0414 7164 C:\Windows\SysWOW64\bcrypt.dll - ok
08:43:16.0416 7164 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
08:43:16.0416 7164 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
08:43:16.0419 7164 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
08:43:16.0419 7164 C:\Windows\SysWOW64\gpapi.dll - ok
08:43:16.0421 7164 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
08:43:16.0421 7164 C:\Windows\SysWOW64\cryptnet.dll - ok
08:43:16.0424 7164 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
08:43:16.0424 7164 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
08:43:16.0427 7164 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
08:43:16.0427 7164 C:\Windows\SysWOW64\EhStorShell.dll - ok
08:43:16.0429 7164 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
08:43:16.0429 7164 C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
08:43:16.0432 7164 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
08:43:16.0432 7164 C:\Windows\System32\perfos.dll - ok
08:43:16.0435 7164 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
08:43:16.0435 7164 C:\Windows\SysWOW64\ntshrui.dll - ok
08:43:16.0437 7164 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
08:43:16.0437 7164 C:\Windows\SysWOW64\slc.dll - ok
08:43:16.0440 7164 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
08:43:16.0440 7164 C:\Windows\SysWOW64\imageres.dll - ok
08:43:16.0442 7164 [ B5D4429FBBF86A05AC2E3A247E32E97F ] C:\Windows\SysWOW64\wshom.ocx
08:43:16.0442 7164 C:\Windows\SysWOW64\wshom.ocx - ok
08:43:16.0445 7164 [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
08:43:16.0445 7164 C:\Windows\SysWOW64\scrrun.dll - ok
08:43:16.0447 7164 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
08:43:16.0447 7164 C:\Windows\SysWOW64\linkinfo.dll - ok
08:43:16.0450 7164 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
08:43:16.0450 7164 C:\Windows\System32\drivers\fastfat.sys - ok
08:43:16.0452 7164 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
08:43:16.0452 7164 C:\Windows\SysWOW64\rasapi32.dll - ok
08:43:16.0454 7164 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
08:43:16.0454 7164 C:\Windows\SysWOW64\rasman.dll - ok
08:43:16.0457 7164 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
08:43:16.0457 7164 C:\Windows\SysWOW64\rtutils.dll - ok
08:43:16.0459 7164 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
08:43:16.0459 7164 C:\Windows\SysWOW64\rundll32.exe - ok
08:43:16.0462 7164 [ 496070C8C129F71EFF377B407931236C ] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\cwebpage.dll
08:43:16.0462 7164 C:\Program Files (x86)\Uniblue\SpeedUpMyPC\cwebpage.dll - ok
08:43:16.0465 7164 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
08:43:16.0465 7164 C:\Windows\SysWOW64\IconCodecService.dll - ok
08:43:16.0468 7164 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
08:43:16.0468 7164 C:\Windows\SysWOW64\rasadhlp.dll - ok
08:43:16.0470 7164 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\SysWOW64\PeerDist.dll
08:43:16.0470 7164 C:\Windows\SysWOW64\PeerDist.dll - ok
08:43:16.0473 7164 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
08:43:16.0473 7164 C:\Windows\SysWOW64\authz.dll - ok
08:43:16.0475 7164 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
08:43:16.0475 7164 C:\Windows\AppPatch\AcLayers.dll - ok
08:43:16.0478 7164 [ 629694436F3C8443AD7415346FBB9A41 ] C:\Windows\AppPatch\acwow64.dll
08:43:16.0478 7164 C:\Windows\AppPatch\acwow64.dll - ok
08:43:16.0480 7164 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
08:43:16.0480 7164 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
08:43:16.0483 7164 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\SysWOW64\mshtml.dll
08:43:16.0483 7164 C:\Windows\SysWOW64\mshtml.dll - ok
08:43:16.0485 7164 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
08:43:16.0485 7164 C:\Windows\SysWOW64\mlang.dll - ok
08:43:16.0488 7164 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
08:43:16.0488 7164 C:\Windows\SysWOW64\msimtf.dll - ok
08:43:16.0490 7164 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\SysWOW64\jscript9.dll
08:43:16.0490 7164 C:\Windows\SysWOW64\jscript9.dll - ok
08:43:16.0493 7164 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
08:43:16.0493 7164 C:\Windows\SysWOW64\d2d1.dll - ok
08:43:16.0495 7164 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
08:43:16.0495 7164 C:\Windows\SysWOW64\DWrite.dll - ok
08:43:16.0498 7164 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
08:43:16.0498 7164 C:\Windows\System32\FntCache.dll - ok
08:43:16.0500 7164 [ A48F87FE70845D5F63231AF05E1FCCFE ] C:\Program Files (x86)\Norton Ghost\Agent\VProDirWatcher.dll
08:43:16.0501 7164 C:\Program Files (x86)\Norton Ghost\Agent\VProDirWatcher.dll - ok
08:43:16.0503 7164 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
08:43:16.0503 7164 C:\Windows\SysWOW64\dxgi.dll - ok
08:43:16.0506 7164 [ A9B77E37BC85DE6D18775AA1400D7CAB ] C:\Program Files (x86)\Norton Ghost\Shared\ErrorGui.dll
08:43:16.0506 7164 C:\Program Files (x86)\Norton Ghost\Shared\ErrorGui.dll - ok
08:43:16.0508 7164 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
08:43:16.0508 7164 C:\Windows\SysWOW64\d3d10_1.dll - ok
08:43:16.0511 7164 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
08:43:16.0511 7164 C:\Windows\SysWOW64\d3d10_1core.dll - ok
08:43:16.0513 7164 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
08:43:16.0513 7164 C:\Windows\SysWOW64\d3d10warp.dll - ok
08:43:16.0516 7164 [ C337529A8175C695CFA8E563DF549028 ] C:\Windows\SysWOW64\aticfx32.dll
08:43:16.0516 7164 C:\Windows\SysWOW64\aticfx32.dll - ok
08:43:16.0519 7164 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
08:43:16.0519 7164 C:\Windows\SysWOW64\msls31.dll - ok
08:43:16.0521 7164 [ 153D52D8BB6873C00B2153EF3008E2A0 ] C:\Program Files (x86)\Norton Ghost\Agent\VProImaging.dll
08:43:16.0521 7164 C:\Program Files (x86)\Norton Ghost\Agent\VProImaging.dll - ok
08:43:16.0524 7164 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
08:43:16.0524 7164 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
08:43:16.0526 7164 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
08:43:16.0526 7164 C:\Windows\SysWOW64\msxml6.dll - ok
08:43:16.0529 7164 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
08:43:16.0529 7164 C:\Windows\SysWOW64\d3d10.dll - ok
08:43:16.0531 7164 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
08:43:16.0531 7164 C:\Windows\SysWOW64\d3d10core.dll - ok
08:43:16.0534 7164 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
08:43:16.0534 7164 C:\Windows\SysWOW64\resutils.dll - ok
08:43:16.0537 7164 [ F43B1623E963B1EE564EE0B4D547A6AA ] C:\Program Files (x86)\Norton Ghost\Agent\gwrks32.dll
08:43:16.0537 7164 C:\Program Files (x86)\Norton Ghost\Agent\gwrks32.dll - ok
08:43:16.0540 7164 [ 87D950A4315CB643C37F8EAE7013A634 ] C:\Program Files (x86)\Norton Ghost\Agent\gearaw32.dll
08:43:16.0540 7164 C:\Program Files (x86)\Norton Ghost\Agent\gearaw32.dll - ok
08:43:16.0542 7164 [ D0D265A0808C39939C275832CC0AE56E ] C:\Program Files (x86)\Norton Ghost\Agent\gwlangen.dll
08:43:16.0542 7164 C:\Program Files (x86)\Norton Ghost\Agent\gwlangen.dll - ok
08:43:16.0545 7164 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
08:43:16.0545 7164 C:\Windows\SysWOW64\gameux.dll - ok
08:43:16.0548 7164 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
08:43:16.0548 7164 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
08:43:16.0550 7164 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
08:43:16.0550 7164 C:\Windows\SysWOW64\xmllite.dll - ok
08:43:16.0553 7164 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
08:43:16.0553 7164 C:\Windows\SysWOW64\wer.dll - ok
08:43:16.0555 7164 [ 498BD12B38B549887D9E856EB734354E ] C:\Windows\SysWOW64\GEARAspi.dll
08:43:16.0555 7164 C:\Windows\SysWOW64\GEARAspi.dll - ok
08:43:16.0558 7164 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
08:43:16.0558 7164 C:\Windows\SysWOW64\imapi2.dll - ok
08:43:16.0560 7164 [ EA1A479651CA2E0409C29D586C91901D ] C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
08:43:16.0560 7164 C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe - ok
08:43:16.0563 7164 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\SysWOW64\jscript.dll
08:43:16.0563 7164 C:\Windows\SysWOW64\jscript.dll - ok
08:43:16.0565 7164 [ 5FB30FE90736C7FC77DE637021B1CE7C ] C:\Windows\System32\PING.EXE
08:43:16.0565 7164 C:\Windows\System32\PING.EXE - ok
08:43:16.0568 7164 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
08:43:16.0568 7164 C:\Windows\SysWOW64\dxtrans.dll - ok
08:43:16.0570 7164 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
08:43:16.0570 7164 C:\Windows\SysWOW64\atl.dll - ok
08:43:16.0573 7164 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
08:43:16.0573 7164 C:\Windows\SysWOW64\ddrawex.dll - ok
08:43:16.0575 7164 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
08:43:16.0575 7164 C:\Windows\SysWOW64\ddraw.dll - ok
08:43:16.0578 7164 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
08:43:16.0578 7164 C:\Windows\SysWOW64\dciman32.dll - ok
08:43:16.0580 7164 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll
08:43:16.0580 7164 C:\Windows\SysWOW64\dxtmsft.dll - ok
08:43:16.0582 7164 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
08:43:16.0582 7164 C:\Windows\SysWOW64\thumbcache.dll - ok
08:43:16.0585 7164 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
08:43:16.0585 7164 C:\Program Files\Windows Defender\MpRTP.dll - ok
08:43:16.0588 7164 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
08:43:16.0588 7164 C:\Windows\System32\tdh.dll - ok
08:43:16.0591 7164 [ 97B76F31F2B526E79F84135D0FC1F060 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\mpengine.dll
08:43:16.0591 7164 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\mpengine.dll - ok
08:43:16.0594 7164 [ C1B9DE6BE0D78BBF9E943203A5FBCF56 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\mpasbase.vdm
08:43:16.0594 7164 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\mpasbase.vdm - ok
08:43:16.0597 7164 [ 1907BBDF0C3564D178B517338CD486F8 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\mpasdlta.vdm
08:43:16.0597 7164 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\mpasdlta.vdm - ok
08:43:16.0600 7164 [ 4D7DFDCE8198221DEE8C50ABA2756A95 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\offreg.dll
08:43:16.0600 7164 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCDDAFF9-2DD8-4C48-AFA0-A103AFADB476}\offreg.dll - ok
08:43:16.0603 7164 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
08:43:16.0603 7164 C:\Program Files\Windows Defender\MsMpLics.dll - ok
08:43:16.0606 7164 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
08:43:16.0606 7164 C:\Windows\System32\wscapi.dll - ok
08:43:16.0608 7164 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
08:43:16.0608 7164 C:\Windows\System32\wscisvif.dll - ok
08:43:16.0611 7164 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
08:43:16.0611 7164 C:\Windows\System32\wscproxystub.dll - ok
08:43:16.0613 7164 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
08:43:16.0613 7164 C:\Windows\System32\ie4uinit.exe - ok
08:43:16.0616 7164 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
08:43:16.0616 7164 C:\Windows\System32\iedkcs32.dll - ok
08:43:16.0618 7164 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
08:43:16.0618 7164 C:\Windows\System32\timedate.cpl - ok
08:43:16.0621 7164 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
08:43:16.0621 7164 C:\Windows\System32\actxprxy.dll - ok
08:43:16.0624 7164 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
08:43:16.0624 7164 C:\Windows\System32\shdocvw.dll - ok
08:43:16.0626 7164 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
08:43:16.0626 7164 C:\Windows\System32\linkinfo.dll - ok
08:43:16.0629 7164 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
08:43:16.0629 7164 C:\Windows\System32\msiltcfg.dll - ok
08:43:16.0632 7164 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
08:43:16.0632 7164 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
08:43:16.0634 7164 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
08:43:16.0634 7164 C:\Windows\System32\msftedit.dll - ok
08:43:16.0637 7164 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
08:43:16.0637 7164 C:\Windows\System32\gameux.dll - ok
08:43:16.0639 7164 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
08:43:16.0639 7164 C:\Windows\System32\msls31.dll - ok
08:43:16.0642 7164 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
08:43:16.0642 7164 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
08:43:16.0645 7164 [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdc.exe
08:43:16.0645 7164 C:\Windows\WindowsMobile\wmdc.exe - ok
08:43:16.0648 7164 [ BB7481A1306823D1B6592263F1AB8DD7 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
08:43:16.0648 7164 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
08:43:16.0651 7164 [ DF72D700CC33611206675B8A2FD4D4F9 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
08:43:16.0651 7164 C:\Program Files\Logitech\SetPointP\SetPoint.exe - ok
08:43:16.0653 7164 [ F3F743635E8158E0D06614FBE2A7E6CD ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
08:43:16.0653 7164 C:\Program Files (x86)\Logitech\Vid HD\Vid.exe - ok
08:43:16.0656 7164 [ 545809D77C0412D864A502605C60D6DE ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe
08:43:16.0656 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe - ok
08:43:16.0659 7164 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
08:43:16.0659 7164 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
08:43:16.0662 7164 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
08:43:16.0662 7164 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
08:43:16.0665 7164 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
08:43:16.0665 7164 C:\Program Files\Windows Sidebar\sidebar.exe - ok
08:43:16.0667 7164 [ 6C457C8E7D16A708F7818877F570ADFC ] C:\Windows\System32\rapistub.dll
08:43:16.0667 7164 C:\Windows\System32\rapistub.dll - ok
08:43:16.0670 7164 [ 2978388067E79B781BFF6DD2AB565376 ] C:\Windows\System32\rapi.dll
08:43:16.0670 7164 C:\Windows\System32\rapi.dll - ok
08:43:16.0673 7164 [ 19384B2D2976C16971DA567653D5DF95 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
08:43:16.0673 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe - ok
08:43:16.0676 7164 [ 18921ED36B7AB65916C075E234E81930 ] C:\Program Files\Logitech\SetPointP\khalwrapper.dll
08:43:16.0676 7164 C:\Program Files\Logitech\SetPointP\khalwrapper.dll - ok
08:43:16.0678 7164 [ 56312836FE23FADC4F838656D7477A93 ] C:\Windows\System32\ceutil.dll
08:43:16.0678 7164 C:\Windows\System32\ceutil.dll - ok
08:43:16.0681 7164 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
08:43:16.0681 7164 C:\Windows\System32\SearchFolder.dll - ok
08:43:16.0684 7164 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
08:43:16.0684 7164 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
08:43:16.0687 7164 [ 52425F4F67DE0E8E7149EBC337D1A60A ] C:\Program Files\Logitech\SetPointP\KemUtil.dll
08:43:16.0687 7164 C:\Program Files\Logitech\SetPointP\KemUtil.dll - ok
08:43:16.0690 7164 [ 6B3A7F710902CC2FB15869905C0BB240 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\Bib.dll
08:43:16.0690 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\Bib.dll - ok
08:43:16.0693 7164 [ C8F952B0921ED6CA9160C5DD0212F67E ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\AdobeXMPFiles.dll
08:43:16.0693 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\AdobeXMPFiles.dll - ok
08:43:16.0695 7164 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
08:43:16.0695 7164 C:\Windows\System32\ieframe.dll - ok
08:43:16.0698 7164 [ E36A13BEB5CC61994A0FF03B1E0B81C4 ] C:\Windows\System32\logishrd\LVPrcInj01.dll
08:43:16.0698 7164 C:\Windows\System32\logishrd\LVPrcInj01.dll - ok
08:43:16.0701 7164 [ 8903865A10349CF71CC206EF25A6D74D ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\AdobeXMP.dll
08:43:16.0701 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\AdobeXMP.dll - ok
08:43:16.0703 7164 [ 64F7E04DCFA42951CD7583DC0CA6932C ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\QtCore4.dll
08:43:16.0704 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\QtCore4.dll - ok
08:43:16.0706 7164 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
08:43:16.0706 7164 C:\Windows\SysWOW64\taskschd.dll - ok
08:43:16.0709 7164 [ 2A528E88117D693C7FD5E0B700C0E696 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\QtGui4.dll
08:43:16.0709 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\QtGui4.dll - ok
08:43:16.0712 7164 [ F4C47A84F1E3CCA8142B0634E14054CA ] C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
08:43:16.0712 7164 C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll - ok
08:43:16.0714 7164 [ 0D286C0FE561D1A7EB30E83A0FF305B2 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
08:43:16.0714 7164 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
08:43:16.0717 7164 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
08:43:16.0717 7164 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
08:43:16.0720 7164 [ B3624BC426E6D2796EE63FEAF47AAFAA ] C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
08:43:16.0720 7164 C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll - ok
08:43:16.0723 7164 [ C7391769FCD6E04196EE8CA831E2C7E8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
08:43:16.0723 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe - ok
08:43:16.0726 7164 [ 5ED88C99410A8262112F7550402151DF ] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
08:43:16.0726 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe - ok
08:43:16.0729 7164 [ B838F4C2395004436293F87D90CEFF2B ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\SyncPrefLib.dll
08:43:16.0729 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\SyncPrefLib.dll - ok
08:43:16.0732 7164 [ 2157310B63160F8DB8BABB074DF48292 ] C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
08:43:16.0732 7164 C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe - ok
08:43:16.0734 7164 [ 341FD9D4258C8BBB28F7002A74220B78 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
08:43:16.0734 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok
08:43:16.0737 7164 [ E9835B14E4D6F6D61AB26D4FDF12314E ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\sync_util.dll
08:43:16.0737 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\sync_util.dll - ok
08:43:16.0741 7164 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
08:43:16.0741 7164 C:\Windows\System32\msimg32.dll - ok
08:43:16.0743 7164 [ 7C7B8A47FFC43180FD49304A87EA78F5 ] C:\Program Files\Logitech\SetPointP\KemXML.dll
08:43:16.0743 7164 C:\Program Files\Logitech\SetPointP\KemXML.dll - ok
08:43:16.0746 7164 [ 451F41C7FEF78BC7CC6F442F9CDBAE62 ] C:\Program Files\Logitech\SetPointP\kemutb.dll
08:43:16.0746 7164 C:\Program Files\Logitech\SetPointP\kemutb.dll - ok
08:43:16.0749 7164 [ 93B3D6E86E710CEDA136C973D0EDAA42 ] C:\Program Files\Logitech\SetPointP\KemWnd.dll
08:43:16.0749 7164 C:\Program Files\Logitech\SetPointP\KemWnd.dll - ok
08:43:16.0752 7164 [ BC478AD2DEC1CD949ABA932763349A1F ] C:\Program Files (x86)\nFinity\QuickVoice\qvrem.exe
08:43:16.0752 7164 C:\Program Files (x86)\nFinity\QuickVoice\qvrem.exe - ok
08:43:16.0754 7164 [ 5197BFB7F70F44B8C5E56EF7C4F30200 ] C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
08:43:16.0754 7164 C:\Program Files\Logitech\SetPointP\SetPointCOM.dll - ok
08:43:16.0757 7164 [ 4A3B1CAD5511B37A2049B7BBB31E597E ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\adobe_caps.dll
08:43:16.0757 7164 C:\Program Files (x86)\Adobe\Elements 9 Organizer\adobe_caps.dll - ok
08:43:16.0760 7164 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
08:43:16.0760 7164 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
08:43:16.0763 7164 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
08:43:16.0763 7164 C:\Windows\SysWOW64\oledlg.dll - ok
08:43:16.0765 7164 [ 4F06062DC74BFFCC42B16B7D42991DDE ] C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
08:43:16.0765 7164 C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll - ok
08:43:16.0768 7164 [ 57ACF47B4FA24A6B9464C9919412C411 ] C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
08:43:16.0768 7164 C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll - ok
08:43:16.0771 7164 [ 85263AB2AF13408DE93AE9F0C51ED1AC ] C:\Program Files (x86)\Audible\Bin\AAXSDKWin.dll
08:43:16.0771 7164 C:\Program Files (x86)\Audible\Bin\AAXSDKWin.dll - ok
08:43:16.0774 7164 [ 342193AFA8B38B3EF6F1670B67654A85 ] C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
08:43:16.0774 7164 C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll - ok
08:43:16.0776 7164 [ 798387534977217525F11B758B3517AE ] C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
08:43:16.0776 7164 C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll - ok
08:43:16.0779 7164 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
08:43:16.0779 7164 C:\Windows\SysWOW64\opengl32.dll - ok
08:43:16.0782 7164 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
08:43:16.0782 7164 C:\Windows\SysWOW64\glu32.dll - ok
08:43:16.0785 7164 [ EAEC910B3F123EFA14E0588C69F1792D ] C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
08:43:16.0785 7164 C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll - ok
08:43:16.0787 7164 [ EDEEAA5B121A89425A5DF7AB28E4E544 ] C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
08:43:16.0787 7164 C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll - ok
08:43:16.0790 7164 [ 563C4641DAE5355C08DF4DDC4134E196 ] C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
08:43:16.0790 7164 C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll - ok
08:43:16.0793 7164 [ 271BBCB4793F4BA65A98CF7653F564F5 ] C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
08:43:16.0793 7164 C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll - ok
08:43:16.0796 7164 [ 3103F95DB2EFEA79CF0544D76D1664BA ] C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
08:43:16.0796 7164 C:\Program Files (x86)\Logitech\Vid HD\SDL.dll - ok
08:43:16.0798 7164 [ 19EACF9F606AD724B3D871475714AE3D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices_main.dll
08:43:16.0798 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices_main.dll - ok
08:43:16.0801 7164 [ 754BDBD9A6B351E83A8648AB469E238A ] C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
08:43:16.0801 7164 C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll - ok
08:43:16.0803 7164 [ 6CBEC289086EC51A263DA1413FF4208F ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
08:43:16.0803 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe - ok
08:43:16.0806 7164 [ 7E94F62FB970E09E019FF4BD25284868 ] C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
08:43:16.0806 7164 C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll - ok
08:43:16.0809 7164 [ 49F66011FC1BC104FCB5DFEB9BD0EFD4 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams_main.dll
08:43:16.0809 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams_main.dll - ok
08:43:16.0812 7164 [ F6E33B49AAF9E8FEB4E4B07C34F38C4B ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
08:43:16.0812 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
08:43:16.0815 7164 [ 1FACD41BFB7667DB81119EB214746A36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client_main.dll
08:43:16.0815 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client_main.dll - ok
08:43:16.0818 7164 [ B8F7FA586A70918FEC5C768250724635 ] C:\Program Files\Logitech\SetPointP\KemMon.dll
08:43:16.0818 7164 C:\Program Files\Logitech\SetPointP\KemMon.dll - ok
08:43:16.0821 7164 [ E2D1853679F5BCCDB9100D02AE8A0444 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
08:43:16.0821 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
08:43:16.0824 7164 [ D5A69B24039442FD76B410CD2D7FEB7B ] C:\Program Files\Common Files\logishrd\KHAL3\KHALAPI.dll
08:43:16.0824 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALAPI.dll - ok
08:43:16.0827 7164 [ A55E7D0D873B2C97585B3B5926AC6ADE ] C:\Windows\WindowsMobile\rapimgr.dll
08:43:16.0827 7164 C:\Windows\WindowsMobile\rapimgr.dll - ok
08:43:16.0829 7164 [ 193690EB639D6C7221FB2ABB148555FD ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
08:43:16.0829 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
08:43:16.0832 7164 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
08:43:16.0832 7164 C:\Windows\System32\msvcp60.dll - ok
08:43:16.0835 7164 [ 4EBE4F1B9EDD701CD4512879B2813901 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
08:43:16.0835 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
08:43:16.0838 7164 [ B766B210B3DFCDA3ABDF5521D35CE604 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
08:43:16.0838 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
08:43:16.0840 7164 [ 03CC97EC838FBBA69E6E5FD744012C31 ] C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
08:43:16.0840 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe - ok
08:43:16.0843 7164 [ 7B40621518648A67E8F543904696A219 ] C:\Windows\System32\rapiproxystub.dll
08:43:16.0843 7164 C:\Windows\System32\rapiproxystub.dll - ok
08:43:16.0846 7164 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
08:43:16.0846 7164 C:\Windows\System32\thumbcache.dll - ok
08:43:16.0848 7164 [ 5225207BDE8C090CE92A18C61180650C ] C:\Windows\System32\vdsldr.exe
08:43:16.0848 7164 C:\Windows\System32\vdsldr.exe - ok
08:43:16.0851 7164 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
08:43:16.0851 7164 C:\Windows\SysWOW64\samcli.dll - ok
08:43:16.0854 7164 [ AE2523EB48B0401262BEC0A59C1C19C2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreGraphics.dll
08:43:16.0854 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreGraphics.dll - ok
08:43:16.0856 7164 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
08:43:16.0856 7164 C:\Windows\System32\networkexplorer.dll - ok
08:43:16.0859 7164 [ B6F9B45112E56992EF3EFA369FB7F047 ] C:\Windows\System32\vdsutil.dll
08:43:16.0859 7164 C:\Windows\System32\vdsutil.dll - ok
08:43:16.0861 7164 [ 94082E1E52D8BC63F4D6F57E8CD4E4F9 ] C:\Windows\System32\vds_ps.dll
08:43:16.0861 7164 C:\Windows\System32\vds_ps.dll - ok
08:43:16.0864 7164 [ F509B44D94DB9C832CA26297BE0CC04D ] C:\Windows\SysWOW64\vds_ps.dll
08:43:16.0864 7164 C:\Windows\SysWOW64\vds_ps.dll - ok
08:43:16.0866 7164 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] C:\Windows\WindowsMobile\wcescomm.dll
08:43:16.0866 7164 C:\Windows\WindowsMobile\wcescomm.dll - ok
08:43:16.0869 7164 [ 3687E37869B69040657E0CE3F5DB58AA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
08:43:16.0869 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
08:43:16.0872 7164 [ CFF3C4ABDCC5356B0674743BDF0FB674 ] C:\Windows\System32\mshtml.dll
08:43:16.0872 7164 C:\Windows\System32\mshtml.dll - ok
08:43:16.0874 7164 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
08:43:16.0874 7164 C:\Windows\System32\DeviceCenter.dll - ok
08:43:16.0877 7164 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
08:43:16.0877 7164 C:\Windows\System32\vds.exe - ok
08:43:16.0880 7164 [ 52D1D499E39EB354004D9C41AFFF6C5A ] C:\Program Files (x86)\Common Files\Apple\Internet Services\CoreDAV.dll
08:43:16.0880 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\CoreDAV.dll - ok
08:43:16.0882 7164 [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\Windows\System32\winusb.dll
08:43:16.0882 7164 C:\Windows\System32\winusb.dll - ok
08:43:16.0885 7164 [ AC3C81118A310B2697ABFCE51AE7222B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
08:43:16.0885 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
08:43:16.0888 7164 [ 2C5BA148BA7936D9BB6BB1F4945BA469 ] C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
08:43:16.0888 7164 C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
08:43:16.0891 7164 [ D6B466289A85F1C0A9641CEE3441E6F3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSUtilities.dll
08:43:16.0891 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSUtilities.dll - ok
08:43:16.0894 7164 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
08:43:16.0894 7164 C:\Windows\System32\stobject.dll - ok
08:43:16.0896 7164 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
08:43:16.0896 7164 C:\Windows\System32\batmeter.dll - ok
08:43:16.0899 7164 [ EE2DBFBFE0B16E816A74AD505CF0379C ] C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.dll
08:43:16.0899 7164 C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.dll - ok
08:43:16.0902 7164 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
08:43:16.0902 7164 C:\Windows\System32\prnfldr.dll - ok
08:43:16.0905 7164 [ 3D1C5578D1A7088142A1482DEB8E693B ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
08:43:16.0905 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe - ok
08:43:16.0907 7164 [ F76DE9FC66F049AE7DCC2C6AA082CA90 ] C:\Windows\WindowsMobile\tcp2udp.dll
08:43:16.0908 7164 C:\Windows\WindowsMobile\tcp2udp.dll - ok
08:43:16.0910 7164 [ CCB32181F3105A4D75E5951AE3720972 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\LibRainfall.dll
08:43:16.0910 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\LibRainfall.dll - ok
08:43:16.0913 7164 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
08:43:16.0913 7164 C:\Windows\System32\fdProxy.dll - ok
08:43:16.0916 7164 [ D13DB90DC043200C704DDD513BB6375C ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
08:43:16.0916 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
08:43:16.0919 7164 [ B44A28651149D885FCD33FEC08A7733C ] C:\Windows\System32\wcescommproxy.dll
08:43:16.0919 7164 C:\Windows\System32\wcescommproxy.dll - ok
08:43:16.0922 7164 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
08:43:16.0922 7164 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
08:43:16.0924 7164 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
08:43:16.0924 7164 C:\Windows\System32\ntshrui.dll - ok
08:43:16.0927 7164 [ 4EB19202D44B012387602DB5536FD093 ] C:\Program Files\Common Files\logishrd\KHAL3\KHALITCH.dll
08:43:16.0927 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALITCH.dll - ok
08:43:16.0929 7164 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
08:43:16.0929 7164 C:\Windows\SysWOW64\wpdshext.dll - ok
08:43:16.0932 7164 [ F2FD94A4F1E5400DB959A2987B8081E9 ] C:\Windows\WindowsMobile\dtptdns.dll
08:43:16.0932 7164 C:\Windows\WindowsMobile\dtptdns.dll - ok
08:43:16.0935 7164 [ 3FBBF6092C4EF5F50302707063E853EF ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
08:43:16.0935 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
08:43:16.0938 7164 [ 75BAFBA883FAB33EC658E1A0833A8F9C ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
08:43:16.0938 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
08:43:16.0941 7164 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
08:43:16.0941 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
08:43:16.0944 7164 [ 4DD6AD381C9701DEA5C17198E42E850D ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
08:43:16.0944 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe - ok
08:43:16.0947 7164 [ D17277381B4522FA34FAE7851E705051 ] C:\Program Files\Common Files\logishrd\KHAL3\KHALMW.dll
08:43:16.0947 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALMW.dll - ok
08:43:16.0949 7164 [ AF09A713D190B2E9DDFCC2CE89357302 ] C:\Program Files\Common Files\logishrd\KHAL3\KHALHPP.dll
08:43:16.0949 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALHPP.dll - ok
08:43:16.0952 7164 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
08:43:16.0952 7164 C:\Windows\System32\DXP.dll - ok
08:43:16.0955 7164 [ 1E520B31DF83A8CE167231CCDDEC8C2F ] C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll
08:43:16.0955 7164 C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll - ok
08:43:16.0957 7164 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
08:43:16.0957 7164 C:\Windows\System32\l3codeca.acm - ok
08:43:16.0960 7164 [ E15E12A4C82E60F72E7D812A9A051EC6 ] C:\Program Files (x86)\Logitech\Vid HD\avutil-49.dll
08:43:16.0960 7164 C:\Program Files (x86)\Logitech\Vid HD\avutil-49.dll - ok
08:43:16.0963 7164 [ 67F2D7FC74DE68F725A6B6C8B325A3AE ] C:\Program Files (x86)\Logitech\Vid HD\avcodec-52.dll
08:43:16.0963 7164 C:\Program Files (x86)\Logitech\Vid HD\avcodec-52.dll - ok
08:43:16.0966 7164 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
08:43:16.0966 7164 C:\Windows\System32\Syncreg.dll - ok
08:43:16.0968 7164 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
08:43:16.0968 7164 C:\Windows\ehome\ehSSO.dll - ok
08:43:16.0971 7164 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
08:43:16.0971 7164 C:\Windows\System32\AltTab.dll - ok
08:43:16.0973 7164 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
08:43:16.0973 7164 C:\Windows\System32\pnidui.dll - ok
08:43:16.0976 7164 [ 356656B5EEA8C990238E8FAE5C63395C ] C:\Program Files\Common Files\logishrd\KHAL3\KHALMOU.dll
08:43:16.0976 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALMOU.dll - ok
08:43:16.0979 7164 [ 1A4E49BBBBCD5CE19F8BF6B5D20AFC68 ] C:\Program Files\Common Files\logishrd\KHAL3\KHALHID.dll
08:43:16.0979 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALHID.dll - ok
08:43:16.0982 7164 [ 6ABC6575EF4FEA6E7A44F5C61C66C9E1 ] C:\Program Files\Common Files\logishrd\KHAL3\KHALUSB.dll
08:43:16.0982 7164 C:\Program Files\Common Files\logishrd\KHAL3\KHALUSB.dll - ok
08:43:16.0985 7164 [ AE10A0533A1F6A246DA633C034914B84 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
08:43:16.0985 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll - ok
08:43:16.0988 7164 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
08:43:16.0988 7164 C:\Windows\System32\QUTIL.DLL - ok
08:43:16.0990 7164 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
08:43:16.0990 7164 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
08:43:16.0993 7164 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
08:43:16.0993 7164 C:\Windows\System32\ActionCenter.dll - ok
08:43:16.0996 7164 [ BF254FF79BB6742A5030765E2B9DC93B ] C:\Program Files (x86)\Logitech\Vid HD\avformat-52.dll
08:43:16.0996 7164 C:\Program Files (x86)\Logitech\Vid HD\avformat-52.dll - ok
08:43:16.0998 7164 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
08:43:16.0998 7164 C:\Windows\SysWOW64\msdmo.dll - ok
08:43:17.0001 7164 [ 3CA0930370D5D5D40CD261074DA3438E ] C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
08:43:17.0001 7164 C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe - ok
08:43:17.0004 7164 [ 951C447A1F9F8F4FB4841C47A55A9B8E ] C:\Program Files (x86)\Logitech\Vid HD\H264VidEncodeAPI.dll
08:43:17.0004 7164 C:\Program Files (x86)\Logitech\Vid HD\H264VidEncodeAPI.dll - ok
08:43:17.0006 7164 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
08:43:17.0006 7164 C:\Windows\System32\bthprops.cpl - ok
08:43:17.0009 7164 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
08:43:17.0009 7164 C:\Windows\System32\SyncCenter.dll - ok
08:43:17.0012 7164 [ DBDA60D92E774B4ACB3B1CD71F909426 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
08:43:17.0012 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll - ok
08:43:17.0015 7164 [ 19951B1AF3F684B1293FB633D3BA73B6 ] C:\Windows\WindowsMobile\BthASPlugin.dll
08:43:17.0015 7164 C:\Windows\WindowsMobile\BthASPlugin.dll - ok
08:43:17.0017 7164 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
08:43:17.0017 7164 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
08:43:17.0020 7164 [ 009520CDF77FD8EFA0ACAA3198A402BF ] C:\Program Files (x86)\Logitech\Vid HD\StreamIO2.dll
08:43:17.0020 7164 C:\Program Files (x86)\Logitech\Vid HD\StreamIO2.dll - ok
08:43:17.0023 7164 [ E6F4BFF7769D102A5CB382868B7AD827 ] C:\Program Files (x86)\Logitech\Vid HD\H264NvidiaVidDecodeAPI.dll
08:43:17.0023 7164 C:\Program Files (x86)\Logitech\Vid HD\H264NvidiaVidDecodeAPI.dll - ok
08:43:17.0026 7164 [ 0009E469A1AFB61BC7BD7120AD0B796A ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
08:43:17.0026 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok
08:43:17.0028 7164 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
08:43:17.0028 7164 C:\Windows\System32\WPDShServiceObj.dll - ok
08:43:17.0031 7164 [ BB203FAB5831576ABF4DF4333B6E3EB3 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
08:43:17.0031 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok
08:43:17.0034 7164 [ C4B4409F186DA70FCF2BCC60D5F05489 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
08:43:17.0034 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll - ok
08:43:17.0036 7164 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
08:43:17.0037 7164 C:\Windows\System32\cscobj.dll - ok
08:43:17.0039 7164 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
08:43:17.0039 7164 C:\Windows\SysWOW64\netprofm.dll - ok
08:43:17.0042 7164 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
08:43:17.0042 7164 C:\Windows\SysWOW64\d3d9.dll - ok
08:43:17.0044 7164 [ 50EFBC0F319C780E67D43AA7DDB12BF3 ] C:\Program Files\Common Files\logishrd\CDDRV3\LDConfig.exe
08:43:17.0044 7164 C:\Program Files\Common Files\logishrd\CDDRV3\LDConfig.exe - ok
08:43:17.0047 7164 [ C4BF1E5EAAE3CC897D97B61776229173 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll
08:43:17.0047 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll - ok
08:43:17.0050 7164 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
08:43:17.0050 7164 C:\Windows\System32\srchadmin.dll - ok
08:43:17.0052 7164 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
08:43:17.0052 7164 C:\Windows\SysWOW64\wmp.dll - ok
08:43:17.0055 7164 [ 3A91AAA7EDC8DE349699BB91A328DC3D ] C:\Program Files\Logitech\SetPointP\KGame.dll
08:43:17.0055 7164 C:\Program Files\Logitech\SetPointP\KGame.dll - ok
08:43:17.0057 7164 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
08:43:17.0057 7164 C:\Windows\System32\msimtf.dll - ok
08:43:17.0060 7164 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
08:43:17.0060 7164 C:\Windows\System32\rasdlg.dll - ok
08:43:17.0062 7164 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
08:43:17.0062 7164 C:\Windows\SysWOW64\d3d8thk.dll - ok
08:43:17.0065 7164 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
08:43:17.0065 7164 C:\Windows\SysWOW64\npmproxy.dll - ok
08:43:17.0068 7164 [ A42DC84312F433D87F7D2E57251B6D62 ] C:\Program Files (x86)\Logitech\Vid HD\H264VidDecodeAPI.dll
08:43:17.0068 7164 C:\Program Files (x86)\Logitech\Vid HD\H264VidDecodeAPI.dll - ok
08:43:17.0070 7164 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
08:43:17.0070 7164 C:\Windows\System32\FXSST.dll - ok
08:43:17.0073 7164 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
08:43:17.0073 7164 C:\Windows\SysWOW64\credssp.dll - ok
08:43:17.0075 7164 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
08:43:17.0075 7164 C:\Windows\System32\dot3api.dll - ok
08:43:17.0078 7164 [ 9E0B8310AE1A6762E3373181A2DB4EDE ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll
08:43:17.0078 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll - ok
08:43:17.0081 7164 [ AB95B8D0CD21A2C6FC72A080A3041CDB ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
08:43:17.0081 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok
08:43:17.0084 7164 [ C483B56017C5BE6657C990E79E1C37BD ] C:\Program Files (x86)\Logitech\Vid HD\lwf_jp2.dll
08:43:17.0084 7164 C:\Program Files (x86)\Logitech\Vid HD\lwf_jp2.dll - ok
08:43:17.0087 7164 [ EF6F6DF28B14D1ECC79263B2ACF48A20 ] C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
08:43:17.0087 7164 C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll - ok
08:43:17.0090 7164 [ EC4A8CDEA23B3BEFE34E705538B354CD ] C:\Program Files (x86)\Logitech\Vid HD\libmmd.dll
08:43:17.0090 7164 C:\Program Files (x86)\Logitech\Vid HD\libmmd.dll - ok
08:43:17.0092 7164 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
08:43:17.0092 7164 C:\Windows\SysWOW64\schannel.dll - ok
08:43:17.0095 7164 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
08:43:17.0095 7164 C:\Windows\System32\FXSAPI.dll - ok
08:43:17.0098 7164 [ ADC00CF609C55D1DE505819DD41D9293 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
08:43:17.0098 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok
08:43:17.0101 7164 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
08:43:17.0101 7164 C:\Windows\System32\wlanhlp.dll - ok
08:43:17.0103 7164 [ 13360C00E5D2E61D55BD33971B520558 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
08:43:17.0103 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
08:43:17.0106 7164 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
08:43:17.0106 7164 C:\Windows\System32\wlanapi.dll - ok
08:43:17.0109 7164 [ 781C52A6915B5E235FF7A6B79AEF810F ] C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProAuto.dll
08:43:17.0109 7164 C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProAuto.dll - ok
08:43:17.0111 7164 [ C005D9E5DC7841BB5E0C837C5C6DAB97 ] C:\Program Files\Logitech\SetPointP\LCabHandler.dll
08:43:17.0111 7164 C:\Program Files\Logitech\SetPointP\LCabHandler.dll - ok
08:43:17.0114 7164 [ FC581F9CBDDA9F68DFA25FC6AE84D72D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
08:43:17.0114 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll - ok
08:43:17.0117 7164 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
08:43:17.0117 7164 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
08:43:17.0120 7164 [ 696C96941EAABF7847846A8E17539792 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll
08:43:17.0120 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll - ok
08:43:17.0122 7164 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
08:43:17.0122 7164 C:\Windows\System32\FXSSVC.exe - ok
08:43:17.0125 7164 [ 24081AE1E47A890025A91A25D79EC9B0 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
08:43:17.0125 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll - ok
08:43:17.0128 7164 [ 9568BB33BBAD356EDD6CDE988E570523 ] C:\Windows\System32\jscript9.dll
08:43:17.0128 7164 C:\Windows\System32\jscript9.dll - ok
08:43:17.0130 7164 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
08:43:17.0130 7164 C:\Windows\System32\WWanAPI.dll - ok
08:43:17.0133 7164 [ 728C9194B532E7BB6D0E539C8F798098 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll
08:43:17.0133 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll - ok
08:43:17.0136 7164 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
08:43:17.0136 7164 C:\Windows\System32\wwapi.dll - ok
08:43:17.0138 7164 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
08:43:17.0138 7164 C:\Windows\System32\QAGENT.DLL - ok
08:43:17.0141 7164 [ 20BC757D80E37FF81000ECF9625E1323 ] C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
08:43:17.0141 7164 C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll - ok
08:43:17.0144 7164 [ 91233922BBB9D1B3D76BA99FBE4B0B9E ] C:\Windows\SysWOW64\logishrd\LVPrcInj01.dll
08:43:17.0144 7164 C:\Windows\SysWOW64\logishrd\LVPrcInj01.dll - ok
08:43:17.0147 7164 [ C1B99E70FE9E2DE54651B5D750B14E14 ] C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
08:43:17.0147 7164 C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll - ok
08:43:17.0150 7164 [ 018614EA44E195A62242DB6D2BC62AD4 ] C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
08:43:17.0150 7164 C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll - ok
08:43:17.0153 7164 [ 9BE95786D648A9D0D31CAF5D98DBE3A2 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
08:43:17.0153 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll - ok
08:43:17.0156 7164 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
08:43:17.0156 7164 C:\Windows\System32\d2d1.dll - ok
08:43:17.0158 7164 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
08:43:17.0158 7164 C:\Windows\SysWOW64\mscoree.dll - ok
08:43:17.0161 7164 [ 020DDBA420E020F84BDEDCC8C65B3A56 ] C:\Windows\System32\osuninst.dll
08:43:17.0161 7164 C:\Windows\System32\osuninst.dll - ok
08:43:17.0163 7164 [ 3D1AE0543DD9FBA55409BF0A5103CA3D ] C:\Windows\System32\uexfat.dll
08:43:17.0163 7164 C:\Windows\System32\uexfat.dll - ok
08:43:17.0166 7164 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
08:43:17.0166 7164 C:\Windows\SysWOW64\actxprxy.dll - ok
08:43:17.0168 7164 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
08:43:17.0168 7164 C:\Windows\System32\DWrite.dll - ok
08:43:17.0171 7164 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
08:43:17.0171 7164 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
08:43:17.0174 7164 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
08:43:17.0174 7164 C:\Windows\System32\SearchIndexer.exe - ok
08:43:17.0176 7164 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
08:43:17.0176 7164 C:\Windows\SysWOW64\FirewallAPI.dll - ok
08:43:17.0179 7164 [ EE11A3F03D8B801B721BC6D0089BDD9C ] C:\Windows\System32\ulib.dll
08:43:17.0179 7164 C:\Windows\System32\ulib.dll - ok
08:43:17.0182 7164 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
08:43:17.0182 7164 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
08:43:17.0185 7164 [ DA7CB9EB8C4CBCA180FF17334F1FACC4 ] C:\Program Files (x86)\Logitech\Vid HD\ssleay32.dll
08:43:17.0185 7164 C:\Program Files (x86)\Logitech\Vid HD\ssleay32.dll - ok
08:43:17.0187 7164 [ E060CAF6D6C303A2C9BC13435F7F81A1 ] C:\Windows\System32\ifsutil.dll
08:43:17.0187 7164 C:\Windows\System32\ifsutil.dll - ok
08:43:17.0190 7164 [ F234839F597BC789382E9A69141EB167 ] C:\Program Files (x86)\Logitech\Vid HD\libeay32.dll
08:43:17.0190 7164 C:\Program Files (x86)\Logitech\Vid HD\libeay32.dll - ok
08:43:17.0193 7164 [ C3804346CDF9A8744084EEBA6BA739AF ] C:\Windows\System32\uudf.dll
08:43:17.0193 7164 C:\Windows\System32\uudf.dll - ok
08:43:17.0196 7164 [ F3CCAF3F4F7A5E84E201E583613B884F ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
08:43:17.0196 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok
08:43:17.0198 7164 [ B4CE0CAB186EBF4DF54BD34B4F0C0A06 ] C:\Windows\System32\untfs.dll
08:43:17.0198 7164 C:\Windows\System32\untfs.dll - ok
08:43:17.0201 7164 [ 4C2AD8483DD88CB9569D1CF055FD04B8 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
08:43:17.0201 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok
08:43:17.0204 7164 [ 5CD23318D036D3889066E65DE95F2F96 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\InternetExplorerBookmarkDAV.dll
08:43:17.0204 7164 C:\Program Files (x86)\Common Files\Apple\Internet Services\InternetExplorerBookmarkDAV.dll - ok
08:43:17.0207 7164 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
08:43:17.0207 7164 C:\Windows\System32\d3d10warp.dll - ok
08:43:17.0209 7164 [ CC37D9A25FF8D8CF12FC2F512C100F45 ] C:\Windows\System32\ufat.dll
08:43:17.0209 7164 C:\Windows\System32\ufat.dll - ok
08:43:17.0212 7164 [ 491DA8248209835532DAABF18B0215DA ] C:\Windows\System32\fmifs.dll
08:43:17.0212 7164 C:\Windows\System32\fmifs.dll - ok
08:43:17.0215 7164 [ 3129AC158EA2682786939973420D5C0C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
08:43:17.0215 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
08:43:17.0218 7164 [ 1E542DC76FFB2296754E490BADBA3AE6 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTAudEp.dll
08:43:17.0218 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTAudEp.dll - ok
08:43:17.0221 7164 [ 56F1E70CE74D0DD847663AD8A6742475 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTAudSeu.dll
08:43:17.0221 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTAudSeu.dll - ok
08:43:17.0224 7164 [ C148EBF3B175F3168BB9BF8BFCC89AAC ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
08:43:17.0224 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok
08:43:17.0226 7164 [ 7637083803C413B4FCFF04B2C5583B0B ] C:\Windows\SysWOW64\mswmdm.dll
08:43:17.0226 7164 C:\Windows\SysWOW64\mswmdm.dll - ok
08:43:17.0229 7164 [ 57549093CA2C536855F7C04E8789679A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\XMPP.dll
08:43:17.0229 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
08:43:17.0232 7164 [ E7FC2CFE8953E69D665A4A798F4D69D4 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
08:43:17.0232 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll - ok
08:43:17.0235 7164 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
08:43:17.0235 7164 C:\Windows\SysWOW64\mfc42u.dll - ok
08:43:17.0237 7164 [ 89D9685F59184F2D52BEE50E8298C8D9 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
08:43:17.0237 7164 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
08:43:17.0240 7164 [ 86F8145F5FD182F8C36337A351889F92 ] C:\Windows\System32\vdsdyn.dll
08:43:17.0240 7164 C:\Windows\System32\vdsdyn.dll - ok
08:43:17.0243 7164 [ BBA74A73540558ED2216F6DDD0DA0943 ] C:\Windows\SysWOW64\wmdmps.dll
08:43:17.0243 7164 C:\Windows\SysWOW64\wmdmps.dll - ok
08:43:17.0245 7164 [ 1587E43590271373FF7B57D2566D5C0C ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
08:43:17.0246 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll - ok
08:43:17.0248 7164 [ 75EB974222F293159427F9A77A5F3C6A ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
08:43:17.0248 7164 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll - ok
08:43:17.0251 7164 [ AC3D7EE5F9EC2AB4BE0CDDE362D026A4 ] C:\Windows\System32\vdsbas.dll
08:43:17.0251 7164 C:\Windows\System32\vdsbas.dll - ok
08:43:17.0253 7164 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
08:43:17.0253 7164 C:\Windows\System32\tquery.dll - ok
08:43:17.0256 7164 [ 0BFF62B4C44F10850F651BE928950AB4 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
08:43:17.0256 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok
08:43:17.0259 7164 [ 557E7BC173C9E65B2BAFEB6D32345605 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll
08:43:17.0259 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll - ok
08:43:17.0262 7164 [ FB58FB15A149FCF2BAEB4DCF04EF9E1C ] C:\Windows\SysWOW64\cewmdm.dll
08:43:17.0262 7164 C:\Windows\SysWOW64\cewmdm.dll - ok
08:43:17.0264 7164 [ 3D2D108E14AD21889A2621B94C80A3DD ] C:\Windows\System32\tzres.dll
08:43:17.0264 7164 C:\Windows\System32\tzres.dll - ok
08:43:17.0266 7164 [ D2D154D1842219A0620459C3C34EFD9D ] C:\Windows\System32\vdsvd.dll
08:43:17.0267 7164 C:\Windows\System32\vdsvd.dll - ok
08:43:17.0269 7164 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
08:43:17.0269 7164 C:\Windows\System32\fltLib.dll - ok
08:43:17.0271 7164 [ BBB44E9207E7F5A8D931AA6C74962C77 ] C:\Windows\System32\virtdisk.dll
08:43:17.0272 7164 C:\Windows\System32\virtdisk.dll - ok
08:43:17.0274 7164 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
08:43:17.0274 7164 C:\Windows\System32\mssrch.dll - ok
08:43:17.0277 7164 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
08:43:17.0277 7164 C:\Windows\SysWOW64\MMDevAPI.dll - ok
08:43:17.0279 7164 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
08:43:17.0279 7164 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
08:43:17.0282 7164 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
08:43:17.0282 7164 C:\Windows\SysWOW64\AudioSes.dll - ok
08:43:17.0285 7164 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
08:43:17.0285 7164 C:\Windows\SysWOW64\odbc32.dll - ok
08:43:17.0287 7164 [ C0DA0A273540D3A8B50AD1C9E01B4AEB ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
08:43:17.0287 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll - ok
08:43:17.0290 7164 [ 27F8BF031D9332C9C02AE8C1357185B3 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
08:43:17.0290 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe - ok
08:43:17.0293 7164 [ 11FBB8CB6865B7BA387095398EB91ED4 ] C:\Windows\SysWOW64\rapi.dll
08:43:17.0293 7164 C:\Windows\SysWOW64\rapi.dll - ok
08:43:17.0296 7164 [ A8C05DD686FD7521914AAE742DECB0DA ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
08:43:17.0296 7164 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
08:43:17.0299 7164 [ 9288150EE9E8B571BA8DC6B7D6F6BBEA ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\Main_help.dll
08:43:17.0299 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\Main_help.dll - ok
08:43:17.0301 7164 [ ED88C8281B49B34A39D5BCBC6DE935E8 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
08:43:17.0301 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll - ok
08:43:17.0303 7164 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
08:43:17.0304 7164 C:\Windows\SysWOW64\devenum.dll - ok
08:43:17.0306 7164 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
08:43:17.0306 7164 C:\Windows\System32\d3d10.dll - ok
08:43:17.0308 7164 [ B0B4C590C0CAE7741DA17E3DC86CC828 ] C:\Windows\SysWOW64\ceutil.dll
08:43:17.0308 7164 C:\Windows\SysWOW64\ceutil.dll - ok
08:43:17.0311 7164 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
08:43:17.0311 7164 C:\Windows\SysWOW64\msvcp60.dll - ok
08:43:17.0314 7164 [ 8FAD04A00BFE6977AA4743C067364B5F ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
08:43:17.0314 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll - ok
08:43:17.0317 7164 [ CEF58ABD7D7CC34431C9AD79D123F37D ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
08:43:17.0317 7164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll - ok
08:43:17.0320 7164 [ 917422E1B95A72B0328B301BACBF1B07 ] C:\Windows\SysWOW64\wcescommproxy.dll
08:43:17.0320 7164 C:\Windows\SysWOW64\wcescommproxy.dll - ok
08:43:17.0322 7164 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
08:43:17.0322 7164 C:\Windows\SysWOW64\avicap32.dll - ok
08:43:17.0325 7164 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
08:43:17.0325 7164 C:\Windows\SysWOW64\odbcint.dll - ok
08:43:17.0328 7164 [ B1E4D190CD21CC75AE38562400DD5345 ] C:\Windows\SysWOW64\rapistub.dll
08:43:17.0328 7164 C:\Windows\SysWOW64\rapistub.dll - ok
08:43:17.0330 7164 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
08:43:17.0330 7164 C:\Windows\SysWOW64\msvfw32.dll - ok
08:43:17.0333 7164 [ 5E8C93F2398CB414F026E7A0E670043B ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.crl
08:43:17.0333 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.crl - ok
08:43:17.0336 7164 [ 040DD0C4B58D7860E14F313ACB722087 ] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll
08:43:17.0336 7164 C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll - ok
08:43:17.0339 7164 [ 3379989F06B31347792836DCF028A325 ] C:\Windows\SysWOW64\rapiproxystub.dll
08:43:17.0339 7164 C:\Windows\SysWOW64\rapiproxystub.dll - ok
08:43:17.0341 7164 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
08:43:17.0341 7164 C:\Windows\System32\msidle.dll - ok
08:43:17.0344 7164 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
08:43:17.0344 7164 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
08:43:17.0347 7164 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
08:43:17.0347 7164 C:\Windows\System32\mssprxy.dll - ok
08:43:17.0349 7164 [ C418F8085C61D3B6911EE82157CA3775 ] C:\Windows\System32\hbaapi.dll
08:43:17.0349 7164 C:\Windows\System32\hbaapi.dll - ok
08:43:17.0352 7164 [ 7DF45A1E1A4AAFDEEFF2CA8F8200F37B ] C:\Windows\SysWOW64\WPDSp.dll
08:43:17.0352 7164 C:\Windows\SysWOW64\WPDSp.dll - ok
08:43:17.0354 7164 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
08:43:17.0354 7164 C:\Windows\SysWOW64\vfwwdm32.dll - ok
08:43:17.0357 7164 [ 3329E733706B889DE2AF3E01732B0EFE ] C:\Program Files (x86)\Creative\ShareDLL\CADI\CtCadiEp.dll
08:43:17.0357 7164 C:\Program Files (x86)\Creative\ShareDLL\CADI\CtCadiEp.dll - ok
08:43:17.0360 7164 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
08:43:17.0360 7164 C:\Windows\System32\UIAnimation.dll - ok
08:43:17.0362 7164 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
08:43:17.0362 7164 C:\Windows\System32\d3d10core.dll - ok
08:43:17.0365 7164 [ 45F681A6DE7CCD2E2CC3BAE71FC1CB51 ] C:\Windows\SysWOW64\CmdRtr.DLL
08:43:17.0365 7164 C:\Windows\SysWOW64\CmdRtr.DLL - ok
08:43:17.0367 7164 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
08:43:17.0368 7164 C:\Windows\System32\ddraw.dll - ok
08:43:17.0370 7164 [ 1CD5C2DFD2A5BF6DA720386679F3C449 ] C:\Windows\SysWOW64\HPZipr12.dll
08:43:17.0370 7164 C:\Windows\SysWOW64\HPZipr12.dll - ok
08:43:17.0373 7164 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
08:43:17.0373 7164 C:\Windows\System32\en-US\tquery.dll.mui - ok
08:43:17.0375 7164 [ EEB2CEF869A786AE94BF85340BA3168C ] C:\Windows\SysWOW64\APOMngr.DLL
08:43:17.0375 7164 C:\Windows\SysWOW64\APOMngr.DLL - ok
08:43:17.0378 7164 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
08:43:17.0378 7164 C:\Windows\SysWOW64\ksproxy.ax - ok
08:43:17.0380 7164 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
08:43:17.0380 7164 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
08:43:17.0383 7164 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
08:43:17.0383 7164 C:\Windows\SysWOW64\hid.dll - ok
08:43:17.0386 7164 [ 38D2DAE3D63914239C28982D8BB0CD94 ] C:\Windows\System32\hpzisn12.dll
08:43:17.0386 7164 C:\Windows\System32\hpzisn12.dll - ok
08:43:17.0388 7164 [ BFB58920F1EEA290AE511EDFA94FA2EF ] C:\Windows\System32\hpzipt12.dll
08:43:17.0388 7164 C:\Windows\System32\hpzipt12.dll - ok
08:43:17.0391 7164 [ D70A47788EE933D21C295F66EF2A9FC5 ] C:\Windows\SysWOW64\OemSpiE.dll
08:43:17.0391 7164 C:\Windows\SysWOW64\OemSpiE.dll - ok
08:43:17.0393 7164 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
08:43:17.0393 7164 C:\Windows\SysWOW64\ksuser.dll - ok
08:43:17.0396 7164 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
08:43:17.0396 7164 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
08:43:17.0399 7164 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
08:43:17.0399 7164 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
08:43:17.0401 7164 [ 43872001CB45A7AF1429535839528F00 ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\CameraHelperUI.dll
08:43:17.0401 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\CameraHelperUI.dll - ok
08:43:17.0404 7164 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
08:43:17.0404 7164 C:\Windows\SysWOW64\vidcap.ax - ok
08:43:17.0407 7164 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
08:43:17.0407 7164 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
08:43:17.0409 7164 [ EF645B71E16537226CA4680B80924E9D ] C:\Windows\SysWOW64\T3APO32.dll
08:43:17.0409 7164 C:\Windows\SysWOW64\T3APO32.dll - ok
08:43:17.0412 7164 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
08:43:17.0412 7164 C:\Windows\SysWOW64\Kswdmcap.ax - ok
08:43:17.0414 7164 [ 6813092105328F9FFE584DAC1F979A9B ] C:\Windows\SysWOW64\CTAPO32.dll
08:43:17.0414 7164 C:\Windows\SysWOW64\CTAPO32.dll - ok
08:43:17.0417 7164 [ 6EBD3E1663CE0E196D5025A15BBDA6BC ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\CameraControlsUI.dll
08:43:17.0417 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\CameraControlsUI.dll - ok
08:43:17.0420 7164 [ B8D0F6BBE420C93491CAD77ADE5026A0 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
08:43:17.0420 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe - ok
08:43:17.0423 7164 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
08:43:17.0423 7164 C:\Windows\SysWOW64\mfc42.dll - ok
08:43:17.0426 7164 [ F3B67C107F582593E3AA2452441C824B ] C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
08:43:17.0426 7164 C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll - ok
08:43:17.0428 7164 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
08:43:17.0428 7164 C:\Windows\System32\dciman32.dll - ok
08:43:17.0431 7164 [ 7B27CBCAEE6B817482F732CB316B1851 ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\VFXCore.dll
08:43:17.0431 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\VFXCore.dll - ok
08:43:17.0434 7164 [ 70ED31D8CB1E662B750FDB43308D6FF4 ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\CameraControls_Core.dll
08:43:17.0434 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\CameraControls_Core.dll - ok
08:43:17.0437 7164 [ C16628F1DFA5495A22E1DA05A852722C ] C:\Windows\System32\atiu9p64.dll
08:43:17.0437 7164 C:\Windows\System32\atiu9p64.dll - ok
08:43:17.0440 7164 [ DEAC01A4301AADB9A478EE56EB0A451B ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\VideoEffects.dll
08:43:17.0440 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\VideoEffects.dll - ok
08:43:17.0442 7164 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
08:43:17.0442 7164 C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll - ok
08:43:17.0445 7164 [ 21E0179A49F1E1B50520C1D528D8F7B7 ] C:\Windows\System32\atiumd64.dll
08:43:17.0445 7164 C:\Windows\System32\atiumd64.dll - ok
08:43:17.0448 7164 [ 9147D93CAAF6E704C70191451C1D23F3 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxm08.dll
08:43:17.0448 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxm08.dll - ok
08:43:17.0451 7164 [ B86DA61D55F3DEDA9C322D7BE5B005C6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
08:43:17.0451 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll - ok
08:43:17.0453 7164 [ 100C60AB554ED4D5FF061DA146236C6A ] C:\Program Files (x86)\Creative\ShareDLL\CADI\DBACS.dll
08:43:17.0453 7164 C:\Program Files (x86)\Creative\ShareDLL\CADI\DBACS.dll - ok
08:43:17.0456 7164 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
08:43:17.0456 7164 C:\Windows\SysWOW64\drprov.dll - ok
08:43:17.0459 7164 [ BF565B8BF23C31FE19B5103CC2CD197F ] C:\Program Files (x86)\Common Files\logishrd\SharedBin\LvApi11.dll
08:43:17.0459 7164 C:\Program Files (x86)\Common Files\logishrd\SharedBin\LvApi11.dll - ok
08:43:17.0462 7164 [ 723FCCFC592E5A022BD7FFC87B55AE91 ] C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
08:43:17.0462 7164 C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe - ok
08:43:17.0465 7164 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
08:43:17.0465 7164 C:\Windows\SysWOW64\ntlanman.dll - ok
08:43:17.0467 7164 [ D31B0E09BA644A8B7B797713FFAA80D5 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTThemeu.dll
08:43:17.0467 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTThemeu.dll - ok
08:43:17.0470 7164 [ 7672B66E9BDA3FD7B3B54857B4C305AC ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CtrlSrcu.dll
08:43:17.0470 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CtrlSrcu.dll - ok
08:43:17.0473 7164 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
08:43:17.0473 7164 C:\Windows\System32\wbem\wmiprov.dll - ok
08:43:17.0476 7164 [ ABAAC2BDA49E97F2682E777036E02DB0 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTIniFu.dll
08:43:17.0476 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTIniFu.dll - ok
08:43:17.0479 7164 [ 50B4230036B7453D232DFFFA8B489F88 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl.sku
08:43:17.0479 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl.sku - ok
08:43:17.0482 7164 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
08:43:17.0482 7164 C:\Windows\SysWOW64\davclnt.dll - ok
08:43:17.0484 7164 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
08:43:17.0484 7164 C:\Windows\System32\wbem\NCProv.dll - ok
08:43:17.0487 7164 [ 626FAE12AB3FCC7715B621B63FF6F3B6 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl2.sku
08:43:17.0487 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl2.sku - ok
08:43:17.0490 7164 [ 912F4220A2AF6E0F26A5F03DF42CA33D ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl3.sku
08:43:17.0490 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl3.sku - ok
08:43:17.0493 7164 [ F9D845272B6EBC7AEF5584DD5C12DEBF ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\RtxCtrl.sku
08:43:17.0493 7164 C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\RtxCtrl.sku - ok
08:43:17.0496 7164 [ 283BDE943A1A3911A710175A6354B1E2 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
08:43:17.0496 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll - ok
08:43:17.0499 7164 [ 4D49DD933AC8718903749E8E75E7A722 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
08:43:17.0499 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll - ok
08:43:17.0501 7164 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
08:43:17.0501 7164 C:\Windows\SysWOW64\davhlpr.dll - ok
08:43:17.0504 7164 [ 6CF198C73EA80EE19FAA6555844FC204 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
08:43:17.0504 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll - ok
08:43:17.0507 7164 [ 03DF31B15ADB2D0DCC2B6C56256D592B ] C:\Windows\SysWOW64\atiu9pag.dll
08:43:17.0507 7164 C:\Windows\SysWOW64\atiu9pag.dll - ok
08:43:17.0509 7164 [ 385EF8B29F7D77F713BBA461E954EAD1 ] C:\Windows\SysWOW64\atiumdag.dll
08:43:17.0509 7164 C:\Windows\SysWOW64\atiumdag.dll - ok
08:43:17.0512 7164 [ FEC368494BB89E978553A84C4A2D5A76 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
08:43:17.0512 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe - ok
08:43:17.0515 7164 [ 63C9BE8CD9815CB6BD2C2221A0034BE0 ] C:\Windows\System32\atiumd6a.dll
08:43:17.0515 7164 C:\Windows\System32\atiumd6a.dll - ok
08:43:17.0517 7164 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
08:43:17.0517 7164 C:\Windows\System32\iscsidsc.dll - ok
08:43:17.0520 7164 [ 22D98BF27F3DAE2B3E9559B9C40D49A1 ] C:\Windows\System32\iscsium.dll
08:43:17.0520 7164 C:\Windows\System32\iscsium.dll - ok
08:43:17.0523 7164 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
08:43:17.0523 7164 C:\Windows\System32\wmdrmdev.dll - ok
08:43:17.0525 7164 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
08:43:17.0525 7164 C:\Windows\System32\drmv2clt.dll - ok
08:43:17.0528 7164 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
08:43:17.0528 7164 C:\Windows\System32\mfplat.dll - ok
08:43:17.0530 7164 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
08:43:17.0530 7164 C:\Windows\System32\wersvc.dll - ok
08:43:17.0533 7164 [ 423069307FB726E51E2A66F1C3F738FE ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
08:43:17.0533 7164 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok
08:43:17.0536 7164 [ B1516A90A3CBE0C108E679691AD05A7B ] C:\Windows\SysWOW64\atiumdva.dll
08:43:17.0536 7164 C:\Windows\SysWOW64\atiumdva.dll - ok
08:43:17.0539 7164 [ E6B7E297B81010C2F2267E01A9D2A2C3 ] C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManagerPS.dll
08:43:17.0539 7164 C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManagerPS.dll - ok
08:43:17.0542 7164 [ 2A632A95433E9719F37AE06BA00543AC ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
08:43:17.0542 7164 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok
08:43:17.0544 7164 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
08:43:17.0544 7164 C:\Windows\System32\wmp.dll - ok
08:43:17.0547 7164 [ A699F67BA05954DCA08BDF95D1968B4E ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
08:43:17.0547 7164 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
08:43:17.0550 7164 [ D43EA2ACA018CB0504C161CEAB1312D1 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
08:43:17.0550 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll - ok
08:43:17.0552 7164 [ 51817CED2E8FE4057E8397DB6ABC419F ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
08:43:17.0552 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc - ok
08:43:17.0555 7164 [ 4734A141B0842692549C6C368567794C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
08:43:17.0555 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll - ok
08:43:17.0558 7164 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
08:43:17.0558 7164 C:\Windows\System32\upnp.dll - ok
08:43:17.0560 7164 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
08:43:17.0560 7164 C:\Windows\System32\ssdpsrv.dll - ok
08:43:17.0563 7164 [ 703783AA32CA9838FECB2B6DD8095E3B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
08:43:17.0563 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll - ok
08:43:17.0565 7164 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
08:43:17.0565 7164 C:\Windows\System32\wmploc.DLL - ok
08:43:17.0568 7164 [ 893F0DB15CDC15264DFAC91941ADD7E4 ] C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
08:43:17.0568 7164 C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll - ok
08:43:17.0571 7164 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
08:43:17.0571 7164 C:\Program Files\Internet Explorer\ieproxy.dll - ok
08:43:17.0574 7164 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
08:43:17.0574 7164 C:\Windows\System32\wmpps.dll - ok
08:43:17.0576 7164 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
08:43:17.0576 7164 C:\Windows\System32\wmpmde.dll - ok
08:43:17.0579 7164 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
08:43:17.0579 7164 C:\Windows\System32\WinSATAPI.dll - ok
08:43:17.0581 7164 [ B51F2997A2921D7AF98B7065B9C5A368 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
08:43:17.0581 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc - ok
08:43:17.0584 7164 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
08:43:17.0584 7164 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
08:43:17.0587 7164 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
08:43:17.0587 7164 C:\Windows\System32\MSMPEG2ENC.DLL - ok
08:43:17.0590 7164 [ 91AB2FA50063479FB1EABE4500B79066 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
08:43:17.0590 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll - ok
08:43:17.0592 7164 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
08:43:17.0592 7164 C:\Windows\System32\devenum.dll - ok
08:43:17.0595 7164 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
08:43:17.0595 7164 C:\Windows\System32\msdmo.dll - ok
08:43:17.0597 7164 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
08:43:17.0597 7164 C:\Windows\System32\upnphost.dll - ok
08:43:17.0600 7164 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
08:43:17.0600 7164 C:\Windows\SysWOW64\perfdisk.dll - ok
08:43:17.0603 7164 [ F23A33870B223A96BE469B798558DFEC ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
08:43:17.0603 7164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll - ok
08:43:17.0606 7164 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
08:43:17.0606 7164 C:\Windows\SysWOW64\security.dll - ok
08:43:17.0608 7164 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
08:43:17.0608 7164 C:\Windows\SysWOW64\logoncli.dll - ok
08:43:17.0611 7164 [ 5DA32BA5D9789BA3FEE8A867EC966C5C ] C:\Windows\SysWOW64\HPZidr12.dll
08:43:17.0611 7164 C:\Windows\SysWOW64\HPZidr12.dll - ok
08:43:17.0613 7164 [ 8D58C34EA1304DAB6D8B16925265B5AA ] C:\Program Files\Common Files\logishrd\sp6\LU\LULnchr.exe
08:43:17.0613 7164 C:\Program Files\Common Files\logishrd\sp6\LU\LULnchr.exe - ok
08:43:17.0616 7164 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
08:43:17.0616 7164 C:\Windows\System32\udhisapi.dll - ok
08:43:17.0619 7164 [ E45989C127C0476A937D6BEAA6E28211 ] C:\Program Files\Common Files\logishrd\sp6\LU\LogitechUpdate.exe
08:43:17.0619 7164 C:\Program Files\Common Files\logishrd\sp6\LU\LogitechUpdate.exe - ok
08:43:17.0622 7164 [ 534D84434D9DB1D1E1E865F64E52AA8E ] C:\Windows\System32\twext.dll
08:43:17.0622 7164 C:\Windows\System32\twext.dll - ok
08:43:17.0624 7164 [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll
08:43:17.0624 7164 C:\Windows\System32\zipfldr.dll - ok
08:43:17.0627 7164 [ E922DA6DC2B999318FBDE2536D814AF0 ] C:\Program Files (x86)\Norton Ghost\Browser\VProShellExt64.dll
08:43:17.0627 7164 C:\Program Files (x86)\Norton Ghost\Browser\VProShellExt64.dll - ok
08:43:17.0630 7164 [ B23DC8152CFF41B0AD293640394D289C ] C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\EventMonitors.dll
08:43:17.0630 7164 C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\EventMonitors.dll - ok
08:43:17.0633 7164 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
08:43:17.0633 7164 C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
08:43:17.0636 7164 [ CFCE941483ECD493C7843944EF275A98 ] C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitShellExt64.dll
08:43:17.0636 7164 C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitShellExt64.dll - ok
08:43:17.0639 7164 [ 470C237C9174BC3D3CBF68DA8A9A0C01 ] C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
08:43:17.0639 7164 C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll - ok
08:43:17.0642 7164 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
08:43:17.0642 7164 C:\Windows\System32\p2psvc.dll - ok
08:43:17.0644 7164 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
08:43:17.0644 7164 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
08:43:17.0647 7164 [ A10B048B681C38E26CA90CD1BC123604 ] C:\Windows\System32\syncui.dll
08:43:17.0647 7164 C:\Windows\System32\syncui.dll - ok
08:43:17.0649 7164 [ 8699D17DFCFCD327784034DB6BD3A422 ] C:\Windows\System32\synceng.dll
08:43:17.0649 7164 C:\Windows\System32\synceng.dll - ok
08:43:17.0652 7164 [ 8B22B0CF8912F810B28AFBFC8B42727F ] C:\Windows\System32\acppage.dll
08:43:17.0652 7164 C:\Windows\System32\acppage.dll - ok
08:43:17.0654 7164 [ 6441D2FFB14B613C1D44D709BC7F8FFA ] C:\Windows\System32\sendmail.dll
08:43:17.0654 7164 C:\Windows\System32\sendmail.dll - ok
08:43:17.0657 7164 [ C8994E2703410F8DFE19DE5BF82994C0 ] C:\Windows\System32\mydocs.dll
08:43:17.0657 7164 C:\Windows\System32\mydocs.dll - ok
08:43:17.0659 7164 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
08:43:17.0660 7164 C:\Windows\System32\wpdshext.dll - ok
08:43:17.0662 7164 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
08:43:17.0662 7164 C:\Windows\System32\EhStorAPI.dll - ok
08:43:17.0665 7164 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:43:17.0665 7164 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
08:43:17.0668 7164 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
08:43:17.0668 7164 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
08:43:17.0671 7164 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:43:17.0671 7164 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
08:43:17.0673 7164 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
08:43:17.0673 7164 C:\Windows\System32\msvcr100_clr0400.dll - ok
08:43:17.0676 7164 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
08:43:17.0676 7164 C:\Windows\System32\mscoree.dll - ok
08:43:17.0679 7164 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
08:43:17.0679 7164 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
08:43:17.0682 7164 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
08:43:17.0682 7164 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
08:43:17.0685 7164 [ 1663A135865F0BA6E853353E98E67F2A ] C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:43:17.0685 7164 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe - ok
08:43:17.0688 7164 [ F9D038A8C2BDC3AE2548150A7AED0F8A ] C:\Windows\SysWOW64\ieui.dll
08:43:17.0688 7164 C:\Windows\SysWOW64\ieui.dll - ok
08:43:17.0690 7164 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
08:43:17.0690 7164 C:\Windows\SysWOW64\mssprxy.dll - ok
08:43:17.0693 7164 [ 1D4127FE151165C5FB9C0EED8701A3D1 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
08:43:17.0693 7164 C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
08:43:17.0696 7164 [ CCA6A20181B7719B584AEE1DD6542A4E ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
08:43:17.0696 7164 C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
08:43:17.0698 7164 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
08:43:17.0698 7164 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
08:43:17.0701 7164 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
08:43:17.0701 7164 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
08:43:17.0704 7164 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
08:43:17.0704 7164 C:\Windows\SysWOW64\duser.dll - ok
08:43:17.0706 7164 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
08:43:17.0706 7164 C:\Windows\SysWOW64\dui70.dll - ok
08:43:17.0709 7164 [ 1142936B5F0EFA2C670AA71A31F10A3A ] C:\Windows\SysWOW64\atiuxpag.dll
08:43:17.0709 7164 C:\Windows\SysWOW64\atiuxpag.dll - ok
08:43:17.0711 7164 [ 700602AA895E01BD185E7866022EA78B ] C:\Windows\SysWOW64\atidxx32.dll
08:43:17.0711 7164 C:\Windows\SysWOW64\atidxx32.dll - ok
08:43:17.0714 7164 [ 31B0448CC0694378106582F46D0D07E4 ] C:\Windows\SysWOW64\url.dll
08:43:17.0714 7164 C:\Windows\SysWOW64\url.dll - ok
08:43:17.0717 7164 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
08:43:17.0717 7164 C:\Windows\System32\webcheck.dll - ok
08:43:17.0719 7164 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
08:43:17.0719 7164 C:\Windows\System32\SearchProtocolHost.exe - ok
08:43:17.0722 7164 [ FDA1BA7B2179F29D6DEB3DEC9C9037D0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
08:43:17.0722 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll - ok
08:43:17.0725 7164 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
08:43:17.0725 7164 C:\Windows\System32\mlang.dll - ok
08:43:17.0727 7164 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
08:43:17.0727 7164 C:\Windows\System32\imapi2.dll - ok
08:43:17.0730 7164 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
08:43:17.0730 7164 C:\Windows\System32\msshooks.dll - ok
08:43:17.0733 7164 [ B9497C5ACAEA521663BFFBB321DD3AFA ] C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
08:43:17.0733 7164 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll - ok
08:43:17.0735 7164 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
08:43:17.0735 7164 C:\Windows\System32\SearchFilterHost.exe - ok
08:43:17.0738 7164 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
08:43:17.0738 7164 C:\Windows\System32\hgcpl.dll - ok
08:43:17.0741 7164 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
08:43:17.0741 7164 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
08:43:17.0744 7164 [ B53A732C08002F6EDA943DEB8CE91F6E ] C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll
08:43:17.0744 7164 C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll - ok
08:43:17.0746 7164 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
08:43:17.0747 7164 C:\Windows\System32\mssph.dll - ok
08:43:17.0749 7164 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
08:43:17.0749 7164 C:\Windows\System32\mapi32.dll - ok
08:43:17.0752 7164 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\SysWOW64\Query.dll
08:43:17.0752 7164 C:\Windows\SysWOW64\Query.dll - ok
08:43:17.0754 7164 [ BAD663957F682F95B22C4E83AB49CB52 ] C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
08:43:17.0754 7164 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe - ok
08:43:17.0757 7164 [ 58EC0172DA8A00597E93A072F6E7F044 ] C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll
08:43:17.0757 7164 C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll - ok
08:43:17.0760 7164 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
08:43:17.0760 7164 C:\Windows\SysWOW64\samlib.dll - ok
08:43:17.0763 7164 [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\SysWOW64\audiodev.dll
08:43:17.0763 7164 C:\Windows\SysWOW64\audiodev.dll - ok
08:43:17.0765 7164 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL
08:43:17.0765 7164 C:\Windows\SysWOW64\WMVCORE.DLL - ok
08:43:17.0768 7164 [ CA69DB1BB9982F7422D2FCCD00965740 ] C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleCld_69A221B9205A3D78.dll
08:43:17.0768 7164 C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleCld_69A221B9205A3D78.dll - ok
08:43:17.0771 7164 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
08:43:17.0771 7164 C:\Windows\SysWOW64\WMASF.DLL - ok
08:43:17.0773 7164 [ E5BC8D93CDCB957146D971647849A154 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
08:43:17.0774 7164 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
08:43:17.0776 7164 [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\SysWOW64\EhStorAPI.dll
08:43:17.0776 7164 C:\Windows\SysWOW64\EhStorAPI.dll - ok
08:43:17.0779 7164 [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
08:43:17.0779 7164 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
08:43:17.0782 7164 [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\SysWOW64\ieapfltr.dll
08:43:17.0782 7164 C:\Windows\SysWOW64\ieapfltr.dll - ok
08:43:17.0785 7164 [ D7999068E94589045BB8C5380AC79937 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
08:43:17.0785 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll - ok
08:43:17.0787 7164 [ 7E57B6D3D74CB9EF3055BA4E89F038D4 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_146.ocx
08:43:17.0787 7164 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_146.ocx - ok
08:43:17.0790 7164 [ 4D0E841C3C6ECCE2E93F3AF66EE8106F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d92e5f1e586d494a2de3b3d091bc8793\System.ServiceProcess.ni.dll
08:43:17.0790 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d92e5f1e586d494a2de3b3d091bc8793\System.ServiceProcess.ni.dll - ok
08:43:17.0794 7164 [ D00B879C3676A21AAA09CA322CE113F4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
08:43:17.0794 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
08:43:17.0796 7164 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
08:43:17.0796 7164 C:\Windows\System32\fdPHost.dll - ok
08:43:17.0799 7164 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
08:43:17.0799 7164 C:\Windows\System32\fdWSD.dll - ok
08:43:17.0800 7164 [ 1AC6B36A1B773A7F7FB3FA3B732171C1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
08:43:17.0800 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
08:43:17.0803 7164 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
08:43:17.0803 7164 C:\Windows\System32\fdSSDP.dll - ok
08:43:17.0806 7164 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
08:43:17.0806 7164 C:\Windows\System32\P2P.dll - ok
08:43:17.0809 7164 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
08:43:17.0809 7164 C:\Windows\System32\ListSvc.dll - ok
08:43:17.0811 7164 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
08:43:17.0811 7164 C:\Windows\System32\p2pcollab.dll - ok
08:43:17.0814 7164 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
08:43:17.0814 7164 C:\Windows\System32\IdListen.dll - ok
08:43:17.0816 7164 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
08:43:17.0816 7164 C:\Windows\SysWOW64\mscms.dll - ok
08:43:17.0819 7164 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
08:43:17.0819 7164 C:\Windows\System32\hgprint.dll - ok
08:43:17.0822 7164 [ 0EF54B7814EFA5C1364A7C6495BD1DBD ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
08:43:17.0822 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
08:43:17.0825 7164 [ 848449F41B6E9553FF5D5F864191B834 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll
08:43:17.0825 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll - ok
08:43:17.0828 7164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
08:43:17.0828 7164 C:\Windows\System32\pnrpsvc.dll - ok
08:43:17.0831 7164 [ 36B31861AD1B53433E8C9D09035E23D1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll
08:43:17.0831 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll - ok
08:43:17.0834 7164 [ 5D673EBF455EFA227C66EA0D8CE33B52 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
08:43:17.0834 7164 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe - ok
08:43:17.0837 7164 [ EAD7F8749BB2B19EF7DA62E20E008D6B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
08:43:17.0837 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
08:43:17.0839 7164 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
08:43:17.0839 7164 C:\Windows\System32\QAGENTRT.DLL - ok
08:43:17.0842 7164 [ 6CCADF81A2CE922D169C2B57D7ABCDC3 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
08:43:17.0842 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - ok
08:43:17.0845 7164 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
08:43:17.0845 7164 C:\Windows\System32\fveui.dll - ok
08:43:17.0847 7164 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
08:43:17.0848 7164 C:\Windows\System32\P2PGraph.dll - ok
08:43:17.0850 7164 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
08:43:17.0850 7164 C:\Windows\SysWOW64\oleaccrc.dll - ok
08:43:17.0853 7164 [ 428B13439AB1372DCC20056D4D99D4BD ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.dll
08:43:17.0853 7164 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.dll - ok
08:43:17.0856 7164 [ D206AB16CF82C078D00FDAE9130A4B44 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
08:43:17.0856 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll - ok
08:43:17.0859 7164 [ 151375A2F276FBE67A31FC43C2799981 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
08:43:17.0859 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
08:43:17.0862 7164 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
08:43:17.0862 7164 C:\Windows\SysWOW64\p2pcollab.dll - ok
08:43:17.0865 7164 [ 5CA2A1DBE29AEA7F0B5D2848A8D03F58 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
08:43:17.0865 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll - ok
08:43:17.0868 7164 [ 439A1A6796640284C82048B6A5379378 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
08:43:17.0868 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll - ok
08:43:17.0871 7164 [ CBDB42644849DC69D7D6169680272E1E ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll
08:43:17.0871 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
08:43:17.0874 7164 [ DF150B1D8AC2BCD91BDE25E2E2AB4634 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll
08:43:17.0874 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll - ok
08:43:17.0877 7164 [ E8F87E9951F1BA6CB6DB9CDA1B22F9A4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll
08:43:17.0877 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
08:43:17.0880 7164 [ 650464CA12ED30AC31A8D4FE0353223C ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll
08:43:17.0880 7164 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll - ok
08:43:17.0883 7164 [ CA618958889A8BA0E37E6E5E59B73BD5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
08:43:17.0883 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll - ok
08:43:17.0885 7164 [ 4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\SysWOW64\vbscript.dll
08:43:17.0885 7164 C:\Windows\SysWOW64\vbscript.dll - ok
08:43:17.0888 7164 [ 49E33BB5A579A15D3FC0CFA09513F3F9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll
08:43:17.0888 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll - ok
08:43:17.0891 7164 [ 29B86B3C8253280151EEBE843A9648CD ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
08:43:17.0891 7164 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
08:43:17.0894 7164 [ A8E62772CF2B709282F416EE016C97C6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll
08:43:17.0894 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll - ok
08:43:17.0897 7164 [ 41962D5E18E9874390BC1F074571A6BB ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
08:43:17.0897 7164 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
08:43:17.0900 7164 [ 484E37FF77E377C4B8D3A439F4D2D173 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll
08:43:17.0900 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll - ok
08:43:17.0903 7164 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
08:43:17.0903 7164 C:\Windows\SysWOW64\icm32.dll - ok
08:43:17.0906 7164 [ 4BF940A921BFAC209EC6CF31E091EA05 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll
08:43:17.0906 7164 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll - ok
08:43:17.0909 7164 [ A836803227004B6F513C825B25665E73 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll
08:43:17.0909 7164 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll - ok
08:43:17.0912 7164 [ EC133C3E2A97AA6FBC276DCCCD0645BF ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll
08:43:17.0912 7164 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll - ok
08:43:17.0915 7164 [ AB97D171A77B5F4BAFB033BF539BED42 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll
08:43:17.0915 7164 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll - ok
08:43:17.0918 7164 [ 4E820CB4B2193922A4B7723925AB4B58 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll
08:43:17.0918 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll - ok
08:43:17.0921 7164 [ F8C1508FAF0DD3CC9A61A02BF0CEC2B6 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
08:43:17.0921 7164 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
08:43:17.0924 7164 [ C755E17BAC396F9A9F468320B3F6CF46 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
08:43:17.0924 7164 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
08:43:17.0927 7164 [ 14D20E40BD039D042BBCA225C53C0B56 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll
08:43:17.0927 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll - ok
08:43:17.0930 7164 [ ED6463919045F584C9696D4876F65DDE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
08:43:17.0930 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
08:43:17.0933 7164 [ B45F3D98A83B6E17599FD8E70ED5D9AE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
08:43:17.0933 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll - ok
08:43:17.0936 7164 [ 5137542DD12223E58C385F7664B6AD62 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e43f80b6a3a40323520dd89cb77500a8\System.Windows.Forms.ni.dll
08:43:17.0936 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e43f80b6a3a40323520dd89cb77500a8\System.Windows.Forms.ni.dll - ok
08:43:17.0939 7164 [ 2770DE874AC34B27AFC72B0C8CC3EC87 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
08:43:17.0939 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
08:43:17.0942 7164 [ F99B93CE2EEB951DD980713C3C73A5E3 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
08:43:17.0942 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
08:43:17.0945 7164 [ CF6041854E73301B7FCE3390D34BDEC8 ] C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll
08:43:17.0945 7164 C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
08:43:17.0948 7164 [ 24AF833D9DD4D2DC9DA9475CA380185B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
08:43:17.0948 7164 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
08:43:17.0951 7164 [ 386D6256BB8CD7496DBF7AEF9DC03836 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll
08:43:17.0951 7164 C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll - ok
08:43:17.0954 7164 [ 8A74BCA77FDB507065A8D0F2BEE9558D ] C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
08:43:17.0954 7164 C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
08:43:17.0956 7164 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
08:43:17.0956 7164 C:\Windows\System32\IPBusEnum.dll - ok
08:43:17.0959 7164 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
08:43:17.0959 7164 C:\Windows\System32\sppsvc.exe - ok
08:43:17.0961 7164 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
08:43:17.0961 7164 C:\Windows\System32\wscsvc.dll - ok
08:43:17.0963 7164 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
08:43:17.0963 7164 C:\Windows\System32\drivers\spsys.sys - ok
08:43:17.0966 7164 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
08:43:17.0966 7164 C:\Windows\System32\wuaueng.dll - ok
08:43:17.0968 7164 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
08:43:17.0968 7164 C:\Windows\System32\cabinet.dll - ok
08:43:17.0971 7164 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
08:43:17.0971 7164 C:\Windows\System32\mspatcha.dll - ok
08:43:17.0974 7164 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
08:43:17.0974 7164 C:\Windows\System32\sppwinob.dll - ok
08:43:17.0977 7164 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
08:43:17.0977 7164 C:\Windows\System32\wuapi.dll - ok
08:43:17.0979 7164 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
08:43:17.0979 7164 C:\Windows\System32\wups.dll - ok
08:43:17.0982 7164 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
08:43:17.0982 7164 C:\Windows\System32\drttransport.dll - ok
08:43:17.0984 7164 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
08:43:17.0984 7164 C:\Windows\System32\drt.dll - ok
08:43:17.0987 7164 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
08:43:17.0987 7164 C:\Windows\System32\wups2.dll - ok
08:43:17.0990 7164 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
08:43:17.0990 7164 C:\Windows\System32\sppobjs.dll - ok
08:43:17.0992 7164 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
08:43:17.0992 7164 C:\Windows\System32\drivers\asyncmac.sys - ok
08:43:17.0995 7164 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
08:43:17.0995 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
08:43:17.0998 7164 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
08:43:17.0998 7164 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
08:43:18.0001 7164 [ E44AFEA3C13A96FC79ABA67E5F0DC3AD ] C:\Windows\System32\qdvd.dll
08:43:18.0001 7164 C:\Windows\System32\qdvd.dll - ok
08:43:18.0004 7164 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
08:43:18.0004 7164 C:\Windows\System32\mf.dll - ok
08:43:18.0006 7164 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
08:43:18.0006 7164 C:\Windows\System32\consent.exe - ok
08:43:18.0009 7164 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\John\Desktop\tdsskiller.exe
08:43:18.0009 7164 C:\Users\John\Desktop\tdsskiller.exe - ok
08:43:18.0011 7164 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
08:43:18.0011 7164 C:\Windows\SysWOW64\winhttp.dll - ok
08:43:18.0014 7164 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
08:43:18.0014 7164 C:\Windows\SysWOW64\webio.dll - ok
08:43:18.0016 7164 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\57489196.sys
08:43:18.0016 7164 C:\Windows\System32\drivers\57489196.sys - ok
08:43:18.0019 7164 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
08:43:18.0019 7164 C:\Windows\SysWOW64\riched20.dll - ok
08:43:18.0022 7164 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
08:43:18.0022 7164 C:\Windows\System32\PhotoMetadataHandler.dll - ok
08:43:18.0024 7164 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
08:43:18.0024 7164 C:\Windows\System32\WindowsCodecsExt.dll - ok
08:43:18.0027 7164 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
08:43:18.0027 7164 C:\Windows\System32\wscinterop.dll - ok
08:43:18.0030 7164 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
08:43:18.0030 7164 C:\Windows\System32\wscui.cpl - ok
08:43:18.0032 7164 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
08:43:18.0032 7164 C:\Windows\System32\werconcpl.dll - ok
08:43:18.0035 7164 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
08:43:18.0035 7164 C:\Windows\System32\wercplsupport.dll - ok
08:43:18.0038 7164 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
08:43:18.0038 7164 C:\Windows\System32\hcproviders.dll - ok
08:43:18.0039 7164 ============================================================
08:43:18.0039 7164 Scan finished
08:43:18.0040 7164 ============================================================
08:43:18.0046 7156 Detected object count: 8
08:43:18.0046 7156 Actual detected object count: 8
08:44:19.0493 7156 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0493 7156 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0494 7156 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0494 7156 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0495 7156 Creative Media Toolbox 6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0495 7156 Creative Media Toolbox 6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0496 7156 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0496 7156 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0497 7156 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0497 7156 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0497 7156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0497 7156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0498 7156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0498 7156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:19.0499 7156 Real time Backup Loader ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:19.0499 7156 Real time Backup Loader ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:44:24.0349 7052 Deinitialize success

Attached Files

TDSSKiller.2.8.15.0_02.02.2013_08.42.03_log.txt 612.69KB 101 downloads

#8
Condor124

Posted 02 February 2013 - 05:10 PM

Member

Topic Starter
Member
12 posts

Malwarebytes:
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.02.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
John :: DELL_DESKTOP [administrator]

Protection: Enabled

2/2/2013 8:55:45 AM
mbam-log-2013-02-02 (08-55-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244800
Time elapsed: 2 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Attached Files

mbam-log-2013-02-02 (08-55-45).txt 1.88KB 113 downloads

#9
Condor124

Posted 02 February 2013 - 05:11 PM

Member

Topic Starter
Member
12 posts

VEW:
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 02/02/2013 9:33:15 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 2:27:43 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Backup Scheduler service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 2:27:49 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20060413092100000&0#.

Log: 'System' Date/Time: 02/02/2013 2:26:34 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

VEW.txt 1.16KB 126 downloads

#10
Condor124

Posted 02 February 2013 - 05:13 PM

Member

Topic Starter
Member
12 posts

VEW with Application:
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 02/02/2013 9:37:44 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/02/2013 2:26:22 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3065872863-3284838871-378539591-1001:
Process 692 (\Device\HarddiskVolume3\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3065872863-3284838871-378539591-1001
Process 692 (\Device\HarddiskVolume3\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3065872863-3284838871-378539591-1001
Process 692 (\Device\HarddiskVolume3\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3065872863-3284838871-378539591-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 692 (\Device\HarddiskVolume3\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3065872863-3284838871-378539591-1001\Software\Microsoft\SystemCertificates\My
Process 692 (\Device\HarddiskVolume3\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3065872863-3284838871-378539591-1001\Software\Microsoft\SystemCertificates\CA

VEW (application).txt 1.73KB 136 downloads

#11
Condor124

Posted 02 February 2013 - 05:14 PM

Member

Topic Starter
Member
12 posts

OTL:
OTL logfile created on: 2/2/2013 9:39:12 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 3.96 Gb Available Physical Memory | 66.14% Memory free
17.99 Gb Paging File | 15.11 Gb Available in Paging File | 84.01% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142Z:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 487.80 Gb Free Space | 71.36% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.37 Gb Free Space | 49.12% Space Free | Partition Type: NTFS
Drive F: | 2794.52 Gb Total Space | 1743.34 Gb Free Space | 62.38% Space Free | Partition Type: NTFS
Drive Z: | 931.51 Gb Total Space | 823.03 Gb Free Space | 88.35% Space Free | Partition Type: NTFS

Computer Name: DELL_DESKTOP | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/31 20:55:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL (1).exe
PRC - [2013/01/28 20:18:08 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2013/01/20 14:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/01/19 09:07:01 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/17 17:14:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/12/17 17:14:10 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2012/12/17 16:48:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/10/22 14:37:14 | 002,379,160 | ---- | M] (SkyHawke) -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/11/20 07:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
PRC - [2010/10/19 12:09:04 | 001,795,488 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2010/09/06 02:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/05/17 13:45:32 | 001,615,176 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/05/07 18:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/03/03 18:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
PRC - [2010/03/03 18:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
PRC - [2009/05/20 20:02:56 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\FsLoader.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/09/14 21:21:22 | 003,831,068 | ---- | M] () -- C:\Program Files (x86)\nFinity\QuickVoice\qvrem.exe
PRC - [2007/04/17 15:22:22 | 000,184,320 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/22 14:37:16 | 000,166,296 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
MOD - [2012/10/22 14:32:12 | 000,591,360 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
MOD - [2012/10/22 14:32:00 | 000,107,008 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/12 09:23:44 | 000,330,584 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2010/10/29 15:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
MOD - [2010/10/29 15:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/09/23 09:52:52 | 002,537,472 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll
MOD - [2010/09/13 00:12:38 | 000,744,448 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll
MOD - [2010/09/12 21:16:14 | 002,173,952 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll
MOD - [2010/09/12 20:30:18 | 009,814,016 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll
MOD - [2010/09/12 19:55:26 | 001,140,224 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll
MOD - [2010/09/12 19:51:28 | 000,399,360 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll
MOD - [2010/07/27 03:03:10 | 000,181,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\SharedBin\LvApi11.dll
MOD - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2009/08/26 05:29:28 | 000,150,016 | ---- | M] () -- C:\Windows\SysWOW64\OemSpiE.dll
MOD - [2009/06/22 13:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
MOD - [2009/04/22 16:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 18:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/03/03 17:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 17:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 17:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 17:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 17:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 17:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 17:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 17:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 17:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll
MOD - [2009/02/06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2009/01/10 05:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
MOD - [2008/09/14 21:21:22 | 003,831,068 | ---- | M] () -- C:\Program Files (x86)\nFinity\QuickVoice\qvrem.exe

========== Services (SafeList) ==========

SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/10/27 02:51:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/28 20:18:08 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/18 11:17:35 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/11/26 13:33:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/11/24 15:59:28 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/11/11 04:46:06 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/11/11 03:51:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/06 02:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/05/17 13:45:32 | 001,615,176 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 18:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010/02/12 06:09:18 | 002,227,216 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe -- (GenericMount Helper Service)
SRV - [2010/02/11 01:34:18 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/20 20:02:56 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\FsLoader.exe -- (Real time Backup Loader)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2007/09/12 17:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010/11/20 06:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 05:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/11 03:55:31 | 000,194,640 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/27 02:14:24 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/27 08:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2010/07/27 08:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/03 18:59:22 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2010/02/12 06:10:12 | 000,066,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2010/02/11 01:34:46 | 000,170,032 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009/09/21 19:40:14 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VPROEVENTMONITOR)
DRV:64bit: - [2009/09/15 04:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/07/13 19:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 19:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 19:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/20 20:02:56 | 000,221,712 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\DCDisk.sys -- (DCDisk)
DRV:64bit: - [2009/05/20 20:02:56 | 000,088,592 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dcsnap.sys -- (dcsnap)
DRV:64bit: - [2009/05/08 11:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2009/05/06 02:34:52 | 000,639,512 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t3.sys -- (t3)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007/10/11 11:40:00 | 000,027,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MosIrUsb.sys -- (MosIrUsb)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA EB B1 78 7D 81 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADRA_enUS502
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/17 20:35:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/17 20:35:13 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.0.0.1280_0\npToolbarChrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Trend Micro Toolbar = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.4.0.1034_0\
CHR - Extension: Skype Click to Call = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2013/02/02 08:15:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll File not found
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CaddieSyncConduit] C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe (SkyHawke)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cleverreach.com ([novastor] http in Trusted sites)
O15 - HKCU\..Trusted Domains: google-analytics.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: navy.mil ([webmail.east.nmci] https in Trusted sites)
O15 - HKCU\..Trusted Domains: novastor.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: novastor.com ([]https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{689CBF1A-0677-407D-BBAA-3528CAE1FE89}: DhcpNameServer = 68.105.28.11 68.105.29.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9117819C-23F2-4114-B418-F50D3CAA5052}: DhcpNameServer = 68.105.28.11 68.105.29.11
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll File not found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/10/08 20:03:19 | 000,000,000 | ---D | M] - F:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: SPIRunE - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: 84818979.sys - Driver
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: 84818979.sys - Driver
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: 84818979.sys - Driver
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: 84818979.sys - Driver
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {49F26A31-48B1-729C-00B6-C63E4E7AE4D2} - Microsoft Windows Media Player
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D0C1CE37-1DFC-1CFD-B1B3-14BC3BCA97C0} - Browser Customizations
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8FFF0CF-FDE2-F4FA-6E78-85D0BF08CE4D} - Browser Customizations
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EEE28FD6-3165-6ABD-36AA-7DF9630206D8} - Browser Customizations
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\mcmjpg32.dll (MainConcept)
Drivers32: VIDC.MP42 - C:\Windows\SysWow64\Mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MP43 - C:\Windows\SysWow64\Mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\Windows\SysWow64\Mpg4c32.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/02/02 09:25:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2013/02/02 08:55:08 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Malwarebytes
[2013/02/02 08:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/02 08:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/02/02 08:55:01 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/02/02 08:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/02/02 08:52:54 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\John\Desktop\mbam-consumer.exe
[2013/02/02 08:37:42 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/02/02 08:33:26 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\John\Desktop\tdsskiller.exe
[2013/02/02 08:15:37 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/02/02 07:48:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/02/02 07:48:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/02/02 07:48:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/02/02 07:48:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/02 07:48:39 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/02/02 07:46:35 | 005,029,149 | R--- | C] (Swearware) -- C:\Users\John\Desktop\ComboFix.exe
[2013/02/02 07:38:33 | 000,000,000 | ---D | C] -- C:\Users\John\Desktop\Malware Incident
[2013/02/02 07:34:49 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\John\Desktop\aswMBR.exe
[2013/01/31 20:54:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL (1).exe
[2013/01/29 06:55:55 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Uniblue
[2013/01/29 06:54:57 | 000,000,000 | ---D | C] -- Z:\Duplicate Photo Finder
[2013/01/29 06:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photo Finder
[2013/01/29 06:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Duplicate Photo Finder
[2013/01/29 06:46:10 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\EasyDuplicateFinder
[2013/01/29 06:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Duplicate Finder 4
[2013/01/28 20:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Laplink
[2013/01/28 20:39:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Laplink
[2013/01/28 20:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover Professional
[2013/01/28 20:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Laplink
[2013/01/28 20:38:03 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Downloaded Installations
[2013/01/12 09:53:13 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/01/12 09:53:13 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/01/12 09:53:00 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/12 09:52:58 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/01/12 09:52:53 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/01/12 09:52:53 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/01/12 09:52:53 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/01/12 09:52:53 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/01/12 09:52:53 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/01/12 09:52:53 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/01/12 09:52:53 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/01/12 09:52:53 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/01/12 09:52:53 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/01/12 09:52:53 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/01/12 09:52:53 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/01/12 09:52:53 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/01/12 09:52:53 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/01/12 09:52:53 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/01/12 09:52:53 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/01/12 09:52:53 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/01/12 09:52:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/01/12 09:52:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/01/12 09:52:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/01/12 09:52:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/01/12 09:52:53 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/01/12 09:52:53 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/01/12 09:52:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/01/12 09:52:52 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/01/12 09:52:52 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/01/12 09:52:52 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/01/12 09:52:52 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/01/12 09:52:52 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/01/12 09:52:52 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/01/12 09:52:52 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/01/12 09:52:51 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/01/12 09:52:51 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/01/12 09:52:26 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/01/12 09:52:24 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/01/12 09:52:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/01/12 09:52:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/01/12 09:52:24 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/01/12 09:52:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/01/12 09:52:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/01/12 09:52:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/01/12 09:52:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/01/12 09:52:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/12 09:52:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/12 09:52:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/12 09:52:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/12 09:52:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/01/12 09:52:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/12 09:52:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/12 09:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/12 09:52:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/01/12 09:52:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/01/12 09:52:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/12 09:52:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/12 09:52:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/12 09:52:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/12 09:52:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/01/12 09:52:08 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe

========== Files - Modified Within 30 Days ==========

[2013/02/02 09:35:18 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/02 09:35:18 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/02 09:31:42 | 000,061,440 | ---- | M] ( ) -- C:\Users\John\Desktop\VEW.exe
[2013/02/02 09:28:03 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/02 09:27:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/02 09:27:28 | 529,780,735 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/02 09:25:38 | 004,009,167 | ---- | M] () -- C:\Users\John\Desktop\ServicesRepair.exe
[2013/02/02 09:18:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/02 09:04:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/02 08:55:02 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/02 08:52:54 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\John\Desktop\mbam-consumer.exe
[2013/02/02 08:33:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\John\Desktop\tdsskiller.exe
[2013/02/02 08:15:34 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/02/02 07:46:35 | 005,029,149 | R--- | M] (Swearware) -- C:\Users\John\Desktop\ComboFix.exe
[2013/02/02 07:35:57 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\John\Desktop\aswMBR.exe
[2013/02/02 07:32:26 | 000,001,064 | ---- | M] () -- C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/02 07:27:02 | 000,000,370 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/01/31 20:55:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL (1).exe
[2013/01/31 20:03:16 | 002,932,423 | ---- | M] () -- C:\Users\John\Desktop\HP Rnvy 1540T Manual.pdf
[2013/01/29 06:53:11 | 000,001,175 | ---- | M] () -- C:\Users\Public\Desktop\Duplicate Photo Finder.lnk
[2013/01/29 06:46:06 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\Easy Duplicate Finder 4.lnk
[2013/01/28 20:39:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Laplink PCmover Professional.lnk
[2013/01/28 20:18:08 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/28 20:18:08 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/21 07:56:02 | 000,002,289 | ---- | M] () -- C:\Users\John\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/12 22:04:03 | 000,004,096 | -HS- | M] () -- Z:\VSNAP.IDX
[2013/01/12 22:04:03 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2013/01/12 21:40:15 | 000,424,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/12 10:48:09 | 000,762,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/12 10:48:09 | 000,640,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/12 10:48:09 | 000,111,736 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2013/02/02 09:31:42 | 000,061,440 | ---- | C] ( ) -- C:\Users\John\Desktop\VEW.exe
[2013/02/02 09:25:32 | 004,009,167 | ---- | C] () -- C:\Users\John\Desktop\ServicesRepair.exe
[2013/02/02 08:55:02 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/02 07:48:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/02/02 07:48:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/02/02 07:48:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/02/02 07:48:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/02/02 07:48:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/31 20:03:16 | 002,932,423 | ---- | C] () -- C:\Users\John\Desktop\HP Rnvy 1540T Manual.pdf
[2013/01/29 06:53:11 | 000,001,175 | ---- | C] () -- C:\Users\Public\Desktop\Duplicate Photo Finder.lnk
[2013/01/29 06:46:06 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\Easy Duplicate Finder 4.lnk
[2013/01/28 20:39:20 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Laplink PCmover Professional.lnk
[2012/10/15 17:44:41 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat.temp
[2012/10/15 17:13:48 | 000,228,999 | ---- | C] () -- C:\Windows\hpwins23.dat
[2012/10/15 17:13:48 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2012/03/02 14:16:12 | 000,004,096 | -H-- | C] () -- C:\Users\John\AppData\Local\keyfile3.drm
[2012/02/20 18:25:32 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/11/10 05:56:55 | 000,000,370 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/05 04:07:54 | 000,002,346 | ---- | C] () -- C:\Windows\CONTOUR.INI
[2011/05/08 18:15:06 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/06 13:26:29 | 000,745,484 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/04 10:09:42 | 000,012,288 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/26 15:04:43 | 000,000,189 | ---- | C] () -- C:\Users\John\AppData\Roaming\QV Prefs
[2010/11/26 12:54:24 | 000,000,097 | RHS- | C] () -- C:\ProgramData\1.12.0.lic
[2010/11/11 05:48:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD7501AALS-75J7B0 ATA Device
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST31000524AS ATA Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: Toshiba External USB 3.0 USB Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Generic- Compact Flash USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Generic- SM/xD-Picture USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE5 -
Interface type: USB
Media Type:
Model: Generic- SD/MMC USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE6 -
Interface type: USB
Media Type:
Model: Generic- MS/MS-Pro USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 71.00MB
Starting Offset: 32256
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15.00GB
Starting Offset: 74448896
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 684.00GB
Starting Offset: 16180576256
Hidden sectors: 0

DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 932.00GB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 2,795.00GB
Starting Offset: 1048576
Hidden sectors: 0

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2011/05/03 18:07:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Adobe
[2012/12/26 16:29:31 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Apple Computer
[2010/11/28 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/11/11 16:58:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Creative
[2012/05/19 09:48:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Download Manager
[2013/02/02 09:29:17 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Dropbox
[2010/11/17 09:26:54 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Easy Duplicate Finder
[2013/01/29 06:46:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\EasyDuplicateFinder
[2010/11/24 17:36:21 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GARMIN
[2010/12/20 18:56:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GetRightToGo
[2012/09/22 07:49:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Google
[2010/11/17 20:47:11 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HP
[2012/10/30 07:49:40 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HpUpdate
[2010/11/11 02:36:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Identities
[2010/11/11 05:49:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Ilium Software
[2012/02/20 18:26:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Intuit
[2010/11/11 02:49:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leadertech
[2010/12/04 09:53:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Logishrd
[2010/12/04 09:56:15 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Logitech
[2010/11/11 03:05:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Macromedia
[2013/02/02 08:55:08 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Malwarebytes
[2009/07/14 02:45:14 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Media Center Programs
[2011/05/08 18:54:15 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Media Player Classic
[2013/01/15 20:12:10 | 000,000,000 | --SD | M] -- C:\Users\John\AppData\Roaming\Microsoft
[2011/01/09 11:14:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla
[2011/11/24 09:39:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\NCH Software
[2010/11/26 15:03:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\nFinity
[2011/11/13 08:55:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2010/11/26 15:29:50 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShadowProtect
[2012/10/23 16:20:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Skype
[2011/07/03 17:33:28 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\skypePM
[2011/09/19 18:49:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\StorageCraft
[2012/05/26 09:08:21 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Symantec
[2010/12/20 18:32:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TechSmith
[2013/02/02 09:30:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Uniblue
[2011/03/06 14:41:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\W Photo Studio Viewer
[2011/08/04 04:39:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WinBatch
[2010/11/26 15:00:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WindSolutions

< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009/07/13 20:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 08:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\erdnt\cache64\mswsock.dll
[2010/11/20 08:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/20 08:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/20 07:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\erdnt\cache86\mswsock.dll
[2010/11/20 07:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/20 07:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2009/07/13 20:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2009/07/13 20:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_cdcf91c058fc0e07\nlaapi.dll
[2012/01/13 02:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 02:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/20 07:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 11:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/20 08:27:22 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 12:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/03 12:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2009/07/13 20:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_c37ae76e249b4c0c\nlaapi.dll
[2012/10/03 12:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/06/03 05:00:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/06/03 05:00:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/06/03 05:00:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/11/13 21:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/11/13 21:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/06/03 05:00:01 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/06/03 05:00:01 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/06/03 05:00:01 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/11/13 21:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/11/13 21:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:BEC0D766
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:618D0840

< End of report >

OTL.Txt 227.7KB 112 downloads

#12
Condor124

Posted 02 February 2013 - 05:15 PM

Member

Topic Starter
Member
12 posts

OTL Extras:
OTL Extras logfile created on: 2/2/2013 9:39:12 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 3.96 Gb Available Physical Memory | 66.14% Memory free
17.99 Gb Paging File | 15.11 Gb Available in Paging File | 84.01% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142Z:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 487.80 Gb Free Space | 71.36% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.37 Gb Free Space | 49.12% Space Free | Partition Type: NTFS
Drive F: | 2794.52 Gb Total Space | 1743.34 Gb Free Space | 62.38% Space Free | Partition Type: NTFS
Drive Z: | 931.51 Gb Total Space | 823.03 Gb Free Space | 88.35% Space Free | Partition Type: NTFS

Computer Name: DELL_DESKTOP | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E63C56-2CED-4813-AFAE-377F3808E42F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1C2142BD-D875-425E-B0B6-E9A1EC8613DB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D342CD2-114C-42FB-A4FF-140ACF8FE7A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{2F001ED8-72B2-4E3A-A487-6AED184FEEEE}" = rport=138 | protocol=17 | dir=out | app=system |
"{36543A39-1194-403C-A2F1-8DAECB99E817}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37689DD8-283F-47E2-904E-E9165D030E8B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3790FFA4-6E80-4C0B-92DF-60875F5A8B69}" = rport=445 | protocol=6 | dir=out | app=system |
"{386B16D0-9390-4E99-90F9-3359E9575D5E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43D249AD-89C7-4A33-947F-915A812B77C8}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{4E44F979-FC00-411E-954D-E5AA8DFE1D9F}" = lport=138 | protocol=17 | dir=in | app=system |
"{5200FA6B-F89E-4FA3-B989-F451F57C79BF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{691D0BCC-1765-4007-88B7-921F00274816}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{69485ACD-40E4-4377-9407-DA6C430DFB69}" = lport=10243 | protocol=6 | dir=in | app=system |
"{69F59EF8-6D2C-4F3E-8163-C3F80003BA36}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6A796531-509D-4316-B799-55262E5BB8A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{805EB375-3CB0-41AB-BD78-6FA7CBF848B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{852DF19F-A481-4FA4-9F35-9534EDA99AD5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F7DED26-D246-4539-B5F6-AA5B7288D290}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{913023C2-B96F-422F-AC9E-3C858AD868DA}" = lport=139 | protocol=6 | dir=in | app=system |
"{916C2E53-5D88-4875-9B5C-071CA67A4B9E}" = lport=137 | protocol=17 | dir=in | app=system |
"{91E3E265-8EEE-4FEC-B1C9-C12BCCB5E95C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A336859E-C861-41E9-B21D-9CCAEFEB30E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{C71B41DF-9466-4855-AFA6-BBB8A1CB78DA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CE02BB84-4E5E-49EA-8554-C62F3E2A7DD9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DED5FD46-492D-4594-9540-A67869925DFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{F334193F-2512-42DC-AE56-6668662F4BC7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FA7CCDF4-E7DE-4786-A688-F59AB434A6E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011DFE00-B391-43C1-9CE3-1B71EFDF3D5F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0223361E-2402-495B-B278-D9E0DFA1E641}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{06E597DF-8710-48A9-8A8E-D78B56B65A61}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{088E2097-355F-4510-9E45-469E76E53DC7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0D2A5F30-650C-4E3C-BF0D-CCBECF85469B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{0F971331-EE4C-4793-9734-1D90FACC9C35}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{14E0173C-B270-4769-8B84-E91CECF3B5BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{181EDFF1-AAAF-4FF9-83B5-88AB0C1C805C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1CEEF185-90AE-4845-8BD6-09C34E96657C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{1DA7AC1B-B254-4B6B-9020-6292C7D86C8D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1EF11137-1B6B-4849-8E51-E42AA5A24519}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26F6B4BE-D7E7-406F-B184-23895403D68A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2EF41600-2B80-4262-8CBD-4429EB699766}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3034E640-2106-44C7-8211-AE83FF019794}" = dir=in | app=c:\users\john\appdata\local\temp\7zs64d7\oj6500ve709_full_14\setup\hpznui40.exe |
"{3624B192-36A5-4894-88A0-47EF1089D91C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{37C0922C-E939-417D-88CC-2BE9E6C778CC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3B65F288-AD83-49C7-907A-C1B551F2CF34}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3BDE09A6-3625-4FAA-AA26-63CAEE47EEC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{3DD8E450-8D2E-4BC3-A139-5EE877DCA468}" = protocol=17 | dir=in | app=c:\users\john\appdata\roaming\dropbox\bin\dropbox.exe |
"{3E0BD0BD-024A-438B-B0A0-5DA348887192}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{430C2FF9-B49C-46E3-AAD3-D2005D4F8BF0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{45809FEF-6BA3-4896-A210-2F02B1C69E9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{485AE0E6-7625-4526-A773-758E52894C2E}" = protocol=6 | dir=out | app=system |
"{51674CCC-8E58-4F13-AF72-8A01925AD8DC}" = protocol=1 | dir=out | [email protected],-28544 |
"{547C5D39-DEE2-445F-B9D0-8A1AC9F8DF0D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{567CE083-D21D-4950-88FD-94622E574C0C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{56C23363-5C60-4FB9-B64A-B6F1EE1E5290}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A9E2339-454B-4252-99CB-C2511600A654}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{5DBA2800-E156-428B-9391-0D7BEB7C274D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{60230AD1-6BF8-479D-B5FB-30F6F013424F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6613C56C-8375-47C7-AE9F-F6975393D32F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{663FC971-B4DA-4A76-93C3-A14662F439F4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{6B04B0B5-97D1-4AD7-A0BF-2D530C4FAF2D}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{6C077DFE-93E1-40C8-A63B-149E164EC719}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7373493F-8F64-4967-8256-6B2F7C604873}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7847FCD9-02E5-4E5F-BDC1-0EB4094C8A6B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{79D30AC6-B53C-4A94-BA49-4963D8DE48D8}" = protocol=1 | dir=in | [email protected],-28543 |
"{7B7DE8F0-6B18-4E46-BFC5-9F4B3FE65DB5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{7C1F09FB-A8EF-4709-B7CF-F911D125AB93}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7D622A96-445C-4D7F-9222-4ADF4D25E8E0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{818C4A07-3C9A-4009-B7DA-DD57B3C86E8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{851BABC7-3902-40CB-945B-1CC2014C5E04}" = protocol=6 | dir=in | app=c:\users\john\appdata\roaming\dropbox\bin\dropbox.exe |
"{8DD41DD5-7B24-40F8-B263-04ADF895295C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8E51602C-9CA2-4288-8DBF-9B166698EAC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91927EE1-7AF5-401B-A476-04EBA2953B32}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{91C68C47-2D2C-4B2C-AE9F-029657B07709}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9358F16B-F4D9-4DE0-AA3A-88267303266C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{A1851CF5-87C9-4074-969C-3D49F800A183}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A200B229-C197-42F9-B116-C862855F5F8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{A3E8627A-F03F-4540-896F-7178C42E0D87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A6B94C73-E193-4FB0-B8AF-446728C1E1E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AAFA0DF1-58B4-4320-A40D-3DA75E7AFFA5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{AFB71235-A942-4AEC-8B23-D9A7CC18A14E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{B4B79679-6EE3-4BB0-A515-2F7AB726D828}" = dir=in | app=c:\program files (x86)\laplink\pcmover\pcmover.exe |
"{B57BC348-373C-402E-8BF5-381A086247BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{BDB7DFE9-43C7-4E6F-AB5E-6D24A7BCB97B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BFDE3EE6-8FF5-4CF7-AD46-FF3159904B20}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C105A9FC-B7CB-43E6-B475-D3670863D9C2}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{C59CA3AB-04A3-4850-B333-A3D28AB2C642}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{D00037B6-74CE-4436-B246-0B1E13D4CA87}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D27668EF-18B7-4084-81DA-3072B5E24ACB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{DA251889-A4FF-4ED8-90E5-0D1523C6BED8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E71B5A9E-6314-4DE0-B466-969BA82F60AC}" = protocol=58 | dir=out | [email protected],-28546 |
"{EC6C8FF8-9A31-4902-B627-7F3290277EAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{ECC78B87-06BF-47C3-89FD-4C87773E92AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF6739B9-4D51-4A53-B664-D3F90EF4F8F1}" = protocol=58 | dir=in | [email protected],-28545 |
"{F2203C92-8CB2-4AEF-AD99-270531206E0A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F2702FA4-CF58-4500-B8DB-F972E7BAA261}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{FE039DB1-36AC-460F-9E8B-489BEF62093A}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{0CE0CE03-2515-4728-A6A3-3FE3F34C119F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{36B1A02D-7708-4964-BA57-53EBFECAE277}E:\setup\easy_search.exe" = protocol=6 | dir=in | app=e:\setup\easy_search.exe |
"TCP Query User{686B102B-13A6-499C-9DFF-AF0FACD48D39}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{713289C1-1092-4712-8891-19503F0F7338}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{849CF620-A32D-4696-8E0D-295C0E864F36}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{9E7DE47D-326C-4BDA-9951-A7149C301142}C:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe |
"UDP Query User{147408E1-BA37-4FFA-91F5-84F73E85853A}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{1BC98F4B-18A0-4DF9-B2D9-06B09893B194}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{2CB76D28-073A-4C94-A5F2-A9553CC41F8E}E:\setup\easy_search.exe" = protocol=17 | dir=in | app=e:\setup\easy_search.exe |
"UDP Query User{C770856B-FD7D-4A09-A063-597A79BAFD9B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{DF6C89EF-6D26-4BF9-89AD-AC8F633EAB3D}C:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\storagecraft\imagemanager\imagemanager.client.exe |
"UDP Query User{F66F2AD6-DE58-475F-AE3E-1DDE77C6E3B0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{58D79E62-CFC8-4331-8469-3A1B16E1769C}" = HP Officejet 6500 E709 Series
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Easy Duplicate Finder 4_is1" = EasyDuplicateFinder v4.2
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan
"{12C8466B-9E6E-4C0C-BBA3-F05EDF5C8ECA}" = Polar WebLink 2.4.11
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D4EE8FE-F31C-4258-9360-5B8B8309B14B}" = Adobe Premiere Elements 9 Content
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FE80E58-0774-4EC3-B6BA-68876B88D4B9}" = TurboTax 2011 wvaiper
"{200ED131-24BB-4C5B-8F00-56219DA3CBB7}_is1" = Duplicate Photo Finder v. 3.2.0.49
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29D3EC4E-84FF-4590-9C30-D58707E7102E}" = SnowRanger North America
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3212AA30-4503-4D30-ADF3-F0DA00C3FDCC}" = Rosetta Stone Ltd Services
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37AB0223-AF54-49C5-92AA-BFC9648CD323}" = Adobe Premiere Elements 9 HD Content 3
"{3BE02281-FCCF-44BB-8413-AC4A633059EB}" = BPDSoftware
"{3CBBE028-978B-4876-ABC1-EF9ED6C20C4E}" = Adobe Premiere Elements 9 Content 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4010ADCB-1347-D570-FCF1-3002CABEBD2F}" = Rosetta Stone TOTALe
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{47CB8B6B-49DF-4058-AC2B-1596E3BE63EA}" = Garmin City Navigator North America 2009
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50D90C59-4F5C-48BC-AFB2-38475412F0CA}" = Adobe Premiere Elements 9 Content 1
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5414086B-AE06-4332-8A59-26FF0F630D1B}" = Garmin Trip and Waypoint Manager v3
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{5F9AAF4A-B9B0-489D-AE67-73470A4714FE}" = Adobe Premiere Elements 9 HD Content 1
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68654483-9629-4CF5-88FF-9FB70B3BECDE}" = ProductContext
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DDC3624-C631-49D1-B281-82EC3A27AA7C}" = Adobe Premiere Elements 9 Content 3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C60527-B637-4557-AB3D-72BB025F98A0}" = ShadowProtect Desktop
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJSTDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJSTDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJSTDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRJSTDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_VISPROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJSTDR_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PRJSTDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{91120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{99F67894-9486-413F-94E1-8B12B1606EAB}" = BPDSoftware_Ini
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A519B6CE-9EDF-451A-B626-C3F8D2C9BFC2}" = Laplink PCmover Professional
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA787E05-E835-4812-AA3D-4048C8A46587}" = 6500_E709_eDocs
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AD4203ED-7683-435E-B436-C299773A9936}" = MapSource - US Topo v3.02
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB558CDC-C7BE-44D0-9260-B810D66702C4}" = 6500_E709n
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}" = Sound Blaster X-Fi
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D91C1B25-C284-4C1B-976C-9917EC50F5DD}" = QuickVoice
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E240C78D-8F35-456A-8876-15FF6901B7E0}" = Adobe Premiere Elements 9 HD Content 2
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E75594A0-B088-4635-B4F6-99654B5DDF96}" = V1 Home 2.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F53B432E-BD19-4400-BFA0-2BBD16410F8F}" = 6500_E709_Help
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe Premiere Elements 9 Content" = Adobe Premiere Elements 9 Content
"Adobe Premiere Elements 9 Content 1" = Adobe Premiere Elements 9 Content 1
"Adobe Premiere Elements 9 Content 2" = Adobe Premiere Elements 9 Content 2
"Adobe Premiere Elements 9 Content 3" = Adobe Premiere Elements 9 Content 3
"Adobe Premiere Elements 9 HD Content 1" = Adobe Premiere Elements 9 HD Content 1
"Adobe Premiere Elements 9 HD Content 2" = Adobe Premiere Elements 9 HD Content 2
"Adobe Premiere Elements 9 HD Content 3" = Adobe Premiere Elements 9 HD Content 3
"ALchemy" = Creative ALchemy
"AudibleDownloadManager" = Audible Download Manager
"AudioCS" = Creative Audio Control Panel
"CaddieSync Express" = CaddieSync Express 1.4.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.rosettastone.rosettastonetotale.8F5798B43604FA41C65B6F3DA7D3E38B6B065643.1" = Rosetta Stone TOTALe
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Diagnostics 4_5" = Creative Diagnostics
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist Corporate
"Host OpenAL" = Host OpenAL
"Ilium Software eWallet_is1" = eWallet 7.4 for Windows PCs
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{E75594A0-B088-4635-B4F6-99654B5DDF96}" = V1 Home 2.0
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Offshore Navigator" = Offshore Navigator
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PremElem90" = Adobe Premiere Elements 9
"PRJSTDR" = Microsoft Office Project Standard 2007
"SkyCaddieDesktop" = SkyCaddie Desktop
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"TurboTax 2011" = TurboTax 2011
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"VISPROR" = Microsoft Office Visio Professional 2007
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 2/2/2013 10:27:43 AM | Computer Name = Dell_Desktop | Source = Service Control Manager | ID = 7000
Description = The Backup Scheduler service failed to start due to the following
error: %%2

< End of report >

Extras.Txt 108.33KB 112 downloads

#13
Condor124

Posted 02 February 2013 - 05:16 PM

Member

Topic Starter
Member
12 posts

FSS:
Farbar Service Scanner Version: 30-01-2013
Ran by John (administrator) on 02-02-2013 at 10:50:45
Running from "C:\Users\John\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

FSS.txt 2.08KB 130 downloads

#14
RKinner

Posted 02 February 2013 - 05:47 PM

Malware Expert

Expert
24,625 posts

Uninstall the following:

Bing Bar - Foistware from Windows Live
Bing Rewards Client Installer - Foistware from Windows Live
Bonjour -broken. You will get a new one when you update Safari or itunes.
Uniblue -snake oil. We do not recommend any registry cleaners.
Adobe Reader X (10.1.5) Obsolete. Should XI something. Get the latest from adobe.com. Do not let them give you the ask toolbar, yahoo toolbar, McAfee Security scan or other foistware.
Skype Click to Call -Annoying little thing that turns all 10 digit numbers into telephone numbers.

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

File::
c:\windows\Tasks\SpeedUpMyPC.job
c:\windows\Tasks\spmonitor.job

Driver::
Backup Scheduler
dcsnap
DCDisk

******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.

Let's see if we fixed the alarms:

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Ron

PS:

My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)