Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Flash Update [Solved]

Started by UneekOne , Apr 04 2013 06:21 PM

  • This topic is locked This topic is locked

#1
UneekOne
Posted 04 April 2013 - 06:21 PM

UneekOne

    Member

  • Member
  • PipPip
  • 20 posts
First off thanks for any and all help you'll provide.
It's truly appreciated.

I recently did what I thought was an update for Adobe Flash and since then I have been getting pop-ups with just about every web click and when I use a search engine the results seem fine but when I click the links I am routed to unrelated links.

I ran OTL
Here are the logs - OTL and an Extras:



OTL logfile created on: 4/4/2013 4:54:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maeve\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.96 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 71.72% Memory free
15.92 Gb Paging File | 13.23 Gb Available in Paging File | 83.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679.00 Gb Total Space | 564.36 Gb Free Space | 83.12% Space Free | Partition Type: NTFS
Drive F: | 614.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 1074.22 Gb Total Space | 710.52 Gb Free Space | 66.14% Space Free | Partition Type: NTFS
Drive H: | 3726.01 Gb Total Space | 3077.58 Gb Free Space | 82.60% Space Free | Partition Type: NTFS
Drive J: | 322.39 Gb Total Space | 256.85 Gb Free Space | 79.67% Space Free | Partition Type: NTFS

Computer Name: MAEVE-PC | User Name: Maeve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/04 16:52:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maeve\Desktop\OTL.exe
PRC - [2013/04/01 00:59:54 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/13 17:15:00 | 004,394,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/03/07 07:30:42 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/02/27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/02/19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/27 15:18:27 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe
PRC - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/11/03 15:16:40 | 000,957,440 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2011/11/03 12:24:06 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/18 10:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/10/18 10:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/10/18 10:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/10/18 10:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2011/09/22 09:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/09/22 09:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/09/22 09:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/09/21 09:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/11 19:05:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
PRC - [2011/08/11 08:27:42 | 015,490,560 | ---- | M] () -- C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe
PRC - [2011/04/13 09:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011/02/14 06:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
PRC - [2010/12/20 17:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 17:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 09:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010/10/01 15:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
PRC - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
PRC - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/04/08 20:53:33 | 000,149,904 | ---- | M] (Microsoft ® Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/01 00:59:53 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/07 07:30:45 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/02/13 04:49:04 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll
MOD - [2013/02/13 04:36:05 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/02/13 04:35:50 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/08 23:37:46 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013/01/08 23:37:42 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
MOD - [2013/01/08 23:35:39 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/08 23:34:07 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3d88c2a6ce5bff2135ec7a871ffe8ac\System.ServiceModel.ni.dll
MOD - [2013/01/08 23:33:56 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013/01/08 23:33:55 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013/01/08 23:33:54 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013/01/08 23:33:45 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/08 23:33:21 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/08 23:33:07 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/08 23:33:04 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/08 23:32:57 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/08 23:32:52 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/08 23:32:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/08 23:32:49 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/08 23:32:45 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/09/27 15:18:27 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/11/03 15:16:40 | 000,957,440 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2011/11/03 15:11:36 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2011/11/03 15:11:36 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/11/03 12:23:54 | 000,266,560 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/09/22 09:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/08/11 08:27:44 | 000,159,744 | ---- | M] () -- C:\Users\Maeve\AppData\Local\Autobahn\rt\jetrt\baseline720.dll
MOD - [2011/08/11 08:27:44 | 000,069,632 | ---- | M] () -- C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\java.dll
MOD - [2011/08/11 08:27:42 | 015,490,560 | ---- | M] () -- C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe
MOD - [2011/08/11 08:27:40 | 000,126,976 | ---- | M] () -- C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\zip.dll
MOD - [2011/08/11 08:27:40 | 000,020,480 | ---- | M] () -- C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll
MOD - [2011/02/14 06:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
MOD - [2010/12/17 09:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010/07/04 14:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2011/11/01 12:37:56 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/11/01 12:25:42 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/11/01 12:22:28 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/10/20 17:33:22 | 000,135,440 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/10/19 13:25:00 | 000,661,504 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/08 20:53:33 | 000,149,904 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/01 00:59:54 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 07:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/02/19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/14 19:16:01 | 000,468,368 | ---- | M] (Microsoft ® Corporation) [On_Demand | Stopped] -- C:\Windows\Downloaded Program Files\DMService.exe -- (DMService)
SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/03 12:24:06 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/26 07:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/10/18 10:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/10/18 10:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/10/18 10:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/09/22 09:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/11 17:04:58 | 000,248,304 | ---- | M] (CyberLink) [Auto | Stopped] -- c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/12/20 17:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 17:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/25 19:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/26 23:40:46 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/02/14 03:52:46 | 000,239,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/08 04:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/02/08 04:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/02/08 04:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/02/08 04:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/02/08 04:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/01/29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 06:13:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/02/23 06:13:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/12/01 18:57:06 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/10/19 13:19:08 | 000,195,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/10/19 13:19:08 | 000,195,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/10/15 19:48:08 | 000,291,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011/10/11 12:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/10/10 15:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/09/13 17:14:44 | 000,212,992 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/09/13 17:14:42 | 000,095,744 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/08/29 15:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/08/25 22:09:20 | 000,390,704 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/08/25 11:21:00 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/08/23 22:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/07/08 05:51:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/20 10:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/13 10:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/08/20 12:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/07/12 19:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/04 12:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
IE:64bit: - HKLM\..\SearchScopes\{59DD8207-AA5A-4054-8DDB-F3CA2DDAC91A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
IE - HKLM\..\SearchScopes\{59DD8207-AA5A-4054-8DDB-F3CA2DDAC91A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}: "URL" = http://isearch.fanta...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...ox&a=IAXkTs4bjc
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: atvdeuthhf%40atvdeuthhf.org:3.2
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.6.0.11664
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://isearch.fanta...ystemid=465&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/29 13:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/04/01 01:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maeve\AppData\Roaming\Mozilla\Extensions
[2013/04/04 16:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions
[2013/02/23 01:47:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[1633/02/03 05:03:47 | 000,004,830 | ---- | M] () (No name found) -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\[email protected]
[2013/04/04 16:28:42 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/29 06:21:04 | 000,001,104 | ---- | M] () -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\internethelper3-customized-web-search.xml
[2012/03/11 16:07:29 | 000,002,185 | ---- | M] () -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\MyStart Search.xml
[2013/03/29 06:34:34 | 000,002,519 | ---- | M] () -- C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\WebSearch.xml
[2013/04/01 01:06:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/07 18:59:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/07 18:59:34 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/03/07 07:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/13 21:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2013/03/07 07:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/29 05:59:10 | 000,076,225 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\testlog.txt
[2013/03/07 07:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2013/03/29 06:34:34 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearch.xml
[2012/07/11 11:26:14 | 000,001,068 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahootc.xml

========== Chrome ==========

CHR - default_search_provider: Web Search ()
CHR - default_search_provider: search_url = http://isearch.fanta...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://isearch.fantastigames.com/465
CHR - plugin: First user (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: AVG Do Not Track = C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E8861423-0DAB-459E-A8D5-DB264E69E70C} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ()
O4 - HKCU..\Run: [LockHunter] C:\Users\Maeve\AppData\Local\LockHunter\xxbjsmqa.dll (Real Networks, Inc)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - Startup: C:\Users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk = C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe ()
O4 - Startup: C:\Users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zinio Alert Messenger.lnk = C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://jran.uscourt...com0/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://jran.uscourt.../WhlCompMgr.cab (Forefront UAG endpoint components)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C191EF5-7CC8-40DE-B2AD-F788B6ADC2C1}: DhcpNameServer = 13.36.0.104
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3C5A231-5D96-4FBD-B5CC-3179BB2AE1C3}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/18 14:12:18 | 000,000,088 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2012/07/16 00:33:32 | 000,000,040 | -H-- | M] () - H:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{3eb2c8bd-6282-11e1-84a1-4ceb423ce221}\Shell - "" = AutoRun
O33 - MountPoints2\{3eb2c8bd-6282-11e1-84a1-4ceb423ce221}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2009/11/13 12:25:22 | 003,280,672 | ---- | M] (Western Digital)
O33 - MountPoints2\{3eb2c8c9-6282-11e1-84a1-4ceb423ce221}\Shell - "" = AutoRun
O33 - MountPoints2\{3eb2c8c9-6282-11e1-84a1-4ceb423ce221}\Shell\AutoRun\command - "" = I:\TL-Bootstrap.exe
O33 - MountPoints2\{6ba899ca-62ad-11e1-a2ac-4ceb423ce221}\Shell - "" = AutoRun
O33 - MountPoints2\{6ba899ca-62ad-11e1-a2ac-4ceb423ce221}\Shell\AutoRun\command - "" = "N:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{ba3d7c51-c262-11e1-807e-848f69c5ca9e}\Shell - "" = AutoRun
O33 - MountPoints2\{ba3d7c51-c262-11e1-807e-848f69c5ca9e}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/04 16:52:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maeve\Desktop\OTL.exe
[2013/04/04 15:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/04/04 15:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/04/04 00:44:53 | 005,046,606 | ---- | C] (Swearware) -- C:\Users\Maeve\Desktop\ComboFix.exe
[2013/04/04 00:23:31 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Roaming\SpeedyPC Software
[2013/04/04 00:23:31 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Roaming\DriverCure
[2013/04/04 00:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013/04/03 19:21:04 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{478E43EB-D139-4CBF-BAC1-20215C88AE85}
[2013/04/02 02:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\LockHunter
[2013/03/31 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\Maeve\Desktop\Debbie and Ron
[2013/03/31 08:25:59 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{D88AD43F-E881-4CC4-88E8-209DA0BC6AD7}
[2013/03/31 06:59:27 | 000,000,000 | ---D | C] -- C:\Users\Maeve\Desktop\CJ and Melanie
[2013/03/29 06:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/29 06:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FGIcon
[2013/03/29 06:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/03/29 05:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/03/29 05:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2013/03/29 05:53:59 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Roaming\Conduit
[2013/03/28 02:55:14 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{12EA26AF-F499-4896-94A2-BC2F552C42C5}
[2013/03/27 21:52:54 | 004,316,280 | ---- | C] (Piriform Ltd) -- C:\Users\Maeve\AppData\Roaming\CCleaner.4.00.4064.exe
[2013/03/27 06:37:47 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{AF78B503-1101-4862-93F7-1D0E152A9194}
[2013/03/25 19:29:10 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{A518CC54-8AA4-47AE-AAB5-32ACD97ADF8C}
[2013/03/24 09:08:08 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{942C5AA9-8EC2-4D34-9625-2DF158F11104}
[2013/03/23 10:07:11 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{17F2B8C2-E0AD-4A3E-BF91-9F6833CB882F}
[2013/03/21 02:25:28 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{C1E28D16-AF46-4DB0-A5B8-7B2C50C2C49F}
[2013/03/20 17:46:23 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{400DC169-5498-45ED-AE13-D585CA8B2FB8}
[2013/03/19 17:58:04 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{16E5AF50-D592-4884-B0B3-F58A694E60E3}
[2013/03/19 03:18:32 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{CE9C851A-7083-4735-A658-8C18D90759D7}
[2013/03/18 10:53:58 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{0B32F3C1-8152-42B0-B0AC-6A0B3C0F02C9}
[2013/03/15 06:00:29 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{D61E9CBF-2091-41C6-A8AF-CFB14DD27474}
[2013/03/13 04:09:31 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{B121D8D8-E2C4-4533-9FD6-E1401F8114A7}
[2013/03/12 06:25:57 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{985477E3-69CF-47DF-94AD-6387107D59DC}
[2013/03/11 18:01:30 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{BED5F39C-C173-4A82-9FD0-0123273D7A80}
[2013/03/10 03:04:03 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{0CC5058A-1D11-43B1-B596-0C0B3210BB8A}
[2013/03/09 09:07:52 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{FCD1904A-7D4F-4A9A-8B23-0D7AB05646EE}
[2013/03/09 03:50:27 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{FA127EF4-83F6-404D-831E-D85F7B3973FB}
[2013/03/08 10:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/03/07 18:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/07 18:48:04 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{6531C81D-4FE4-4D0C-ACA9-F45413D38AE1}
[2013/03/07 06:47:29 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{372D78C5-2663-46EE-8150-66E4FCC4105F}
[2013/03/06 18:46:54 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{B80A266D-AE71-499C-AFCA-23A20B2B3BEB}
[2013/03/05 18:37:14 | 000,000,000 | ---D | C] -- C:\Users\Maeve\AppData\Local\{4D9A1883-29C0-4BA1-B0C8-BBF1D0A52DC8}

========== Files - Modified Within 30 Days ==========

[2013/04/04 16:52:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maeve\Desktop\OTL.exe
[2013/04/04 16:39:16 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 16:39:16 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 16:32:28 | 000,001,115 | ---- | M] () -- C:\Users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zinio Alert Messenger.lnk
[2013/04/04 16:31:54 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/04 16:31:48 | 2116,157,439 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/04 16:31:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/04 15:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/04 15:07:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/04 05:43:40 | 000,001,189 | ---- | M] () -- C:\Users\Maeve\AppData\Roaming\vso_ts_preview.xml
[2013/04/04 00:44:55 | 005,046,606 | ---- | M] (Swearware) -- C:\Users\Maeve\Desktop\ComboFix.exe
[2013/04/03 06:21:09 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/03 06:21:09 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/03 06:21:09 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/29 05:55:28 | 000,000,258 | RHS- | M] () -- C:\Users\Maeve\ntuser.pol
[2013/03/29 05:54:01 | 000,000,009 | ---- | M] () -- C:\END
[2013/03/27 21:52:54 | 004,316,280 | ---- | M] (Piriform Ltd) -- C:\Users\Maeve\AppData\Roaming\CCleaner.4.00.4064.exe
[2013/03/10 14:11:39 | 000,000,474 | ---- | M] () -- C:\Users\Maeve\Desktop\-=- Tosh -=- (G) - Shortcut.lnk

========== Files Created - No Company Name ==========

[2013/03/29 13:49:13 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/29 05:55:28 | 000,000,258 | RHS- | C] () -- C:\Users\Maeve\ntuser.pol
[2013/03/29 05:52:47 | 000,000,009 | ---- | C] () -- C:\END
[2013/03/10 14:11:39 | 000,000,474 | ---- | C] () -- C:\Users\Maeve\Desktop\-=- Tosh -=- (G) - Shortcut.lnk
[2012/10/13 20:20:16 | 000,003,584 | ---- | C] () -- C:\Users\Maeve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/03 02:12:48 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/01 18:07:21 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/03/01 18:07:21 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/03/01 18:07:20 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/03/01 18:07:20 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/29 02:15:19 | 000,001,189 | ---- | C] () -- C:\Users\Maeve\AppData\Roaming\vso_ts_preview.xml
[2011/11/03 12:24:18 | 000,322,880 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/14 11:39:42 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\AVG2013
[2012/03/03 09:56:01 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\Blio
[2013/03/29 05:53:59 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\Conduit
[2013/04/04 00:23:31 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\DriverCure
[2012/12/05 13:18:17 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\Dropbox
[2012/02/28 21:05:55 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\Fingertapps
[2012/10/01 06:12:33 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\LockHunter
[2012/02/29 12:30:52 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\PCDr
[2012/10/01 05:47:00 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\QuickStoresToolbar
[2013/04/04 00:23:31 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\SpeedyPC Software
[2012/12/14 11:38:34 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\TuneUp Software
[2013/04/04 15:46:55 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\Vso
[2012/03/07 05:27:00 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\Windows Live Writer
[2012/09/27 15:18:36 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\ZinioAlertMessenger.9310D8F796442B71068C511E15D70529A702D19D.1
[2012/09/27 15:16:10 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\ZinioReader4
[2012/09/27 15:22:05 | 000,000,000 | ---D | M] -- C:\Users\Maeve\AppData\Roaming\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 4/4/2013 4:54:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maeve\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.96 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 71.72% Memory free
15.92 Gb Paging File | 13.23 Gb Available in Paging File | 83.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679.00 Gb Total Space | 564.36 Gb Free Space | 83.12% Space Free | Partition Type: NTFS
Drive F: | 614.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 1074.22 Gb Total Space | 710.52 Gb Free Space | 66.14% Space Free | Partition Type: NTFS
Drive H: | 3726.01 Gb Total Space | 3077.58 Gb Free Space | 82.60% Space Free | Partition Type: NTFS
Drive J: | 322.39 Gb Total Space | 256.85 Gb Free Space | 79.67% Space Free | Partition Type: NTFS

Computer Name: MAEVE-PC | User Name: Maeve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D0F393-63DD-49B4-BD9F-8E9691722681}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{22705635-0DAD-49D1-82FE-2A38D576C03E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{39CE5451-1F16-4647-BFB6-B02BDF088EEF}" = rport=445 | protocol=6 | dir=out | app=system |
"{4DDCDD93-0DB5-4D7C-A149-CD0AFBD29919}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{51797E52-91D2-4FE5-A193-D819B85D1140}" = lport=445 | protocol=6 | dir=in | app=system |
"{6146A471-8F34-49C8-B9F6-63FC9105AB7E}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{62072462-91EF-4403-9449-6762933F37EB}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{687BBA48-A802-4FBD-BADC-7FBA50A5DF2E}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{90B489FD-D7D4-4C30-8BDA-6A18676535BD}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{946C75CA-9404-40E0-9793-350B0322F7CB}" = rport=138 | protocol=17 | dir=out | app=system |
"{A2CAF003-5C4B-45A2-A0BF-2757CF5CCFB7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B8E38828-E992-4E8C-9C86-11F5613B3BDC}" = rport=137 | protocol=17 | dir=out | app=system |
"{BB8DB842-65C0-4BDB-BD2B-9B98AC0DC14C}" = lport=139 | protocol=6 | dir=in | app=system |
"{C4D757CE-6746-485D-8E10-273FF168AF56}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7A59CE6-5E3B-4CD7-B006-7E50854DAEC6}" = rport=139 | protocol=6 | dir=out | app=system |
"{ED007D33-B4FD-433B-BC3A-E594222014FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F16B8D4F-57F6-4149-AA49-00B9A36E9200}" = lport=138 | protocol=17 | dir=in | app=system |
"{F1EBF620-4C15-4E01-8387-FD0FBDADF317}" = lport=137 | protocol=17 | dir=in | app=system |
"{F418C197-FA7D-4FAB-B234-CE4FFF02AA19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7265807-D9BD-45FC-A01C-E0598FFBFE98}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{F7961210-4A4A-425A-9033-B8EC37D7001C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006F3910-95BD-4615-B59E-B1CBDB550ED3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{03B230BA-0966-4FB8-8EFA-95067EE8731D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0545A83A-EDA4-4746-951E-5C01604FCC84}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{05EDFA42-ED27-4E9F-816B-76019701203B}" = protocol=6 | dir=in | app=c:\users\maeve\appdata\roaming\dropbox\bin\dropbox.exe |
"{0DD55C80-C619-4D1B-BF11-FD01E3847C76}" = protocol=1 | dir=out | [email protected],-28544 |
"{100E8C66-4A57-4A35-878E-774192CE861C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2065B56A-D87C-4302-A34C-CD01DD4E4A89}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{20D52D8B-98A9-4131-853A-CC7C3C072FEC}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{21DB31FF-380F-47FC-8DCD-973736C26C36}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{22DB904A-C94C-4958-9AC8-095E605DB81D}" = protocol=1 | dir=in | [email protected],-28543 |
"{24D988AA-A82E-437D-9864-AEDA9BC9EC9A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2CB16C88-B8E3-4B57-8526-447AEEA0C262}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{2EAFD176-CFF8-43BD-B849-E1E6ABD0B759}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{320460CD-BC19-474E-8EF8-240FB591DB0A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33F49390-D103-4117-8CD6-14EB6388C846}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{38A1C974-F939-424A-83C9-3D129472EE65}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3A36B4C6-9FE5-475E-9F17-C426C66574DB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{3D47E1B1-CC1D-4E89-8EBD-527CBCF74910}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{4546C0B6-DFBE-463E-9F23-31211EA131E3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4D4FF4F4-E511-4EB0-91F1-9BC7F5426811}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{5247CDE0-A415-4B53-BF56-6DFF5D85F027}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{53A193C4-DF71-4A41-9AF8-C2525EB49F92}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{54E025EE-7DCE-4383-B808-312A728E309E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{564D9DFB-3BF8-4046-9F5A-B1F94B51B514}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5C0CF080-F161-4FFD-9172-9328F1FF8A4D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{5CF0FFC5-D631-4638-8596-52E3D9019C2D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{67E42D08-81DC-40A3-A82E-DE34C1EBDFF8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{6E7D2853-A436-4577-9CFD-D027A27F112E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{6F8BF6B0-93F1-48AB-ADB7-986E02600DF7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8C1A699F-3F97-4666-AF65-BF97A7309713}" = protocol=17 | dir=in | app=c:\users\maeve\appdata\roaming\dropbox\bin\dropbox.exe |
"{91ABB931-A9B5-4728-B847-0EF857E37A2A}" = protocol=58 | dir=in | [email protected],-28545 |
"{9490D216-7EFE-4AC9-9196-2C89C11EF720}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{B30A5E1E-B028-49A6-AD0D-6AC18922F211}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B66F5206-BC70-43E8-8CF7-28082A391BB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BCB4F7C5-0C8F-4A52-9102-34F129F97E57}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C654CACD-7E8B-44F2-A9C1-0011643B9A3E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C9E99E9E-498C-4129-8519-353D42679599}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{CB00FB90-97DC-4167-B6FA-5C8643708AD1}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{D271098D-4293-436A-BD71-B9C9907A7ACE}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D9A5979F-1CA4-4C62-A531-1B4FAB2D2F2C}" = protocol=58 | dir=out | [email protected],-28546 |
"{DE4B10D8-5D0D-48C6-83F7-5DFBC0758AC4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EC8201B4-7685-4FE2-B83B-4F97EAE70C30}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{F5E28097-2A7D-4468-AB40-5AA3F567A7EA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{F7AFCDC8-15AC-49ED-892F-B1BDAB715517}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{FD2231FE-5B83-4595-AC3F-FB49D243807C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{3AF396F6-2270-4CAB-A82D-8F43A20D3004}C:\users\maeve\appdata\roaming\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\users\maeve\appdata\roaming\mirc\mirc.exe |
"TCP Query User{3D3AB07B-624A-4344-957D-F38084807594}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{56498BDF-3F54-4B9F-A038-72855C8E24DF}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{D20DCA53-7479-42F8-8DB7-DEC5CAF3868D}C:\users\maeve\appdata\roaming\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\users\maeve\appdata\roaming\mirc\mirc.exe |
"UDP Query User{6B204359-77DB-496F-A65D-F31FBFA1C9E1}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{A122E9EB-AE99-4513-B970-734DF966BF3F}C:\users\maeve\appdata\roaming\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\users\maeve\appdata\roaming\mirc\mirc.exe |
"UDP Query User{A4063AA1-AAED-41D3-9BCD-87DEC03B8BB6}C:\users\maeve\appdata\roaming\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\users\maeve\appdata\roaming\mirc\mirc.exe |
"UDP Query User{F4B834EE-22F8-4852-846F-DA42166FEA0F}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft Mouse and Keyboard Center
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java™ 7 Update 1 (64-bit)
"{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{45ABEF88-3864-41F5-8189-BB80F2C5A75C}" = AVG 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.77
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.77
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.77
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}" = Intel® PROSet/Wireless WiFi Software
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"PC-Doctor for Windows" = Dell Support Center
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F99CA59-7CB4-4167-A43A-4B1D5E584281}" = Dell Stage
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDF0BBC-440C-446E-BB6A-594D2FD44DC6}" = Protection Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage
"{400182B4-CA55-46A9-9D88-F8413DCFB36D}" = Blio
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{761E061F-FB8E-BBB4-69A4-B1DEF3640DB7}" = Zinio Reader 4
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}" = Dell Digital Delivery
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2E707E8-090E-EC5B-4833-1CA694FB7460}" = Zinio Alert Messenger
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.7.343
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFD2807A-C66B-4C13-8FB8-42FCA6DEF171}" = TurboTax 2012 wcaiper
"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Google Chrome" = Google Chrome
"HTC_WModemDriver" = WModem Driver Installer
"IncrediMail" = IncrediMail 2.0
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.4.0
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft Forefront UAG endpoint components 3.1.0" = Microsoft Forefront UAG endpoint components v4.0.0
"mIRC" = mIRC
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero8Lite_is1" = Nero 8 Micro 8.1.1.3
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"ProInst" = Intel PROSet Wireless
"Protection Center" = IncrediMail Protection Center
"TurboTax 2011" = TurboTax 2011
"TurboTax 2012" = TurboTax 2012
"Unlocker" = Unlocker 1.9.1
"WinLiveSuite" = Windows Live Essentials
"ZinioAlertMessenger.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Alert Messenger
"ZinioReader4" = Zinio Reader 4
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/15/2013 3:07:18 PM | Computer Name = Maeve-PC | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The ESENT error was: -1032.

Error - 3/15/2013 3:07:28 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 489
Description = Catalog Database (1788) Catalog Database: An attempt to open the file
"C:\Windows\system32\CatRoot2\edb.log" for read only access failed with system
error 5 (0x00000005): "Access is denied. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 3/15/2013 3:07:28 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 455
Description = Catalog Database (1788) Catalog Database: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.

Error - 3/15/2013 3:07:29 PM | Computer Name = Maeve-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/15/2013 3:07:38 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 489
Description = Catalog Database (1788) Catalog Database: An attempt to open the file
"C:\Windows\system32\CatRoot2\edb.log" for read only access failed with system
error 5 (0x00000005): "Access is denied. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 3/15/2013 3:07:38 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 455
Description = Catalog Database (1788) Catalog Database: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.

Error - 3/15/2013 3:07:38 PM | Computer Name = Maeve-PC | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The ESENT error was: -1032.

Error - 3/15/2013 6:28:42 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 486
Description = Catalog Database (1788) Catalog Database: An attempt to move the file
"C:\Windows\system32\CatRoot2\edb0001B.log" to "C:\Windows\system32\CatRoot2\edbtmp.log"
failed with system error 2 (0x00000002): "The system cannot find the file specified.
". The move file operation will fail with error -1811 (0xfffff8ed).

Error - 3/15/2013 6:28:42 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 413
Description = Catalog Database (1788) Catalog Database: Unable to create a new logfile
because the database cannot write to the log drive. The drive may be read-only,
out of disk space, misconfigured, or corrupted. Error -1811.

Error - 3/15/2013 6:28:42 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 492
Description = Catalog Database (1788) Catalog Database: The logfile sequence in
"C:\Windows\system32\CatRoot2\" has been halted due to a fatal error. No further
updates are possible for the databases that use this logfile sequence. Please
correct the problem and restart or restore from backup.

Error - 3/15/2013 6:28:42 PM | Computer Name = Maeve-PC | Source = ESENT | ID = 471
Description = Catalog Database (1788) Catalog Database: Unable to rollback operation
#29103 on database C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb.
Error: -510. All future database updates will be rejected.

[ System Events ]
Error - 4/3/2013 9:14:56 AM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 4/3/2013 9:18:48 AM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/3/2013 8:23:10 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 4/3/2013 8:29:14 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/4/2013 5:31:54 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 4/4/2013 5:35:32 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/4/2013 7:04:50 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 4/4/2013 7:15:05 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/4/2013 7:30:43 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 4/4/2013 7:34:13 PM | Computer Name = Maeve-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >
  • 0

Advertisements

#2
gringo_pr
Posted 04 April 2013 - 11:24 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello UneekOne

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
UneekOne
Posted 05 April 2013 - 12:07 AM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thank you Gringo

My search results still end with me getting redirected.

__________________________________________________________________

Security Check log

Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2013
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java™ 6 Update 26
Java 7 Update 9
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox (19.0.2)
Google Chrome 25.0.1364.172
Google Chrome 26.0.1410.43
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
Maeve Desktop MALWARE HELP SecurityCheck.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````



__________________________________________________________________

AdwCleaner log



# AdwCleaner v2.200 - Logfile created 04/04/2013 at 22:44:19
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Maeve - MAEVE-PC
# Boot Mode : Normal
# Running from : C:\Users\Maeve\Desktop\MALWARE HELP\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\WebSearch.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\[email protected]
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Maeve\AppData\Local\Conduit
Folder Deleted : C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Maeve\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Maeve\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Maeve\AppData\Roaming\Conduit
Folder Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\ConduitCommon
Folder Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\Smartbar
Folder Deleted : C:\Users\Maeve\AppData\Roaming\QuickStoresToolbar
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\prefs.js

C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\user.js ... Deleted !

Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3277370&CUI=UN31015187[...]
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://isearch.fantastigames.com/web?src=ffb&gct=ds&appid=107&systemid=465[...]
Deleted : user_pref("quickstores.toolbar.affid", "2017");
Deleted : user_pref("quickstores.toolbar.guid", "{2BEF38AB-008A-9A67-3516-2D653268929C}");

-\\ Google Chrome v26.0.1410.43

File : C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.23] : search_url = "hxxp://isearch.fantastigames.com/web?src=crb&gct=ds&appid=107&systemid=465&q={searc[...]
Deleted [l.1537] : homepage = "hxxp://isearch.fantastigames.com/465",

*************************

AdwCleaner[S1].txt - [5386 octets] - [04/04/2013 22:44:19]

########## EOF - C:\AdwCleaner[S1].txt - [5446 octets] ##########


__________________________________________________________________

RogueKiller Report


RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Maeve [Admin rights]
Mode : Scan -- Date : 04/04/2013 22:56:29
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LockHunter (rundll32.exe C:\Users\Maeve\AppData\Local\LockHunter\xxbjsmqa.dll,_wspawnvpe) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3723304286-1430859214-3395422819-1000[...]\Run : LockHunter (rundll32.exe C:\Users\Maeve\AppData\Local\LockHunter\xxbjsmqa.dll,_wspawnvpe) [x] -> FOUND
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4675 : wscript.exe C:\Users\Maeve\AppData\Local\Temp\launchie.vbs //B -> FOUND
[STARTUP][SUSP PATH] NexDef Plug-in.lnk @Maeve : C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe [-] -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9750420AS +++++
--- User ---
[MBR] c4d441a27258bc95be2bbf548713c1b2
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 212992 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41172992 | Size: 695299 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04042013_02d2256.txt >>
RKreport[1]_S_04042013_02d2256.txt






__________________________________________________________________

Edited by UneekOne, 05 April 2013 - 12:13 AM.

  • 0

#4
gringo_pr
Posted 05 April 2013 - 12:12 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Go ahead and send me the reports so I know where I need to go next
  • 0

#5
UneekOne
Posted 05 April 2013 - 02:58 AM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Security Check log

Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2013
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java™ 6 Update 26
Java 7 Update 9
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox (19.0.2)
Google Chrome 25.0.1364.172
Google Chrome 26.0.1410.43
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
Maeve Desktop MALWARE HELP SecurityCheck.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````



__________________________________________________________________

AdwCleaner log



# AdwCleaner v2.200 - Logfile created 04/04/2013 at 22:44:19
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Maeve - MAEVE-PC
# Boot Mode : Normal
# Running from : C:\Users\Maeve\Desktop\MALWARE HELP\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\searchplugins\WebSearch.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\[email protected]
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Maeve\AppData\Local\Conduit
Folder Deleted : C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Maeve\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Maeve\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Maeve\AppData\Roaming\Conduit
Folder Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\ConduitCommon
Folder Deleted : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\Smartbar
Folder Deleted : C:\Users\Maeve\AppData\Roaming\QuickStoresToolbar
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\prefs.js

C:\Users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\user.js ... Deleted !

Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3277370&CUI=UN31015187[...]
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://isearch.fantastigames.com/web?src=ffb&gct=ds&appid=107&systemid=465[...]
Deleted : user_pref("quickstores.toolbar.affid", "2017");
Deleted : user_pref("quickstores.toolbar.guid", "{2BEF38AB-008A-9A67-3516-2D653268929C}");

-\\ Google Chrome v26.0.1410.43

File : C:\Users\Maeve\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.23] : search_url = "hxxp://isearch.fantastigames.com/web?src=crb&gct=ds&appid=107&systemid=465&q={searc[...]
Deleted [l.1537] : homepage = "hxxp://isearch.fantastigames.com/465",

*************************

AdwCleaner[S1].txt - [5386 octets] - [04/04/2013 22:44:19]

########## EOF - C:\AdwCleaner[S1].txt - [5446 octets] ##########


__________________________________________________________________

RogueKiller Report


RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Maeve [Admin rights]
Mode : Scan -- Date : 04/04/2013 22:56:29
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LockHunter (rundll32.exe C:\Users\Maeve\AppData\Local\LockHunter\xxbjsmqa.dll,_wspawnvpe) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3723304286-1430859214-3395422819-1000[...]\Run : LockHunter (rundll32.exe C:\Users\Maeve\AppData\Local\LockHunter\xxbjsmqa.dll,_wspawnvpe) [x] -> FOUND
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4675 : wscript.exe C:\Users\Maeve\AppData\Local\Temp\launchie.vbs //B -> FOUND
[STARTUP][SUSP PATH] NexDef Plug-in.lnk @Maeve : C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe [-] -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9750420AS +++++
--- User ---
[MBR] c4d441a27258bc95be2bbf548713c1b2
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 212992 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41172992 | Size: 695299 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04042013_02d2256.txt >>
RKreport[1]_S_04042013_02d2256.txt
  • 0

#6
gringo_pr
Posted 05 April 2013 - 04:26 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello UneekOne

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
UneekOne
Posted 05 April 2013 - 10:22 PM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hello Gringo

I had no issues running ComboFix

My computer seems better - the issues with the searches seem to be gone

_______________________________________________________________________

ComboFix Log

ComboFix 13-04-05.01 - Maeve 04/05/2013 20:36:33.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8152.6207 [GMT -7:00]
Running from: c:\users\Maeve\Desktop\MALWARE HELP\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\programdata\Roaming
c:\users\Maeve\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2013-03-06 to 2013-04-06 )))))))))))))))))))))))))))))))
.
.
2013-04-06 03:43 . 2013-04-06 03:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-04 22:41 . 2013-04-04 22:43 -------- d-----w- c:\program files\CCleaner
2013-04-04 07:23 . 2013-04-04 07:23 -------- d-----w- c:\users\Maeve\AppData\Roaming\SpeedyPC Software
2013-04-04 07:23 . 2013-04-04 07:23 -------- d-----w- c:\users\Maeve\AppData\Roaming\DriverCure
2013-04-04 07:23 . 2013-04-04 07:30 -------- d-----w- c:\programdata\SpeedyPC Software
2013-04-02 09:43 . 2013-04-02 09:43 -------- d-----w- c:\users\Maeve\AppData\Local\LockHunter
2013-03-29 13:33 . 2013-03-29 21:15 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-03-29 13:20 . 2013-03-29 13:20 -------- d-----w- c:\program files (x86)\FGIcon
2013-03-29 12:54 . 2013-03-29 13:17 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-03-28 04:52 . 2013-03-28 04:52 4316280 ----a-w- c:\users\Maeve\AppData\Roaming\CCleaner.4.00.4064.exe
2013-03-26 00:25 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-06 03:42 . 2012-03-13 10:59 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76A86ECA-21FB-4B90-AF32-85C2E8705BA4}\offreg.dll
2013-04-01 07:59 . 2012-04-10 10:20 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-01 07:59 . 2012-02-23 11:31 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 10:02 . 2012-03-02 19:29 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-13 09:29 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 09:29 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 09:29 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 09:29 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 09:29 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 09:29 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 02:15 . 2013-01-30 02:15 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2013-01-30 02:15 . 2013-01-30 02:15 828872 ----a-w- c:\windows\system32\msvcr110.dll
2013-01-30 02:15 . 2013-01-30 02:15 661448 ----a-w- c:\windows\system32\msvcp110.dll
2013-01-30 02:15 . 2013-01-30 02:15 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll
2013-01-30 02:15 . 2013-01-30 02:15 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2013-01-30 02:15 . 2013-01-30 02:15 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll
2013-01-30 02:15 . 2013-01-30 02:15 50800 ----a-w- c:\windows\system32\drivers\point64.sys
2013-01-24 18:32 . 2013-01-24 18:32 2177648 ----a-w- c:\windows\system32\coin93.dll
2013-01-13 21:17 . 2013-02-27 11:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 11:00 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 11:00 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 11:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 11:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 11:00 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 11:00 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 11:00 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 11:00 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 11:00 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 11:00 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 11:00 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 11:00 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 11:00 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 11:00 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 11:00 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 11:00 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 11:00 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 11:00 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 11:00 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 11:00 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 11:00 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 11:00 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 11:00 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 11:00 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 11:00 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 11:00 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 11:00 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 11:00 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 11:00 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 11:00 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 11:00 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 11:00 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 11:00 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 11:00 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 11:00 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 11:00 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 75048]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-12-31 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]
"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-3-1 576000]
Zinio Alert Messenger.lnk - c:\program files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe [2012-9-27 127488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/23 06:22;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-08-12 248304]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]
R3 DMService;Microsoft Forefront UAG Endpoint Component Manager;c:\windows\DOWNLO~1\DMService.exe [2012-09-15 468368]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;c:\program files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [2010-04-09 149904]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-14 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-14 212992]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [2011-10-16 291648]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2013-01-30 50800]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-31 05:07 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 07:59]
.
2013-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 15:57]
.
2013-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 15:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-08-30 7284328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://jran.uscourts.gov/whalecomec3ea180782db7cb0b1b36bd632bc90bc62a5d1814237bfd/whalecom0/dwa85W.cab
FF - ProfilePath - c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - ExtSQL: 2013-02-11 00:29; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-04-04 16:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{E8861423-0DAB-459E-A8D5-DB264E69E70C} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-05 20:45:14
ComboFix-quarantined-files.txt 2013-04-06 03:45
.
Pre-Run: 608,137,633,792 bytes free
Post-Run: 607,618,560,000 bytes free
.
- - End Of File - - CD06D2C64C66F00C1DE53F8519A481C5
  • 0

#8
gringo_pr
Posted 08 April 2013 - 12:52 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello UneekOne

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#9
UneekOne
Posted 08 April 2013 - 01:31 PM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
There was no issue with the running of ComboFix

I'm having the same issue with my search results: The results correspond to my search query but when I click the links I'm taken to pages that doesn't represent the link.



ComboFix Log
____________

ComboFix 13-04-08.02 - Maeve 04/08/2013 12:06:06.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8152.6129 [GMT -7:00]
Running from: c:\users\Maeve\Desktop\MALWARE HELP\ComboFix.exe
Command switches used :: c:\users\Maeve\Desktop\MALWARE HELP\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\06004c97-c212-44da-81de-706b46554efe.dll
c:\programdata\PCDr\6032\AddOnDownloaded\07287f2e-4f82-4848-8132-7055ef322318.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d85b53c-d766-4bf0-8940-17b534910268.dll
c:\programdata\PCDr\6032\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\16837627-a839-41c5-a88f-3a0335128383.dll
c:\programdata\PCDr\6032\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6032\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6032\AddOnDownloaded\493f295d-1a46-46f6-926c-63b474cedab4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\59abf7b9-a4a7-4d76-9ad6-13c7bb2f4d0b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6032\AddOnDownloaded\69eaa8a4-3131-4718-aad0-994ebde678d1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a7201707-7895-43cf-9119-8a0279b75d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2ed8d53-41ce-48e6-b4ac-8b8e5e1a4fdf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bbfa36b0-30b0-4e36-8d8c-69df1d87626b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\daf30858-49d8-434b-b4b1-068b5dc9267c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e238f8f5-5f0a-478f-b96a-d15f6f6cac94.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f80d4ad1-1fad-43b5-b6f3-347848b5ddd5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f8b3befb-ca07-4bff-8777-f565b237979f.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\users\Maeve\AppData\Roaming\vso_ts_preview.xml
H:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2013-03-08 to 2013-04-08 )))))))))))))))))))))))))))))))
.
.
2013-04-08 19:13 . 2013-04-08 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-08 19:09 . 2013-04-08 19:09 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76A86ECA-21FB-4B90-AF32-85C2E8705BA4}\offreg.dll
2013-04-04 22:41 . 2013-04-04 22:43 -------- d-----w- c:\program files\CCleaner
2013-04-04 07:23 . 2013-04-04 07:23 -------- d-----w- c:\users\Maeve\AppData\Roaming\SpeedyPC Software
2013-04-04 07:23 . 2013-04-04 07:23 -------- d-----w- c:\users\Maeve\AppData\Roaming\DriverCure
2013-04-04 07:23 . 2013-04-04 07:30 -------- d-----w- c:\programdata\SpeedyPC Software
2013-04-02 09:43 . 2013-04-02 09:43 -------- d-----w- c:\users\Maeve\AppData\Local\LockHunter
2013-03-29 20:49 . 2013-03-07 14:30 272280 ----a-w- c:\program files (x86)\Mozilla Firefox\updater.exe
2013-03-29 20:49 . 2013-03-07 14:30 19352 ----a-w- c:\program files (x86)\Mozilla Firefox\xpcom.dll
2013-03-29 20:49 . 2013-03-07 14:30 91544 ----a-w- c:\program files (x86)\Mozilla Firefox\nssdbm3.dll
2013-03-29 20:49 . 2013-03-07 14:30 375192 ----a-w- c:\program files (x86)\Mozilla Firefox\nssckbi.dll
2013-03-29 20:49 . 2013-03-07 14:30 812440 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2013-03-29 20:49 . 2013-03-07 14:30 172440 ----a-w- c:\program files (x86)\Mozilla Firefox\nspr4.dll
2013-03-29 20:49 . 2013-03-07 14:30 277400 ----a-w- c:\program files (x86)\Mozilla Firefox\freebl3.dll
2013-03-29 20:49 . 2013-03-07 14:30 116120 ----a-w- c:\program files (x86)\Mozilla Firefox\crashreporter.exe
2013-03-29 13:20 . 2013-03-29 13:20 -------- d-----w- c:\program files (x86)\FGIcon
2013-03-29 12:54 . 2013-03-29 13:17 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-03-28 04:52 . 2013-03-28 04:52 4316280 ----a-w- c:\users\Maeve\AppData\Roaming\CCleaner.4.00.4064.exe
2013-03-26 00:25 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-20 05:30 . 2013-03-20 05:30 6066296 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-01 07:59 . 2012-04-10 10:20 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-01 07:59 . 2012-02-23 11:31 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 10:02 . 2012-03-02 19:29 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-13 09:29 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 09:29 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 09:29 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 09:29 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 09:29 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 09:29 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 02:15 . 2013-01-30 02:15 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2013-01-30 02:15 . 2013-01-30 02:15 828872 ----a-w- c:\windows\system32\msvcr110.dll
2013-01-30 02:15 . 2013-01-30 02:15 661448 ----a-w- c:\windows\system32\msvcp110.dll
2013-01-30 02:15 . 2013-01-30 02:15 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll
2013-01-30 02:15 . 2013-01-30 02:15 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2013-01-30 02:15 . 2013-01-30 02:15 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll
2013-01-30 02:15 . 2013-01-30 02:15 50800 ----a-w- c:\windows\system32\drivers\point64.sys
2013-01-24 18:32 . 2013-01-24 18:32 2177648 ----a-w- c:\windows\system32\coin93.dll
2013-01-13 21:17 . 2013-02-27 11:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 11:00 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 11:00 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 11:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 11:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 11:00 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 11:00 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 11:00 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 11:00 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 11:00 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 11:00 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 11:00 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 11:00 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 11:00 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 11:00 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 11:00 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 11:00 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 11:00 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 11:00 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 11:00 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 11:00 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 11:00 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 11:00 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 11:00 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 11:00 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 11:00 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 11:00 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 11:00 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 11:00 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 11:00 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 11:00 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 11:00 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 11:00 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 11:00 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 11:00 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 11:00 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 11:00 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 75048]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-12-31 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]
"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-3-1 576000]
Zinio Alert Messenger.lnk - c:\program files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe [2012-9-27 127488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/23 06:22;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-08-12 248304]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-20 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]
R3 DMService;Microsoft Forefront UAG Endpoint Component Manager;c:\windows\DOWNLO~1\DMService.exe [2012-09-15 468368]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;c:\program files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [2010-04-09 149904]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-14 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-14 212992]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [2011-10-16 291648]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2013-01-30 50800]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-31 05:07 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 07:59]
.
2013-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 15:57]
.
2013-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 15:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-08-30 7284328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://jran.uscourts.gov/whalecomec3ea180782db7cb0b1b36bd632bc90bc62a5d1814237bfd/whalecom0/dwa85W.cab
FF - ProfilePath - c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - ExtSQL: 2013-02-11 00:29; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-04-04 16:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{E8861423-0DAB-459E-A8D5-DB264E69E70C} - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-08 12:14:55
ComboFix-quarantined-files.txt 2013-04-08 19:14
ComboFix2.txt 2013-04-06 03:45
.
Pre-Run: 600,730,869,760 bytes free
Post-Run: 600,357,507,072 bytes free
.
- - End Of File - - 0E4597E7DB6A0C8E7E773B7107D44721
  • 0

#10
gringo_pr
Posted 08 April 2013 - 07:52 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello UneekOne


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

Advertisements

#11
UneekOne
Posted 08 April 2013 - 10:35 PM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
TDSSkiller Report

20:25:32.0194 2432 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:25:32.0802 2432 ============================================================
20:25:32.0802 2432 Current date / time: 2013/04/08 20:25:32.0802
20:25:32.0802 2432 SystemInfo:
20:25:32.0802 2432
20:25:32.0802 2432 OS Version: 6.1.7601 ServicePack: 1.0
20:25:32.0802 2432 Product type: Workstation
20:25:32.0802 2432 ComputerName: MAEVE-PC
20:25:32.0802 2432 UserName: Maeve
20:25:32.0802 2432 Windows directory: C:\Windows
20:25:32.0802 2432 System windows directory: C:\Windows
20:25:32.0802 2432 Running under WOW64
20:25:32.0802 2432 Processor architecture: Intel x64
20:25:32.0802 2432 Number of processors: 8
20:25:32.0802 2432 Page size: 0x1000
20:25:32.0802 2432 Boot type: Normal boot
20:25:32.0802 2432 ============================================================
20:25:33.0005 2432 BG loaded
20:25:33.0348 2432 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:25:33.0380 2432 Drive \Device\Harddisk1\DR1 - Size: 0x3A3817D5000 (3726.02 Gb), SectorSize: 0x1000, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:33.0380 2432 Drive \Device\Harddisk2\DR2 - Size: 0x15D27100000 (1396.61 Gb), SectorSize: 0x200, Cylinders: 0x2C82B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:33.0395 2432 ============================================================
20:25:33.0395 2432 \Device\Harddisk0\DR0:
20:25:33.0395 2432 MBR partitions:
20:25:33.0395 2432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
20:25:33.0395 2432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0
20:25:33.0395 2432 \Device\Harddisk1\DR1:
20:25:33.0411 2432 MBR partitions:
20:25:33.0411 2432 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A380800
20:25:33.0411 2432 \Device\Harddisk2\DR2:
20:25:33.0411 2432 MBR partitions:
20:25:33.0411 2432 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x86470000
20:25:33.0411 2432 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x86470800, BlocksNum 0x284C7000
20:25:33.0411 2432 ============================================================
20:25:33.0426 2432 C: <-> \Device\Harddisk0\DR0\Partition2
20:25:33.0442 2432 G: <-> \Device\Harddisk2\DR2\Partition1
20:25:33.0442 2432 H: <-> \Device\Harddisk1\DR1\Partition1
20:25:33.0489 2432 J: <-> \Device\Harddisk2\DR2\Partition2
20:25:33.0489 2432 ============================================================
20:25:33.0489 2432 Initialize success
20:25:33.0489 2432 ============================================================
20:25:48.0059 1684 ============================================================
20:25:48.0059 1684 Scan started
20:25:48.0059 1684 Mode: Manual; SigCheck; TDLFS;
20:25:48.0059 1684 ============================================================
20:25:48.0839 1684 ================ Scan system memory ========================
20:25:48.0839 1684 System memory - ok
20:25:48.0839 1684 ================ Scan services =============================
20:25:49.0058 1684 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:25:49.0120 1684 1394ohci - ok
20:25:49.0167 1684 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
20:25:49.0198 1684 Acceler - ok
20:25:49.0229 1684 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:25:49.0261 1684 ACPI - ok
20:25:49.0276 1684 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:25:49.0292 1684 AcpiPmi - ok
20:25:49.0385 1684 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:25:49.0401 1684 AdobeARMservice - ok
20:25:49.0526 1684 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:25:49.0557 1684 AdobeFlashPlayerUpdateSvc - ok
20:25:49.0588 1684 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:25:49.0619 1684 adp94xx - ok
20:25:49.0635 1684 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:25:49.0635 1684 adpahci - ok
20:25:49.0651 1684 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:25:49.0651 1684 adpu320 - ok
20:25:49.0666 1684 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:25:49.0697 1684 AeLookupSvc - ok
20:25:49.0760 1684 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:25:49.0775 1684 AERTFilters - ok
20:25:49.0822 1684 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:25:49.0869 1684 AFD - ok
20:25:49.0885 1684 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:25:49.0916 1684 agp440 - ok
20:25:49.0931 1684 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:25:49.0947 1684 ALG - ok
20:25:49.0963 1684 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:25:49.0963 1684 aliide - ok
20:25:49.0978 1684 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:25:49.0978 1684 amdide - ok
20:25:50.0009 1684 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:25:50.0009 1684 AmdK8 - ok
20:25:50.0025 1684 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:25:50.0041 1684 AmdPPM - ok
20:25:50.0056 1684 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:25:50.0072 1684 amdsata - ok
20:25:50.0087 1684 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:25:50.0103 1684 amdsbs - ok
20:25:50.0119 1684 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:25:50.0119 1684 amdxata - ok
20:25:50.0165 1684 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
20:25:50.0197 1684 AMPPAL - ok
20:25:50.0212 1684 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
20:25:50.0212 1684 AMPPALP - ok
20:25:50.0275 1684 [ 2CC0CBF2707BE4D5B6CE6B87D9DA2F97 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:25:50.0306 1684 AMPPALR3 - ok
20:25:50.0337 1684 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:25:50.0399 1684 AppID - ok
20:25:50.0431 1684 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:25:50.0462 1684 AppIDSvc - ok
20:25:50.0477 1684 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:25:50.0509 1684 Appinfo - ok
20:25:50.0618 1684 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:25:50.0649 1684 Apple Mobile Device - ok
20:25:50.0696 1684 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:25:50.0711 1684 arc - ok
20:25:50.0743 1684 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:25:50.0743 1684 arcsas - ok
20:25:50.0852 1684 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:25:50.0867 1684 aspnet_state - ok
20:25:50.0914 1684 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:25:50.0977 1684 AsyncMac - ok
20:25:51.0039 1684 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:25:51.0055 1684 atapi - ok
20:25:51.0164 1684 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:25:51.0195 1684 AudioEndpointBuilder - ok
20:25:51.0211 1684 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:25:51.0242 1684 AudioSrv - ok
20:25:51.0398 1684 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:25:51.0460 1684 AVGIDSAgent - ok
20:25:51.0491 1684 [ AC6CB348F67B6B1B75C0EFB8927A8B03 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:25:51.0491 1684 AVGIDSDriver - ok
20:25:51.0507 1684 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
20:25:51.0507 1684 AVGIDSHA - ok
20:25:51.0538 1684 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
20:25:51.0554 1684 Avgldx64 - ok
20:25:51.0601 1684 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
20:25:51.0632 1684 Avgloga - ok
20:25:51.0647 1684 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
20:25:51.0647 1684 Avgmfx64 - ok
20:25:51.0663 1684 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
20:25:51.0679 1684 Avgrkx64 - ok
20:25:51.0694 1684 [ 71309F30D4F4565EC611FE3FC33A3A0F ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
20:25:51.0725 1684 Avgtdia - ok
20:25:51.0741 1684 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:25:51.0772 1684 avgwd - ok
20:25:51.0803 1684 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:25:51.0835 1684 AxInstSV - ok
20:25:51.0913 1684 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:25:51.0959 1684 b06bdrv - ok
20:25:51.0991 1684 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:25:52.0022 1684 b57nd60a - ok
20:25:52.0053 1684 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:25:52.0069 1684 BDESVC - ok
20:25:52.0084 1684 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:25:52.0131 1684 Beep - ok
20:25:52.0225 1684 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:25:52.0271 1684 BFE - ok
20:25:52.0303 1684 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
20:25:52.0334 1684 BITS - ok
20:25:52.0349 1684 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:25:52.0365 1684 blbdrive - ok
20:25:52.0427 1684 [ 0F46D2845BD7DDACA52340ECC2B65DA3 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:25:52.0474 1684 Bluetooth Device Monitor - ok
20:25:52.0521 1684 [ 3341DE556EC28252D603277609EEF8BF ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
20:25:52.0552 1684 Bluetooth Media Service - ok
20:25:52.0568 1684 [ 5D5C3EC9BE1107DEDF0FEB55B7F3BD77 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:25:52.0583 1684 Bluetooth OBEX Service - ok
20:25:52.0630 1684 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:25:52.0661 1684 Bonjour Service - ok
20:25:52.0693 1684 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:25:52.0724 1684 bowser - ok
20:25:52.0739 1684 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:25:52.0771 1684 BrFiltLo - ok
20:25:52.0771 1684 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:25:52.0786 1684 BrFiltUp - ok
20:25:52.0802 1684 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:25:52.0833 1684 BridgeMP - ok
20:25:52.0849 1684 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:25:52.0864 1684 Browser - ok
20:25:52.0880 1684 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:25:52.0927 1684 Brserid - ok
20:25:52.0942 1684 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:25:52.0942 1684 BrSerWdm - ok
20:25:52.0958 1684 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:25:52.0973 1684 BrUsbMdm - ok
20:25:52.0989 1684 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:25:53.0005 1684 BrUsbSer - ok
20:25:53.0036 1684 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:25:53.0067 1684 BthEnum - ok
20:25:53.0067 1684 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:25:53.0083 1684 BTHMODEM - ok
20:25:53.0114 1684 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:25:53.0161 1684 BthPan - ok
20:25:53.0176 1684 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:25:53.0176 1684 BTHPORT - ok
20:25:53.0207 1684 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:25:53.0270 1684 bthserv - ok
20:25:53.0301 1684 [ D6CEEC2F878149E4DB9FE93FA5D8FE60 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:25:53.0317 1684 BTHSSecurityMgr - ok
20:25:53.0332 1684 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:25:53.0363 1684 BTHUSB - ok
20:25:53.0395 1684 [ AB0A33001FE7EBB209D9D52CED11BE1A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
20:25:53.0426 1684 btmaux - ok
20:25:53.0441 1684 [ 5BA4C6F82A5CA3307C0579D9F7B36E28 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
20:25:53.0457 1684 btmhsf - ok
20:25:53.0488 1684 catchme - ok
20:25:53.0519 1684 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:25:53.0582 1684 cdfs - ok
20:25:53.0629 1684 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:25:53.0644 1684 cdrom - ok
20:25:53.0691 1684 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:25:53.0738 1684 CertPropSvc - ok
20:25:53.0785 1684 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:25:53.0816 1684 circlass - ok
20:25:53.0847 1684 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:25:53.0878 1684 CLFS - ok
20:25:53.0956 1684 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
20:25:53.0987 1684 CLKMSVC10_9EC60124 - ok
20:25:54.0034 1684 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:25:54.0065 1684 clr_optimization_v2.0.50727_32 - ok
20:25:54.0097 1684 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:25:54.0128 1684 clr_optimization_v2.0.50727_64 - ok
20:25:54.0237 1684 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:25:54.0253 1684 clr_optimization_v4.0.30319_32 - ok
20:25:54.0284 1684 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:25:54.0284 1684 clr_optimization_v4.0.30319_64 - ok
20:25:54.0315 1684 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:25:54.0346 1684 CmBatt - ok
20:25:54.0362 1684 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:25:54.0362 1684 cmdide - ok
20:25:54.0409 1684 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:25:54.0455 1684 CNG - ok
20:25:54.0471 1684 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:25:54.0487 1684 Compbatt - ok
20:25:54.0502 1684 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:25:54.0533 1684 CompositeBus - ok
20:25:54.0549 1684 COMSysApp - ok
20:25:54.0565 1684 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:25:54.0580 1684 crcdisk - ok
20:25:54.0627 1684 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:25:54.0658 1684 CryptSvc - ok
20:25:54.0705 1684 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:25:54.0721 1684 CtClsFlt - ok
20:25:54.0767 1684 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:25:54.0830 1684 DcomLaunch - ok
20:25:54.0877 1684 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:25:54.0955 1684 defragsvc - ok
20:25:55.0033 1684 [ 2050309BAB03DFCEE455DBF913BF91B1 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
20:25:55.0033 1684 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
20:25:55.0033 1684 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
20:25:55.0079 1684 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:25:55.0126 1684 DfsC - ok
20:25:55.0157 1684 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:25:55.0157 1684 Dhcp - ok
20:25:55.0173 1684 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:25:55.0189 1684 discache - ok
20:25:55.0220 1684 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:25:55.0235 1684 Disk - ok
20:25:55.0313 1684 [ 41F9F463F71507A04512C6121FDF5479 ] DMService C:\Windows\DOWNLO~1\DMService.exe
20:25:55.0345 1684 DMService - ok
20:25:55.0360 1684 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:25:55.0391 1684 Dnscache - ok
20:25:55.0423 1684 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:25:55.0469 1684 dot3svc - ok
20:25:55.0501 1684 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:25:55.0516 1684 DPS - ok
20:25:55.0547 1684 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:25:55.0579 1684 drmkaud - ok
20:25:55.0781 1684 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:25:55.0797 1684 DXGKrnl - ok
20:25:55.0813 1684 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:25:55.0844 1684 EapHost - ok
20:25:55.0906 1684 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:25:55.0953 1684 ebdrv - ok
20:25:56.0000 1684 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:25:56.0031 1684 EFS - ok
20:25:56.0078 1684 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:25:56.0109 1684 ehRecvr - ok
20:25:56.0125 1684 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:25:56.0140 1684 ehSched - ok
20:25:56.0171 1684 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:25:56.0203 1684 elxstor - ok
20:25:56.0218 1684 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:25:56.0234 1684 ErrDev - ok
20:25:56.0265 1684 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:25:56.0296 1684 EventSystem - ok
20:25:56.0390 1684 [ 532B8FF8E07F3772B086620377654F95 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:25:56.0421 1684 EvtEng - ok
20:25:56.0452 1684 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:25:56.0483 1684 exfat - ok
20:25:56.0499 1684 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:25:56.0530 1684 fastfat - ok
20:25:56.0561 1684 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:25:56.0577 1684 Fax - ok
20:25:56.0608 1684 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:25:56.0639 1684 fdc - ok
20:25:56.0639 1684 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:25:56.0671 1684 fdPHost - ok
20:25:56.0686 1684 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:25:56.0717 1684 FDResPub - ok
20:25:56.0733 1684 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:25:56.0749 1684 FileInfo - ok
20:25:56.0749 1684 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:25:56.0795 1684 Filetrace - ok
20:25:56.0811 1684 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:25:56.0827 1684 flpydisk - ok
20:25:56.0842 1684 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:25:56.0889 1684 FltMgr - ok
20:25:56.0936 1684 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:25:56.0998 1684 FontCache - ok
20:25:57.0045 1684 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:25:57.0076 1684 FontCache3.0.0.0 - ok
20:25:57.0092 1684 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:25:57.0092 1684 FsDepends - ok
20:25:57.0123 1684 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:25:57.0139 1684 Fs_Rec - ok
20:25:57.0185 1684 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:25:57.0217 1684 fvevol - ok
20:25:57.0232 1684 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:25:57.0232 1684 gagp30kx - ok
20:25:57.0248 1684 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:25:57.0263 1684 GEARAspiWDM - ok
20:25:57.0310 1684 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:25:57.0341 1684 gpsvc - ok
20:25:57.0435 1684 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:25:57.0466 1684 gupdate - ok
20:25:57.0497 1684 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:25:57.0513 1684 gupdatem - ok
20:25:57.0544 1684 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:25:57.0575 1684 hcw85cir - ok
20:25:57.0591 1684 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:25:57.0638 1684 HDAudBus - ok
20:25:57.0638 1684 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:25:57.0653 1684 HidBatt - ok
20:25:57.0653 1684 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:25:57.0685 1684 HidBth - ok
20:25:57.0700 1684 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:25:57.0716 1684 HidIr - ok
20:25:57.0747 1684 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:25:57.0809 1684 hidserv - ok
20:25:57.0841 1684 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:25:57.0841 1684 HidUsb - ok
20:25:57.0856 1684 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:25:57.0887 1684 hkmsvc - ok
20:25:57.0903 1684 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:25:57.0919 1684 HomeGroupListener - ok
20:25:57.0934 1684 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:25:57.0981 1684 HomeGroupProvider - ok
20:25:57.0997 1684 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:25:57.0997 1684 HpSAMD - ok
20:25:58.0028 1684 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:25:58.0075 1684 HTTP - ok
20:25:58.0090 1684 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:25:58.0106 1684 hwpolicy - ok
20:25:58.0137 1684 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:25:58.0168 1684 i8042prt - ok
20:25:58.0199 1684 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:25:58.0231 1684 iaStor - ok
20:25:58.0262 1684 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:25:58.0293 1684 iaStorV - ok
20:25:58.0309 1684 [ 806422F30DF9CE8307457485779C77B7 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
20:25:58.0309 1684 iBtFltCoex - ok
20:25:58.0355 1684 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:25:58.0387 1684 idsvc - ok
20:25:58.0418 1684 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:25:58.0418 1684 iirsp - ok
20:25:58.0449 1684 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:25:58.0480 1684 IKEEXT - ok
20:25:58.0558 1684 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:25:58.0589 1684 IntcAzAudAddService - ok
20:25:58.0621 1684 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:25:58.0636 1684 intelide - ok
20:25:58.0667 1684 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:25:58.0667 1684 intelppm - ok
20:25:58.0745 1684 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
20:25:58.0761 1684 IntuitUpdateServiceV4 - ok
20:25:58.0777 1684 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:25:58.0808 1684 IPBusEnum - ok
20:25:58.0839 1684 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:25:58.0855 1684 IpFilterDriver - ok
20:25:58.0901 1684 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:25:58.0901 1684 iphlpsvc - ok
20:25:58.0917 1684 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:25:58.0933 1684 IPMIDRV - ok
20:25:58.0948 1684 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:25:59.0042 1684 IPNAT - ok
20:25:59.0104 1684 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:25:59.0135 1684 iPod Service - ok
20:25:59.0151 1684 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:25:59.0167 1684 IRENUM - ok
20:25:59.0182 1684 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:25:59.0198 1684 isapnp - ok
20:25:59.0213 1684 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:25:59.0229 1684 iScsiPrt - ok
20:25:59.0260 1684 [ DD931496F49CDDF4F0B440455423E162 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:25:59.0291 1684 JMCR - ok
20:25:59.0323 1684 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:25:59.0323 1684 kbdclass - ok
20:25:59.0354 1684 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:25:59.0354 1684 kbdhid - ok
20:25:59.0369 1684 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:25:59.0401 1684 KeyIso - ok
20:25:59.0416 1684 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:25:59.0432 1684 KSecDD - ok
20:25:59.0447 1684 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:25:59.0479 1684 KSecPkg - ok
20:25:59.0494 1684 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:25:59.0525 1684 ksthunk - ok
20:25:59.0557 1684 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:25:59.0635 1684 KtmRm - ok
20:25:59.0681 1684 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:25:59.0744 1684 LanmanServer - ok
20:25:59.0759 1684 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:25:59.0775 1684 LanmanWorkstation - ok
20:25:59.0806 1684 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:25:59.0853 1684 lltdio - ok
20:25:59.0884 1684 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:25:59.0915 1684 lltdsvc - ok
20:25:59.0931 1684 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:25:59.0962 1684 lmhosts - ok
20:26:00.0025 1684 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:26:00.0056 1684 LMS - ok
20:26:00.0071 1684 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:26:00.0103 1684 LSI_FC - ok
20:26:00.0134 1684 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:26:00.0165 1684 LSI_SAS - ok
20:26:00.0181 1684 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:26:00.0181 1684 LSI_SAS2 - ok
20:26:00.0212 1684 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:26:00.0243 1684 LSI_SCSI - ok
20:26:00.0259 1684 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:26:00.0305 1684 luafv - ok
20:26:00.0352 1684 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
20:26:00.0383 1684 mcdbus - ok
20:26:00.0399 1684 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:26:00.0430 1684 Mcx2Svc - ok
20:26:00.0461 1684 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:26:00.0461 1684 megasas - ok
20:26:00.0493 1684 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:26:00.0493 1684 MegaSR - ok
20:26:00.0539 1684 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:26:00.0571 1684 MEIx64 - ok
20:26:00.0617 1684 Microsoft SharePoint Workspace Audit Service - ok
20:26:00.0649 1684 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:26:00.0695 1684 MMCSS - ok
20:26:00.0742 1684 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:26:00.0789 1684 Modem - ok
20:26:00.0820 1684 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:26:00.0836 1684 monitor - ok
20:26:00.0851 1684 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:26:00.0851 1684 mouclass - ok
20:26:00.0883 1684 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:26:00.0914 1684 mouhid - ok
20:26:00.0929 1684 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:26:00.0945 1684 mountmgr - ok
20:26:01.0007 1684 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:26:01.0023 1684 MozillaMaintenance - ok
20:26:01.0054 1684 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:26:01.0085 1684 mpio - ok
20:26:01.0085 1684 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:26:01.0117 1684 mpsdrv - ok
20:26:01.0148 1684 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:26:01.0195 1684 MpsSvc - ok
20:26:01.0210 1684 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:26:01.0226 1684 MRxDAV - ok
20:26:01.0241 1684 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:26:01.0241 1684 mrxsmb - ok
20:26:01.0257 1684 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:26:01.0273 1684 mrxsmb10 - ok
20:26:01.0288 1684 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:26:01.0288 1684 mrxsmb20 - ok
20:26:01.0319 1684 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:26:01.0319 1684 msahci - ok
20:26:01.0351 1684 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:26:01.0382 1684 msdsm - ok
20:26:01.0382 1684 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:26:01.0397 1684 MSDTC - ok
20:26:01.0413 1684 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:26:01.0444 1684 Msfs - ok
20:26:01.0460 1684 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:26:01.0507 1684 mshidkmdf - ok
20:26:01.0522 1684 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:26:01.0522 1684 msisadrv - ok
20:26:01.0553 1684 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:26:01.0585 1684 MSiSCSI - ok
20:26:01.0585 1684 msiserver - ok
20:26:01.0616 1684 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:26:01.0647 1684 MSKSSRV - ok
20:26:01.0663 1684 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:26:01.0678 1684 MSPCLOCK - ok
20:26:01.0694 1684 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:26:01.0725 1684 MSPQM - ok
20:26:01.0725 1684 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:26:01.0741 1684 MsRPC - ok
20:26:01.0756 1684 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:26:01.0756 1684 mssmbios - ok
20:26:01.0772 1684 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:26:01.0803 1684 MSTEE - ok
20:26:01.0803 1684 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:26:01.0819 1684 MTConfig - ok
20:26:01.0834 1684 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:26:01.0834 1684 Mup - ok
20:26:01.0881 1684 [ 265937BC59819DF1DAB65E27C60F94C0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:26:01.0897 1684 MyWiFiDHCPDNS - ok
20:26:01.0912 1684 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:26:01.0975 1684 napagent - ok
20:26:02.0006 1684 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:26:02.0068 1684 NativeWifiP - ok
20:26:02.0131 1684 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:26:02.0162 1684 NAUpdate - ok
20:26:02.0209 1684 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:26:02.0224 1684 NDIS - ok
20:26:02.0255 1684 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:26:02.0302 1684 NdisCap - ok
20:26:02.0318 1684 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:26:02.0349 1684 NdisTapi - ok
20:26:02.0365 1684 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:26:02.0411 1684 Ndisuio - ok
20:26:02.0411 1684 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:26:02.0443 1684 NdisWan - ok
20:26:02.0458 1684 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:26:02.0489 1684 NDProxy - ok
20:26:02.0489 1684 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:26:02.0521 1684 NetBIOS - ok
20:26:02.0536 1684 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:26:02.0567 1684 NetBT - ok
20:26:02.0583 1684 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:26:02.0583 1684 Netlogon - ok
20:26:02.0614 1684 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:26:02.0661 1684 Netman - ok
20:26:02.0677 1684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:02.0692 1684 NetMsmqActivator - ok
20:26:02.0692 1684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:02.0692 1684 NetPipeActivator - ok
20:26:02.0723 1684 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:26:02.0739 1684 netprofm - ok
20:26:02.0755 1684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:02.0755 1684 NetTcpActivator - ok
20:26:02.0755 1684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:02.0770 1684 NetTcpPortSharing - ok
20:26:02.0926 1684 [ 774C9ECCEF83AB8A3D1466F19809C95F ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
20:26:03.0004 1684 NETwNs64 - ok
20:26:03.0020 1684 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:26:03.0051 1684 nfrd960 - ok
20:26:03.0082 1684 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:26:03.0113 1684 NlaSvc - ok
20:26:03.0223 1684 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
20:26:03.0269 1684 NOBU - ok
20:26:03.0285 1684 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:26:03.0301 1684 Npfs - ok
20:26:03.0316 1684 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:26:03.0347 1684 nsi - ok
20:26:03.0363 1684 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:26:03.0394 1684 nsiproxy - ok
20:26:03.0441 1684 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:26:03.0472 1684 Ntfs - ok
20:26:03.0488 1684 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:26:03.0503 1684 Null - ok
20:26:03.0535 1684 [ D584ABB6A308933A5F72B46C9E5A783F ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:26:03.0566 1684 nusb3hub - ok
20:26:03.0581 1684 [ 345B9C04E2036DA4346E3249A5BDFD06 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:26:03.0581 1684 nusb3xhc - ok
20:26:03.0613 1684 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:26:03.0613 1684 NVHDA - ok
20:26:03.0815 1684 [ 386FB2E1EF51495629089231957B7D9A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:26:03.0956 1684 nvlddmkm - ok
20:26:04.0003 1684 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:26:04.0003 1684 nvraid - ok
20:26:04.0018 1684 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:26:04.0034 1684 nvstor - ok
20:26:04.0065 1684 [ 4DC87CDA61D7B185E79618581F46B85A ] NvStUSB C:\Windows\system32\DRIVERS\nvstusb.sys
20:26:04.0065 1684 NvStUSB - ok
20:26:04.0127 1684 [ 3947AD5D03E6ABCCE037801162FDB90D ] nvsvc C:\Windows\system32\nvvsvc.exe
20:26:04.0159 1684 nvsvc - ok
20:26:04.0190 1684 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:26:04.0221 1684 nv_agp - ok
20:26:04.0237 1684 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:26:04.0237 1684 ohci1394 - ok
20:26:04.0283 1684 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:26:04.0283 1684 ose - ok
20:26:04.0439 1684 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:26:04.0502 1684 osppsvc - ok
20:26:04.0549 1684 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:26:04.0549 1684 p2pimsvc - ok
20:26:04.0580 1684 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:26:04.0595 1684 p2psvc - ok
20:26:04.0611 1684 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:26:04.0627 1684 Parport - ok
20:26:04.0642 1684 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:26:04.0673 1684 partmgr - ok
20:26:04.0689 1684 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:26:04.0705 1684 PcaSvc - ok
20:26:04.0720 1684 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:26:04.0751 1684 pci - ok
20:26:04.0783 1684 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:26:04.0783 1684 pciide - ok
20:26:04.0798 1684 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:26:04.0814 1684 pcmcia - ok
20:26:04.0814 1684 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:26:04.0829 1684 pcw - ok
20:26:04.0845 1684 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:26:04.0876 1684 PEAUTH - ok
20:26:04.0954 1684 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:26:04.0985 1684 PerfHost - ok
20:26:05.0032 1684 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:26:05.0079 1684 pla - ok
20:26:05.0126 1684 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:26:05.0157 1684 PlugPlay - ok
20:26:05.0173 1684 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:26:05.0188 1684 PNRPAutoReg - ok
20:26:05.0204 1684 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:26:05.0219 1684 PNRPsvc - ok
20:26:05.0251 1684 [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:26:05.0266 1684 Point64 - ok
20:26:05.0313 1684 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:26:05.0375 1684 PolicyAgent - ok
20:26:05.0407 1684 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
20:26:05.0422 1684 Power - ok
20:26:05.0453 1684 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:26:05.0485 1684 PptpMiniport - ok
20:26:05.0500 1684 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:26:05.0516 1684 Processor - ok
20:26:05.0531 1684 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:26:05.0547 1684 ProfSvc - ok
20:26:05.0563 1684 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:26:05.0578 1684 ProtectedStorage - ok
20:26:05.0594 1684 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:26:05.0609 1684 Psched - ok
20:26:05.0641 1684 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
20:26:05.0641 1684 qicflt - ok
20:26:05.0687 1684 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:26:05.0719 1684 ql2300 - ok
20:26:05.0750 1684 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:26:05.0781 1684 ql40xx - ok
20:26:05.0812 1684 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:26:05.0828 1684 QWAVE - ok
20:26:05.0828 1684 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:26:05.0859 1684 QWAVEdrv - ok
20:26:05.0859 1684 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:26:05.0890 1684 RasAcd - ok
20:26:05.0906 1684 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:26:05.0937 1684 RasAgileVpn - ok
20:26:05.0968 1684 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:26:05.0984 1684 RasAuto - ok
20:26:05.0999 1684 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:26:06.0031 1684 Rasl2tp - ok
20:26:06.0046 1684 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:26:06.0077 1684 RasMan - ok
20:26:06.0093 1684 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:26:06.0109 1684 RasPppoe - ok
20:26:06.0124 1684 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:26:06.0155 1684 RasSstp - ok
20:26:06.0171 1684 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:26:06.0202 1684 rdbss - ok
20:26:06.0202 1684 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:26:06.0218 1684 rdpbus - ok
20:26:06.0233 1684 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:26:06.0249 1684 RDPCDD - ok
20:26:06.0265 1684 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:26:06.0296 1684 RDPENCDD - ok
20:26:06.0311 1684 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:26:06.0327 1684 RDPREFMP - ok
20:26:06.0358 1684 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:26:06.0358 1684 RdpVideoMiniport - ok
20:26:06.0389 1684 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:26:06.0389 1684 RDPWD - ok
20:26:06.0421 1684 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:26:06.0436 1684 rdyboost - ok
20:26:06.0499 1684 [ 7196BE857E29007470FF9B689C7F29A7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:26:06.0514 1684 RegSrvc - ok
20:26:06.0530 1684 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:26:06.0561 1684 RemoteAccess - ok
20:26:06.0577 1684 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:26:06.0608 1684 RemoteRegistry - ok
20:26:06.0623 1684 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:26:06.0639 1684 RFCOMM - ok
20:26:06.0655 1684 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:26:06.0670 1684 RpcEptMapper - ok
20:26:06.0686 1684 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:26:06.0701 1684 RpcLocator - ok
20:26:06.0717 1684 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
20:26:06.0748 1684 RpcSs - ok
20:26:06.0764 1684 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:26:06.0826 1684 rspndr - ok
20:26:06.0857 1684 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:26:06.0857 1684 RTL8167 - ok
20:26:06.0873 1684 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:26:06.0889 1684 SamSs - ok
20:26:06.0904 1684 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:26:06.0935 1684 sbp2port - ok
20:26:06.0951 1684 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:26:06.0982 1684 SCardSvr - ok
20:26:06.0982 1684 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:26:07.0013 1684 scfilter - ok
20:26:07.0029 1684 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:26:07.0060 1684 Schedule - ok
20:26:07.0091 1684 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:26:07.0138 1684 SCPolicySvc - ok
20:26:07.0169 1684 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:26:07.0201 1684 sdbus - ok
20:26:07.0232 1684 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:26:07.0247 1684 SDRSVC - ok
20:26:07.0279 1684 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:26:07.0294 1684 secdrv - ok
20:26:07.0310 1684 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:26:07.0341 1684 seclogon - ok
20:26:07.0357 1684 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:26:07.0388 1684 SENS - ok
20:26:07.0388 1684 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:26:07.0388 1684 SensrSvc - ok
20:26:07.0419 1684 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:26:07.0450 1684 Serenum - ok
20:26:07.0450 1684 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:26:07.0466 1684 Serial - ok
20:26:07.0497 1684 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:26:07.0497 1684 sermouse - ok
20:26:07.0513 1684 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:26:07.0544 1684 SessionEnv - ok
20:26:07.0544 1684 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
20:26:07.0559 1684 sffdisk - ok
20:26:07.0575 1684 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:26:07.0575 1684 sffp_mmc - ok
20:26:07.0591 1684 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
20:26:07.0606 1684 sffp_sd - ok
20:26:07.0622 1684 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:26:07.0622 1684 sfloppy - ok
20:26:07.0700 1684 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:26:07.0731 1684 SftService - ok
20:26:07.0747 1684 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:26:07.0778 1684 SharedAccess - ok
20:26:07.0793 1684 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:26:07.0825 1684 ShellHWDetection - ok
20:26:07.0840 1684 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:26:07.0856 1684 SiSRaid2 - ok
20:26:07.0871 1684 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:26:07.0871 1684 SiSRaid4 - ok
20:26:08.0012 1684 [ E42D201B0B53A94BD8E5B032EC83D843 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:26:08.0043 1684 Skype C2C Service - ok
20:26:08.0090 1684 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:26:08.0105 1684 SkypeUpdate - ok
20:26:08.0121 1684 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:26:08.0168 1684 Smb - ok
20:26:08.0199 1684 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:26:08.0215 1684 SNMPTRAP - ok
20:26:08.0230 1684 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:26:08.0246 1684 spldr - ok
20:26:08.0277 1684 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:26:08.0308 1684 Spooler - ok
20:26:08.0386 1684 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:26:08.0433 1684 sppsvc - ok
20:26:08.0449 1684 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:26:08.0480 1684 sppuinotify - ok
20:26:08.0495 1684 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:26:08.0511 1684 srv - ok
20:26:08.0527 1684 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:26:08.0527 1684 srv2 - ok
20:26:08.0542 1684 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:26:08.0558 1684 srvnet - ok
20:26:08.0573 1684 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:26:08.0620 1684 SSDPSRV - ok
20:26:08.0636 1684 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:26:08.0651 1684 SstpSvc - ok
20:26:08.0683 1684 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
20:26:08.0683 1684 stdcfltn - ok
20:26:08.0745 1684 [ B69E79470474A8BEF06BE2130D0210A8 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:26:08.0776 1684 Stereo Service - ok
20:26:08.0792 1684 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:26:08.0807 1684 stexstor - ok
20:26:08.0839 1684 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:26:08.0885 1684 stisvc - ok
20:26:08.0885 1684 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:26:08.0901 1684 swenum - ok
20:26:08.0917 1684 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:26:08.0979 1684 swprv - ok
20:26:09.0010 1684 [ C4CE3CE7E1858B25ADB16938258CD1C9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:26:09.0010 1684 SynTP - ok
20:26:09.0041 1684 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:26:09.0088 1684 SysMain - ok
20:26:09.0104 1684 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:26:09.0119 1684 TabletInputService - ok
20:26:09.0135 1684 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:26:09.0166 1684 TapiSrv - ok
20:26:09.0182 1684 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:26:09.0213 1684 TBS - ok
20:26:09.0260 1684 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:26:09.0291 1684 Tcpip - ok
20:26:09.0353 1684 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:26:09.0385 1684 TCPIP6 - ok
20:26:09.0416 1684 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:26:09.0416 1684 tcpipreg - ok
20:26:09.0431 1684 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:26:09.0447 1684 TDPIPE - ok
20:26:09.0463 1684 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:26:09.0478 1684 TDTCP - ok
20:26:09.0478 1684 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:26:09.0509 1684 tdx - ok
20:26:09.0525 1684 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:26:09.0525 1684 TermDD - ok
20:26:09.0556 1684 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:26:09.0587 1684 TermService - ok
20:26:09.0603 1684 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:26:09.0619 1684 Themes - ok
20:26:09.0634 1684 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:26:09.0665 1684 THREADORDER - ok
20:26:09.0681 1684 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:26:09.0697 1684 TrkWks - ok
20:26:09.0728 1684 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:26:09.0759 1684 TrustedInstaller - ok
20:26:09.0759 1684 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:26:09.0790 1684 tssecsrv - ok
20:26:09.0806 1684 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:26:09.0821 1684 TsUsbFlt - ok
20:26:09.0837 1684 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:26:09.0853 1684 TsUsbGD - ok
20:26:09.0884 1684 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:26:09.0899 1684 tunnel - ok
20:26:09.0915 1684 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:26:09.0931 1684 TurboB - ok
20:26:09.0977 1684 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:26:09.0993 1684 TurboBoost - ok
20:26:10.0009 1684 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:26:10.0024 1684 uagp35 - ok
20:26:10.0071 1684 [ D9818DB1A56E787B58B5EAFE44E1A497 ] uagqecsvc C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
20:26:10.0102 1684 uagqecsvc - ok
20:26:10.0118 1684 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:26:10.0149 1684 udfs - ok
20:26:10.0165 1684 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:26:10.0180 1684 UI0Detect - ok
20:26:10.0211 1684 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:26:10.0211 1684 uliagpkx - ok
20:26:10.0227 1684 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:26:10.0227 1684 umbus - ok
20:26:10.0243 1684 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:26:10.0258 1684 UmPass - ok
20:26:10.0336 1684 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:26:10.0383 1684 UNS - ok
20:26:10.0399 1684 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:26:10.0430 1684 upnphost - ok
20:26:10.0461 1684 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:26:10.0461 1684 USBAAPL64 - ok
20:26:10.0492 1684 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:26:10.0508 1684 usbccgp - ok
20:26:10.0539 1684 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:26:10.0586 1684 usbcir - ok
20:26:10.0586 1684 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:26:10.0601 1684 usbehci - ok
20:26:10.0617 1684 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:26:10.0633 1684 usbhub - ok
20:26:10.0648 1684 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:26:10.0648 1684 usbohci - ok
20:26:10.0664 1684 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:26:10.0679 1684 usbprint - ok
20:26:10.0695 1684 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:26:10.0695 1684 USBSTOR - ok
20:26:10.0726 1684 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:26:10.0726 1684 usbuhci - ok
20:26:10.0742 1684 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:26:10.0757 1684 usbvideo - ok
20:26:10.0773 1684 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:26:10.0804 1684 UxSms - ok
20:26:10.0804 1684 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:26:10.0820 1684 VaultSvc - ok
20:26:10.0867 1684 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:26:10.0898 1684 vdrvroot - ok
20:26:10.0913 1684 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:26:10.0945 1684 vds - ok
20:26:10.0960 1684 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:26:10.0960 1684 vga - ok
20:26:10.0976 1684 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:26:11.0007 1684 VgaSave - ok
20:26:11.0023 1684 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:26:11.0023 1684 vhdmp - ok
20:26:11.0038 1684 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:26:11.0054 1684 viaide - ok
20:26:11.0069 1684 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:26:11.0085 1684 volmgr - ok
20:26:11.0101 1684 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:26:11.0116 1684 volmgrx - ok
20:26:11.0132 1684 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:26:11.0132 1684 volsnap - ok
20:26:11.0147 1684 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:26:11.0163 1684 vsmraid - ok
20:26:11.0210 1684 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:26:11.0241 1684 VSS - ok
20:26:11.0257 1684 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:26:11.0272 1684 vwifibus - ok
20:26:11.0288 1684 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:26:11.0303 1684 vwififlt - ok
20:26:11.0319 1684 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:26:11.0366 1684 vwifimp - ok
20:26:11.0381 1684 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:26:11.0428 1684 W32Time - ok
20:26:11.0444 1684 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:26:11.0459 1684 WacomPen - ok
20:26:11.0475 1684 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:26:11.0506 1684 WANARP - ok
20:26:11.0522 1684 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:26:11.0537 1684 Wanarpv6 - ok
20:26:11.0584 1684 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:26:11.0615 1684 WatAdminSvc - ok
20:26:11.0662 1684 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:26:11.0678 1684 wbengine - ok
20:26:11.0693 1684 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:26:11.0709 1684 WbioSrvc - ok
20:26:11.0725 1684 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:26:11.0740 1684 wcncsvc - ok
20:26:11.0756 1684 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:26:11.0756 1684 WcsPlugInService - ok
20:26:11.0771 1684 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:26:11.0787 1684 Wd - ok
20:26:11.0818 1684 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:26:11.0849 1684 WDC_SAM - ok
20:26:11.0865 1684 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:26:11.0881 1684 Wdf01000 - ok
20:26:11.0896 1684 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:26:11.0912 1684 WdiServiceHost - ok
20:26:11.0912 1684 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:26:11.0927 1684 WdiSystemHost - ok
20:26:11.0959 1684 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:26:11.0974 1684 WebClient - ok
20:26:11.0974 1684 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:26:12.0005 1684 Wecsvc - ok
20:26:12.0021 1684 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:26:12.0037 1684 wercplsupport - ok
20:26:12.0068 1684 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:26:12.0083 1684 WerSvc - ok
20:26:12.0099 1684 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:26:12.0130 1684 WfpLwf - ok
20:26:12.0146 1684 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:26:12.0161 1684 WimFltr - ok
20:26:12.0177 1684 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:26:12.0193 1684 WIMMount - ok
20:26:12.0208 1684 WinDefend - ok
20:26:12.0224 1684 WinHttpAutoProxySvc - ok
20:26:12.0271 1684 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:26:12.0317 1684 Winmgmt - ok
20:26:12.0349 1684 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:26:12.0395 1684 WinRM - ok
20:26:12.0427 1684 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:26:12.0458 1684 WinUsb - ok
20:26:12.0489 1684 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:26:12.0505 1684 Wlansvc - ok
20:26:12.0536 1684 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:26:12.0551 1684 wlcrasvc - ok
20:26:12.0645 1684 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:26:12.0676 1684 wlidsvc - ok
20:26:12.0692 1684 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:26:12.0707 1684 WmiAcpi - ok
20:26:12.0723 1684 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:26:12.0723 1684 wmiApSrv - ok
20:26:12.0754 1684 WMPNetworkSvc - ok
20:26:12.0785 1684 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:26:12.0817 1684 WPCSvc - ok
20:26:12.0817 1684 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:26:12.0832 1684 WPDBusEnum - ok
20:26:12.0848 1684 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:26:12.0879 1684 ws2ifsl - ok
20:26:12.0879 1684 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:26:12.0895 1684 wscsvc - ok
20:26:12.0895 1684 WSearch - ok
20:26:12.0957 1684 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:26:13.0004 1684 wuauserv - ok
20:26:13.0019 1684 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:26:13.0035 1684 WudfPf - ok
20:26:13.0051 1684 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:26:13.0082 1684 WUDFRd - ok
20:26:13.0097 1684 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:26:13.0113 1684 wudfsvc - ok
20:26:13.0144 1684 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:26:13.0160 1684 WwanSvc - ok
20:26:13.0191 1684 ================ Scan global ===============================
20:26:13.0207 1684 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:26:13.0238 1684 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:26:13.0253 1684 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:26:13.0269 1684 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:26:13.0300 1684 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:26:13.0316 1684 [Global] - ok
20:26:13.0316 1684 ================ Scan MBR ==================================
20:26:13.0316 1684 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:26:13.0659 1684 \Device\Harddisk0\DR0 - ok
20:26:13.0659 1684 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:26:13.0737 1684 \Device\Harddisk1\DR1 - ok
20:26:13.0737 1684 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
20:26:13.0846 1684 \Device\Harddisk2\DR2 - ok
20:26:13.0846 1684 ================ Scan VBR ==================================
20:26:13.0862 1684 [ A460FCF8E65A902623050BD1FAD7E86C ] \Device\Harddisk0\DR0\Partition1
20:26:13.0862 1684 \Device\Harddisk0\DR0\Partition1 - ok
20:26:13.0893 1684 [ 64EA87642C03A1FDC9D6C582F2D2B69E ] \Device\Harddisk0\DR0\Partition2
20:26:13.0893 1684 \Device\Harddisk0\DR0\Partition2 - ok
20:26:13.0909 1684 [ 9F5B24D0EB4B1338B9E5869841640E97 ] \Device\Harddisk1\DR1\Partition1
20:26:13.0909 1684 \Device\Harddisk1\DR1\Partition1 - ok
20:26:13.0909 1684 [ 5731E387655DB63FC0EBCEF3057E3B7D ] \Device\Harddisk2\DR2\Partition1
20:26:13.0909 1684 \Device\Harddisk2\DR2\Partition1 - ok
20:26:13.0924 1684 [ 14B93FBAF76656AAD17E5B3AF4712F7D ] \Device\Harddisk2\DR2\Partition2
20:26:13.0924 1684 \Device\Harddisk2\DR2\Partition2 - ok
20:26:13.0924 1684 ================ Scan active images ========================
20:26:13.0924 1684 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
20:26:13.0924 1684 C:\Windows\System32\drivers\crashdmp.sys - ok
20:26:13.0940 1684 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
20:26:13.0940 1684 C:\Windows\System32\drivers\dumpfve.sys - ok
20:26:13.0940 1684 [ D469B77687E12FE43E344806740B624D ] C:\Windows\System32\drivers\iaStor.sys
20:26:13.0940 1684 C:\Windows\System32\drivers\iaStor.sys - ok
20:26:13.0955 1684 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\cdrom.sys - ok
20:26:13.0955 1684 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\null.sys - ok
20:26:13.0955 1684 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\beep.sys - ok
20:26:13.0955 1684 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:26:13.0955 1684 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\vga.sys - ok
20:26:13.0955 1684 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\videoprt.sys - ok
20:26:13.0955 1684 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
20:26:13.0955 1684 C:\Windows\System32\drivers\watchdog.sys - ok
20:26:13.0971 1684 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:26:13.0971 1684 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:26:13.0971 1684 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\msfs.sys - ok
20:26:13.0971 1684 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\npfs.sys - ok
20:26:13.0971 1684 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\tdi.sys - ok
20:26:13.0971 1684 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\tdx.sys - ok
20:26:13.0971 1684 [ 71309F30D4F4565EC611FE3FC33A3A0F ] C:\Windows\System32\drivers\avgtdia.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\avgtdia.sys - ok
20:26:13.0971 1684 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
20:26:13.0971 1684 C:\Windows\System32\drivers\netbt.sys - ok
20:26:13.0987 1684 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\afd.sys - ok
20:26:13.0987 1684 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\netbios.sys - ok
20:26:13.0987 1684 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\pacer.sys - ok
20:26:13.0987 1684 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\vwififlt.sys - ok
20:26:13.0987 1684 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\wanarp.sys - ok
20:26:13.0987 1684 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\wfplwf.sys - ok
20:26:13.0987 1684 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
20:26:13.0987 1684 C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:26:14.0002 1684 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\mssmbios.sys - ok
20:26:14.0002 1684 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:26:14.0002 1684 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\rdbss.sys - ok
20:26:14.0002 1684 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\termdd.sys - ok
20:26:14.0002 1684 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\discache.sys - ok
20:26:14.0002 1684 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\blbdrive.sys - ok
20:26:14.0002 1684 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
20:26:14.0002 1684 C:\Windows\System32\drivers\dfsc.sys - ok
20:26:14.0018 1684 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] C:\Windows\System32\drivers\avgldx64.sys
20:26:14.0018 1684 C:\Windows\System32\drivers\avgldx64.sys - ok
20:26:14.0018 1684 [ AC6CB348F67B6B1B75C0EFB8927A8B03 ] C:\Windows\System32\drivers\avgidsdrivera.sys
20:26:14.0018 1684 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
20:26:14.0018 1684 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
20:26:14.0018 1684 C:\Windows\System32\drivers\tunnel.sys - ok
20:26:14.0018 1684 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
20:26:14.0018 1684 C:\Windows\System32\drivers\wmiacpi.sys - ok
20:26:14.0018 1684 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
20:26:14.0018 1684 C:\Windows\System32\ntdll.dll - ok
20:26:14.0018 1684 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
20:26:14.0018 1684 C:\Windows\System32\smss.exe - ok
20:26:14.0018 1684 [ 386FB2E1EF51495629089231957B7D9A ] C:\Windows\System32\drivers\nvlddmkm.sys
20:26:14.0018 1684 C:\Windows\System32\drivers\nvlddmkm.sys - ok
20:26:14.0033 1684 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:26:14.0033 1684 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:26:14.0033 1684 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:26:14.0033 1684 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\HECIx64.sys - ok
20:26:14.0033 1684 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\usbehci.sys - ok
20:26:14.0033 1684 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\usbport.sys - ok
20:26:14.0033 1684 [ 774C9ECCEF83AB8A3D1466F19809C95F ] C:\Windows\System32\drivers\NETwNs64.sys
20:26:14.0033 1684 C:\Windows\System32\drivers\NETwNs64.sys - ok
20:26:14.0049 1684 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\vwifibus.sys - ok
20:26:14.0049 1684 [ 345B9C04E2036DA4346E3249A5BDFD06 ] C:\Windows\System32\drivers\nusb3xhc.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\nusb3xhc.sys - ok
20:26:14.0049 1684 [ 9140DB0911DE035FED0A9A77A2D156EA ] C:\Windows\System32\drivers\Rt64win7.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\Rt64win7.sys - ok
20:26:14.0049 1684 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\usbd.sys - ok
20:26:14.0049 1684 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\i8042prt.sys - ok
20:26:14.0049 1684 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\kbdclass.sys - ok
20:26:14.0049 1684 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
20:26:14.0049 1684 C:\Windows\System32\drivers\mouclass.sys - ok
20:26:14.0065 1684 [ C4CE3CE7E1858B25ADB16938258CD1C9 ] C:\Windows\System32\drivers\SynTP.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\SynTP.sys - ok
20:26:14.0065 1684 [ E0065CBF1A25C015C218457D2CD522B9 ] C:\Windows\System32\drivers\Accelern.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\Accelern.sys - ok
20:26:14.0065 1684 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\CmBatt.sys - ok
20:26:14.0065 1684 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:26:14.0065 1684 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] C:\Windows\System32\drivers\AmpPal.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\AmpPal.sys - ok
20:26:14.0065 1684 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\intelppm.sys - ok
20:26:14.0065 1684 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
20:26:14.0065 1684 C:\Windows\System32\drivers\agilevpn.sys - ok
20:26:14.0080 1684 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:26:14.0080 1684 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\ndistapi.sys - ok
20:26:14.0080 1684 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\ndiswan.sys - ok
20:26:14.0080 1684 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:26:14.0080 1684 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\raspppoe.sys - ok
20:26:14.0080 1684 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] C:\Windows\System32\drivers\mcdbus.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\mcdbus.sys - ok
20:26:14.0080 1684 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\raspptp.sys - ok
20:26:14.0080 1684 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
20:26:14.0080 1684 C:\Windows\System32\drivers\rassstp.sys - ok
20:26:14.0096 1684 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\scsiport.sys - ok
20:26:14.0096 1684 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\ks.sys - ok
20:26:14.0096 1684 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\swenum.sys - ok
20:26:14.0096 1684 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\umbus.sys - ok
20:26:14.0096 1684 [ 8B892002D7B79312821169A14317AB86 ] C:\Windows\System32\drivers\usbhub.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\usbhub.sys - ok
20:26:14.0096 1684 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\ndproxy.sys - ok
20:26:14.0096 1684 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
20:26:14.0096 1684 C:\Windows\System32\drivers\drmk.sys - ok
20:26:14.0111 1684 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
20:26:14.0111 1684 C:\Windows\System32\drivers\ksthunk.sys - ok
20:26:14.0111 1684 [ 10204955027011E08A9DC27737A48A54 ] C:\Windows\System32\drivers\nvhda64v.sys
20:26:14.0111 1684 C:\Windows\System32\drivers\nvhda64v.sys - ok
20:26:14.0111 1684 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
20:26:14.0111 1684 C:\Windows\System32\drivers\portcls.sys - ok
20:26:14.0111 1684 [ D584ABB6A308933A5F72B46C9E5A783F ] C:\Windows\System32\drivers\nusb3hub.sys
20:26:14.0111 1684 C:\Windows\System32\drivers\nusb3hub.sys - ok
20:26:14.0111 1684 [ A5F7CEF8A939EBE270462EDEFD629F20 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:26:14.0111 1684 C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:26:14.0111 1684 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
20:26:14.0111 1684 C:\Windows\System32\autochk.exe - ok
20:26:14.0111 1684 [ 609A10F7A24068878C352F17972DA271 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
20:26:14.0111 1684 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok
20:26:14.0127 1684 [ 3D084E8CE612C0CD86CDE2A34B65178A ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
20:26:14.0127 1684 C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
20:26:14.0127 1684 [ B988968C8E5A6832CDDF05A74601CF7C ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
20:26:14.0127 1684 C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
20:26:14.0127 1684 [ 323336FB1DA273A0715844BC695951A0 ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
20:26:14.0127 1684 C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
20:26:14.0127 1684 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
20:26:14.0127 1684 C:\Windows\System32\drivers\USBSTOR.SYS - ok
20:26:14.0127 1684 [ A3D04EBF5227886029B4532F20D026F7 ] C:\Windows\System32\drivers\wdcsam64.sys
20:26:14.0127 1684 C:\Windows\System32\drivers\wdcsam64.sys - ok
20:26:14.0127 1684 [ 4DC87CDA61D7B185E79618581F46B85A ] C:\Windows\System32\drivers\nvstusb.sys
20:26:14.0127 1684 C:\Windows\System32\drivers\nvstusb.sys - ok
20:26:14.0127 1684 [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\Windows\System32\drivers\usbccgp.sys
20:26:14.0127 1684 C:\Windows\System32\drivers\usbccgp.sys - ok
20:26:14.0143 1684 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
20:26:14.0143 1684 C:\Windows\System32\drivers\usbvideo.sys - ok
20:26:14.0143 1684 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] C:\Windows\System32\drivers\CtClsFlt.sys
20:26:14.0143 1684 C:\Windows\System32\drivers\CtClsFlt.sys - ok
20:26:14.0143 1684 [ 0928BD20273625622722FE1DE5BBDE57 ] C:\Windows\System32\drivers\qicflt.sys
20:26:14.0143 1684 C:\Windows\System32\drivers\qicflt.sys - ok
20:26:14.0143 1684 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
20:26:14.0143 1684 C:\Windows\System32\drivers\hidparse.sys - ok
20:26:14.0143 1684 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
20:26:14.0143 1684 C:\Windows\System32\drivers\hidclass.sys - ok
20:26:14.0143 1684 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
20:26:14.0143 1684 C:\Windows\System32\drivers\hidusb.sys - ok
20:26:14.0158 1684 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
20:26:14.0158 1684 C:\Windows\System32\drivers\mouhid.sys - ok
20:26:14.0158 1684 [ 34A8FAE065249F85A67A3215FF5ECB34 ] C:\Windows\System32\drivers\point64.sys
20:26:14.0158 1684 C:\Windows\System32\drivers\point64.sys - ok
20:26:14.0158 1684 [ 5BA4C6F82A5CA3307C0579D9F7B36E28 ] C:\Windows\System32\drivers\btmhsf.sys
20:26:14.0158 1684 C:\Windows\System32\drivers\btmhsf.sys - ok
20:26:14.0158 1684 [ 806422F30DF9CE8307457485779C77B7 ] C:\Windows\System32\drivers\iBtFltCoex.sys
20:26:14.0158 1684 C:\Windows\System32\drivers\iBtFltCoex.sys - ok
20:26:14.0158 1684 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
20:26:14.0158 1684 C:\Windows\System32\drivers\bthport.sys - ok
20:26:14.0158 1684 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
20:26:14.0158 1684 C:\Windows\System32\drivers\BTHUSB.SYS - ok
20:26:14.0158 1684 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
20:26:14.0158 1684 C:\Windows\System32\drivers\bthenum.sys - ok
20:26:14.0174 1684 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
20:26:14.0174 1684 C:\Windows\System32\drivers\rfcomm.sys - ok
20:26:14.0174 1684 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
20:26:14.0174 1684 C:\Windows\System32\drivers\bthpan.sys - ok
20:26:14.0174 1684 [ AB0A33001FE7EBB209D9D52CED11BE1A ] C:\Windows\System32\drivers\btmaux.sys
20:26:14.0174 1684 C:\Windows\System32\drivers\btmaux.sys - ok
20:26:14.0174 1684 [ ACD54034607EEE42DDBCB0D01E5CB0D1 ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll
20:26:14.0174 1684 C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok
20:26:14.0174 1684 [ 55DED6BDA026AEBEAB1FDA6E32D9F5B5 ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll
20:26:14.0174 1684 C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok
20:26:14.0174 1684 [ 4B969AA85CDE4FB9FBCA5F99A66C507B ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll
20:26:14.0174 1684 C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok
20:26:14.0174 1684 [ 2B6E0DA1EC603AD25325BA8AFBA30114 ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
20:26:14.0174 1684 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
20:26:14.0174 1684 [ 6A8C7D19FC7AC8A0CFA6C020BEF67A0A ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
20:26:14.0174 1684 C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
20:26:14.0189 1684 [ FBAB2291C341B54A1406A889B7549E84 ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
20:26:14.0189 1684 C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
20:26:14.0189 1684 [ 84A4EE57462C8483AAE3F1DF2D82F4ED ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
20:26:14.0189 1684 C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
20:26:14.0189 1684 [ 94F3CB15584B015CD8FDB3FDBAD8DC98 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
20:26:14.0189 1684 C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
20:26:14.0189 1684 [ 9A94644E2A9890FC9A7EE961057FFBA1 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
20:26:14.0189 1684 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
20:26:14.0189 1684 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys
20:26:14.0189 1684 C:\Windows\System32\drivers\udfs.sys - ok
20:26:14.0189 1684 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
20:26:14.0189 1684 C:\Windows\System32\setupapi.dll - ok
20:26:14.0189 1684 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
20:26:14.0189 1684 C:\Windows\System32\msctf.dll - ok
20:26:14.0205 1684 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
20:26:14.0205 1684 C:\Windows\System32\shlwapi.dll - ok
20:26:14.0205 1684 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
20:26:14.0205 1684 C:\Windows\System32\usp10.dll - ok
20:26:14.0205 1684 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
20:26:14.0205 1684 C:\Windows\System32\Wldap32.dll - ok
20:26:14.0205 1684 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
20:26:14.0205 1684 C:\Windows\System32\difxapi.dll - ok
20:26:14.0205 1684 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
20:26:14.0205 1684 C:\Windows\System32\msvcrt.dll - ok
20:26:14.0205 1684 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
20:26:14.0205 1684 C:\Windows\System32\advapi32.dll - ok
20:26:14.0205 1684 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
20:26:14.0205 1684 C:\Windows\System32\imm32.dll - ok
20:26:14.0221 1684 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
20:26:14.0221 1684 C:\Windows\System32\ws2_32.dll - ok
20:26:14.0221 1684 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
20:26:14.0221 1684 C:\Windows\System32\oleaut32.dll - ok
20:26:14.0221 1684 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
20:26:14.0221 1684 C:\Windows\System32\user32.dll - ok
20:26:14.0221 1684 [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
20:26:14.0221 1684 C:\Windows\System32\wininet.dll - ok
20:26:14.0221 1684 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
20:26:14.0221 1684 C:\Windows\System32\comdlg32.dll - ok
20:26:14.0221 1684 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
20:26:14.0221 1684 C:\Windows\System32\gdi32.dll - ok
20:26:14.0221 1684 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
20:26:14.0221 1684 C:\Windows\System32\kernel32.dll - ok
20:26:14.0221 1684 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
20:26:14.0221 1684 C:\Windows\System32\lpk.dll - ok
20:26:14.0236 1684 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
20:26:14.0236 1684 C:\Windows\System32\normaliz.dll - ok
20:26:14.0236 1684 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
20:26:14.0236 1684 C:\Windows\System32\ole32.dll - ok
20:26:14.0236 1684 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
20:26:14.0236 1684 C:\Windows\System32\psapi.dll - ok
20:26:14.0236 1684 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
20:26:14.0236 1684 C:\Windows\System32\shell32.dll - ok
20:26:14.0236 1684 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
20:26:14.0236 1684 C:\Windows\System32\clbcatq.dll - ok
20:26:14.0236 1684 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
20:26:14.0236 1684 C:\Windows\System32\rpcrt4.dll - ok
20:26:14.0236 1684 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
20:26:14.0236 1684 C:\Windows\System32\sechost.dll - ok
20:26:14.0252 1684 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
20:26:14.0252 1684 C:\Windows\System32\imagehlp.dll - ok
20:26:14.0252 1684 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
20:26:14.0252 1684 C:\Windows\System32\nsi.dll - ok
20:26:14.0252 1684 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
20:26:14.0252 1684 C:\Windows\System32\iertutil.dll - ok
20:26:14.0252 1684 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
20:26:14.0252 1684 C:\Windows\System32\cfgmgr32.dll - ok
20:26:14.0252 1684 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
20:26:14.0252 1684 C:\Windows\System32\devobj.dll - ok
20:26:14.0252 1684 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
20:26:14.0252 1684 C:\Windows\System32\KernelBase.dll - ok
20:26:14.0252 1684 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
20:26:14.0252 1684 C:\Windows\System32\urlmon.dll - ok
20:26:14.0252 1684 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
20:26:14.0252 1684 C:\Windows\System32\wintrust.dll - ok
20:26:14.0267 1684 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
20:26:14.0267 1684 C:\Windows\System32\comctl32.dll - ok
20:26:14.0267 1684 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
20:26:14.0267 1684 C:\Windows\System32\crypt32.dll - ok
20:26:14.0267 1684 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
20:26:14.0267 1684 C:\Windows\System32\msasn1.dll - ok
20:26:14.0267 1684 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
20:26:14.0267 1684 C:\Windows\SysWOW64\normaliz.dll - ok
20:26:14.0267 1684 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
20:26:14.0267 1684 C:\Windows\System32\drivers\dxapi.sys - ok
20:26:14.0267 1684 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
20:26:14.0267 1684 C:\Windows\System32\win32k.sys - ok
20:26:14.0267 1684 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
20:26:14.0267 1684 C:\Windows\System32\basesrv.dll - ok
20:26:14.0283 1684 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
20:26:14.0283 1684 C:\Windows\System32\csrsrv.dll - ok
20:26:14.0283 1684 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
20:26:14.0283 1684 C:\Windows\System32\csrss.exe - ok
20:26:14.0283 1684 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
20:26:14.0283 1684 C:\Windows\System32\winsrv.dll - ok
20:26:14.0283 1684 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
20:26:14.0283 1684 C:\Windows\System32\drivers\monitor.sys - ok
20:26:14.0283 1684 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
20:26:14.0283 1684 C:\Windows\System32\tsddd.dll - ok
20:26:14.0283 1684 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
20:26:14.0283 1684 C:\Windows\System32\sxssrv.dll - ok
20:26:14.0283 1684 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
20:26:14.0283 1684 C:\Windows\System32\wininit.exe - ok
20:26:14.0283 1684 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
20:26:14.0283 1684 C:\Windows\System32\profapi.dll - ok
20:26:14.0299 1684 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
20:26:14.0299 1684 C:\Windows\System32\RpcRtRemote.dll - ok
20:26:14.0299 1684 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
20:26:14.0299 1684 C:\Windows\System32\KBDUS.DLL - ok
20:26:14.0299 1684 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
20:26:14.0299 1684 C:\Windows\System32\cryptbase.dll - ok
20:26:14.0299 1684 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
20:26:14.0299 1684 C:\Windows\System32\sxs.dll - ok
20:26:14.0299 1684 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
20:26:14.0299 1684 C:\Windows\System32\WlS0WndH.dll - ok
20:26:14.0299 1684 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
20:26:14.0299 1684 C:\Windows\System32\apphelp.dll - ok
20:26:14.0299 1684 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
20:26:14.0299 1684 C:\Windows\System32\services.exe - ok
20:26:14.0314 1684 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
20:26:14.0314 1684 C:\Windows\System32\lsasrv.dll - ok
20:26:14.0314 1684 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
20:26:14.0314 1684 C:\Windows\System32\lsass.exe - ok
20:26:14.0314 1684 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
20:26:14.0314 1684 C:\Windows\System32\lsm.exe - ok
20:26:14.0314 1684 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
20:26:14.0314 1684 C:\Windows\System32\scesrv.dll - ok
20:26:14.0314 1684 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
20:26:14.0314 1684 C:\Windows\System32\scext.dll - ok
20:26:14.0314 1684 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
20:26:14.0314 1684 C:\Windows\System32\secur32.dll - ok
20:26:14.0314 1684 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
20:26:14.0314 1684 C:\Windows\System32\srvcli.dll - ok
20:26:14.0314 1684 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
20:26:14.0314 1684 C:\Windows\System32\sspicli.dll - ok
20:26:14.0330 1684 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
20:26:14.0330 1684 C:\Windows\System32\sspisrv.dll - ok
20:26:14.0330 1684 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
20:26:14.0330 1684 C:\Windows\System32\sysntfy.dll - ok
20:26:14.0330 1684 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
20:26:14.0330 1684 C:\Windows\System32\wmsgapi.dll - ok
20:26:14.0330 1684 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
20:26:14.0330 1684 C:\Windows\System32\cryptdll.dll - ok
20:26:14.0330 1684 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
20:26:14.0330 1684 C:\Windows\System32\samsrv.dll - ok
20:26:14.0330 1684 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
20:26:14.0330 1684 C:\Windows\System32\wevtapi.dll - ok
20:26:14.0330 1684 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
20:26:14.0330 1684 C:\Windows\System32\authz.dll - ok
20:26:14.0345 1684 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
20:26:14.0345 1684 C:\Windows\System32\bcrypt.dll - ok
20:26:14.0345 1684 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
20:26:14.0345 1684 C:\Windows\System32\cngaudit.dll - ok
20:26:14.0345 1684 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
20:26:14.0345 1684 C:\Windows\System32\ncrypt.dll - ok
20:26:14.0345 1684 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
20:26:14.0345 1684 C:\Windows\System32\msprivs.dll - ok
20:26:14.0345 1684 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
20:26:14.0345 1684 C:\Windows\System32\negoexts.dll - ok
20:26:14.0345 1684 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
20:26:14.0345 1684 C:\Windows\System32\netjoin.dll - ok
20:26:14.0345 1684 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
20:26:14.0345 1684 C:\Windows\System32\cryptsp.dll - ok
20:26:14.0345 1684 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
20:26:14.0345 1684 C:\Windows\System32\kerberos.dll - ok
20:26:14.0361 1684 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
20:26:14.0361 1684 C:\Windows\System32\msv1_0.dll - ok
20:26:14.0361 1684 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
20:26:14.0361 1684 C:\Windows\System32\mswsock.dll - ok
20:26:14.0361 1684 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
20:26:14.0361 1684 C:\Windows\System32\wship6.dll - ok
20:26:14.0361 1684 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
20:26:14.0361 1684 C:\Windows\System32\dnsapi.dll - ok
20:26:14.0361 1684 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
20:26:14.0361 1684 C:\Windows\System32\logoncli.dll - ok
20:26:14.0361 1684 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
20:26:14.0361 1684 C:\Windows\System32\netlogon.dll - ok
20:26:14.0361 1684 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
20:26:14.0361 1684 C:\Windows\System32\schannel.dll - ok
20:26:14.0377 1684 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
20:26:14.0377 1684 C:\Windows\System32\wdigest.dll - ok
20:26:14.0377 1684 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
20:26:14.0377 1684 C:\Windows\System32\atmfd.dll - ok
20:26:14.0377 1684 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
20:26:14.0377 1684 C:\Windows\System32\pku2u.dll - ok
20:26:14.0377 1684 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
20:26:14.0377 1684 C:\Windows\System32\rsaenh.dll - ok
20:26:14.0377 1684 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
20:26:14.0377 1684 C:\Windows\System32\TSpkg.dll - ok
20:26:14.0377 1684 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
20:26:14.0377 1684 C:\Windows\System32\LIVESSP.DLL - ok
20:26:14.0377 1684 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
20:26:14.0377 1684 C:\Windows\System32\bcryptprimitives.dll - ok
20:26:14.0377 1684 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
20:26:14.0377 1684 C:\Windows\System32\credssp.dll - ok
20:26:14.0392 1684 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
20:26:14.0392 1684 C:\Windows\System32\efslsaext.dll - ok
20:26:14.0392 1684 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
20:26:14.0392 1684 C:\Windows\System32\scecli.dll - ok
20:26:14.0392 1684 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
20:26:14.0392 1684 C:\Windows\System32\ubpm.dll - ok
20:26:14.0392 1684 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
20:26:14.0392 1684 C:\Windows\System32\svchost.exe - ok
20:26:14.0392 1684 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
20:26:14.0392 1684 C:\Windows\System32\umpnpmgr.dll - ok
20:26:14.0392 1684 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
20:26:14.0392 1684 C:\Windows\System32\winsta.dll - ok
20:26:14.0392 1684 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
20:26:14.0392 1684 C:\Windows\System32\devrtl.dll - ok
20:26:14.0408 1684 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
20:26:14.0408 1684 C:\Windows\System32\gpapi.dll - ok
20:26:14.0408 1684 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
20:26:14.0408 1684 C:\Windows\System32\pcwum.dll - ok
20:26:14.0408 1684 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
20:26:14.0408 1684 C:\Windows\System32\SPInf.dll - ok
20:26:14.0408 1684 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
20:26:14.0408 1684 C:\Windows\System32\umpo.dll - ok
20:26:14.0408 1684 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
20:26:14.0408 1684 C:\Windows\System32\userenv.dll - ok
20:26:14.0408 1684 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
20:26:14.0408 1684 C:\Windows\System32\powrprof.dll - ok
20:26:14.0408 1684 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
20:26:14.0408 1684 C:\Windows\System32\drivers\luafv.sys - ok
20:26:14.0408 1684 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
20:26:14.0408 1684 C:\Windows\System32\cdd.dll - ok
20:26:14.0423 1684 [ 3947AD5D03E6ABCCE037801162FDB90D ] C:\Windows\System32\nvvsvc.exe
20:26:14.0423 1684 C:\Windows\System32\nvvsvc.exe - ok
20:26:14.0423 1684 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
20:26:14.0423 1684 C:\Windows\System32\dwmapi.dll - ok
20:26:14.0423 1684 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
20:26:14.0423 1684 C:\Windows\System32\pdh.dll - ok
20:26:14.0423 1684 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
20:26:14.0423 1684 C:\Windows\System32\wtsapi32.dll - ok
20:26:14.0423 1684 [ B69E79470474A8BEF06BE2130D0210A8 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:26:14.0423 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
20:26:14.0423 1684 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
20:26:14.0423 1684 C:\Windows\System32\wow64.dll - ok
20:26:14.0423 1684 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
20:26:14.0423 1684 C:\Windows\System32\wow64cpu.dll - ok
20:26:14.0423 1684 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
20:26:14.0423 1684 C:\Windows\System32\wow64win.dll - ok
20:26:14.0439 1684 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\kernel32.dll - ok
20:26:14.0439 1684 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\ntdll.dll - ok
20:26:14.0439 1684 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:26:14.0439 1684 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\KernelBase.dll - ok
20:26:14.0439 1684 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\msvcrt.dll - ok
20:26:14.0439 1684 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:26:14.0439 1684 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
20:26:14.0439 1684 C:\Windows\SysWOW64\setupapi.dll - ok
20:26:14.0455 1684 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\version.dll - ok
20:26:14.0455 1684 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\advapi32.dll - ok
20:26:14.0455 1684 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\cryptbase.dll - ok
20:26:14.0455 1684 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\gdi32.dll - ok
20:26:14.0455 1684 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\lpk.dll - ok
20:26:14.0455 1684 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\oleaut32.dll - ok
20:26:14.0455 1684 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\sechost.dll - ok
20:26:14.0455 1684 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
20:26:14.0455 1684 C:\Windows\SysWOW64\sspicli.dll - ok
20:26:14.0470 1684 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
20:26:14.0470 1684 C:\Windows\SysWOW64\user32.dll - ok
20:26:14.0470 1684 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
20:26:14.0470 1684 C:\Windows\SysWOW64\usp10.dll - ok
20:26:14.0470 1684 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
20:26:14.0470 1684 C:\Windows\SysWOW64\devobj.dll - ok
20:26:14.0470 1684 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
20:26:14.0470 1684 C:\Windows\SysWOW64\ole32.dll - ok
20:26:14.0470 1684 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
20:26:14.0470 1684 C:\Windows\SysWOW64\winspool.drv - ok
20:26:14.0470 1684 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
20:26:14.0470 1684 C:\Windows\SysWOW64\imm32.dll - ok
20:26:14.0470 1684 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
20:26:14.0470 1684 C:\Windows\SysWOW64\msctf.dll - ok
20:26:14.0486 1684 [ 4599B99A18975FBC7433B2F38A4D3623 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
20:26:14.0486 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
20:26:14.0486 1684 [ D5B62A7941FEE5C8A84C105A26352B90 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
20:26:14.0486 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
20:26:14.0486 1684 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
20:26:14.0486 1684 C:\Windows\System32\RpcEpMap.dll - ok
20:26:14.0486 1684 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
20:26:14.0486 1684 C:\Windows\System32\rpcss.dll - ok
20:26:14.0486 1684 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
20:26:14.0486 1684 C:\Windows\SysWOW64\crypt32.dll - ok
20:26:14.0486 1684 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
20:26:14.0486 1684 C:\Windows\SysWOW64\msasn1.dll - ok
20:26:14.0486 1684 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
20:26:14.0486 1684 C:\Windows\SysWOW64\ntmarta.dll - ok
20:26:14.0501 1684 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
20:26:14.0501 1684 C:\Windows\SysWOW64\wintrust.dll - ok
20:26:14.0501 1684 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
20:26:14.0501 1684 C:\Windows\SysWOW64\Wldap32.dll - ok
20:26:14.0501 1684 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
20:26:14.0501 1684 C:\Windows\System32\wshqos.dll - ok
20:26:14.0501 1684 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
20:26:14.0501 1684 C:\Windows\System32\WSHTCPIP.DLL - ok
20:26:14.0501 1684 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
20:26:14.0501 1684 C:\Windows\SysWOW64\devrtl.dll - ok
20:26:14.0501 1684 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
20:26:14.0501 1684 C:\Windows\SysWOW64\SPInf.dll - ok
20:26:14.0501 1684 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
20:26:14.0501 1684 C:\Windows\System32\FirewallAPI.dll - ok
20:26:14.0501 1684 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
20:26:14.0501 1684 C:\Windows\System32\version.dll - ok
20:26:14.0517 1684 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
20:26:14.0517 1684 C:\Windows\System32\wevtsvc.dll - ok
20:26:14.0517 1684 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
20:26:14.0517 1684 C:\Windows\System32\audiosrv.dll - ok
20:26:14.0517 1684 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
20:26:14.0517 1684 C:\Windows\System32\ntmarta.dll - ok
20:26:14.0517 1684 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
20:26:14.0517 1684 C:\Windows\System32\profsvc.dll - ok
20:26:14.0517 1684 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
20:26:14.0517 1684 C:\Windows\System32\adtschema.dll - ok
20:26:14.0517 1684 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
20:26:14.0517 1684 C:\Windows\System32\avrt.dll - ok
20:26:14.0517 1684 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
20:26:14.0517 1684 C:\Windows\System32\FntCache.dll - ok
20:26:14.0533 1684 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
20:26:14.0533 1684 C:\Windows\System32\MMDevAPI.dll - ok
20:26:14.0533 1684 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
20:26:14.0533 1684 C:\Windows\System32\propsys.dll - ok
20:26:14.0533 1684 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
20:26:14.0533 1684 C:\Windows\System32\wlansvc.dll - ok
20:26:14.0533 1684 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:26:14.0533 1684 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:26:14.0533 1684 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
20:26:14.0533 1684 C:\Windows\System32\mmcss.dll - ok
20:26:14.0533 1684 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
20:26:14.0533 1684 C:\Windows\System32\netprofm.dll - ok
20:26:14.0533 1684 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
20:26:14.0533 1684 C:\Windows\System32\MPSSVC.dll - ok
20:26:14.0548 1684 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
20:26:14.0548 1684 C:\Windows\System32\QAGENTRT.DLL - ok
20:26:14.0548 1684 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
20:26:14.0548 1684 C:\Windows\System32\WUDFPlatform.dll - ok
20:26:14.0548 1684 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
20:26:14.0548 1684 C:\Windows\System32\drivers\fltMgr.sys - ok
20:26:14.0548 1684 [ FF819F4345099B8FA6F6B3C5D0BF1F68 ] C:\Windows\System32\mssha.dll
20:26:14.0548 1684 C:\Windows\System32\mssha.dll - ok
20:26:14.0548 1684 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
20:26:14.0548 1684 C:\Windows\System32\PSHED.DLL - ok
20:26:14.0548 1684 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:26:14.0548 1684 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:26:14.0548 1684 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
20:26:14.0548 1684 C:\Windows\System32\provsvc.dll - ok
20:26:14.0564 1684 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
20:26:14.0564 1684 C:\Windows\System32\audiodg.exe - ok
20:26:14.0564 1684 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
20:26:14.0564 1684 C:\Windows\System32\atl.dll - ok
20:26:14.0564 1684 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
20:26:14.0564 1684 C:\Windows\System32\dsrole.dll - ok
20:26:14.0564 1684 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
20:26:14.0564 1684 C:\Windows\System32\es.dll - ok
20:26:14.0564 1684 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
20:26:14.0564 1684 C:\Windows\System32\gpsvc.dll - ok
20:26:14.0564 1684 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
20:26:14.0564 1684 C:\Windows\System32\nlaapi.dll - ok
20:26:14.0564 1684 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
20:26:14.0564 1684 C:\Windows\System32\themeservice.dll - ok
20:26:14.0564 1684 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
20:26:14.0564 1684 C:\Windows\System32\comres.dll - ok
20:26:14.0579 1684 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
20:26:14.0579 1684 C:\Windows\System32\Sens.dll - ok
20:26:14.0579 1684 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
20:26:14.0579 1684 C:\Windows\System32\slc.dll - ok
20:26:14.0579 1684 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
20:26:14.0579 1684 C:\Windows\System32\uxsms.dll - ok
20:26:14.0579 1684 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
20:26:14.0579 1684 C:\Windows\System32\drivers\lltdio.sys - ok
20:26:14.0579 1684 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
20:26:14.0579 1684 C:\Windows\System32\drivers\nwifi.sys - ok
20:26:14.0579 1684 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
20:26:14.0579 1684 C:\Windows\System32\drivers\ndisuio.sys - ok
20:26:14.0579 1684 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
20:26:14.0579 1684 C:\Windows\System32\drivers\rspndr.sys - ok
20:26:14.0595 1684 [ FD24F98D2898BE093FE926604BE7DB99 ] C:\Windows\System32\drivers\TurboB.sys
20:26:14.0595 1684 C:\Windows\System32\drivers\TurboB.sys - ok
20:26:14.0595 1684 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
20:26:14.0595 1684 C:\Windows\System32\IPHLPAPI.DLL - ok
20:26:14.0595 1684 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
20:26:14.0595 1684 C:\Windows\System32\lmhsvc.dll - ok
20:26:14.0595 1684 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
20:26:14.0595 1684 C:\Windows\System32\nsisvc.dll - ok
20:26:14.0595 1684 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
20:26:14.0595 1684 C:\Windows\System32\dhcpcore.dll - ok
20:26:14.0595 1684 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
20:26:14.0595 1684 C:\Windows\System32\dnsrslvr.dll - ok
20:26:14.0595 1684 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
20:26:14.0595 1684 C:\Windows\System32\eapsvc.dll - ok
20:26:14.0595 1684 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
20:26:14.0595 1684 C:\Windows\System32\keyiso.dll - ok
20:26:14.0611 1684 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
20:26:14.0611 1684 C:\Windows\System32\nrpsrv.dll - ok
20:26:14.0611 1684 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
20:26:14.0611 1684 C:\Windows\System32\winnsi.dll - ok
20:26:14.0611 1684 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
20:26:14.0611 1684 C:\Windows\System32\dhcpcore6.dll - ok
20:26:14.0611 1684 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
20:26:14.0611 1684 C:\Windows\System32\eapphost.dll - ok
20:26:14.0611 1684 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
20:26:14.0611 1684 C:\Windows\System32\FWPUCLNT.DLL - ok
20:26:14.0611 1684 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
20:26:14.0611 1684 C:\Windows\System32\umb.dll - ok
20:26:14.0611 1684 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
20:26:14.0611 1684 C:\Windows\System32\dhcpcsvc.dll - ok
20:26:14.0626 1684 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
20:26:14.0626 1684 C:\Windows\System32\dnsext.dll - ok
20:26:14.0626 1684 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
20:26:14.0626 1684 C:\Windows\System32\eappcfg.dll - ok
20:26:14.0626 1684 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
20:26:14.0626 1684 C:\Windows\System32\eappprxy.dll - ok
20:26:14.0626 1684 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
20:26:14.0626 1684 C:\Windows\System32\onex.dll - ok
20:26:14.0626 1684 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
20:26:14.0626 1684 C:\Windows\System32\wlanmsm.dll - ok
20:26:14.0626 1684 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
20:26:14.0626 1684 C:\Windows\System32\wlansec.dll - ok
20:26:14.0626 1684 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
20:26:14.0626 1684 C:\Windows\System32\wlgpclnt.dll - ok
20:26:14.0626 1684 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
20:26:14.0626 1684 C:\Windows\System32\dhcpcsvc6.dll - ok
20:26:14.0642 1684 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
20:26:14.0642 1684 C:\Windows\System32\l2gpstore.dll - ok
20:26:14.0642 1684 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
20:26:14.0642 1684 C:\Windows\System32\msxml6.dll - ok
20:26:14.0642 1684 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
20:26:14.0642 1684 C:\Windows\System32\WinSCard.dll - ok
20:26:14.0642 1684 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
20:26:14.0642 1684 C:\Windows\System32\wlanutil.dll - ok
20:26:14.0642 1684 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
20:26:14.0642 1684 C:\Windows\System32\winlogon.exe - ok
20:26:14.0642 1684 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
20:26:14.0642 1684 C:\Windows\System32\schedsvc.dll - ok
20:26:14.0642 1684 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
20:26:14.0642 1684 C:\Windows\System32\shsvcs.dll - ok
20:26:14.0657 1684 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
20:26:14.0657 1684 C:\Windows\System32\conhost.exe - ok
20:26:14.0657 1684 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
20:26:14.0657 1684 C:\Windows\System32\wlanext.exe - ok
20:26:14.0657 1684 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
20:26:14.0657 1684 C:\Windows\System32\ktmw32.dll - ok
20:26:14.0657 1684 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
20:26:14.0657 1684 C:\Windows\System32\netapi32.dll - ok
20:26:14.0657 1684 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
20:26:14.0657 1684 C:\Windows\System32\netutils.dll - ok
20:26:14.0657 1684 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
20:26:14.0657 1684 C:\Windows\System32\wkscli.dll - ok
20:26:14.0657 1684 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
20:26:14.0657 1684 C:\Windows\System32\xmllite.dll - ok
20:26:14.0657 1684 [ 0D2374629961D5BDF7158CB7DB3F7E01 ] C:\Windows\System32\iwmssvc.dll
20:26:14.0657 1684 C:\Windows\System32\iwmssvc.dll - ok
20:26:14.0673 1684 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
20:26:14.0673 1684 C:\Windows\System32\winspool.drv - ok
20:26:14.0673 1684 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
20:26:14.0673 1684 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
20:26:14.0673 1684 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
20:26:14.0673 1684 C:\Windows\System32\wlanapi.dll - ok
20:26:14.0673 1684 [ D844B11545F53AA0C10F78763381D9EC ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
20:26:14.0673 1684 C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
20:26:14.0673 1684 [ 2F6C5F133279281E08FE633D4EF29870 ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
20:26:14.0673 1684 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
20:26:14.0673 1684 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
20:26:14.0673 1684 C:\Windows\System32\fveapi.dll - ok
20:26:14.0673 1684 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
20:26:14.0673 1684 C:\Windows\System32\wsock32.dll - ok
20:26:14.0689 1684 [ 60D90AAFEDACEAA1F5C2D28EC2B523E8 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
20:26:14.0689 1684 C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
20:26:14.0689 1684 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
20:26:14.0689 1684 C:\Windows\System32\fvecerts.dll - ok
20:26:14.0689 1684 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
20:26:14.0689 1684 C:\Windows\System32\tbs.dll - ok
20:26:14.0689 1684 [ 8ABC5954FBEEABAD022F16A805534FBA ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
20:26:14.0689 1684 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
20:26:14.0689 1684 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
20:26:14.0689 1684 C:\Windows\System32\oleacc.dll - ok
20:26:14.0689 1684 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
20:26:14.0689 1684 C:\Windows\System32\taskcomp.dll - ok
20:26:14.0689 1684 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
20:26:14.0689 1684 C:\Windows\System32\wiarpc.dll - ok
20:26:14.0704 1684 [ 9C5B262DFD8695BB967D4C6C993ECD1C ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
20:26:14.0704 1684 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
20:26:14.0704 1684 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
20:26:14.0704 1684 C:\Windows\System32\drivers\http.sys - ok
20:26:14.0704 1684 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
20:26:14.0704 1684 C:\Windows\System32\spoolsv.exe - ok
20:26:14.0704 1684 [ B98EA23100316F4A75D0CD2274F86866 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
20:26:14.0704 1684 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
20:26:14.0704 1684 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
20:26:14.0704 1684 C:\Windows\System32\LogonUI.exe - ok
20:26:14.0704 1684 [ BE3BFB6EAF3B0DF5CB5745E35057CA80 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
20:26:14.0704 1684 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
20:26:14.0704 1684 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
20:26:14.0704 1684 C:\Windows\System32\BFE.DLL - ok
20:26:14.0720 1684 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
20:26:14.0720 1684 C:\Windows\System32\authui.dll - ok
20:26:14.0720 1684 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
20:26:14.0720 1684 C:\Windows\System32\cryptui.dll - ok
20:26:14.0720 1684 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:26:14.0720 1684 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:26:14.0720 1684 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
20:26:14.0720 1684 C:\Windows\System32\samlib.dll - ok
20:26:14.0720 1684 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
20:26:14.0720 1684 C:\Windows\System32\shacct.dll - ok
20:26:14.0720 1684 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
20:26:14.0720 1684 C:\Windows\System32\uxtheme.dll - ok
20:26:14.0720 1684 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
20:26:14.0720 1684 C:\Windows\System32\drivers\bowser.sys - ok
20:26:14.0720 1684 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
20:26:14.0720 1684 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
20:26:14.0735 1684 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
20:26:14.0735 1684 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:26:14.0735 1684 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
20:26:14.0735 1684 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:26:14.0735 1684 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:26:14.0735 1684 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:26:14.0735 1684 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
20:26:14.0735 1684 C:\Windows\System32\dui70.dll - ok
20:26:14.0735 1684 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
20:26:14.0735 1684 C:\Windows\System32\duser.dll - ok
20:26:14.0735 1684 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
20:26:14.0735 1684 C:\Windows\System32\SndVolSSO.dll - ok
20:26:14.0735 1684 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
20:26:14.0735 1684 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:26:14.0751 1684 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
20:26:14.0751 1684 C:\Windows\System32\hid.dll - ok
20:26:14.0751 1684 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
20:26:14.0751 1684 C:\Windows\System32\wkssvc.dll - ok
20:26:14.0751 1684 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:26:14.0751 1684 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
20:26:14.0751 1684 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
20:26:14.0751 1684 C:\Windows\System32\wfapigp.dll - ok
20:26:14.0751 1684 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
20:26:14.0751 1684 C:\Windows\System32\WindowsCodecs.dll - ok
20:26:14.0751 1684 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
20:26:14.0751 1684 C:\Windows\SysWOW64\shell32.dll - ok
20:26:14.0751 1684 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
20:26:14.0751 1684 C:\Windows\SysWOW64\shlwapi.dll - ok
20:26:14.0767 1684 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:26:14.0767 1684 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
20:26:14.0767 1684 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
20:26:14.0767 1684 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
20:26:14.0767 1684 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:26:14.0767 1684 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:26:14.0767 1684 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
20:26:14.0767 1684 C:\Windows\System32\mscms.dll - ok
20:26:14.0767 1684 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
20:26:14.0767 1684 C:\Windows\System32\pcasvc.dll - ok
20:26:14.0767 1684 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
20:26:14.0767 1684 C:\Windows\System32\snmptrap.exe - ok
20:26:14.0767 1684 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
20:26:14.0767 1684 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
20:26:14.0782 1684 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:26:14.0782 1684 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:26:14.0782 1684 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:26:14.0782 1684 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:26:14.0782 1684 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
20:26:14.0782 1684 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
20:26:14.0782 1684 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
20:26:14.0782 1684 C:\Windows\System32\BioCredProv.dll - ok
20:26:14.0782 1684 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:26:14.0782 1684 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:26:14.0782 1684 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
20:26:14.0782 1684 C:\Windows\System32\VaultCredProvider.dll - ok
20:26:14.0798 1684 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
20:26:14.0798 1684 C:\Windows\System32\winbrand.dll - ok
20:26:14.0798 1684 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
20:26:14.0798 1684 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
20:26:14.0798 1684 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
20:26:14.0798 1684 C:\Windows\System32\certCredProvider.dll - ok
20:26:14.0798 1684 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
20:26:14.0798 1684 C:\Windows\System32\credui.dll - ok
20:26:14.0798 1684 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
20:26:14.0798 1684 C:\Windows\System32\samcli.dll - ok
20:26:14.0798 1684 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
20:26:14.0798 1684 C:\Windows\System32\sstpsvc.dll - ok
20:26:14.0798 1684 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
20:26:14.0798 1684 C:\Windows\System32\vaultcli.dll - ok
20:26:14.0798 1684 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
20:26:14.0798 1684 C:\Windows\System32\winbio.dll - ok
20:26:14.0813 1684 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:26:14.0813 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:26:14.0813 1684 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:26:14.0813 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:26:14.0813 1684 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:26:14.0813 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:26:14.0813 1684 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:26:14.0813 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:26:14.0813 1684 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
20:26:14.0813 1684 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
20:26:14.0813 1684 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
20:26:14.0813 1684 C:\Windows\SysWOW64\nsi.dll - ok
20:26:14.0829 1684 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
20:26:14.0829 1684 C:\Windows\SysWOW64\ws2_32.dll - ok
20:26:14.0829 1684 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
20:26:14.0829 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:26:14.0829 1684 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
20:26:14.0829 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:26:14.0829 1684 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
20:26:14.0829 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
20:26:14.0829 1684 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
20:26:14.0829 1684 C:\Windows\System32\rasapi32.dll - ok
20:26:14.0829 1684 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
20:26:14.0829 1684 C:\Windows\System32\rasplap.dll - ok
20:26:14.0829 1684 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
20:26:14.0829 1684 C:\Windows\SysWOW64\winmm.dll - ok
20:26:14.0845 1684 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
20:26:14.0845 1684 C:\Windows\SysWOW64\wsock32.dll - ok
20:26:14.0845 1684 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
20:26:14.0845 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
20:26:14.0845 1684 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
20:26:14.0845 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:26:14.0845 1684 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
20:26:14.0845 1684 C:\Windows\System32\rasman.dll - ok
20:26:14.0845 1684 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
20:26:14.0845 1684 C:\Windows\System32\rtutils.dll - ok
20:26:14.0845 1684 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
20:26:14.0845 1684 C:\Windows\System32\UXInit.dll - ok
20:26:14.0845 1684 [ A6F7218F4BF8E3C98501670D45242905 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
20:26:14.0845 1684 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
20:26:14.0860 1684 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
20:26:14.0860 1684 C:\Windows\System32\UIAutomationCore.dll - ok
20:26:14.0860 1684 [ F72D0F2482B4BB54649F93304181C68E ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
20:26:14.0860 1684 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
20:26:14.0860 1684 [ B84207C8213C317ED1C3C088774E0E62 ] C:\Windows\System32\nvsvc64.dll
20:26:14.0860 1684 C:\Windows\System32\nvsvc64.dll - ok
20:26:14.0860 1684 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
20:26:14.0860 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:26:14.0860 1684 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
20:26:14.0860 1684 C:\Windows\System32\winmm.dll - ok
20:26:14.0860 1684 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
20:26:14.0860 1684 C:\Windows\SysWOW64\profapi.dll - ok
20:26:14.0860 1684 [ F47A6C6C66C1D93E5B177D2C1F6A3B21 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
20:26:14.0860 1684 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
20:26:14.0876 1684 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
20:26:14.0876 1684 C:\Windows\System32\msimg32.dll - ok
20:26:14.0876 1684 [ B77734A2F128915386BD9EB508092EFE ] C:\Windows\System32\nvapi64.dll
20:26:14.0876 1684 C:\Windows\System32\nvapi64.dll - ok
20:26:14.0876 1684 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:26:14.0876 1684 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:26:14.0876 1684 [ 32B45C0DFC63D559CC7D8929EB40D20A ] C:\Windows\System32\nvsvcr.dll
20:26:14.0876 1684 C:\Windows\System32\nvsvcr.dll - ok
20:26:14.0876 1684 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
20:26:14.0876 1684 C:\Windows\SysWOW64\dnssd.dll - ok
20:26:14.0876 1684 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
20:26:14.0876 1684 C:\Windows\SysWOW64\mswsock.dll - ok
20:26:14.0876 1684 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
20:26:14.0876 1684 C:\Windows\SysWOW64\userenv.dll - ok
20:26:14.0876 1684 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
20:26:14.0876 1684 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:26:14.0891 1684 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:26:14.0891 1684 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
20:26:14.0891 1684 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:26:14.0891 1684 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:26:14.0891 1684 [ B1D1415B900A42E451AA6627DB493CBD ] C:\Windows\System32\nvcpl.dll
20:26:14.0891 1684 C:\Windows\System32\nvcpl.dll - ok
20:26:14.0891 1684 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
20:26:14.0891 1684 C:\Windows\System32\oledlg.dll - ok
20:26:14.0891 1684 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
20:26:14.0891 1684 C:\Windows\SysWOW64\iertutil.dll - ok
20:26:14.0891 1684 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
20:26:14.0891 1684 C:\Windows\SysWOW64\wininet.dll - ok
20:26:14.0891 1684 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:26:14.0891 1684 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:26:14.0907 1684 [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
20:26:14.0907 1684 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
20:26:14.0907 1684 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
20:26:14.0907 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:26:14.0907 1684 [ 74FA51EBA9EF6AA1CB2B17D3A5F61C01 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
20:26:14.0907 1684 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
20:26:14.0907 1684 [ 575B753E1EC69E4501615931C0CA4BED ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
20:26:14.0907 1684 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
20:26:14.0907 1684 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
20:26:14.0907 1684 C:\Windows\SysWOW64\urlmon.dll - ok
20:26:14.0907 1684 [ 3B3D5E94A5F24417BE2C179DDD883702 ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
20:26:14.0907 1684 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
20:26:14.0907 1684 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:26:14.0907 1684 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:26:14.0923 1684 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
20:26:14.0923 1684 C:\Windows\SysWOW64\msvcp100.dll - ok
20:26:14.0923 1684 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
20:26:14.0923 1684 C:\Windows\SysWOW64\msvcr100.dll - ok
20:26:14.0923 1684 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
20:26:14.0923 1684 C:\Windows\SysWOW64\winnsi.dll - ok
20:26:14.0923 1684 [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
20:26:14.0923 1684 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
20:26:14.0923 1684 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:26:14.0923 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:26:14.0923 1684 [ 22589EBC94CB060C7C5C6D120D828770 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
20:26:14.0923 1684 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
20:26:14.0923 1684 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
20:26:14.0923 1684 C:\Windows\SysWOW64\psapi.dll - ok
20:26:14.0938 1684 [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
20:26:14.0938 1684 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
20:26:14.0938 1684 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
20:26:14.0938 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:26:14.0938 1684 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
20:26:14.0938 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:26:14.0938 1684 [ 14239107A86490B0F49EE263FB4170F8 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI64.dll
20:26:14.0938 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI64.dll - ok
20:26:14.0938 1684 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
20:26:14.0938 1684 C:\Windows\System32\imageres.dll - ok
20:26:14.0938 1684 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:26:14.0938 1684 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
20:26:14.0938 1684 [ 38781F3E6CB101B35ED8076A743FA493 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
20:26:14.0938 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll - ok
20:26:14.0954 1684 [ 40E12972BB73C2927E19553E30EAEE3C ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
20:26:14.0954 1684 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
20:26:14.0954 1684 [ 0F46D2845BD7DDACA52340ECC2B65DA3 ] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:26:14.0954 1684 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - ok
20:26:14.0954 1684 [ BBAD10F039069325326CDA0A68D55356 ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
20:26:14.0954 1684 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
20:26:14.0954 1684 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
20:26:14.0954 1684 C:\Windows\SysWOW64\bthprops.cpl - ok
20:26:14.0954 1684 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
20:26:14.0954 1684 C:\Windows\System32\netcfgx.dll - ok
20:26:14.0954 1684 [ 414F57444511B818DB23FA5CF89F3205 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
20:26:14.0954 1684 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
20:26:14.0954 1684 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:26:14.0954 1684 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:26:14.0969 1684 [ C9F44E08EF18BE1139386095360B0E39 ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
20:26:14.0969 1684 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
20:26:14.0969 1684 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
20:26:14.0969 1684 C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:26:14.0969 1684 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
20:26:14.0969 1684 C:\Windows\SysWOW64\clbcatq.dll - ok
20:26:14.0969 1684 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
20:26:14.0969 1684 C:\Windows\SysWOW64\cryptsp.dll - ok
20:26:14.0969 1684 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:26:14.0969 1684 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:26:14.0969 1684 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
20:26:14.0969 1684 C:\Windows\SysWOW64\rsaenh.dll - ok
20:26:14.0969 1684 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
20:26:14.0969 1684 C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe - ok
20:26:14.0985 1684 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
20:26:14.0985 1684 C:\Windows\System32\bthserv.dll - ok
20:26:14.0985 1684 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
20:26:14.0985 1684 C:\Windows\System32\shfolder.dll - ok
20:26:14.0985 1684 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
20:26:14.0985 1684 C:\Windows\System32\cryptsvc.dll - ok
20:26:14.0985 1684 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
20:26:14.0985 1684 C:\Windows\System32\dps.dll - ok
20:26:14.0985 1684 [ 532B8FF8E07F3772B086620377654F95 ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:26:14.0985 1684 C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
20:26:14.0985 1684 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
20:26:14.0985 1684 C:\Windows\System32\cryptnet.dll - ok
20:26:14.0985 1684 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
20:26:14.0985 1684 C:\Windows\System32\taskschd.dll - ok
20:26:15.0001 1684 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
20:26:15.0001 1684 C:\Windows\System32\vssapi.dll - ok
20:26:15.0001 1684 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
20:26:15.0001 1684 C:\Windows\System32\vsstrace.dll - ok
20:26:15.0001 1684 [ BF50A5E3ACF12636D06C8CBB8F36DD00 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
20:26:15.0001 1684 C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
20:26:15.0001 1684 [ 3AD61EF7366F04CA7FF6E629F9FA0403 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
20:26:15.0001 1684 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
20:26:15.0001 1684 [ 8194F81BCF9C964231D85167C784B3AF ] C:\Windows\System32\drivers\rikvm_9EC60124.sys
20:26:15.0001 1684 C:\Windows\System32\drivers\rikvm_9EC60124.sys - ok
20:26:15.0001 1684 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
20:26:15.0001 1684 C:\Windows\System32\FDResPub.dll - ok
20:26:15.0001 1684 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
20:26:15.0001 1684 C:\Windows\System32\IKEEXT.DLL - ok
20:26:15.0001 1684 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
20:26:15.0001 1684 C:\Windows\System32\msiexec.exe - ok
20:26:15.0016 1684 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
20:26:15.0016 1684 C:\Windows\System32\WSDApi.dll - ok
20:26:15.0016 1684 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
20:26:15.0016 1684 C:\Windows\System32\fundisc.dll - ok
20:26:15.0016 1684 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
20:26:15.0016 1684 C:\Windows\System32\msi.dll - ok
20:26:15.0016 1684 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
20:26:15.0016 1684 C:\Windows\System32\webservices.dll - ok
20:26:15.0016 1684 [ 9A1DB0125DEFBCC0026F745876216CDE ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
20:26:15.0016 1684 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
20:26:15.0016 1684 [ FB24438F64BAF5198EE7648B51FD3AB0 ] C:\Windows\System32\cacls.exe
20:26:15.0016 1684 C:\Windows\System32\cacls.exe - ok
20:26:15.0016 1684 [ 8CFBCCDD3DF24D6194FC4B6DBDFA6383 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
20:26:15.0016 1684 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
20:26:15.0032 1684 [ 86987386B3A25F956760C6F43F982E47 ] C:\Windows\AppPatch\AppPatch64\AcLayers.dll
20:26:15.0032 1684 C:\Windows\AppPatch\AppPatch64\AcLayers.dll - ok
20:26:15.0032 1684 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
20:26:15.0032 1684 C:\Windows\System32\mpr.dll - ok
20:26:15.0032 1684 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
20:26:15.0032 1684 C:\Windows\System32\sfc.dll - ok
20:26:15.0032 1684 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
20:26:15.0032 1684 C:\Windows\System32\sfc_os.dll - ok
20:26:15.0032 1684 [ 32DFEEF66057184481ECC3C6116CE895 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
20:26:15.0032 1684 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
20:26:15.0032 1684 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
20:26:15.0032 1684 C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe - ok
20:26:15.0032 1684 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
20:26:15.0032 1684 C:\Windows\System32\netman.dll - ok
20:26:15.0032 1684 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
20:26:15.0032 1684 C:\Windows\System32\QUTIL.DLL - ok
20:26:15.0047 1684 [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
20:26:15.0047 1684 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
20:26:15.0047 1684 [ 4D3C9D58D507303D123A3F2580E24BC3 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
20:26:15.0047 1684 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
20:26:15.0047 1684 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
20:26:15.0047 1684 C:\Windows\System32\ncsi.dll - ok
20:26:15.0047 1684 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
20:26:15.0047 1684 C:\Windows\System32\nlasvc.dll - ok
20:26:15.0047 1684 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
20:26:15.0047 1684 C:\Windows\System32\webio.dll - ok
20:26:15.0047 1684 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
20:26:15.0047 1684 C:\Windows\System32\winhttp.dll - ok
20:26:15.0047 1684 [ 9AF1749B9896E7D96332F3C3BA3A973A ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
20:26:15.0047 1684 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
20:26:15.0063 1684 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
20:26:15.0063 1684 C:\Windows\System32\QAGENT.DLL - ok
20:26:15.0063 1684 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
20:26:15.0063 1684 C:\Windows\System32\ssdpapi.dll - ok
20:26:15.0063 1684 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
20:26:15.0063 1684 C:\Windows\System32\httpapi.dll - ok
20:26:15.0063 1684 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
20:26:15.0063 1684 C:\Windows\System32\wscapi.dll - ok
20:26:15.0063 1684 [ CB06D9EDB2A0C225C25A3B33BEDF4DD7 ] C:\Windows\System32\DHCPQEC.DLL
20:26:15.0063 1684 C:\Windows\System32\DHCPQEC.DLL - ok
20:26:15.0063 1684 [ B07F39F281A1A1DECD4B8E2F1BB46299 ] C:\Windows\System32\EAPQEC.DLL
20:26:15.0063 1684 C:\Windows\System32\EAPQEC.DLL - ok
20:26:15.0063 1684 [ F36BDE3923E9C7B37AF0F800E4994E36 ] C:\Windows\System32\napipsec.dll
20:26:15.0063 1684 C:\Windows\System32\napipsec.dll - ok
20:26:15.0079 1684 [ E98E2152251EB2576714B2CCE01555DC ] C:\Windows\System32\tsgqec.dll
20:26:15.0079 1684 C:\Windows\System32\tsgqec.dll - ok
20:26:15.0079 1684 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
20:26:15.0079 1684 C:\Windows\System32\dllhost.exe - ok
20:26:15.0079 1684 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
20:26:15.0079 1684 C:\Windows\System32\vpnikeapi.dll - ok
20:26:15.0079 1684 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
20:26:15.0079 1684 C:\Windows\SysWOW64\secur32.dll - ok
20:26:15.0079 1684 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
20:26:15.0079 1684 C:\Windows\SysWOW64\sfc.dll - ok
20:26:15.0079 1684 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
20:26:15.0079 1684 C:\Windows\SysWOW64\sfc_os.dll - ok
20:26:15.0079 1684 [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
20:26:15.0079 1684 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
20:26:15.0079 1684 [ EDF132F17CF3724E2688D601E915B41D ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
20:26:15.0079 1684 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
20:26:15.0094 1684 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
20:26:15.0094 1684 C:\Windows\System32\wbemcomn.dll - ok
20:26:15.0094 1684 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
20:26:15.0094 1684 C:\Windows\System32\wbem\wbemprox.dll - ok
20:26:15.0094 1684 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
20:26:15.0094 1684 C:\Windows\System32\drivers\vwifimp.sys - ok
20:26:15.0094 1684 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
20:26:15.0094 1684 C:\Windows\System32\IDStore.dll - ok
20:26:15.0094 1684 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
20:26:15.0094 1684 C:\Windows\System32\taskhost.exe - ok
20:26:15.0094 1684 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
20:26:15.0094 1684 C:\Windows\SysWOW64\winsta.dll - ok
20:26:15.0094 1684 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
20:26:15.0094 1684 C:\Windows\System32\taskeng.exe - ok
20:26:15.0110 1684 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
20:26:15.0110 1684 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
20:26:15.0110 1684 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
20:26:15.0110 1684 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:26:15.0110 1684 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
20:26:15.0110 1684 C:\Windows\System32\rasadhlp.dll - ok
20:26:15.0110 1684 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
20:26:15.0110 1684 C:\Windows\System32\userinit.exe - ok
20:26:15.0110 1684 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
20:26:15.0110 1684 C:\Windows\System32\PlaySndSrv.dll - ok
20:26:15.0110 1684 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
20:26:15.0110 1684 C:\Windows\System32\HotStartUserAgent.dll - ok
20:26:15.0110 1684 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
20:26:15.0110 1684 C:\Windows\System32\MsCtfMonitor.dll - ok
20:26:15.0125 1684 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
20:26:15.0125 1684 C:\Windows\System32\msutb.dll - ok
20:26:15.0125 1684 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
20:26:15.0125 1684 C:\Windows\System32\TSChannel.dll - ok
20:26:15.0125 1684 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:26:15.0125 1684 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:26:15.0125 1684 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
20:26:15.0125 1684 C:\Windows\System32\dwm.exe - ok
20:26:15.0125 1684 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
20:26:15.0125 1684 C:\Windows\System32\localspl.dll - ok
20:26:15.0125 1684 [ 6C8EB0C50C276FE26DB2058A836D0280 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
20:26:15.0125 1684 C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
20:26:15.0125 1684 [ 4783BC9E09B35489A5384AC5DB074418 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
20:26:15.0125 1684 C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
20:26:15.0125 1684 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
20:26:15.0125 1684 C:\Windows\System32\spoolss.dll - ok
20:26:15.0141 1684 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
20:26:15.0141 1684 C:\Windows\System32\FXSMON.dll - ok
20:26:15.0141 1684 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
20:26:15.0141 1684 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:26:15.0141 1684 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
20:26:15.0141 1684 C:\Windows\System32\tcpmon.dll - ok
20:26:15.0141 1684 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
20:26:15.0141 1684 C:\Windows\System32\snmpapi.dll - ok
20:26:15.0141 1684 [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Windows\System32\msvcp110.dll
20:26:15.0141 1684 C:\Windows\System32\msvcp110.dll - ok
20:26:15.0141 1684 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
20:26:15.0141 1684 C:\Windows\System32\usbmon.dll - ok
20:26:15.0141 1684 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
20:26:15.0141 1684 C:\Windows\System32\WSDMon.dll - ok
20:26:15.0157 1684 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
20:26:15.0157 1684 C:\Windows\System32\wsnmp32.dll - ok
20:26:15.0157 1684 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
20:26:15.0157 1684 C:\Windows\System32\fdPnp.dll - ok
20:26:15.0157 1684 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:26:15.0157 1684 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:26:15.0157 1684 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
20:26:15.0157 1684 C:\Windows\System32\win32spl.dll - ok
20:26:15.0157 1684 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
20:26:15.0157 1684 C:\Windows\explorer.exe - ok
20:26:15.0157 1684 [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Windows\System32\msvcr110.dll
20:26:15.0157 1684 C:\Windows\System32\msvcr110.dll - ok
20:26:15.0157 1684 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
20:26:15.0157 1684 C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
20:26:15.0157 1684 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
20:26:15.0157 1684 C:\Windows\System32\inetpp.dll - ok
20:26:15.0172 1684 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
20:26:15.0172 1684 C:\Windows\System32\cscapi.dll - ok
20:26:15.0172 1684 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
20:26:15.0172 1684 C:\Windows\System32\dbghelp.dll - ok
20:26:15.0172 1684 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
20:26:15.0172 1684 C:\Windows\System32\wer.dll - ok
20:26:15.0172 1684 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
20:26:15.0172 1684 C:\Windows\System32\ExplorerFrame.dll - ok
20:26:15.0172 1684 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
20:26:15.0172 1684 C:\Windows\System32\msxml3.dll - ok
20:26:15.0172 1684 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
20:26:15.0172 1684 C:\Users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
20:26:15.0172 1684 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
20:26:15.0172 1684 C:\Windows\System32\msvcp60.dll - ok
20:26:15.0188 1684 [ 41905052445D8481457E824C27DB14A2 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
20:26:15.0188 1684 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
20:26:15.0188 1684 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:26:15.0188 1684 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:26:15.0188 1684 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
20:26:15.0188 1684 C:\Windows\System32\EhStorShell.dll - ok
20:26:15.0188 1684 [ 97BB37731F04CEBC15C4FD09C8CE5176 ] C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
20:26:15.0188 1684 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL - ok
20:26:15.0188 1684 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:26:15.0188 1684 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:26:15.0188 1684 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
20:26:15.0188 1684 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
20:26:15.0188 1684 [ 2189278AB7A6FA4428188606D93D202B ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
20:26:15.0188 1684 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF - ok
20:26:15.0203 1684 [ 53FE14BD8160EBE29EF29B0A5366F34A ] C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
20:26:15.0203 1684 C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll - ok
20:26:15.0203 1684 [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll
20:26:15.0203 1684 C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll - ok
20:26:15.0203 1684 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
20:26:15.0203 1684 C:\Windows\System32\aepic.dll - ok
20:26:15.0203 1684 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
20:26:15.0203 1684 C:\Windows\System32\drivers\PEAuth.sys - ok
20:26:15.0203 1684 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
20:26:15.0203 1684 C:\Windows\System32\ntshrui.dll - ok
20:26:15.0203 1684 [ 7196BE857E29007470FF9B689C7F29A7 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:26:15.0203 1684 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
20:26:15.0203 1684 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
20:26:15.0203 1684 C:\Windows\System32\IconCodecService.dll - ok
20:26:15.0219 1684 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:26:15.0219 1684 C:\Windows\System32\drivers\secdrv.sys - ok
20:26:15.0219 1684 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
20:26:15.0219 1684 C:\Windows\System32\seclogon.dll - ok
20:26:15.0219 1684 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
20:26:15.0219 1684 C:\Windows\System32\netshell.dll - ok
20:26:15.0219 1684 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
20:26:15.0219 1684 C:\Windows\System32\aeevts.dll - ok
20:26:15.0219 1684 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
20:26:15.0219 1684 C:\Windows\System32\dwmcore.dll - ok
20:26:15.0219 1684 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
20:26:15.0219 1684 C:\Windows\System32\dwmredir.dll - ok
20:26:15.0219 1684 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
20:26:15.0219 1684 C:\Windows\System32\d3d10_1.dll - ok
20:26:15.0219 1684 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
20:26:15.0219 1684 C:\Windows\System32\d3d10_1core.dll - ok
20:26:15.0235 1684 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
20:26:15.0235 1684 C:\Windows\System32\d3d11.dll - ok
20:26:15.0235 1684 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
20:26:15.0235 1684 C:\Windows\System32\dxgi.dll - ok
20:26:15.0235 1684 [ BFC89BD90C4E491FED5370D88757143F ] C:\Windows\System32\nvwgf2umx.dll
20:26:15.0235 1684 C:\Windows\System32\nvwgf2umx.dll - ok
20:26:15.0235 1684 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
20:26:15.0235 1684 C:\Windows\System32\uDWM.dll - ok
20:26:15.0235 1684 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
20:26:15.0235 1684 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
20:26:15.0235 1684 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
20:26:15.0235 1684 C:\Windows\SysWOW64\imagehlp.dll - ok
20:26:15.0235 1684 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
20:26:15.0235 1684 C:\Windows\SysWOW64\netapi32.dll - ok
20:26:15.0250 1684 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
20:26:15.0250 1684 C:\Windows\SysWOW64\netutils.dll - ok
20:26:15.0250 1684 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
20:26:15.0250 1684 C:\Windows\SysWOW64\srvcli.dll - ok
20:26:15.0250 1684 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
20:26:15.0250 1684 C:\Windows\SysWOW64\wkscli.dll - ok
20:26:15.0250 1684 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
20:26:15.0250 1684 C:\Windows\SysWOW64\msi.dll - ok
20:26:15.0250 1684 [ A9E7EA6AFC08C0EE00B4E71A7704C646 ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
20:26:15.0250 1684 C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
20:26:15.0250 1684 [ 6A83403CDE15B2C7AA7DDB5138E31091 ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
20:26:15.0250 1684 C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
20:26:15.0250 1684 [ BEA22322EA2DFE41CF7CE22A6EDE08EA ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
20:26:15.0250 1684 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
20:26:15.0266 1684 [ 1F72562A84572E7BC1CC7D6429C70C5C ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
20:26:15.0266 1684 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
20:26:15.0266 1684 [ AB0A8849029B4CE1109BA4E86481AB4F ] C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe
20:26:15.0266 1684 C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe - ok
20:26:15.0266 1684 [ A8524F6C3AFF774911BCA26AB8322602 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
20:26:15.0266 1684 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
20:26:15.0266 1684 [ 0E606267BA95B5F26B24DF7F80CD56DE ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
20:26:15.0266 1684 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe - ok
20:26:15.0266 1684 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
20:26:15.0266 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe - ok
20:26:15.0266 1684 [ 086B869003A203208E5BE8FA1B3D1957 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll
20:26:15.0266 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll - ok
20:26:15.0266 1684 [ E42D201B0B53A94BD8E5B032EC83D843 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:26:15.0266 1684 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
20:26:15.0281 1684 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
20:26:15.0281 1684 C:\Windows\SysWOW64\wbemcomn.dll - ok
20:26:15.0281 1684 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
20:26:15.0281 1684 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
20:26:15.0281 1684 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
20:26:15.0281 1684 C:\Windows\SysWOW64\msxml3.dll - ok
20:26:15.0281 1684 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
20:26:15.0281 1684 C:\Windows\SysWOW64\winhttp.dll - ok
20:26:15.0281 1684 [ 7F2A2DDA32A0CDF28868864A87A05B23 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
20:26:15.0281 1684 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
20:26:15.0281 1684 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
20:26:15.0281 1684 C:\Windows\SysWOW64\cscapi.dll - ok
20:26:15.0281 1684 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
20:26:15.0281 1684 C:\Windows\SysWOW64\dbghelp.dll - ok
20:26:15.0297 1684 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
20:26:15.0297 1684 C:\Windows\SysWOW64\webio.dll - ok
20:26:15.0297 1684 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
20:26:15.0297 1684 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
20:26:15.0297 1684 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
20:26:15.0297 1684 C:\Windows\SysWOW64\apphelp.dll - ok
20:26:15.0297 1684 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
20:26:15.0297 1684 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
20:26:15.0297 1684 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
20:26:15.0297 1684 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
20:26:15.0297 1684 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
20:26:15.0297 1684 C:\Windows\SysWOW64\mstask.dll - ok
20:26:15.0297 1684 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
20:26:15.0297 1684 C:\Windows\System32\drivers\srvnet.sys - ok
20:26:15.0313 1684 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
20:26:15.0313 1684 C:\Windows\SysWOW64\wevtapi.dll - ok
20:26:15.0313 1684 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
20:26:15.0313 1684 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:26:15.0313 1684 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
20:26:15.0313 1684 C:\Windows\System32\sysmain.dll - ok
20:26:15.0313 1684 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
20:26:15.0313 1684 C:\Windows\System32\tapisrv.dll - ok
20:26:15.0313 1684 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
20:26:15.0313 1684 C:\Windows\System32\wiaservc.dll - ok
20:26:15.0313 1684 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
20:26:15.0313 1684 C:\Windows\System32\trkwks.dll - ok
20:26:15.0313 1684 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
20:26:15.0313 1684 C:\Windows\System32\wiatrace.dll - ok
20:26:15.0328 1684 [ D9818DB1A56E787B58B5EAFE44E1A497 ] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
20:26:15.0328 1684 C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe - ok
20:26:15.0328 1684 [ 1931311AF80A54A4FE8F0862820FE015 ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
20:26:15.0328 1684 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
20:26:15.0328 1684 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
20:26:15.0328 1684 C:\Windows\SysWOW64\wscapi.dll - ok
20:26:15.0328 1684 [ 796D0E740E0AF2E5C55BBC3B1561AA47 ] C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
20:26:15.0328 1684 C:\Program Files (x86)\AVG\AVG2013\avgemca.exe - ok
20:26:15.0328 1684 [ 3A0709EF8466606C5E18DDDAA90A1462 ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
20:26:15.0328 1684 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
20:26:15.0328 1684 [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
20:26:15.0328 1684 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
20:26:15.0328 1684 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
20:26:15.0328 1684 C:\Windows\SysWOW64\SensApi.dll - ok
20:26:15.0344 1684 [ 91CA748B04BF0E2CAB06BE29116E05C5 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
20:26:15.0344 1684 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
20:26:15.0344 1684 [ 24B321F6C9D9C672ED00CAE456F93871 ] C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
20:26:15.0344 1684 C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe - ok
20:26:15.0344 1684 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
20:26:15.0344 1684 C:\Windows\System32\msvcr100.dll - ok
20:26:15.0344 1684 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
20:26:15.0344 1684 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:26:15.0344 1684 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
20:26:15.0344 1684 C:\Windows\SysWOW64\QUTIL.DLL - ok
20:26:15.0344 1684 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
20:26:15.0344 1684 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:26:15.0344 1684 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:26:15.0344 1684 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:26:15.0359 1684 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
20:26:15.0359 1684 C:\Windows\SysWOW64\QAGENT.DLL - ok
20:26:15.0359 1684 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
20:26:15.0359 1684 C:\Windows\System32\wbem\wbemcore.dll - ok
20:26:15.0359 1684 [ A3A15F8F104ED02AADB247D24E403E92 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll
20:26:15.0359 1684 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll - ok
20:26:15.0359 1684 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
20:26:15.0359 1684 C:\Windows\System32\wbem\fastprox.dll - ok
20:26:15.0359 1684 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:26:15.0359 1684 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:26:15.0359 1684 [ 04C20DBC09884A27F65EBD721B42F073 ] C:\Windows\SysWOW64\mssha.dll
20:26:15.0359 1684 C:\Windows\SysWOW64\mssha.dll - ok
20:26:15.0359 1684 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
20:26:15.0359 1684 C:\Windows\SysWOW64\credssp.dll - ok
20:26:15.0375 1684 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
20:26:15.0375 1684 C:\Windows\System32\ntdsapi.dll - ok
20:26:15.0375 1684 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
20:26:15.0375 1684 C:\Windows\System32\wbem\esscli.dll - ok
20:26:15.0375 1684 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
20:26:15.0375 1684 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:26:15.0375 1684 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
20:26:15.0375 1684 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
20:26:15.0375 1684 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
20:26:15.0375 1684 C:\Windows\System32\wbem\wmiutils.dll - ok
20:26:15.0375 1684 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
20:26:15.0375 1684 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
20:26:15.0375 1684 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
20:26:15.0375 1684 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:26:15.0391 1684 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
20:26:15.0391 1684 C:\Windows\SysWOW64\ntdsapi.dll - ok
20:26:15.0391 1684 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
20:26:15.0391 1684 C:\Windows\System32\SensApi.dll - ok
20:26:15.0391 1684 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:26:15.0391 1684 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:26:15.0391 1684 [ 5D5C3EC9BE1107DEDF0FEB55B7F3BD77 ] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:26:15.0391 1684 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - ok
20:26:15.0391 1684 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:26:15.0391 1684 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:26:15.0391 1684 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:26:15.0391 1684 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:26:15.0391 1684 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
20:26:15.0391 1684 C:\Windows\System32\dssenh.dll - ok
20:26:15.0406 1684 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:26:15.0406 1684 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:26:15.0406 1684 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
20:26:15.0406 1684 C:\Windows\System32\ncobjapi.dll - ok
20:26:15.0406 1684 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
20:26:15.0406 1684 C:\Windows\System32\iphlpsvc.dll - ok
20:26:15.0406 1684 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
20:26:15.0406 1684 C:\Windows\System32\sqmapi.dll - ok
20:26:15.0406 1684 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
20:26:15.0406 1684 C:\Windows\System32\drivers\srv2.sys - ok
20:26:15.0406 1684 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
20:26:15.0406 1684 C:\Windows\System32\wdscore.dll - ok
20:26:15.0406 1684 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
20:26:15.0406 1684 C:\Windows\System32\rasmans.dll - ok
20:26:15.0406 1684 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
20:26:15.0406 1684 C:\Windows\System32\rastapi.dll - ok
20:26:15.0422 1684 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
20:26:15.0422 1684 C:\Windows\System32\tapi32.dll - ok
20:26:15.0422 1684 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
20:26:15.0422 1684 C:\Windows\System32\drivers\srv.sys - ok
20:26:15.0422 1684 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
20:26:15.0422 1684 C:\Windows\System32\wbem\wbemess.dll - ok
20:26:15.0422 1684 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
20:26:15.0422 1684 C:\Windows\System32\hnetcfg.dll - ok
20:26:15.0422 1684 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
20:26:15.0422 1684 C:\Windows\System32\browser.dll - ok
20:26:15.0422 1684 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
20:26:15.0422 1684 C:\Windows\System32\netmsg.dll - ok
20:26:15.0422 1684 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
20:26:15.0422 1684 C:\Windows\System32\srvsvc.dll - ok
20:26:15.0437 1684 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
20:26:15.0437 1684 C:\Windows\System32\clusapi.dll - ok
20:26:15.0437 1684 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
20:26:15.0437 1684 C:\Windows\System32\sscore.dll - ok
20:26:15.0437 1684 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
20:26:15.0437 1684 C:\Windows\System32\unimdm.tsp - ok
20:26:15.0437 1684 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
20:26:15.0437 1684 C:\Windows\System32\uniplat.dll - ok
20:26:15.0437 1684 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
20:26:15.0437 1684 C:\Windows\System32\kmddsp.tsp - ok
20:26:15.0437 1684 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
20:26:15.0437 1684 C:\Windows\System32\resutils.dll - ok
20:26:15.0437 1684 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
20:26:15.0437 1684 C:\Windows\System32\ndptsp.tsp - ok
20:26:15.0453 1684 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
20:26:15.0453 1684 C:\Windows\SysWOW64\wshbth.dll - ok
20:26:15.0453 1684 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
20:26:15.0453 1684 C:\Windows\System32\hidphone.tsp - ok
20:26:15.0453 1684 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
20:26:15.0453 1684 C:\Windows\System32\rasppp.dll - ok
20:26:15.0453 1684 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
20:26:15.0453 1684 C:\Windows\System32\vpnike.dll - ok
20:26:15.0453 1684 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
20:26:15.0453 1684 C:\Windows\System32\raschap.dll - ok
20:26:15.0453 1684 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
20:26:15.0453 1684 C:\Windows\System32\ipnathlp.dll - ok
20:26:15.0453 1684 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
20:26:15.0453 1684 C:\Windows\System32\mprapi.dll - ok
20:26:15.0453 1684 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
20:26:15.0453 1684 C:\Windows\System32\wbem\unsecapp.exe - ok
20:26:15.0469 1684 [ 4E1B4CFBE7228F42400389402347DE4C ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
20:26:15.0469 1684 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
20:26:15.0469 1684 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:26:15.0469 1684 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:26:15.0469 1684 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
20:26:15.0469 1684 C:\Windows\System32\wdi.dll - ok
20:26:15.0469 1684 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
20:26:15.0469 1684 C:\Windows\System32\appinfo.dll - ok
20:26:15.0469 1684 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
20:26:15.0469 1684 C:\Windows\System32\bitsperf.dll - ok
20:26:15.0469 1684 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
20:26:15.0469 1684 C:\Windows\System32\qmgr.dll - ok
20:26:15.0469 1684 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
20:26:15.0469 1684 C:\Windows\System32\wpdbusenum.dll - ok
20:26:15.0484 1684 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
20:26:15.0484 1684 C:\Windows\System32\perftrack.dll - ok
20:26:15.0484 1684 [ 4CE5F7A4038000239E2773ADD8A71B33 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
20:26:15.0484 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe - ok
20:26:15.0484 1684 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
20:26:15.0484 1684 C:\Windows\System32\diagperf.dll - ok
20:26:15.0484 1684 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
20:26:15.0484 1684 C:\Windows\System32\PortableDeviceApi.dll - ok
20:26:15.0484 1684 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
20:26:15.0484 1684 C:\Windows\SysWOW64\uxtheme.dll - ok
20:26:15.0484 1684 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
20:26:15.0484 1684 C:\Windows\System32\bitsigd.dll - ok
20:26:15.0484 1684 [ E70DCE3B68FDF6D8CF85DF853A63D223 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
20:26:15.0484 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe - ok
20:26:15.0500 1684 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
20:26:15.0500 1684 C:\Windows\SysWOW64\propsys.dll - ok
20:26:15.0500 1684 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:26:15.0500 1684 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:26:15.0500 1684 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
20:26:15.0500 1684 C:\Windows\System32\upnp.dll - ok
20:26:15.0500 1684 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
20:26:15.0500 1684 C:\Windows\System32\NapiNSP.dll - ok
20:26:15.0500 1684 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
20:26:15.0500 1684 C:\Windows\System32\npmproxy.dll - ok
20:26:15.0500 1684 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
20:26:15.0500 1684 C:\Windows\System32\Apphlpdm.dll - ok
20:26:15.0500 1684 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
20:26:15.0500 1684 C:\Windows\System32\pnpts.dll - ok
20:26:15.0500 1684 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
20:26:15.0500 1684 C:\Windows\System32\radardt.dll - ok
20:26:15.0515 1684 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
20:26:15.0515 1684 C:\Windows\System32\ssdpsrv.dll - ok
20:26:15.0515 1684 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
20:26:15.0515 1684 C:\Windows\System32\wdiasqmmodule.dll - ok
20:26:15.0515 1684 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
20:26:15.0515 1684 C:\Windows\System32\runonce.exe - ok
20:26:15.0515 1684 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
20:26:15.0515 1684 C:\Windows\SysWOW64\runonce.exe - ok
20:26:15.0515 1684 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
20:26:15.0515 1684 C:\Windows\SysWOW64\ieframe.dll - ok
20:26:15.0515 1684 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
20:26:15.0515 1684 C:\Windows\System32\pnrpnsp.dll - ok
20:26:15.0515 1684 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
20:26:15.0515 1684 C:\Windows\System32\winrnr.dll - ok
20:26:15.0531 1684 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
20:26:15.0531 1684 C:\Windows\System32\wshbth.dll - ok
20:26:15.0531 1684 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
20:26:15.0531 1684 C:\Windows\System32\wbem\cimwin32.dll - ok
20:26:15.0531 1684 [ 86D177F43030F61A8610259A2E8F07FE ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
20:26:15.0531 1684 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
20:26:15.0531 1684 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
20:26:15.0531 1684 C:\Windows\System32\wbem\NCProv.dll - ok
20:26:15.0531 1684 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
20:26:15.0531 1684 C:\Windows\System32\aelupsvc.dll - ok
20:26:15.0531 1684 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
20:26:15.0531 1684 C:\Windows\System32\qmgrprxy.dll - ok
20:26:15.0531 1684 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
20:26:15.0531 1684 C:\Windows\SysWOW64\qmgrprxy.dll - ok
20:26:15.0531 1684 [ 28968739C9027D8B7E8EBFE9898BA629 ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe
20:26:15.0531 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe - ok
20:26:15.0547 1684 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
20:26:15.0547 1684 C:\Windows\System32\IPSECSVC.DLL - ok
20:26:15.0547 1684 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
20:26:15.0547 1684 C:\Windows\System32\FwRemoteSvr.dll - ok
20:26:15.0547 1684 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
20:26:15.0547 1684 C:\Windows\System32\dimsjob.dll - ok
20:26:15.0547 1684 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
20:26:15.0547 1684 C:\Windows\System32\pautoenr.dll - ok
20:26:15.0547 1684 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
20:26:15.0547 1684 C:\Windows\System32\wbem\wmiprov.dll - ok
20:26:15.0547 1684 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
20:26:15.0547 1684 C:\Windows\System32\certcli.dll - ok
20:26:15.0547 1684 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
20:26:15.0547 1684 C:\Windows\System32\ndiscapCfg.dll - ok
20:26:15.0562 1684 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
20:26:15.0562 1684 C:\Windows\System32\rascfg.dll - ok
20:26:15.0562 1684 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
20:26:15.0562 1684 C:\Windows\System32\CertEnroll.dll - ok
20:26:15.0562 1684 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
20:26:15.0562 1684 C:\Windows\System32\mprmsg.dll - ok
20:26:15.0562 1684 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
20:26:15.0562 1684 C:\Windows\System32\framedynos.dll - ok
20:26:15.0562 1684 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
20:26:15.0562 1684 C:\Windows\SysWOW64\mscoree.dll - ok
20:26:15.0562 1684 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
20:26:15.0562 1684 C:\Windows\System32\tcpipcfg.dll - ok
20:26:15.0562 1684 [ 0A473BEFD39B78EDD82C2BDA84529ADA ] C:\Windows\System32\wbem\Win32_EncryptableVolume.dll
20:26:15.0562 1684 C:\Windows\System32\wbem\Win32_EncryptableVolume.dll - ok
20:26:15.0578 1684 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:26:15.0578 1684 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:26:15.0578 1684 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
20:26:15.0578 1684 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
20:26:15.0578 1684 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
20:26:15.0578 1684 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
20:26:15.0578 1684 [ FFC54FA19FD67DDE232CFC0A87B0B1A7 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
20:26:15.0578 1684 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
20:26:15.0578 1684 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
20:26:15.0578 1684 C:\Windows\System32\wmi.dll - ok
20:26:15.0578 1684 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
20:26:15.0578 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
20:26:15.0593 1684 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
20:26:15.0593 1684 C:\Windows\System32\nci.dll - ok
20:26:15.0593 1684 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
20:26:15.0593 1684 C:\Windows\SysWOW64\oleacc.dll - ok
20:26:15.0593 1684 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
20:26:15.0593 1684 C:\Windows\System32\wlaninst.dll - ok
20:26:15.0593 1684 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
20:26:15.0593 1684 C:\Windows\System32\wwaninst.dll - ok
20:26:15.0593 1684 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
20:26:15.0593 1684 C:\Windows\SysWOW64\comdlg32.dll - ok
20:26:15.0593 1684 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
20:26:15.0593 1684 C:\Windows\SysWOW64\msimg32.dll - ok
20:26:15.0593 1684 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
20:26:15.0593 1684 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
20:26:15.0593 1684 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
20:26:15.0593 1684 C:\Windows\System32\esent.dll - ok
20:26:15.0609 1684 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
20:26:15.0609 1684 C:\Windows\SysWOW64\cmd.exe - ok
20:26:15.0609 1684 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
20:26:15.0609 1684 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
20:26:15.0609 1684 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
20:26:15.0609 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
20:26:15.0609 1684 [ 87DBF4C2465551BEE908D60FB2E3114C ] C:\Program Files\Dell\QuickSet\quickset.exe
20:26:15.0609 1684 C:\Program Files\Dell\QuickSet\quickset.exe - ok
20:26:15.0609 1684 [ 54F71A6A07B7953DBB9C4A74D64DABA4 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll
20:26:15.0609 1684 C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll - ok
20:26:15.0609 1684 [ E897F9B62E611D59FDFAB82FC829B93A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:26:15.0609 1684 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
20:26:15.0625 1684 [ 165EDC0EAD9239A1B385174A68E15436 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:26:15.0625 1684 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
20:26:15.0625 1684 [ 0243BBD8B67F716EE467E86B917DDD09 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
20:26:15.0625 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe - ok
20:26:15.0625 1684 [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
20:26:15.0625 1684 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
20:26:15.0625 1684 [ E5548AA95CFFB2FB6CBF85B6EFECFE18 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:26:15.0625 1684 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:26:15.0625 1684 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
20:26:15.0625 1684 C:\Windows\SysWOW64\oledlg.dll - ok
20:26:15.0625 1684 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
20:26:15.0625 1684 C:\Windows\SysWOW64\dwmapi.dll - ok
20:26:15.0625 1684 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
20:26:15.0625 1684 C:\Windows\AppPatch\AcLayers.dll - ok
20:26:15.0640 1684 [ 507BF2D933EE0C115924695230C15E05 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
20:26:15.0640 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe - ok
20:26:15.0640 1684 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
20:26:15.0640 1684 C:\Windows\SysWOW64\winbrand.dll - ok
20:26:15.0640 1684 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
20:26:15.0640 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
20:26:15.0640 1684 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
20:26:15.0640 1684 C:\Windows\SysWOW64\mpr.dll - ok
20:26:15.0640 1684 [ 02CB65DB3C16CB874B04F6B5BA734A7C ] C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe
20:26:15.0640 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe - ok
20:26:15.0640 1684 [ 400B0812687086AEAEFF7D50673A4BFD ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe
20:26:15.0640 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe - ok
20:26:15.0640 1684 [ 9FDD985050533E1A64E0D5DDE0F1729C ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STSCheduler.dll
20:26:15.0640 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STSCheduler.dll - ok
20:26:15.0656 1684 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
20:26:15.0656 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
20:26:15.0656 1684 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
20:26:15.0656 1684 C:\Windows\SysWOW64\shdocvw.dll - ok
20:26:15.0656 1684 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
20:26:15.0656 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
20:26:15.0656 1684 [ 780836BB63852990382DF27DE7FEFD20 ] C:\Windows\System32\bcdedit.exe
20:26:15.0656 1684 C:\Windows\System32\bcdedit.exe - ok
20:26:15.0656 1684 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
20:26:15.0656 1684 C:\Windows\SysWOW64\riched20.dll - ok
20:26:15.0656 1684 [ 14C7285F76D9C4AD86EC56C8730DEE2F ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
20:26:15.0656 1684 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
20:26:15.0656 1684 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
20:26:15.0656 1684 C:\Windows\SysWOW64\ncrypt.dll - ok
20:26:15.0656 1684 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
20:26:15.0656 1684 C:\Windows\SysWOW64\bcrypt.dll - ok
20:26:15.0671 1684 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
20:26:15.0671 1684 C:\Windows\System32\msvcp100.dll - ok
20:26:15.0671 1684 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:26:15.0671 1684 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:26:15.0671 1684 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Maeve\AppData\Local\Temp\3E5E7C1D-3F63-4522-BA0C-EF8E11493526.exe
20:26:15.0671 1684 C:\Users\Maeve\AppData\Local\Temp\3E5E7C1D-3F63-4522-BA0C-EF8E11493526.exe - ok
20:26:15.0671 1684 [ 1E3CB1435EC745058628AE40FEA9F471 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
20:26:15.0671 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll - ok
20:26:15.0671 1684 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
20:26:15.0671 1684 C:\Windows\SysWOW64\gpapi.dll - ok
20:26:15.0671 1684 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
20:26:15.0671 1684 C:\Windows\SysWOW64\cryptnet.dll - ok
20:26:15.0671 1684 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:26:15.0671 1684 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:26:15.0687 1684 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
20:26:15.0687 1684 C:\Windows\SysWOW64\wship6.dll - ok
20:26:15.0687 1684 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:26:15.0687 1684 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:26:15.0687 1684 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
20:26:15.0687 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
20:26:15.0687 1684 [ C75719881796E9A1EEA50C5BDDF8662C ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
20:26:15.0687 1684 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
20:26:15.0687 1684 [ EE74A0FF7C5752E49911986F22BBAEEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
20:26:15.0687 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll - ok
20:26:15.0687 1684 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
20:26:15.0687 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
20:26:15.0703 1684 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
20:26:15.0703 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
20:26:15.0703 1684 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
20:26:15.0703 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
20:26:15.0703 1684 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
20:26:15.0703 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
20:26:15.0703 1684 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
20:26:15.0703 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
20:26:15.0703 1684 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
20:26:15.0703 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
20:26:15.0703 1684 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
20:26:15.0703 1684 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
20:26:15.0703 1684 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
20:26:15.0703 1684 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
20:26:15.0718 1684 [ 9625F047365883513508A3DE36E19321 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
20:26:15.0718 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll - ok
20:26:15.0718 1684 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
20:26:15.0718 1684 C:\Windows\SysWOW64\dnsapi.dll - ok
20:26:15.0718 1684 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
20:26:15.0718 1684 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
20:26:15.0718 1684 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:26:15.0718 1684 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:26:15.0718 1684 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
20:26:15.0718 1684 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:26:15.0718 1684 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:26:15.0718 1684 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:26:15.0718 1684 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:26:15.0718 1684 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:26:15.0734 1684 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
20:26:15.0734 1684 C:\Windows\SysWOW64\EhStorShell.dll - ok
20:26:15.0734 1684 [ F14823F07336AA84D2F5C26834D851E9 ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
20:26:15.0734 1684 C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
20:26:15.0734 1684 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
20:26:15.0734 1684 C:\Windows\SysWOW64\ntshrui.dll - ok
20:26:15.0734 1684 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
20:26:15.0734 1684 C:\Windows\SysWOW64\imageres.dll - ok
20:26:15.0734 1684 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
20:26:15.0734 1684 C:\Windows\SysWOW64\slc.dll - ok
20:26:15.0734 1684 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
20:26:15.0734 1684 C:\Windows\SysWOW64\IconCodecService.dll - ok
20:26:15.0734 1684 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
20:26:15.0734 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
20:26:15.0749 1684 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
20:26:15.0749 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
20:26:15.0749 1684 [ 63B3A70901366314E02D9741D12FE7FB ] C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll
20:26:15.0749 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll - ok
20:26:15.0749 1684 [ 0449BECBBE1857355931D1C299ED8595 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3d88c2a6ce5bff2135ec7a871ffe8ac\System.ServiceModel.ni.dll
20:26:15.0749 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3d88c2a6ce5bff2135ec7a871ffe8ac\System.ServiceModel.ni.dll - ok
20:26:15.0749 1684 [ 84C62605B877A378FE6F76E380D97E7B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
20:26:15.0749 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll - ok
20:26:15.0749 1684 [ A2BD298E0D4EAB4618DDA2C4C237261C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
20:26:15.0749 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll - ok
20:26:15.0749 1684 [ F86654DF03C8AD1C2CE6F95FA5240060 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
20:26:15.0749 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll - ok
20:26:15.0765 1684 [ DEBEC22FD655CDB0B9627C59456B5195 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
20:26:15.0765 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll - ok
20:26:15.0765 1684 [ DD80D3894F5E1D36864D9727214605CD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
20:26:15.0765 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll - ok
20:26:15.0765 1684 [ D7FC9CA10821119F6B79092D0273E25D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll
20:26:15.0765 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll - ok
20:26:15.0765 1684 [ C011C1EE7BD7FCCEF320F298DC9FAD45 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
20:26:15.0765 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll - ok
20:26:15.0765 1684 [ 1B6A47288EA57C7CF96B013324C67FEB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
20:26:15.0765 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll - ok
20:26:15.0765 1684 [ EA856F4A46320389D1899B2CAA7BF40F ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:26:15.0765 1684 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
20:26:15.0781 1684 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
20:26:15.0781 1684 C:\Windows\SysWOW64\rasapi32.dll - ok
20:26:15.0781 1684 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
20:26:15.0781 1684 C:\Windows\SysWOW64\rasman.dll - ok
20:26:15.0781 1684 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
20:26:15.0781 1684 C:\Windows\SysWOW64\rtutils.dll - ok
20:26:15.0781 1684 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
20:26:15.0781 1684 C:\Windows\System32\drivers\WUDFRd.sys - ok
20:26:15.0781 1684 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
20:26:15.0781 1684 C:\Windows\System32\rundll32.exe - ok
20:26:15.0781 1684 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
20:26:15.0781 1684 C:\Windows\System32\drivers\fastfat.sys - ok
20:26:15.0781 1684 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
20:26:15.0781 1684 C:\Windows\System32\actxprxy.dll - ok
20:26:15.0796 1684 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
20:26:15.0796 1684 C:\Windows\System32\drivers\WUDFPf.sys - ok
20:26:15.0796 1684 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
20:26:15.0796 1684 C:\Windows\System32\WUDFSvc.dll - ok
20:26:15.0796 1684 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
20:26:15.0796 1684 C:\Windows\System32\WUDFHost.exe - ok
20:26:15.0796 1684 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
20:26:15.0796 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
20:26:15.0796 1684 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
20:26:15.0796 1684 C:\Windows\System32\spfileq.dll - ok
20:26:15.0796 1684 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
20:26:15.0796 1684 C:\Windows\System32\WUDFx.dll - ok
20:26:15.0796 1684 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
20:26:15.0796 1684 C:\Windows\SysWOW64\d3d9.dll - ok
20:26:15.0796 1684 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
20:26:15.0796 1684 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
20:26:15.0812 1684 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
20:26:15.0812 1684 C:\Windows\System32\WMVCORE.DLL - ok
20:26:15.0812 1684 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
20:26:15.0812 1684 C:\Windows\SysWOW64\d3d8thk.dll - ok
20:26:15.0812 1684 [ 141AD1B2B7C0B13D4F4DD15A1E5562AE ] C:\Windows\SysWOW64\nvd3dum.dll
20:26:15.0812 1684 C:\Windows\SysWOW64\nvd3dum.dll - ok
20:26:15.0812 1684 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
20:26:15.0812 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
20:26:15.0812 1684 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
20:26:15.0812 1684 C:\Windows\System32\WMASF.DLL - ok
20:26:15.0812 1684 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
20:26:15.0812 1684 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
20:26:15.0812 1684 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
20:26:15.0812 1684 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:26:15.0827 1684 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
20:26:15.0827 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
20:26:15.0827 1684 [ BE39E22059A3082D5289739299C33C01 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
20:26:15.0827 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll - ok
20:26:15.0827 1684 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
20:26:15.0827 1684 C:\Windows\SysWOW64\powrprof.dll - ok
20:26:15.0827 1684 [ 8576B269A420F7360B17BF4C8A617617 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
20:26:15.0827 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
20:26:15.0827 1684 [ F9601766C59FD21C8C7B2EA5586D51A0 ] C:\Windows\SysWOW64\nvapi.dll
20:26:15.0827 1684 C:\Windows\SysWOW64\nvapi.dll - ok
20:26:15.0827 1684 [ 04DD04F1C6DE2777DB89B774F22A019C ] C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll
20:26:15.0827 1684 C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll - ok
20:26:15.0843 1684 [ 68F6725B4A59E16C04B3F3AC514D6724 ] C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe
20:26:15.0843 1684 C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe - ok
20:26:15.0843 1684 [ 2CC0CBF2707BE4D5B6CE6B87D9DA2F97 ] C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:26:15.0843 1684 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe - ok
20:26:15.0843 1684 [ C631C6AFD600ABC434F3F784D259370C ] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
20:26:15.0843 1684 C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll - ok
20:26:15.0843 1684 [ D6CEEC2F878149E4DB9FE93FA5D8FE60 ] C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:26:15.0843 1684 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe - ok
20:26:15.0843 1684 [ F7D9B8DD77564E65E48835BC233CC18F ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll
20:26:15.0843 1684 C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll - ok
20:26:15.0843 1684 [ D28C84311313F2799CB6F3CEC7611CDF ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll
20:26:15.0843 1684 C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll - ok
20:26:15.0843 1684 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:26:15.0843 1684 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:26:15.0859 1684 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
20:26:15.0859 1684 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
20:26:15.0859 1684 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:26:15.0859 1684 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
20:26:15.0859 1684 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
20:26:15.0859 1684 C:\Windows\System32\msvcr100_clr0400.dll - ok
20:26:15.0859 1684 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
20:26:15.0859 1684 C:\Windows\System32\mscoree.dll - ok
20:26:15.0859 1684 [ 2050309BAB03DFCEE455DBF913BF91B1 ] C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
20:26:15.0859 1684 C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe - ok
20:26:15.0859 1684 [ E34D070DF6F3574B3EF5336EA021A216 ] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
20:26:15.0859 1684 C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll - ok
20:26:15.0874 1684 [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
20:26:15.0874 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
20:26:15.0874 1684 [ 6A0343441DDE7D978C5BE2C790DA45EB ] C:\Program Files (x86)\Dell Digital Delivery\Core.dll
20:26:15.0874 1684 C:\Program Files (x86)\Dell Digital Delivery\Core.dll - ok
20:26:15.0874 1684 [ EBCB2716C869CE238F5AA510D7D6A23B ] C:\Program Files (x86)\Dell Digital Delivery\log4net.dll
20:26:15.0874 1684 C:\Program Files (x86)\Dell Digital Delivery\log4net.dll - ok
20:26:15.0874 1684 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
20:26:15.0874 1684 C:\Windows\SysWOW64\shfolder.dll - ok
20:26:15.0874 1684 [ 51D2F66C0C55419CA4A797C8D1B0AD8D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
20:26:15.0874 1684 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll - ok
20:26:15.0874 1684 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
20:26:15.0874 1684 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
20:26:15.0874 1684 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
20:26:15.0874 1684 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
20:26:15.0890 1684 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
20:26:15.0890 1684 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
20:26:15.0890 1684 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
20:26:15.0890 1684 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe - ok
20:26:15.0890 1684 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
20:26:15.0890 1684 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
20:26:15.0890 1684 [ FDA1BA7B2179F29D6DEB3DEC9C9037D0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
20:26:15.0890 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll - ok
20:26:15.0890 1684 [ E5BC8D93CDCB957146D971647849A154 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
20:26:15.0890 1684 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
20:26:15.0890 1684 [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
20:26:15.0890 1684 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
20:26:15.0890 1684 [ D7999068E94589045BB8C5380AC79937 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
20:26:15.0890 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll - ok
20:26:15.0905 1684 [ EC6F7F18D3CE55E3BE7AA25D7724EC22 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll
20:26:15.0905 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll - ok
20:26:15.0905 1684 [ 4B7AF7BEB9B97A66B0D19690DC9364B5 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
20:26:15.0905 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
20:26:15.0905 1684 [ E18C76E32C9E2DAF7FC929E6D13412CF ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
20:26:15.0905 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
20:26:15.0905 1684 [ 0EF54B7814EFA5C1364A7C6495BD1DBD ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
20:26:15.0905 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
20:26:15.0905 1684 [ 848449F41B6E9553FF5D5F864191B834 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll
20:26:15.0905 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll - ok
20:26:15.0905 1684 [ 36B31861AD1B53433E8C9D09035E23D1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll
20:26:15.0905 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll - ok
20:26:15.0921 1684 [ EAD7F8749BB2B19EF7DA62E20E008D6B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
20:26:15.0921 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
20:26:15.0921 1684 [ A072B04165C379DFEF863214EF14EB5F ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\log4net\v4.0_1.2.11.0__669e0ddf0bb1aa2a\log4net.dll
20:26:15.0921 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\log4net\v4.0_1.2.11.0__669e0ddf0bb1aa2a\log4net.dll - ok
20:26:15.0921 1684 [ D206AB16CF82C078D00FDAE9130A4B44 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
20:26:15.0921 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll - ok
20:26:15.0921 1684 [ 6CCADF81A2CE922D169C2B57D7ABCDC3 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
20:26:15.0921 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - ok
20:26:15.0921 1684 [ 151375A2F276FBE67A31FC43C2799981 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
20:26:15.0921 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
20:26:15.0921 1684 [ 5CA2A1DBE29AEA7F0B5D2848A8D03F58 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
20:26:15.0921 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll - ok
20:26:15.0937 1684 [ 439A1A6796640284C82048B6A5379378 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
20:26:15.0937 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll - ok
20:26:15.0937 1684 [ CBDB42644849DC69D7D6169680272E1E ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll
20:26:15.0937 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
20:26:15.0937 1684 [ DF150B1D8AC2BCD91BDE25E2E2AB4634 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll
20:26:15.0937 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll - ok
20:26:15.0937 1684 [ E8F87E9951F1BA6CB6DB9CDA1B22F9A4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll
20:26:15.0937 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
20:26:15.0937 1684 [ 650464CA12ED30AC31A8D4FE0353223C ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll
20:26:15.0937 1684 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll - ok
20:26:15.0937 1684 [ CA618958889A8BA0E37E6E5E59B73BD5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
20:26:15.0937 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll - ok
20:26:15.0952 1684 [ 49E33BB5A579A15D3FC0CFA09513F3F9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll
20:26:15.0952 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll - ok
20:26:15.0952 1684 [ 29B86B3C8253280151EEBE843A9648CD ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
20:26:15.0952 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
20:26:15.0952 1684 [ A8E62772CF2B709282F416EE016C97C6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll
20:26:15.0952 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll - ok
20:26:15.0952 1684 [ 41962D5E18E9874390BC1F074571A6BB ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
20:26:15.0952 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
20:26:15.0952 1684 [ 484E37FF77E377C4B8D3A439F4D2D173 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll
20:26:15.0952 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll - ok
20:26:15.0952 1684 [ 4BF940A921BFAC209EC6CF31E091EA05 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll
20:26:15.0952 1684 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll - ok
20:26:15.0968 1684 [ A836803227004B6F513C825B25665E73 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll
20:26:15.0968 1684 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll - ok
20:26:15.0968 1684 [ EC133C3E2A97AA6FBC276DCCCD0645BF ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll
20:26:15.0968 1684 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll - ok
20:26:15.0968 1684 [ AB97D171A77B5F4BAFB033BF539BED42 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll
20:26:15.0968 1684 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll - ok
20:26:15.0968 1684 [ 4E820CB4B2193922A4B7723925AB4B58 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll
20:26:15.0968 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll - ok
20:26:15.0968 1684 [ F8C1508FAF0DD3CC9A61A02BF0CEC2B6 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
20:26:15.0968 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
20:26:15.0968 1684 [ C755E17BAC396F9A9F468320B3F6CF46 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
20:26:15.0968 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
20:26:15.0983 1684 [ A78B432ED7B77B08DDF23F5B7C3BF491 ] C:\Program Files (x86)\Dell Digital Delivery\Fulfillment.dll
20:26:15.0983 1684 C:\Program Files (x86)\Dell Digital Delivery\Fulfillment.dll - ok
20:26:15.0983 1684 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
20:26:15.0983 1684 C:\Windows\SysWOW64\nlaapi.dll - ok
20:26:15.0983 1684 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
20:26:15.0983 1684 C:\Windows\SysWOW64\NapiNSP.dll - ok
20:26:15.0983 1684 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
20:26:15.0983 1684 C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:26:15.0983 1684 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
20:26:15.0983 1684 C:\Windows\SysWOW64\winrnr.dll - ok
20:26:15.0983 1684 [ 87AE6FD2F808B2706C441D697D58B294 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll
20:26:15.0983 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll - ok
20:26:15.0983 1684 [ ED6463919045F584C9696D4876F65DDE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
20:26:15.0983 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
20:26:15.0999 1684 [ 66BB11C8F6CA57FA49C1DAE2EA00CC26 ] C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
20:26:15.0999 1684 C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll - ok
20:26:15.0999 1684 [ B45F3D98A83B6E17599FD8E70ED5D9AE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
20:26:15.0999 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll - ok
20:26:15.0999 1684 [ 561D263EA7B6F9E088EA39496C58C50D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
20:26:15.0999 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll - ok
20:26:15.0999 1684 [ 2770DE874AC34B27AFC72B0C8CC3EC87 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
20:26:15.0999 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
20:26:15.0999 1684 [ 4C17E41BF444F453CC5FB553A85EC930 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
20:26:15.0999 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
20:26:15.0999 1684 [ CF6041854E73301B7FCE3390D34BDEC8 ] C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll
20:26:15.0999 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
20:26:16.0015 1684 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
20:26:16.0015 1684 C:\Windows\SysWOW64\FirewallAPI.dll - ok
20:26:16.0015 1684 [ 24AF833D9DD4D2DC9DA9475CA380185B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
20:26:16.0015 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
20:26:16.0015 1684 [ 386D6256BB8CD7496DBF7AEF9DC03836 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll
20:26:16.0015 1684 C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll - ok
20:26:16.0015 1684 [ 8A74BCA77FDB507065A8D0F2BEE9558D ] C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
20:26:16.0015 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
20:26:16.0015 1684 [ 7D548E2C73F52320827634C8C967AADD ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
20:26:16.0015 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
20:26:16.0015 1684 [ 6E5443A0FCB85D219584189BDFC326BB ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll
20:26:16.0015 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll - ok
20:26:16.0015 1684 [ 5EE563B27F1ABB774F253EFE23EB8A9C ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.27.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll
20:26:16.0015 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.27.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll - ok
20:26:16.0030 1684 [ 6B493042FF896455D8F5D117F28D0937 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
20:26:16.0030 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
20:26:16.0030 1684 [ 962EA0650CE952EE4983442FB24C70E1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll
20:26:16.0030 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
20:26:16.0030 1684 [ 05EB64E15138AD7CA4B4292049A2576A ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll
20:26:16.0030 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
20:26:16.0030 1684 [ 94E001AECCD3E00DCACF0B53D4F0FD28 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll
20:26:16.0030 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.78.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll - ok
20:26:16.0030 1684 [ 21A20EF07F223B250CB0A1784562E0B4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.39.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll
20:26:16.0030 1684 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.39.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll - ok
20:26:16.0030 1684 [ 96C47A1F582CE6ADAEF5FEA4D0ABBF47 ] C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.39.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll
20:26:16.0030 1684 C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.39.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
20:26:16.0046 1684 [ 7F32D4C47A50E7223491E8FB9359907D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:26:16.0046 1684 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
20:26:16.0046 1684 [ 9D1CCE440552500DED3A62F9D779CDB4 ] C:\Program Files (x86)\Nero\Update\NASvc.exe
20:26:16.0046 1684 C:\Program Files (x86)\Nero\Update\NASvc.exe - ok
20:26:16.0046 1684 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
20:26:16.0046 1684 C:\Windows\SysWOW64\xmllite.dll - ok
20:26:16.0046 1684 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
20:26:16.0046 1684 C:\Windows\SysWOW64\cryptdll.dll - ok
20:26:16.0046 1684 [ 74926D00BABB1B233F1194584DE0B969 ] C:\Program Files (x86)\Nero\Update\SolutionExplorer.dll
20:26:16.0046 1684 C:\Program Files (x86)\Nero\Update\SolutionExplorer.dll - ok
20:26:16.0046 1684 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
20:26:16.0046 1684 C:\Windows\SysWOW64\msiltcfg.dll - ok
20:26:16.0046 1684 [ B29280AA00BC34FEECDC0426B11B9DAC ] C:\Windows\SysWOW64\RstrtMgr.dll
20:26:16.0046 1684 C:\Windows\SysWOW64\RstrtMgr.dll - ok
20:26:16.0061 1684 [ F189363BEC7FB2E56FF7FFC9C9D4C4F3 ] C:\Program Files (x86)\Nero\Update\NASvcPS.dll
20:26:16.0061 1684 C:\Program Files (x86)\Nero\Update\NASvcPS.dll - ok
20:26:16.0061 1684 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
20:26:16.0061 1684 C:\Windows\System32\sppsvc.exe - ok
20:26:16.0061 1684 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
20:26:16.0061 1684 C:\Windows\System32\drivers\spsys.sys - ok
20:26:16.0061 1684 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:26:16.0061 1684 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:26:16.0061 1684 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
20:26:16.0061 1684 C:\Windows\System32\wmdrmdev.dll - ok
20:26:16.0061 1684 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
20:26:16.0061 1684 C:\Windows\System32\drmv2clt.dll - ok
20:26:16.0061 1684 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
20:26:16.0061 1684 C:\Windows\System32\mfplat.dll - ok
20:26:16.0077 1684 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
20:26:16.0077 1684 C:\Windows\System32\wscsvc.dll - ok
20:26:16.0077 1684 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
20:26:16.0077 1684 C:\Windows\System32\p2pcollab.dll - ok
20:26:16.0077 1684 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
20:26:16.0077 1684 C:\Windows\System32\SearchIndexer.exe - ok
20:26:16.0077 1684 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
20:26:16.0077 1684 C:\Windows\System32\fveui.dll - ok
20:26:16.0077 1684 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
20:26:16.0077 1684 C:\Windows\System32\blackbox.dll - ok
20:26:16.0077 1684 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
20:26:16.0077 1684 C:\Windows\System32\tquery.dll - ok
20:26:16.0077 1684 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
20:26:16.0077 1684 C:\Windows\System32\wuapi.dll - ok
20:26:16.0093 1684 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
20:26:16.0093 1684 C:\Windows\System32\cabinet.dll - ok
20:26:16.0093 1684 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
20:26:16.0093 1684 C:\Windows\System32\wups.dll - ok
20:26:16.0093 1684 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
20:26:16.0093 1684 C:\Windows\System32\sppwinob.dll - ok
20:26:16.0093 1684 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
20:26:16.0093 1684 C:\Windows\System32\wmp.dll - ok
20:26:16.0093 1684 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
20:26:16.0093 1684 C:\Windows\System32\mssrch.dll - ok
20:26:16.0093 1684 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
20:26:16.0093 1684 C:\Windows\System32\msidle.dll - ok
20:26:16.0093 1684 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
20:26:16.0093 1684 C:\Windows\SysWOW64\wscisvif.dll - ok
20:26:16.0093 1684 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
20:26:16.0093 1684 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
20:26:16.0108 1684 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
20:26:16.0108 1684 C:\Windows\System32\wmploc.DLL - ok
20:26:16.0108 1684 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
20:26:16.0108 1684 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:26:16.0108 1684 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
20:26:16.0108 1684 C:\Windows\System32\wmpps.dll - ok
20:26:16.0108 1684 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
20:26:16.0108 1684 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:26:16.0108 1684 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
20:26:16.0108 1684 C:\Windows\System32\sppobjs.dll - ok
20:26:16.0124 1684 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
20:26:16.0124 1684 C:\Windows\System32\SearchProtocolHost.exe - ok
20:26:16.0124 1684 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
20:26:16.0124 1684 C:\Windows\System32\msshooks.dll - ok
20:26:16.0124 1684 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
20:26:16.0124 1684 C:\Windows\System32\SearchFilterHost.exe - ok
20:26:16.0124 1684 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
20:26:16.0124 1684 C:\Windows\System32\wuaueng.dll - ok
20:26:16.0124 1684 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:26:16.0124 1684 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:26:16.0124 1684 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
20:26:16.0124 1684 C:\Windows\System32\mspatcha.dll - ok
20:26:16.0124 1684 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
20:26:16.0124 1684 C:\Windows\System32\mssprxy.dll - ok
20:26:16.0124 1684 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
20:26:16.0124 1684 C:\Windows\System32\mssph.dll - ok
20:26:16.0139 1684 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
20:26:16.0139 1684 C:\Windows\System32\mapi32.dll - ok
20:26:16.0139 1684 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
20:26:16.0139 1684 C:\Windows\System32\wups2.dll - ok
20:26:16.0139 1684 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
20:26:16.0139 1684 C:\Windows\System32\NaturalLanguage6.dll - ok
20:26:16.0139 1684 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
20:26:16.0139 1684 C:\Windows\System32\NlsData0009.dll - ok
20:26:16.0139 1684 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
20:26:16.0139 1684 C:\Windows\System32\NlsLexicons0009.dll - ok
20:26:16.0139 1684 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
20:26:16.0139 1684 C:\Windows\System32\ELSCore.dll - ok
20:26:16.0139 1684 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
20:26:16.0139 1684 C:\Windows\System32\elsTrans.dll - ok
20:26:16.0155 1684 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
20:26:16.0155 1684 C:\Windows\System32\elslad.dll - ok
20:26:16.0155 1684 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
20:26:16.0155 1684 C:\Windows\System32\NlsData0000.dll - ok
20:26:16.0155 1684 [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll
20:26:16.0155 1684 C:\Windows\System32\NlsData0018.dll - ok
20:26:16.0155 1684 [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll
20:26:16.0155 1684 C:\Windows\System32\NlsLexicons0018.dll - ok
20:26:16.0155 1684 [ 86C6E8597094BD9F2CF0E5F841641F4E ] C:\Windows\System32\xmlfilter.dll
20:26:16.0155 1684 C:\Windows\System32\xmlfilter.dll - ok
20:26:16.0155 1684 [ 2C16648A12999AE69A9EBF41974B0BA2 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:26:16.0155 1684 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
20:26:16.0155 1684 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
20:26:16.0155 1684 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
20:26:16.0171 1684 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
20:26:16.0171 1684 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
20:26:16.0171 1684 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
20:26:16.0171 1684 C:\Windows\System32\slwga.dll - ok
20:26:16.0171 1684 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
20:26:16.0171 1684 C:\Windows\System32\sppc.dll - ok
20:26:16.0171 1684 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
20:26:16.0171 1684 C:\Windows\System32\security.dll - ok
20:26:16.0171 1684 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
20:26:16.0171 1684 C:\Windows\System32\browcli.dll - ok
20:26:16.0171 1684 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
20:26:16.0171 1684 C:\Windows\System32\schedcli.dll - ok
20:26:16.0171 1684 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
20:26:16.0171 1684 C:\Windows\System32\wbem\wmipcima.dll - ok
20:26:16.0171 1684 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
20:26:16.0171 1684 C:\Windows\System32\advpack.dll - ok
20:26:16.0186 1684 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
20:26:16.0186 1684 C:\Windows\servicing\TrustedInstaller.exe - ok
20:26:16.0186 1684 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
20:26:16.0186 1684 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
20:26:16.0186 1684 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
20:26:16.0186 1684 C:\Windows\System32\dpx.dll - ok
20:26:16.0186 1684 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
20:26:16.0186 1684 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
20:26:16.0186 1684 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
20:26:16.0186 1684 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
20:26:16.0186 1684 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
20:26:16.0186 1684 C:\Windows\System32\spp.dll - ok
20:26:16.0202 1684 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
20:26:16.0202 1684 C:\Windows\System32\srclient.dll - ok
20:26:16.0202 1684 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
20:26:16.0202 1684 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
20:26:16.0202 1684 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
20:26:16.0202 1684 C:\Windows\System32\sxsstore.dll - ok
20:26:16.0202 1684 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
20:26:16.0202 1684 C:\Windows\servicing\CbsApi.dll - ok
20:26:16.0202 1684 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
20:26:16.0202 1684 C:\Windows\System32\wuauclt.exe - ok
20:26:16.0202 1684 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
20:26:16.0202 1684 C:\Windows\System32\wucltux.dll - ok
20:26:16.0202 1684 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
20:26:16.0202 1684 C:\Windows\System32\ie4uinit.exe - ok
20:26:16.0202 1684 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
20:26:16.0202 1684 C:\Windows\System32\iedkcs32.dll - ok
20:26:16.0217 1684 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
20:26:16.0217 1684 C:\Windows\System32\timedate.cpl - ok
20:26:16.0217 1684 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
20:26:16.0217 1684 C:\Windows\System32\shdocvw.dll - ok
20:26:16.0217 1684 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
20:26:16.0217 1684 C:\Windows\System32\linkinfo.dll - ok
20:26:16.0217 1684 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
20:26:16.0217 1684 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
20:26:16.0217 1684 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
20:26:16.0217 1684 C:\Windows\System32\msftedit.dll - ok
20:26:16.0217 1684 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
20:26:16.0217 1684 C:\Windows\System32\msls31.dll - ok
20:26:16.0217 1684 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
20:26:16.0217 1684 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
20:26:16.0233 1684 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
20:26:16.0233 1684 C:\Windows\System32\gameux.dll - ok
20:26:16.0233 1684 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
20:26:16.0233 1684 C:\Windows\System32\DeviceCenter.dll - ok
20:26:16.0233 1684 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
20:26:16.0233 1684 C:\Windows\System32\thumbcache.dll - ok
20:26:16.0233 1684 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
20:26:16.0233 1684 C:\Windows\System32\msiltcfg.dll - ok
20:26:16.0233 1684 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
20:26:16.0233 1684 C:\Windows\System32\networkexplorer.dll - ok
20:26:16.0233 1684 [ 66E755563684616842DD94C1C1CE68C3 ] C:\Windows\System32\SynCOM.dll
20:26:16.0233 1684 C:\Windows\System32\SynCOM.dll - ok
20:26:16.0233 1684 [ 4D7B6115F9C7B036693B53B671DEFF3E ] C:\Windows\System32\SynTPAPI.dll
20:26:16.0233 1684 C:\Windows\System32\SynTPAPI.dll - ok
20:26:16.0233 1684 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
20:26:16.0233 1684 C:\Windows\System32\opengl32.dll - ok
20:26:16.0249 1684 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
20:26:16.0249 1684 C:\Windows\System32\AudioSes.dll - ok
20:26:16.0249 1684 [ BA2D7C2620B2F8446D469761F72F5F4E ] C:\Windows\System32\nvhotkey.dll
20:26:16.0249 1684 C:\Windows\System32\nvhotkey.dll - ok
20:26:16.0249 1684 [ FD097ED7C32EBA131C2013CC34640B67 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
20:26:16.0249 1684 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
20:26:16.0249 1684 [ AF993F50B17C0AFB26235EFCF06DAD06 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
20:26:16.0249 1684 C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe - ok
20:26:16.0249 1684 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
20:26:16.0249 1684 C:\Windows\System32\glu32.dll - ok
20:26:16.0249 1684 [ 8886E0697B0A93C521F99099EF643450 ] C:\Windows\System32\wscript.exe
20:26:16.0249 1684 C:\Windows\System32\wscript.exe - ok
20:26:16.0249 1684 [ AB0E99A9C6AFAE81DD499CCA292744B6 ] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
20:26:16.0249 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe - ok
20:26:16.0264 1684 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
20:26:16.0264 1684 C:\Windows\System32\ddraw.dll - ok
20:26:16.0264 1684 [ 062ECE337A4AADF87A1155C248F57248 ] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
20:26:16.0264 1684 C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll - ok
20:26:16.0264 1684 [ A16852B04C0A5654B0B8DFD5E1A25718 ] C:\Program Files (x86)\MagicDisc\MagicDisc.exe
20:26:16.0264 1684 C:\Program Files (x86)\MagicDisc\MagicDisc.exe - ok
20:26:16.0264 1684 [ 0E92BD6EBE215FA80288AFA7996A622B ] C:\Windows\System32\vbscript.dll
20:26:16.0264 1684 C:\Windows\System32\vbscript.dll - ok
20:26:16.0264 1684 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
20:26:16.0264 1684 C:\Windows\System32\dciman32.dll - ok
20:26:16.0264 1684 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
20:26:16.0264 1684 C:\Windows\System32\wdmaud.drv - ok
20:26:16.0264 1684 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
20:26:16.0264 1684 C:\Windows\System32\msisip.dll - ok
20:26:16.0264 1684 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
20:26:16.0264 1684 C:\Windows\System32\RtkCfg64.dll - ok
20:26:16.0280 1684 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
20:26:16.0280 1684 C:\Windows\System32\ksuser.dll - ok
20:26:16.0280 1684 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
20:26:16.0280 1684 C:\Windows\System32\dsound.dll - ok
20:26:16.0280 1684 [ 7424D667F6CDD42F4663E3656E8C233B ] C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll
20:26:16.0280 1684 C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll - ok
20:26:16.0280 1684 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
20:26:16.0280 1684 C:\Windows\System32\msacm32.drv - ok
20:26:16.0280 1684 [ 87FC00021602969F388FD1DC2D3DB368 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
20:26:16.0280 1684 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll - ok
20:26:16.0280 1684 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
20:26:16.0280 1684 C:\Windows\System32\msacm32.dll - ok
20:26:16.0280 1684 [ E7A8552683EAA9EAD818BCFDA9CCBB8D ] C:\Windows\System32\RtkAPO64.dll
20:26:16.0280 1684 C:\Windows\System32\RtkAPO64.dll - ok
20:26:16.0295 1684 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll
20:26:16.0295 1684 C:\Windows\System32\wshext.dll - ok
20:26:16.0295 1684 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
20:26:16.0295 1684 C:\Windows\System32\midimap.dll - ok
20:26:16.0295 1684 [ C759FF2C5880DE29284A53A5FF976B0C ] C:\Windows\System32\pcadm.dll
20:26:16.0295 1684 C:\Windows\System32\pcadm.dll - ok
20:26:16.0295 1684 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
20:26:16.0295 1684 C:\Windows\System32\AudioEng.dll - ok
20:26:16.0295 1684 [ 67CE7A83CF4AA78A05EA26D4443CE5F3 ] C:\Windows\System32\scrobj.dll
20:26:16.0295 1684 C:\Windows\System32\scrobj.dll - ok
20:26:16.0295 1684 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
20:26:16.0295 1684 C:\Windows\System32\AUDIOKSE.dll - ok
20:26:16.0295 1684 [ 74084A271BE067B92B04004F1F6580C5 ] C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe
20:26:16.0295 1684 C:\Users\Maeve\AppData\Local\Autobahn\nexdef.exe - ok
20:26:16.0311 1684 [ 39CA8406A5D2B58707CC2E38EFF21716 ] C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe
20:26:16.0311 1684 C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe - ok
20:26:16.0311 1684 [ 2C68D1CEAA96FE39E44B4979ACD6D9B3 ] C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll
20:26:16.0311 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll - ok
20:26:16.0311 1684 [ 2EF0B3C51971F51ED700C01CFBC5B82A ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
20:26:16.0311 1684 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe - ok
20:26:16.0311 1684 [ C26CD4D8A5A3CFFB87EB4170E38F6F51 ] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL
20:26:16.0311 1684 C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL - ok
20:26:16.0311 1684 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll
20:26:16.0311 1684 C:\Windows\System32\wbem\wbemdisp.dll - ok
20:26:16.0311 1684 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
20:26:16.0311 1684 C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:26:16.0311 1684 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\16398923.sys
20:26:16.0311 1684 C:\Windows\System32\drivers\16398923.sys - ok
20:26:16.0327 1684 [ EBE1962DC5EEFC13D20543013A891ABC ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
20:26:16.0327 1684 C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe - ok
20:26:16.0327 1684 [ 88FD47E3BD31BC358AD1EF14E75C7681 ] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
20:26:16.0327 1684 C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe - ok
20:26:16.0327 1684 [ FCC4AEDAA7E86198E5FBCF9AE3B16095 ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
20:26:16.0327 1684 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
20:26:16.0327 1684 [ A4A59E38A82781985AF76BA2038C78BE ] C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
20:26:16.0327 1684 C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe - ok
20:26:16.0327 1684 [ FC38AC14A394D470182092AB22D98836 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
20:26:16.0327 1684 C:\Program Files (x86)\Cyberlink\Shared files\brs.exe - ok
20:26:16.0327 1684 [ 544013C383833189A61C2F72B8814319 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
20:26:16.0327 1684 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll - ok
20:26:16.0327 1684 [ 652B4E6919AB957E202057FD60D1B42A ] C:\Program Files (x86)\Cyberlink\PowerDVD9\CLRCEngine3.dll
20:26:16.0327 1684 C:\Program Files (x86)\Cyberlink\PowerDVD9\CLRCEngine3.dll - ok
20:26:16.0342 1684 [ 1020C0C4BAC624DAF56712EA6D5865CE ] C:\Windows\SysWOW64\msvcr71.dll
20:26:16.0342 1684 C:\Windows\SysWOW64\msvcr71.dll - ok
20:26:16.0342 1684 [ E810DEA47AA2572CBF6D402642D38701 ] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
20:26:16.0342 1684 C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe - ok
20:26:16.0342 1684 [ 1020C0C4BAC624DAF56712EA6D5865CE ] C:\Program Files (x86)\Cyberlink\PowerDVD9\msvcr71.dll
20:26:16.0342 1684 C:\Program Files (x86)\Cyberlink\PowerDVD9\msvcr71.dll - ok
20:26:16.0342 1684 [ 09E050B3CB76151FDD604877965A16C9 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
20:26:16.0342 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe - ok
20:26:16.0342 1684 [ 2854D6E5759AA8255EE65F519B6D04AF ] C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.dll
20:26:16.0342 1684 C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.dll - ok
20:26:16.0342 1684 [ 4333E6C7D2E17C97E1CF10DD4C90FE7A ] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
20:26:16.0342 1684 C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe - ok
20:26:16.0358 1684 [ CB3D4DEF4F67346246A2E5F791BCD4B0 ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
20:26:16.0358 1684 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok
20:26:16.0358 1684 [ D458B563613E898EE7C627359AF5973D ] C:\Windows\SysWOW64\Nlsdl.dll
20:26:16.0358 1684 C:\Windows\SysWOW64\Nlsdl.dll - ok
20:26:16.0358 1684 [ E748D0B8F4060F4F7A7ABB705E289890 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll
20:26:16.0358 1684 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll - ok
20:26:16.0358 1684 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\Windows\System32\wbem\stdprov.dll
20:26:16.0358 1684 C:\Windows\System32\wbem\stdprov.dll - ok
20:26:16.0358 1684 [ 41D7342CE4AE9547165F649C4E18C794 ] C:\Program Files\Intel\WiFi\bin\PanApi.dll
20:26:16.0358 1684 C:\Program Files\Intel\WiFi\bin\PanApi.dll - ok
20:26:16.0358 1684 [ 2C68D1CEAA96FE39E44B4979ACD6D9B3 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll
20:26:16.0358 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll - ok
20:26:16.0358 1684 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:26:16.0358 1684 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:26:16.0373 1684 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:26:16.0373 1684 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:26:16.0373 1684 [ 67BD916F01424DEB8AB8CD9E0096F277 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
20:26:16.0373 1684 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
20:26:16.0373 1684 [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:26:16.0373 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
20:26:16.0373 1684 [ 7A1A66FF6B9F07547370DFA2BD96F98C ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
20:26:16.0373 1684 C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
20:26:16.0373 1684 [ 255E405D801CF01247390F38F92D8042 ] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
20:26:16.0373 1684 C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe - ok
20:26:16.0373 1684 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
20:26:16.0373 1684 C:\Windows\System32\stobject.dll - ok
20:26:16.0373 1684 [ ABBEE3E367F6E6ED415D33C78121FFA9 ] C:\Program Files (x86)\Unlocker\UnlockerHook.dll
20:26:16.0373 1684 C:\Program Files (x86)\Unlocker\UnlockerHook.dll - ok
20:26:16.0389 1684 [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
20:26:16.0389 1684 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
20:26:16.0389 1684 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:26:16.0389 1684 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
20:26:16.0389 1684 [ 59831274CF0D1E83BC02C9E856AC9F69 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\en-US\WebcamDe.crl
20:26:16.0389 1684 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\en-US\WebcamDe.crl - ok
20:26:16.0389 1684 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
20:26:16.0389 1684 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
20:26:16.0389 1684 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
20:26:16.0389 1684 C:\Windows\System32\batmeter.dll - ok
20:26:16.0389 1684 [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:26:16.0389 1684 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
20:26:16.0389 1684 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
20:26:16.0389 1684 C:\Windows\SysWOW64\duser.dll - ok
20:26:16.0405 1684 [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
20:26:16.0405 1684 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
20:26:16.0405 1684 [ ADC4DF63A6320B9D2DCB54901F8E7628 ] C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.DLL
20:26:16.0405 1684 C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.DLL - ok
20:26:16.0405 1684 [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
20:26:16.0405 1684 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
20:26:16.0405 1684 [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
20:26:16.0405 1684 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
20:26:16.0405 1684 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
20:26:16.0405 1684 C:\Windows\System32\prnfldr.dll - ok
20:26:16.0405 1684 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
20:26:16.0405 1684 C:\Windows\SysWOW64\devenum.dll - ok
20:26:16.0405 1684 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
20:26:16.0405 1684 C:\Windows\SysWOW64\avicap32.dll - ok
20:26:16.0420 1684 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
20:26:16.0420 1684 C:\Windows\SysWOW64\dui70.dll - ok
20:26:16.0420 1684 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
20:26:16.0420 1684 C:\Windows\SysWOW64\msvfw32.dll - ok
20:26:16.0420 1684 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
20:26:16.0420 1684 C:\Windows\System32\dot3api.dll - ok
20:26:16.0420 1684 [ BA92C496F08D78F7DB263A20C36AA546 ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
20:26:16.0420 1684 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
20:26:16.0420 1684 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
20:26:16.0420 1684 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
20:26:16.0420 1684 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
20:26:16.0420 1684 C:\Windows\System32\bthprops.cpl - ok
20:26:16.0420 1684 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
20:26:16.0420 1684 C:\Windows\SysWOW64\vfwwdm32.dll - ok
20:26:16.0420 1684 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
20:26:16.0420 1684 C:\Windows\System32\UIAnimation.dll - ok
20:26:16.0436 1684 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
20:26:16.0436 1684 C:\Windows\System32\wlanhlp.dll - ok
20:26:16.0436 1684 [ D6E46FE21CC8E662A7A88000FDD77DAF ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
20:26:16.0436 1684 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll - ok
20:26:16.0436 1684 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
20:26:16.0436 1684 C:\Windows\System32\DXP.dll - ok
20:26:16.0436 1684 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
20:26:16.0436 1684 C:\Windows\System32\Syncreg.dll - ok
20:26:16.0436 1684 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
20:26:16.0436 1684 C:\Windows\System32\AltTab.dll - ok
20:26:16.0436 1684 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
20:26:16.0436 1684 C:\Windows\ehome\ehSSO.dll - ok
20:26:16.0436 1684 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
20:26:16.0436 1684 C:\Windows\System32\pnidui.dll - ok
20:26:16.0451 1684 [ AC6EE4B07B9A78B155DEE7529ACCE355 ] C:\Program Files (x86)\Dell Stage\Dell Stage\libmmd.dll
20:26:16.0451 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\libmmd.dll - ok
20:26:16.0451 1684 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
20:26:16.0451 1684 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
20:26:16.0451 1684 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
20:26:16.0451 1684 C:\Windows\System32\ActionCenter.dll - ok
20:26:16.0451 1684 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
20:26:16.0451 1684 C:\Windows\SysWOW64\sxs.dll - ok
20:26:16.0451 1684 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
20:26:16.0451 1684 C:\Windows\SysWOW64\mscms.dll - ok
20:26:16.0451 1684 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
20:26:16.0451 1684 C:\Program Files\iPod\bin\iPodService.exe - ok
20:26:16.0451 1684 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
20:26:16.0451 1684 C:\Windows\SysWOW64\dsound.dll - ok
20:26:16.0451 1684 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
20:26:16.0451 1684 C:\Windows\System32\WPDShServiceObj.dll - ok
20:26:16.0467 1684 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
20:26:16.0467 1684 C:\Windows\System32\srchadmin.dll - ok
20:26:16.0467 1684 [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
20:26:16.0467 1684 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
20:26:16.0467 1684 [ 1105A14047A0D99C2770601EB61FBF5C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
20:26:16.0467 1684 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
20:26:16.0467 1684 [ 3341DE556EC28252D603277609EEF8BF ] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
20:26:16.0467 1684 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe - ok
20:26:16.0467 1684 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
20:26:16.0467 1684 C:\Windows\System32\webcheck.dll - ok
20:26:16.0467 1684 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
20:26:16.0467 1684 C:\Windows\System32\ieframe.dll - ok
20:26:16.0483 1684 [ AC6EE4B07B9A78B155DEE7529ACCE355 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libmmd.dll
20:26:16.0483 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libmmd.dll - ok
20:26:16.0483 1684 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
20:26:16.0483 1684 C:\Windows\SysWOW64\mlang.dll - ok
20:26:16.0483 1684 [ CC15BC65084C07E41CBE446C4D0B9D35 ] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
20:26:16.0483 1684 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe - ok
20:26:16.0483 1684 [ D5A787E18D3C67894CDAC0A81D617DB4 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
20:26:16.0483 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll - ok
20:26:16.0483 1684 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
20:26:16.0483 1684 C:\Users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
20:26:16.0483 1684 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Maeve\AppData\Roaming\Dropbox\bin\msvcp71.dll
20:26:16.0483 1684 C:\Users\Maeve\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
20:26:16.0483 1684 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Maeve\AppData\Roaming\Dropbox\bin\msvcr71.dll
20:26:16.0483 1684 C:\Users\Maeve\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
20:26:16.0498 1684 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
20:26:16.0498 1684 C:\Windows\SysWOW64\mfc100u.dll - ok
20:26:16.0498 1684 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
20:26:16.0498 1684 C:\Windows\SysWOW64\MMDevAPI.dll - ok
20:26:16.0498 1684 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
20:26:16.0498 1684 C:\Windows\SysWOW64\AudioSes.dll - ok
20:26:16.0498 1684 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
20:26:16.0498 1684 C:\Windows\SysWOW64\schannel.dll - ok
20:26:16.0498 1684 [ D5A787E18D3C67894CDAC0A81D617DB4 ] C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
20:26:16.0498 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll - ok
20:26:16.0498 1684 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
20:26:16.0498 1684 C:\Windows\SysWOW64\mfc100enu.dll - ok
20:26:16.0498 1684 [ 9BB7B70D35A073C419005E1B74CD184D ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
20:26:16.0498 1684 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
20:26:16.0514 1684 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
20:26:16.0514 1684 C:\Windows\SysWOW64\linkinfo.dll - ok
20:26:16.0514 1684 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
20:26:16.0514 1684 C:\Windows\System32\mlang.dll - ok
20:26:16.0514 1684 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
20:26:16.0514 1684 C:\Windows\System32\FXSST.dll - ok
20:26:16.0514 1684 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
20:26:16.0514 1684 C:\Windows\System32\FXSAPI.dll - ok
20:26:16.0514 1684 [ 2ECD9D9087DC15E7AAD130883E665219 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
20:26:16.0514 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll - ok
20:26:16.0514 1684 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
20:26:16.0514 1684 C:\Windows\System32\SyncCenter.dll - ok
20:26:16.0514 1684 [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
20:26:16.0514 1684 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
20:26:16.0529 1684 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
20:26:16.0529 1684 C:\Windows\System32\FXSRESM.dll - ok
20:26:16.0529 1684 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
20:26:16.0529 1684 C:\Windows\SysWOW64\msacm32.dll - ok
20:26:16.0529 1684 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
20:26:16.0529 1684 C:\Windows\System32\rasdlg.dll - ok
20:26:16.0529 1684 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
20:26:16.0529 1684 C:\Windows\SysWOW64\opengl32.dll - ok
20:26:16.0529 1684 [ 299634B6ACAA2795E2AB4A3F935B026E ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll
20:26:16.0529 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll - ok
20:26:16.0529 1684 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
20:26:16.0529 1684 C:\Windows\SysWOW64\glu32.dll - ok
20:26:16.0529 1684 [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
20:26:16.0529 1684 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
20:26:16.0545 1684 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\msvcr71.dll
20:26:16.0545 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\msvcr71.dll - ok
20:26:16.0545 1684 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
20:26:16.0545 1684 C:\Windows\SysWOW64\ddraw.dll - ok
20:26:16.0545 1684 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
20:26:16.0545 1684 C:\Windows\System32\imapi2.dll - ok
20:26:16.0545 1684 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
20:26:16.0545 1684 C:\Windows\SysWOW64\dciman32.dll - ok
20:26:16.0545 1684 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
20:26:16.0545 1684 C:\Windows\System32\FXSSVC.exe - ok
20:26:16.0545 1684 [ C17CF1E7ED495ADE9E2BBB07AA592D92 ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\hpi.dll
20:26:16.0545 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\hpi.dll - ok
20:26:16.0545 1684 [ D5F824B36D43465808639B082553CF59 ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\java.dll
20:26:16.0545 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\java.dll - ok
20:26:16.0561 1684 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
20:26:16.0561 1684 C:\Windows\System32\hgcpl.dll - ok
20:26:16.0561 1684 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:26:16.0561 1684 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:26:16.0561 1684 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
20:26:16.0561 1684 C:\Windows\System32\WWanAPI.dll - ok
20:26:16.0561 1684 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
20:26:16.0561 1684 C:\Windows\System32\fdPHost.dll - ok
20:26:16.0561 1684 [ 8504944851DF6175CC489A8F3328459E ] C:\Windows\SysWOW64\d3d10.dll
20:26:16.0561 1684 C:\Windows\SysWOW64\d3d10.dll - ok
20:26:16.0561 1684 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
20:26:16.0561 1684 C:\Windows\System32\fdWSD.dll - ok
20:26:16.0561 1684 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:26:16.0561 1684 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:26:16.0576 1684 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
20:26:16.0576 1684 C:\Windows\System32\fdSSDP.dll - ok
20:26:16.0576 1684 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
20:26:16.0576 1684 C:\Windows\System32\wwapi.dll - ok
20:26:16.0576 1684 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
20:26:16.0576 1684 C:\Windows\System32\fdProxy.dll - ok
20:26:16.0576 1684 [ ECE9B82C7696AD211F9BD64E41DF598B ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll
20:26:16.0576 1684 C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok
20:26:16.0576 1684 [ FB3F036EF6A467F7AF46C821FF5D198D ] C:\Windows\SysWOW64\d3d10core.dll
20:26:16.0576 1684 C:\Windows\SysWOW64\d3d10core.dll - ok
20:26:16.0576 1684 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
20:26:16.0576 1684 C:\Windows\SysWOW64\dxgi.dll - ok
20:26:16.0576 1684 [ 2ECD9D9087DC15E7AAD130883E665219 ] C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
20:26:16.0576 1684 C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll - ok
20:26:16.0592 1684 [ 8F9397974D713971656DA2681E787B4A ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\zip.dll
20:26:16.0592 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\zip.dll - ok
20:26:16.0592 1684 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
20:26:16.0592 1684 C:\Windows\SysWOW64\d3d11.dll - ok
20:26:16.0592 1684 [ 730E90935150048A4E5F392FCDD49DA3 ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
20:26:16.0592 1684 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
20:26:16.0592 1684 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
20:26:16.0592 1684 C:\Windows\SysWOW64\netprofm.dll - ok
20:26:16.0592 1684 [ 8EDD9796402C6CC869E48E48239029C8 ] C:\Windows\SysWOW64\nvwgf2um.dll
20:26:16.0592 1684 C:\Windows\SysWOW64\nvwgf2um.dll - ok
20:26:16.0592 1684 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
20:26:16.0592 1684 C:\Windows\SysWOW64\npmproxy.dll - ok
20:26:16.0592 1684 [ 0DB1D42E30AA8DA79E2E29664FEB64D1 ] C:\Users\Maeve\AppData\Local\Autobahn\rt\jetrt\baseline720.dll
20:26:16.0592 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\jetrt\baseline720.dll - ok
20:26:16.0607 1684 [ B52BCF2BF55FF248601277B7D7C8D13D ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\net.dll
20:26:16.0607 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\net.dll - ok
20:26:16.0607 1684 [ 6C078C9F52D38604AF22A025FD2394AC ] C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\nio.dll
20:26:16.0607 1684 C:\Users\Maeve\AppData\Local\Autobahn\rt\bin\nio.dll - ok
20:26:16.0607 1684 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
20:26:16.0607 1684 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll - ok
20:26:16.0607 1684 [ BF2F2717C13A4BD4FD73F2788534E86B ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
20:26:16.0607 1684 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
20:26:16.0607 1684 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
20:26:16.0607 1684 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
20:26:16.0607 1684 [ 0A98F5D9F6552FDF3682240714E33F9F ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
20:26:16.0607 1684 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
20:26:16.0607 1684 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
20:26:16.0607 1684 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
20:26:16.0623 1684 [ ABBC87352226A6AFFFE5D6B9DBE40F7F ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
20:26:16.0623 1684 [ 8C23D9AB3A680DEF91A35E655C4FCFF3 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
20:26:16.0623 1684 [ 4AD8996AB41B575E2B3AF80972AAB989 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
20:26:16.0623 1684 [ 048081D7089297474681385B8E7CADDA ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
20:26:16.0623 1684 [ BD79E872C8CD7098E8D4C7613D01437C ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
20:26:16.0623 1684 [ E4F52AB15A3A077B2A3AD96EC892568A ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
20:26:16.0623 1684 [ 03932120E012BF53FF588EC0410A601E ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
20:26:16.0623 1684 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
20:26:16.0639 1684 [ A7E1F254D94C4568ADE17E6A727ED649 ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
20:26:16.0639 1684 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
20:26:16.0639 1684 [ DE2AF12F6DD62F9C25F00F72CD7776C8 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
20:26:16.0639 1684 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
20:26:16.0639 1684 [ A7BE481FE1396AD5658044BAAD6A5824 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
20:26:16.0639 1684 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
20:26:16.0639 1684 [ 0A002104133543F74C83ABB455D86E85 ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
20:26:16.0639 1684 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
20:26:16.0639 1684 [ 9FA46E0424CDAB6EE85C92271D02FAA1 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
20:26:16.0639 1684 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
20:26:16.0639 1684 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
20:26:16.0639 1684 C:\Windows\SysWOW64\msdmo.dll - ok
20:26:16.0639 1684 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
20:26:16.0639 1684 C:\Windows\SysWOW64\samcli.dll - ok
20:26:16.0654 1684 [ 1B96E5EC91BAA3AB68ECC47174CFFBE4 ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
20:26:16.0654 1684 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
20:26:16.0654 1684 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
20:26:16.0654 1684 C:\Windows\SysWOW64\DWrite.dll - ok
20:26:16.0654 1684 [ 47841291844818781ACF852A53827668 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
20:26:16.0654 1684 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
20:26:16.0654 1684 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
20:26:16.0654 1684 C:\Windows\SysWOW64\wshqos.dll - ok
20:26:16.0654 1684 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
20:26:16.0654 1684 C:\Windows\SysWOW64\feclient.dll - ok
20:26:16.0654 1684 [ 6F89C374CC912745AFEDDD4B88CBDBA5 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
20:26:16.0654 1684 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
20:26:16.0654 1684 [ BE89DC812651D88552A9587F70F63DD3 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
20:26:16.0654 1684 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
20:26:16.0670 1684 [ D308812A7E0CA64E03F1C2C13339F984 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
20:26:16.0670 1684 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
20:26:16.0670 1684 [ 04A40046F2F711C830D915DC33EC2A7D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
20:26:16.0670 1684 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
20:26:16.0670 1684 [ B30F9BA1FC6104942239A518D95632E8 ] C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
20:26:16.0670 1684 C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll - ok
20:26:16.0670 1684 [ 81D2A6253A4711856F6AC68904A0CB51 ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
20:26:16.0670 1684 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
20:26:16.0670 1684 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
20:26:16.0670 1684 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
20:26:16.0670 1684 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
20:26:16.0670 1684 C:\Windows\SysWOW64\d3d10_1.dll - ok
20:26:16.0670 1684 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
20:26:16.0670 1684 C:\Windows\SysWOW64\d3d10_1core.dll - ok
20:26:16.0685 1684 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
20:26:16.0685 1684 C:\Windows\SysWOW64\d2d1.dll - ok
20:26:16.0685 1684 [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
20:26:16.0685 1684 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
20:26:16.0685 1684 [ F215CD1FD27A21B33FE75F67F93B8C20 ] C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll
20:26:16.0685 1684 C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll - ok
20:26:16.0685 1684 [ AF84BBF3112369A1B3C645F82999A7FF ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
20:26:16.0685 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll - ok
20:26:16.0685 1684 [ EBEEF7198DC1DDCB16B1B5E6D3CC84A7 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
20:26:16.0685 1684 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll - ok
20:26:16.0685 1684 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
20:26:16.0685 1684 C:\Windows\System32\wbem\WMIADAP.exe - ok
20:26:16.0685 1684 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
20:26:16.0685 1684 C:\Windows\System32\loadperf.dll - ok
20:26:16.0701 1684 [ 5378AD5A54C074EBA41B7D97FC96D63F ] C:\Program Files (x86)\AVG\AVG2013\avgadvisorx.dll
20:26:16.0701 1684 C:\Program Files (x86)\AVG\AVG2013\avgadvisorx.dll - ok
20:26:16.0701 1684 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
20:26:16.0701 1684 C:\Windows\SysWOW64\snmpapi.dll - ok
20:26:16.0701 1684 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
20:26:16.0701 1684 C:\Windows\SysWOW64\wlanapi.dll - ok
20:26:16.0701 1684 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
20:26:16.0701 1684 C:\Windows\SysWOW64\wlanutil.dll - ok
20:26:16.0701 1684 [ E69A7AD873CAF58D3A39DD8B0DB94724 ] C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll
20:26:16.0701 1684 C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll - ok
20:26:16.0701 1684 [ AABE9126CDC962E0DDF8867B9982F32D ] C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
20:26:16.0701 1684 C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe - ok
20:26:16.0701 1684 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
20:26:16.0701 1684 C:\Windows\SysWOW64\pdh.dll - ok
20:26:16.0717 1684 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
20:26:16.0717 1684 C:\Windows\System32\wscinterop.dll - ok
20:26:16.0717 1684 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
20:26:16.0717 1684 C:\Windows\System32\wscui.cpl - ok
20:26:16.0717 1684 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
20:26:16.0717 1684 C:\Windows\System32\werconcpl.dll - ok
20:26:16.0717 1684 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
20:26:16.0717 1684 C:\Windows\System32\wercplsupport.dll - ok
20:26:16.0717 1684 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
20:26:16.0717 1684 C:\Windows\System32\hcproviders.dll - ok
20:26:16.0717 1684 [ 41DF7355A5A907E2C1D7804EC028965D ] C:\Windows\System32\wermgr.exe
20:26:16.0717 1684 C:\Windows\System32\wermgr.exe - ok
20:26:16.0717 1684 [ AC61CBEF0376F080588968476D063D45 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll
20:26:16.0717 1684 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll - ok
20:26:16.0732 1684 [ C5D0AEC12FED8323E1AE2E40C129F2D6 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll
20:26:16.0732 1684 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll - ok
20:26:16.0732 1684 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
20:26:16.0732 1684 C:\Windows\System32\drprov.dll - ok
20:26:16.0732 1684 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
20:26:16.0732 1684 C:\Windows\System32\davclnt.dll - ok
20:26:16.0732 1684 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
20:26:16.0732 1684 C:\Windows\System32\ntlanman.dll - ok
20:26:16.0732 1684 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
20:26:16.0732 1684 C:\Windows\System32\davhlpr.dll - ok
20:26:16.0732 1684 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
20:26:16.0732 1684 C:\Windows\System32\Query.dll - ok
20:26:16.0732 1684 [ F76074CE653E49AC6BDFE19289691AA6 ] C:\Windows\System32\NlsData0013.dll
20:26:16.0732 1684 C:\Windows\System32\NlsData0013.dll - ok
20:26:16.0748 1684 [ AE9300B1F0D6095597F64F03E1C38BB4 ] C:\Windows\System32\NlsLexicons0013.dll
20:26:16.0748 1684 C:\Windows\System32\NlsLexicons0013.dll - ok
20:26:16.0748 1684 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
20:26:16.0748 1684 C:\Windows\System32\StructuredQuery.dll - ok
20:26:16.0748 1684 [ 470C237C9174BC3D3CBF68DA8A9A0C01 ] C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
20:26:16.0748 1684 C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll - ok
20:26:16.0748 1684 [ F59E095B0BEF0CEED72DB039DAC3CD68 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
20:26:16.0748 1684 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
20:26:16.0748 1684 [ 8BC7F8F0B7AE856D910B3FDD895EC50E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
20:26:16.0748 1684 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
20:26:16.0748 1684 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
20:26:16.0748 1684 C:\Windows\System32\wpdshext.dll - ok
20:26:16.0748 1684 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
20:26:16.0748 1684 C:\Windows\System32\EhStorAPI.dll - ok
20:26:16.0763 1684 [ 254EEFA92A3438879E2A80BD76B0378F ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
20:26:16.0763 1684 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
20:26:16.0763 1684 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Maeve\Desktop\MALWARE HELP\tdsskiller.exe
20:26:16.0763 1684 C:\Users\Maeve\Desktop\MALWARE HELP\tdsskiller.exe - ok
20:26:16.0763 1684 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
20:26:16.0763 1684 C:\Windows\System32\consent.exe - ok
20:26:16.0763 1684 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\78593831.sys
20:26:16.0763 1684 C:\Windows\System32\drivers\78593831.sys - ok
20:26:16.0763 1684 ============================================================
20:26:16.0763 1684 Scan finished
20:26:16.0763 1684 ============================================================
20:26:16.0763 7056 Detected object count: 1
20:26:16.0763 7056 Actual detected object count: 1
20:26:33.0565 7056 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
20:26:33.0565 7056 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip


_____________________________________________________________________________________________________

Malwarebytes Anti-Rootkit

Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org

Database version: v2013.04.09.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Maeve :: MAEVE-PC [administrator]

4/8/2013 9:15:31 PM
mbar-log-2013-04-08 (21-15-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30634
Time elapsed: 13 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#12
gringo_pr
Posted 08 April 2013 - 11:25 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
how are the search results now and in which browser does it still happen
  • 0

#13
UneekOne
Posted 09 April 2013 - 02:14 PM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
The search results are fine now

both in Mozilla Firefox and Internet Explorer
  • 0

#14
gringo_pr
Posted 09 April 2013 - 05:14 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello UneekOne

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#15
UneekOne
Posted 10 April 2013 - 12:51 PM

UneekOne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
They were no problems with the running of the script.
The machine is running fine no issues with the searches.

Report from ComboFix

ComboFix 13-04-10.02 - Maeve 04/10/2013 11:19:36.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8152.5934 [GMT -7:00]
Running from: c:\users\Maeve\Desktop\ComboFix.exe
Command switches used :: c:\users\Maeve\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\06004c97-c212-44da-81de-706b46554efe.dll
c:\programdata\PCDr\6032\AddOnDownloaded\07287f2e-4f82-4848-8132-7055ef322318.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d85b53c-d766-4bf0-8940-17b534910268.dll
c:\programdata\PCDr\6032\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\16837627-a839-41c5-a88f-3a0335128383.dll
c:\programdata\PCDr\6032\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6032\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6032\AddOnDownloaded\493f295d-1a46-46f6-926c-63b474cedab4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\59abf7b9-a4a7-4d76-9ad6-13c7bb2f4d0b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6032\AddOnDownloaded\69eaa8a4-3131-4718-aad0-994ebde678d1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a7201707-7895-43cf-9119-8a0279b75d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2ed8d53-41ce-48e6-b4ac-8b8e5e1a4fdf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bbfa36b0-30b0-4e36-8d8c-69df1d87626b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c870b857-9ba2-408a-b058-928ff7135168.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\daf30858-49d8-434b-b4b1-068b5dc9267c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e238f8f5-5f0a-478f-b96a-d15f6f6cac94.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f80d4ad1-1fad-43b5-b6f3-347848b5ddd5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f8b3befb-ca07-4bff-8777-f565b237979f.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\users\Maeve\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2013-03-10 to 2013-04-10 )))))))))))))))))))))))))))))))
.
.
2013-04-10 18:25 . 2013-04-10 18:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-10 07:11 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 07:11 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 07:11 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 07:11 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 07:11 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 07:11 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 07:11 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 07:11 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 07:11 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-09 03:29 . 2013-04-09 03:29 -------- d-----w- c:\programdata\Malwarebytes
2013-04-04 22:41 . 2013-04-04 22:43 -------- d-----w- c:\program files\CCleaner
2013-04-04 07:23 . 2013-04-04 07:23 -------- d-----w- c:\users\Maeve\AppData\Roaming\SpeedyPC Software
2013-04-04 07:23 . 2013-04-04 07:23 -------- d-----w- c:\users\Maeve\AppData\Roaming\DriverCure
2013-04-04 07:23 . 2013-04-04 07:30 -------- d-----w- c:\programdata\SpeedyPC Software
2013-04-02 09:43 . 2013-04-02 09:43 -------- d-----w- c:\users\Maeve\AppData\Local\LockHunter
2013-03-29 20:49 . 2013-03-07 14:30 272280 ----a-w- c:\program files (x86)\Mozilla Firefox\updater.exe
2013-03-29 20:49 . 2013-03-07 14:30 19352 ----a-w- c:\program files (x86)\Mozilla Firefox\xpcom.dll
2013-03-29 20:49 . 2013-03-07 14:30 91544 ----a-w- c:\program files (x86)\Mozilla Firefox\nssdbm3.dll
2013-03-29 20:49 . 2013-03-07 14:30 375192 ----a-w- c:\program files (x86)\Mozilla Firefox\nssckbi.dll
2013-03-29 20:49 . 2013-03-07 14:30 812440 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2013-03-29 20:49 . 2013-03-07 14:30 172440 ----a-w- c:\program files (x86)\Mozilla Firefox\nspr4.dll
2013-03-29 20:49 . 2013-03-07 14:30 277400 ----a-w- c:\program files (x86)\Mozilla Firefox\freebl3.dll
2013-03-29 20:49 . 2013-03-07 14:30 116120 ----a-w- c:\program files (x86)\Mozilla Firefox\crashreporter.exe
2013-03-29 13:20 . 2013-03-29 13:20 -------- d-----w- c:\program files (x86)\FGIcon
2013-03-29 12:54 . 2013-03-29 13:17 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-03-28 04:52 . 2013-03-28 04:52 4316280 ----a-w- c:\users\Maeve\AppData\Roaming\CCleaner.4.00.4064.exe
2013-03-26 00:25 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-20 05:30 . 2013-03-20 05:30 6066296 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-10 10:02 . 2012-03-02 19:29 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-01 07:59 . 2012-04-10 10:20 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-01 07:59 . 2012-02-23 11:31 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45 . 2013-03-13 09:29 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 09:29 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 09:29 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 09:29 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 09:29 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 09:29 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 02:15 . 2013-01-30 02:15 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2013-01-30 02:15 . 2013-01-30 02:15 828872 ----a-w- c:\windows\system32\msvcr110.dll
2013-01-30 02:15 . 2013-01-30 02:15 661448 ----a-w- c:\windows\system32\msvcp110.dll
2013-01-30 02:15 . 2013-01-30 02:15 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll
2013-01-30 02:15 . 2013-01-30 02:15 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2013-01-30 02:15 . 2013-01-30 02:15 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll
2013-01-30 02:15 . 2013-01-30 02:15 50800 ----a-w- c:\windows\system32\drivers\point64.sys
2013-01-24 18:32 . 2013-01-24 18:32 2177648 ----a-w- c:\windows\system32\coin93.dll
2013-01-13 21:17 . 2013-02-27 11:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 11:00 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 11:00 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 11:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 11:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:00 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 11:00 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 11:00 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 11:00 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 11:00 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 11:00 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 11:00 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 11:00 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 11:00 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 11:00 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 11:00 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 11:00 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 11:00 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 11:00 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 11:00 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 11:00 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 11:00 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 11:00 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 11:00 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 11:00 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 11:00 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 11:00 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 11:00 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 11:00 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 11:00 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 11:00 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 11:00 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 11:00 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 11:00 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 11:00 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 11:00 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 11:00 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 11:00 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 75048]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-12-31 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]
"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Maeve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-3-1 576000]
NexDef Plug-in.lnk - c:\users\Maeve\AppData\Local\Autobahn\nexdef.exe [2013-3-14 15500800]
Zinio Alert Messenger.lnk - c:\program files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe [2012-9-27 127488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/23 06:22;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-08-12 248304]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-20 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]
R3 DMService;Microsoft Forefront UAG Endpoint Component Manager;c:\windows\DOWNLO~1\DMService.exe [2012-09-15 468368]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;c:\program files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [2010-04-09 149904]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-14 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-14 212992]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [2011-10-16 291648]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2013-01-30 50800]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 09:07 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 07:59]
.
2013-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 15:57]
.
2013-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 15:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Maeve\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-08-30 7284328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://jran.uscourts.gov/whalecomec3ea180782db7cb0b1b36bd632bc90bc62a5d1814237bfd/whalecom0/dwa85W.cab
FF - ProfilePath - c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - ExtSQL: 2013-02-11 00:29; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-04-04 16:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Maeve\AppData\Roaming\Mozilla\Firefox\Profiles\vf7rskgd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{E8861423-0DAB-459E-A8D5-DB264E69E70C} - (no file)
Toolbar-Locked - (no file)
SafeBoot-04058703.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-10 11:27:18
ComboFix-quarantined-files.txt 2013-04-10 18:27
ComboFix2.txt 2013-04-08 19:14
ComboFix3.txt 2013-04-06 03:45
.
Pre-Run: 615,286,382,592 bytes free
Post-Run: 614,860,025,856 bytes free
.
- - End Of File - - A8D6D3DD0FA9E757780DB66677862777
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP