Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CAN NOT STOP POPUPS [Solved]


  • This topic is locked This topic is locked

#1
RUSTY2

RUSTY2

    Member

  • Member
  • PipPipPip
  • 221 posts
Hello, You guys helped me with this before having the same problem again. I had a very bad problem that froze my computer! I was not able to start it at all so I used a recovery disc I had made and with my external hard drive was able to backdate it and I am up and running . I have been getting popups now but cant get them to stop. here is what the OTC is; thanx

TL logfile created on: 07/08/2013 8:32:57 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BR\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

6.97 Gb Total Physical Memory | 5.03 Gb Available Physical Memory | 72.23% Memory free
13.93 Gb Paging File | 11.36 Gb Available in Paging File | 81.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.39 Gb Total Space | 781.07 Gb Free Space | 84.86% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.59 Gb Free Space | 14.44% Space Free | Partition Type: NTFS
Drive F: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 930.86 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: BR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/07 08:17:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BR\Downloads\OTL.exe
PRC - [2013/08/06 14:35:55 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/19 17:34:53 | 000,896,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/08/14 16:47:18 | 000,320,000 | ---- | M] (Photobucket) -- C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe
PRC - [2011/05/26 14:14:52 | 000,685,976 | ---- | M] () -- C:\Users\BR\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
PRC - [2009/10/22 19:50:40 | 000,210,216 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/06 14:35:43 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/06 05:26:07 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\9a5879b4dd5bbfb9ddf7b3c3557705d8\System.Management.ni.dll
MOD - [2013/08/06 05:25:36 | 013,347,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\58f68f30db100905cc5423c0eb8e8ed4\System.Data.Entity.ni.dll
MOD - [2013/08/06 05:24:35 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\b7368ab5d966353f0740331e36fc855f\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2013/08/06 05:24:16 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\e044698a3fc9363abd5c0ca4600ee6bb\UIAutomationProvider.ni.dll
MOD - [2013/08/06 05:24:15 | 001,189,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\0486d782cba718e5c0e2e00e0572594e\System.Data.OracleClient.ni.dll
MOD - [2013/08/06 05:24:03 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4b941173df4023ff803c93f6a84cc925\System.Runtime.Remoting.ni.dll
MOD - [2013/08/06 05:24:01 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.ni.dll
MOD - [2013/08/06 05:24:01 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.Wrapper.dll
MOD - [2013/08/06 05:24:00 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\e530f142251fb9ed307b2c680bc3e59c\System.Transactions.ni.dll
MOD - [2013/08/06 05:23:59 | 002,647,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a6c1bfa66e0c02057bd59138e48db3ad\System.Runtime.Serialization.ni.dll
MOD - [2013/08/06 05:23:56 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\128dda6c7afee087bb3ff8a32c64f9fd\System.Xml.Linq.ni.dll
MOD - [2013/08/06 05:23:42 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\1b6988716d0ede2c10e95ce11f9fb2cf\System.Deployment.ni.dll
MOD - [2013/08/06 05:23:26 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cb4cf75e03a2ece5f14766e9175f47e6\System.Xaml.ni.dll
MOD - [2013/08/06 05:23:17 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\906825def698b2831547de1c5b8cbbe0\Accessibility.ni.dll
MOD - [2013/08/06 03:53:00 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ec4178796e7d9e9b088b26997a6dc866\PresentationFramework.ni.dll
MOD - [2013/08/06 03:52:48 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9d6e1198b5cf137fc0d97f0930fd3e4\PresentationCore.ni.dll
MOD - [2013/08/06 03:52:47 | 006,817,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\860349acf665c9efa5de11e159a8bb8a\System.Data.ni.dll
MOD - [2013/08/06 03:52:44 | 001,616,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\6c0f6fa9ebf49a9cf011cb792ced4203\Microsoft.CSharp.ni.dll
MOD - [2013/08/06 03:52:43 | 000,377,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a968fe6349af6537d579fce17acd5e27\System.Dynamic.ni.dll
MOD - [2013/08/06 03:52:42 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\fbd506dcd9a25540d1e5bf95c7bcd896\System.Core.ni.dll
MOD - [2013/08/06 03:52:40 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6af6587a49ca918291917ca318dabbbc\System.Xml.ni.dll
MOD - [2013/08/06 03:52:38 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02309fbbabbd12cfb07d79a684f4c821\WindowsBase.ni.dll
MOD - [2013/08/06 03:52:38 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\203d9fcb7dfa54b7923d01ca8bfea8d0\System.Drawing.ni.dll
MOD - [2013/08/06 03:52:37 | 001,013,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\af542b07d5ab8851604628f895888336\System.Configuration.ni.dll
MOD - [2013/08/06 03:52:37 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\8aa0687e6d54a0454eaf9bcb2ef51bc4\System.Security.ni.dll
MOD - [2013/08/06 03:52:36 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c0a3dbd8b8c2033b811036ff7043ef3\System.ni.dll
MOD - [2013/08/06 03:52:36 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\67dd6be3025ef27a6c035a656ae85b63\PresentationFramework.Aero.ni.dll
MOD - [2013/08/06 03:52:31 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\91bc7f6fd5295405b227cecc0e232ce8\System.Numerics.ni.dll
MOD - [2013/08/06 03:52:30 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll
MOD - [2011/05/26 14:14:52 | 000,685,976 | ---- | M] () -- C:\Users\BR\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
MOD - [2010/04/26 14:30:58 | 000,090,112 | ---- | M] () -- C:\Users\BR\AppData\Roaming\HP SimpleSave Application\FileMapInfoDB.dll
MOD - [2009/10/22 19:50:38 | 000,931,112 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/06/07 18:30:20 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/01/08 08:17:46 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [Disabled | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/08/07 01:07:44 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/08/07 01:07:29 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/08/06 14:35:54 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/11 08:06:54 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/07 14:15:17 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/06/07 14:07:25 | 000,079,360 | ---- | M] (SolidWorks) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2012/01/06 08:35:22 | 000,569,072 | ---- | M] (CrossLoop) [Disabled | Stopped] -- C:\Users\BRIAN\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2011/09/16 14:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/12/08 18:23:10 | 000,136,568 | ---- | M] (iAnywhere Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe -- (SQLANYs_SmpParts)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/21 07:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [Disabled | Stopped] -- C:\Users\BRIAN\AppData\Local\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Disabled | Stopped] -- C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/07 01:07:30 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/06 14:40:14 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/16 14:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 14:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/05/27 07:05:08 | 000,063,528 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SNTUSB64.SYS -- (SNTUSB64)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/09/17 07:05:02 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/09/02 04:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/08/03 10:56:39 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/08/03 10:56:37 | 000,237,936 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/08/03 10:55:37 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/08/03 10:55:37 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 08:10:10 | 001,478,144 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2013/08/07 01:07:43 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}
IE:64bit: - HKLM\..\SearchScopes\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE:64bit: - HKLM\..\SearchScopes\{07C7C110-7846-4522-8DA7-7316F05F3171}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {F17A48D0-8904-4BB6-B591-791D4194FA80}
IE - HKLM\..\SearchScopes\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\..\SearchScopes\{07C7C110-7846-4522-8DA7-7316F05F3171}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3287822
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {F17A48D0-8904-4BB6-B591-791D4194FA80}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKCU\..\SearchScopes\{3F0BC86F-BC59-4463-8FA0-15C91CBF2E3E}: "URL" = http://websearch.ask...F3-BD78256C9859
IE - HKCU\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-12-15 12:32:56&v=13.2.0.4&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8CBbqFsI&i=26
IE - HKCU\..\SearchScopes\{F17A48D0-8904-4BB6-B591-791D4194FA80}: "URL" = http://search.condui...7325775418&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3220468.browser.search.defaultthis.engineName: true
FF - prefs.js..CT3227981.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V8 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ig"
FF - prefs.js..extensions.enabledAddons: %7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.26
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.16.70.505
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0: C:\Users\BR\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0: C:\Program Files (x86)\Trademanager\npwangwang.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Users\BR\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/03/13 08:20:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/06 14:35:38 | 000,000,000 | ---D | M]

[2012/04/05 09:58:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Extensions
[2013/08/06 17:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions
[2013/08/06 16:07:37 | 000,000,000 | ---D | M] (appbario7) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}
[2013/08/06 06:17:12 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2012/12/20 16:34:30 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2012/12/15 13:54:53 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
[2013/08/06 07:13:06 | 000,002,545 | ---- | M] () -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\ask-search.xml
[2012/11/08 09:08:25 | 000,002,571 | ---- | M] () -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\askcom.xml
[2013/08/06 17:25:10 | 000,000,995 | ---- | M] () -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\conduit.xml
[2012/08/19 16:40:56 | 000,002,203 | ---- | M] () -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\MyStart Search.xml
[2012/04/05 09:25:42 | 000,002,519 | ---- | M] () -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\Search_Results.xml
[2013/08/06 14:35:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/06 14:35:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/06 14:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/06 14:35:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/07 08:46:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/08/07 08:46:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/07 08:46:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/07 08:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/08/07 08:46:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/05/31 02:16:36 | 000,108,576 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll
[2011/07/29 06:33:40 | 000,108,480 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll
[2012/12/15 13:32:33 | 000,003,546 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/03/16 01:10:59 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/06/15 08:17:05 | 000,002,134 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/04/05 09:25:42 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml

O1 HOSTS File: ([2012/09/17 19:05:54 | 000,001,386 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 72.29.93.243 www.google-analytics.com.
O1 - Hosts: 72.29.93.243 ad-emea.doubleclick.net.
O1 - Hosts: 72.29.93.243 www.statcounter.com.
O1 - Hosts: 64.27.10.42 www.google-analytics.com.
O1 - Hosts: 64.27.10.42 ad-emea.doubleclick.net.
O1 - Hosts: 64.27.10.42 www.statcounter.com.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.3\PriceGongIE.dll (PriceGong)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\BR\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll File not found
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll (Vertro)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files (x86)\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\alothelper.dll (Vertro)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Photobucket Desktop] C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe (Photobucket)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKCU..\Run: [aliim] C:\Program Files (x86)\Trademanager\AliIM.exe (Alibaba software (Shanghai) Corporation.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk = C:\Users\BR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Trusted sites)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds...ransferCtrl.cab (DLC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: DhcpNameServer = 192.168.0.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/12 14:56:58 | 000,000,030 | RH-- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/06/01 10:55:11 | 000,000,038 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{b85300d6-6d0c-11e1-b88a-e0cb4e7d728e}\Shell - "" = AutoRun
O33 - MountPoints2\{b85300d6-6d0c-11e1-b88a-e0cb4e7d728e}\Shell\AutoRun\command - "" = F:\HPLauncher.exe -- [2009/05/18 10:46:50 | 000,565,248 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/07 08:07:42 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{CEC417FF-8362-42D6-8707-3C0F8B338F93}
[2013/08/07 07:53:26 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{37AAC586-B30D-4F98-A840-8E461C6AD160}
[2013/08/07 07:51:45 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{6557F2DA-AE49-46DE-9F7B-4BA39EFA20DF}
[2013/08/06 17:02:42 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{AFA94B64-785E-48F5-8142-FD0C1AC30B17}
[2013/08/06 16:07:53 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Roaming\SeeSimilar
[2013/08/06 14:35:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/06 07:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/08/06 07:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/08/06 07:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/08/06 06:14:47 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Roaming\Malwarebytes
[2013/08/06 06:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/06 06:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/06 06:14:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/06 06:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/06 06:14:18 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\Programs
[2013/08/06 05:02:13 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{20B7082F-0ACD-42D4-85EE-30CCE7FCDEAB}
[2013/08/06 03:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2029/07/17 17:13:42 | 000,695,103 | ---- | M] () -- C:\Users\BR\Documents\IMG_0057.JPG
[2029/07/17 17:13:42 | 000,695,103 | ---- | M] () -- C:\Users\BR\Documents\IMG_0057(0).JPG
[2013/08/07 08:39:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/07 08:15:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/07 07:40:31 | 000,000,008 | ---- | M] () -- C:\Windows\SysWow64\MagicEmotions.idx
[2013/08/07 07:34:10 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/07 07:33:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/07 03:24:46 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/07 03:24:46 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/07 03:16:36 | 1314,791,423 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/07 01:07:30 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/08/07 01:07:29 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/08/07 01:07:29 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/08/06 17:26:13 | 000,000,009 | ---- | M] () -- C:\END
[2013/08/06 17:23:26 | 000,000,258 | RHS- | M] () -- C:\Users\BR\ntuser.pol
[2013/08/06 16:04:15 | 000,546,048 | ---- | M] () -- C:\Users\BR\Desktop\SeeSimilarSetup.exe
[2013/08/06 16:04:12 | 000,041,758 | ---- | M] () -- C:\Users\BR\Desktop\commercial-invoice-template.zip
[2013/08/06 07:04:03 | 000,782,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/06 07:04:03 | 000,667,262 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/06 07:04:03 | 000,125,938 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/06 06:14:42 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/06 04:52:50 | 000,454,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/06 03:54:13 | 000,768,454 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/06 03:33:33 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/08/06 03:33:32 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/08/06 03:02:32 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/06 17:23:26 | 000,000,258 | RHS- | C] () -- C:\Users\BR\ntuser.pol
[2013/08/06 16:06:57 | 000,000,009 | ---- | C] () -- C:\END
[2013/08/06 16:04:11 | 000,546,048 | ---- | C] () -- C:\Users\BR\Desktop\SeeSimilarSetup.exe
[2013/08/06 16:04:11 | 000,041,758 | ---- | C] () -- C:\Users\BR\Desktop\commercial-invoice-template.zip
[2013/08/06 06:14:42 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/06 03:33:33 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/08/06 03:33:32 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/08/06 03:02:32 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/08/06 01:07:03 | 1314,791,423 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/02 13:08:02 | 000,000,105 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/10/03 18:23:13 | 000,049,261 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD6.1
[2012/10/03 18:23:12 | 000,136,857 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD6.0
[2012/10/03 18:23:12 | 000,049,486 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
[2012/10/03 18:22:42 | 000,050,685 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD5.1
[2012/10/03 18:22:40 | 000,135,858 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD5.0
[2012/10/03 18:22:40 | 000,050,520 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
[2012/10/03 18:22:18 | 000,134,269 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD4.0
[2012/10/03 18:22:18 | 000,049,466 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
[2012/10/03 18:21:55 | 000,115,714 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD3.0
[2012/10/03 18:21:55 | 000,038,427 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
[2012/10/03 18:21:35 | 000,121,078 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD1.0
[2012/10/03 18:21:35 | 000,044,248 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
[2012/10/03 18:18:39 | 000,112,551 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD2.0
[2012/10/03 18:18:39 | 000,040,181 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
[2012/09/23 14:15:55 | 000,132,533 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
[2012/09/23 14:15:52 | 000,132,486 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
[2012/09/23 14:15:39 | 000,003,890 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
[2012/09/23 14:15:33 | 000,137,289 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
[2012/08/22 16:05:20 | 000,006,400 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
[2012/08/22 16:05:20 | 000,001,969 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
[2012/06/07 21:09:05 | 000,000,000 | ---- | C] () -- C:\Users\BR\AppData\Local\Temptable.xml
[2012/06/07 14:40:49 | 000,016,016 | ---- | C] () -- C:\Users\BR\carbon_steel.jpg
[2012/06/07 14:07:28 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2012/03/14 09:36:24 | 000,682,208 | ---- | C] () -- C:\Users\BR\P9010008(0).JPG
[2012/03/14 09:36:24 | 000,670,313 | ---- | C] () -- C:\Users\BR\P9010021(0).JPG
[2012/03/14 08:44:41 | 000,000,133 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/13 18:47:41 | 000,000,173 | ---- | C] () -- C:\ProgramData\LockFilePath.ini
[2012/03/13 08:16:26 | 000,202,546 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012/03/13 08:16:26 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2012/03/13 06:43:42 | 000,768,454 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/13 05:27:04 | 000,682,208 | ---- | C] () -- C:\Users\BR\P9010008.JPG
[2012/03/13 05:27:04 | 000,670,313 | ---- | C] () -- C:\Users\BR\P9010021.JPG

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/15 13:38:55 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\AnvSoft
[2012/08/20 19:16:29 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\Canneverbe Limited
[2012/06/07 14:07:43 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\DassaultSystemes
[2012/06/07 14:07:43 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\EDrawings
[2012/11/14 08:42:35 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\funkitron
[2012/12/02 13:09:02 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\Photobucket
[2013/08/06 16:07:53 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\SeeSimilar
[2012/04/18 23:06:38 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\TeamViewer
[2012/09/13 08:52:41 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\TightVNC
[2013/08/07 08:55:35 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\uTorrent
[2012/10/02 04:56:49 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\WildTangent
[2012/04/02 08:58:49 | 000,000,000 | ---D | M] -- C:\Users\BR\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/03/14 09:44:01 | 001,133,304 | ---- | C] ()(C:\Users\BR\Documents\??0014(0).JPG) -- C:\Users\BR\Documents\扫描0014(0).JPG
[2012/03/14 09:43:54 | 000,019,267 | ---- | C] ()(C:\Users\BR\Documents\SYC86 ?? internal fan(0).pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan(0).pdf
[2012/03/13 05:33:01 | 001,133,304 | ---- | C] ()(C:\Users\BR\Documents\??0014.JPG) -- C:\Users\BR\Documents\扫描0014.JPG
[2012/03/13 05:32:55 | 000,019,267 | ---- | C] ()(C:\Users\BR\Documents\SYC86 ?? internal fan.pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan.pdf
[2009/05/27 18:49:52 | 001,133,304 | ---- | M] ()(C:\Users\BR\Documents\??0014.JPG) -- C:\Users\BR\Documents\扫描0014.JPG
[2009/05/27 18:49:52 | 001,133,304 | ---- | M] ()(C:\Users\BR\Documents\??0014(0).JPG) -- C:\Users\BR\Documents\扫描0014(0).JPG
[2009/04/15 22:15:20 | 000,019,267 | ---- | M] ()(C:\Users\BR\Documents\SYC86 ?? internal fan.pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan.pdf
[2009/04/15 22:15:20 | 000,019,267 | ---- | M] ()(C:\Users\BR\Documents\SYC86 ?? internal fan(0).pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan(0).pdf

========== Alternate Data Streams ==========

@Alternate Data Stream - 917 bytes -> C:\Users\BR\Documents\Re_ 1965 Chevrolet Corvette on UsedCorvettesOnline.com.eml:OECustomProperty
@Alternate Data Stream - 917 bytes -> C:\Users\BR\Documents\Re_ 1965 Chevrolet Corvette on UsedCorvettesOnline.com(0).eml:OECustomProperty
@Alternate Data Stream - 829 bytes -> C:\Users\BR\Documents\Aluminum Fabricated Tables.eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\BR\Documents\P.O. For tumble weed.eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\BR\Documents\P.O. For tumble weed(0).eml:OECustomProperty
@Alternate Data Stream - 613 bytes -> C:\Users\BR\Documents\reaper pic sept.eml:OECustomProperty
@Alternate Data Stream - 613 bytes -> C:\Users\BR\Documents\reaper pic sept(0).eml:OECustomProperty

< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#3
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#4
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
I am still getting the pop ups here is the JRT report thank you for the help!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.1 (08.10.2013:1)
OS: Windows 7 Home Premium x64
Ran by BR on 10/08/2013 at 6:43:20.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\pricefactorie.pricegongbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\pricefactorie.pricegongbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\pricegongie.pricegongctrl
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\pricegongie.pricegongctrl.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\pricegongie.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho.1.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3227981
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3287822
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3F0BC86F-BC59-4463-8FA0-15C91CBF2E3E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F17A48D0-8904-4BB6-B591-791D4194FA80}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85F5CF95-EC8F-49FC-BB3F-38C79455CBA2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5C66DD8-308B-4A4F-AF0A-3D04F25B5343}



~~~ Files

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"
Successfully deleted: [File] "C:\end"
Successfully deleted: [File] "C:\Users\BR\AppData\Local\Temp\searchqu.ini"
Successfully deleted: [File] "C:\Users\BR\AppData\Local\Temp\searchqutoolbar-manifest.xml"
Successfully deleted: [File] "C:\Users\BR\AppData\Local\Temp\setupdatamngr_searchqu.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\addict-thing"
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro1"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\Users\BR\appdata\local\blekkotb_031"
Failed to delete: [Folder] "C:\Users\BR\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\BR\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\BR\appdata\locallow\alotappbar"
Successfully deleted: [Folder] "C:\Users\BR\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\BR\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\BR\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\BR\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\alotappbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\babylontoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealply"
Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\zoom downloader"
Successfully deleted: [Folder] "C:\Users\BR\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{001DC0DE-CA6B-43D0-912A-5F440CC16389}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{001F5DEB-3340-40A3-9D17-89C2A0CBFD7A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{004170B7-2973-40A6-AFD8-71EEE556EACD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0142AB0D-EDD7-4498-8991-7AFE6407F14F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0176C698-C083-4882-9EE8-4D35A73CFD66}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{018C56F7-C029-464A-AFD0-12E2A5BBB92D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0221F701-D54F-418A-997C-90312B44372C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{031713A5-24BB-4AC0-B926-5C1D1730529E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{037764D2-CCA6-43C3-B6B7-572AD1BB3180}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{037DE48B-CB04-46E5-AF7F-04548F7AD780}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{03A93E95-DEC9-44F7-912F-022348493CA7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{03EDF93F-F054-4A08-A4FE-6529EB1C9720}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0462035E-6FF3-459D-A405-D30AC9482ABD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{059E3837-D7E2-44BC-8D2B-925386DA0A8C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{05FAB640-4AA0-4103-A4B1-DF99B02CFD8B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0654A632-5258-4EE0-8929-EBC3EE798A35}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{067605CC-4B87-42C1-ADFF-2E0141A9CF37}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{074AFCCC-FDD5-4581-9BE9-49BAC3C1C9D8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{085415D1-55D3-49C4-A28C-0EA87BB09C4C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{08569633-280F-488B-B505-9FA7FD231F04}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{08613562-6E9D-485C-8B36-DAEED2126144}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{093E629C-9737-4079-A448-B5DA7A56FDD5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{094DA875-B5A0-474A-8FD3-8C32D631852C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{097CDB7E-57DC-4693-8132-F5E596496C9A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{09ABBABD-2870-4437-9288-8DDAA79486B1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0A77495D-9E65-420F-B732-7CC8E66745D0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0ABDCE1B-A5C4-4A72-BC4C-C5764FE8316F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0AFDA307-6C4C-4ED7-A366-8DCC3931545F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0B1C6905-FA81-44CC-BFEB-9F70FDAE8765}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0B22B794-8F16-444B-B870-7E68540FFA58}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0B9D47CE-7172-4BC3-ADF2-2DB0B684A1CD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0C768D2E-DFD0-4AE3-A1B0-36F26D4D1F77}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0C87A8AE-7FD4-41EA-8900-6358259D011C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0D570BEF-7236-4739-A6DF-50C7760F2310}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0D81791E-3B65-464F-A948-CD54B8B277D4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0DECB2B7-ACBD-48FE-9157-51A2013EFE8B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0E6AEC2F-9E7C-4D30-9BD1-6C6D383F33E9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0F8D9D38-1204-43B6-9F7F-DB0B3E7FEEE8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{0FCEB698-4450-4E0E-A2E0-DE6B536E22C3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1023E29D-7FA1-4535-8903-9AB9936B5EDE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1048FB41-CAA4-46CC-A878-FAC0044246D7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1074EB68-C3FE-4048-8984-D210758803BF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{108C3706-1672-4FB1-AFC4-E4DE59F783B0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{108D5AB5-D86D-4453-9E06-F32480F9CDD4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{113DD523-2D66-40E2-8CA3-72D201C70C03}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{118E88C1-723D-43F3-B198-F5D422943B66}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{128BDF0B-6AFE-4483-86BB-B9851E9F3FDF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{12B3FE0C-C5AB-40A9-A0B8-0BC35FB41403}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{12DE8040-A672-4391-8EEC-30327B0C8FCF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{131E56D2-BD3F-4D85-93A6-CFA41537E17E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{135BEF45-9843-47E2-A3A8-A1F838C6B18F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{137438FC-46EA-4B65-975C-748C321679F6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1389F2E8-A70B-4A97-8A88-7F26A2C52368}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1422F031-17E3-4D68-AFA2-E7CDBF8789EA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1557F0BA-96FC-40A9-AEEE-50EAC1DA5305}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{158C2655-F1CA-4556-B6E2-23C06C232488}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{15B44FB8-2849-4E27-BE99-2603CFEB1BD0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{15D8D9E8-B0AC-40F3-AE44-7F7DB0A4D646}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{16212CBF-988B-4D17-B61F-C22A79B7D2A8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{166F2BD8-CC18-4F63-8D72-898F96B5537E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{166F9678-92E6-4528-BDDB-F7FD77D11459}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{18660B39-3D08-426E-9FC4-E4B41031FB4E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{193ED4C8-0317-4D85-B696-517C7D527095}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{19555109-CB1A-47DA-B589-BEF9F7FFC3A2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{19A15D69-6F73-47A2-B3CF-7462E8548571}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{19B53928-32BF-481B-B90B-0682931D3E1F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{19C8F8FB-1468-4198-B397-C2D69F706647}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1A3A20A6-2F82-4FD2-AB5F-8E4AA4FEBF97}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1AF7260C-9560-46C2-9C96-84BD392FD164}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1B06DE5A-AD31-4BBD-A491-12D2F2AA762A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1B77BB8D-072A-435B-863A-71D1EECBCA34}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1B7F6301-5FA0-499D-8BD0-D3BCD41A300F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1B9397A4-38BD-40C1-AFBC-C7B2C310DB3C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1C0C602D-4E22-45B9-AFCF-DE1F32636010}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1C3DECFD-7DD3-4469-BDCB-9EAA550AE6C9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1C9F6AB3-95EA-4137-AAF2-74B631D3FD58}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1CD56A67-FA5E-4D7A-96CC-5E8DB84A5EF2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1CF4E9F0-9090-4EE6-A647-99A51A67F12F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1DFB7F4E-C569-4AF6-BF2A-7EB8A60CBC60}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1E5FEE62-7DB1-433F-AB58-2EF3B5F7662B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{1F736C35-7801-47FF-BFA4-AF055DBFBD80}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{205698F3-3D5F-4BF3-865A-8E3EC4CD620F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{20B7082F-0ACD-42D4-85EE-30CCE7FCDEAB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{20D34147-95D5-436A-88FB-C29F3E9768EC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{21F6577F-E6C8-48FF-B85B-0A2E4B9C257C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{22918F47-9611-4CAA-A858-071E6D649F83}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2337BFA0-C560-4B46-92C6-3E63F12D2CC2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2393BE01-991A-447A-84DA-35AE11C6D15B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{23992E77-7D49-4186-8133-694BE06B4630}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{23AD6CFE-5451-4AD4-8CE8-FE003DDCCA44}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{24568774-D7FA-4C5B-9D91-6093AA7849AB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2552D046-1FF8-4F15-9AC1-8F577DC0A15B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{25BC3D9A-349D-4DB0-B6E0-295D07F9E2DC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{25E48E64-1A8F-496F-8798-4190171865D5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{26023A3B-17C9-4B40-B55A-66C200EC9F64}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{263BED90-94BD-42D3-9C39-1F1124DE62CD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{26A1ACB1-42DF-43CD-9275-6CA28778A7CB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{26D4F72B-2C11-4247-B4E7-737C12421CDA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{26DB4E41-12DA-49D7-8A4D-05CB8404ADDA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{27676894-9B5E-4DEB-9693-2B5DF07E8E9F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2772ED13-F1FA-4A7C-A9C5-44D57A8ECD95}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{277C59BD-D02D-4A3C-9228-B490D293E77C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{279F65B8-A6BA-4B1B-B716-9E9B40A57C5F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{27F6F509-1E57-466B-A4E1-A039877E989A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{27FBC9E3-AB7E-4038-B917-68F7AF1D8412}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{28CA2191-5EF5-4B97-8D99-DC0DCB4CB34A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{28ECF7BB-140E-4F47-9D06-3F2282CE799B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{294432FF-4D6C-40E5-8239-145ECBC2C027}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{294EDBFD-4C1B-4848-B238-FF418788D5E4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{29542A62-9B1C-4031-873E-E9ED7585A5AC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{29582C68-77D5-432A-BCF5-A01167CB1A0A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{297F96D2-00F7-428B-9121-F08DD4E74709}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{29CC7184-87F9-49B2-AED8-33A82B98C33E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{29FF8EF0-D5BA-4E10-B30D-C93072FE8E99}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2B074339-DE61-4967-A69F-0B6692E1F7FA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2B0B81AF-0300-42F9-B04B-1A562DFAD6DC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2B2902BC-BFD3-4904-8C4A-07ED466B31F0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2B8645AC-A3A5-4DD2-AA6B-6115E20AD7EA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2C7849A7-A717-4DD9-8AA9-277277849EED}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2D466EEF-6A80-4481-BABB-639AA2C1A9D1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2E25C604-F895-4098-8BAB-356B1206B2F9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2E429857-B4F2-4859-8CAD-6F5270FE3D64}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2E66D717-619F-44FD-B848-51905C582B33}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2E67DF26-F217-416B-8903-573211A7DDF6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2E701B44-3A0D-4B3E-B6A6-186D44B7D603}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2F26F315-33EB-4932-8569-94A6DBCD82ED}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{2F90CADC-CC23-4A83-A5AA-6079E895521F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{30106E7B-5058-436B-9916-D19FB1D2A19F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{30A26A33-9A97-4C76-95B9-F175BB27682F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3113A750-0C07-4D52-8142-2669C91BADA4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{311AEA83-2398-429A-82DC-AAB9F6528AC0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{31868800-5FDE-4C7C-A127-D58CD7E76C15}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{31989693-3BA5-4A2A-9C7B-278642E96C7D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{319CDDF5-7712-4195-869A-A0B4B46B79BC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{31F2E748-27CC-436D-80EC-78D5EDED26D9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{326F7BA4-DB95-4D04-9061-B0463CD17002}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{32A395D3-8EA8-4924-A11F-3B386271D728}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{32F8C56C-5BE7-4DB4-8D54-B2E7EAC88B55}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{33167D6B-E507-497B-9B1F-F8E6EB08558C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3323049A-2020-4E4A-B98C-7711F484A1AE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{33E49112-A76A-44F8-85C0-8FB57E4320F8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3427C2CA-A779-46E8-9C76-D260794BA6A4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3451EE80-16FC-4A99-89F8-B818E1256466}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{345D0F9B-868D-4D77-ABA3-0FFBB353F35A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3509F047-5A8D-4900-93CD-836016C44331}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3535B2A6-AC07-4408-A001-991B92FC4528}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3561CABD-319E-4B47-84A2-4F0AABAD81AC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{36609BE6-3F34-4823-B4C8-C9818E5CD8D6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{37084A63-8983-41DC-AA0B-C97C60CAF4A8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3725072E-A2B1-4CE9-A2E4-D9989D81DDA0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{373603BB-0A21-416E-BD78-CD78F767FED9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{37412CD8-5530-41E6-A4ED-C2FE69A20863}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{37576091-B7AA-4840-A425-38DF7C4EF199}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{378B5A0D-84A0-41EB-AD46-9C5EDF511139}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{37AAC586-B30D-4F98-A840-8E461C6AD160}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{37B5D45A-4C25-47FF-A8B2-65C767750CA5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{37DD476F-1C84-437F-B644-014FD71F8502}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{38298757-B5D8-4392-B5F0-E2DBC8BEDCCC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3837179A-3C02-4839-BD43-22623C124775}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{38AC078C-B5BC-405B-A514-F1C48EBE38AB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{38DAA466-C291-4C6C-91C9-A1F392860B33}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{38EDB807-9E36-47AB-AA72-D8C9495F4E2A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3A143265-3B96-4251-81A5-492DDDD6A931}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3AB7CBAD-3E20-4780-A52A-D8AADD41405E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3AD4D294-9D83-43A1-B223-1A4E380CD22C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3B84B05A-0166-46F4-A0EF-F7F65656C1C0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3BC7F545-43A9-4AB6-A92A-1CDBFAF44EC6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3BD2F38C-700B-4923-A540-778B6F5340E5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3C5AAB9F-006E-495C-84BE-2CE27BE10ABB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3D232CAA-BB01-4BEF-B469-2100DFFD1D1D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3D9D397B-47F8-4BCA-B610-AEA3485A3F4E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3DDA7ADF-8F4A-4E51-BE0B-06C25E7D11E0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3E07BC0C-FAA4-47B1-8FB5-2231EE7D9A7A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3E22DC28-9CBA-443F-B98B-D7448D0CC43A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3E9E3F7A-3CA0-4DBF-A42B-6DC93CB1DE3E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3EAAD32B-28D4-4410-A60A-073CCD51567C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3EDDC81E-4884-4530-BA20-DC1EC4D20230}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3EF35227-B456-4307-9784-F14A280BE163}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3FA104B4-CA20-4E30-9A82-34DB94B57D58}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{3FEC7EE9-D418-4DA4-B2EF-87DEABFBAB7A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{40916A9B-4DCC-4C88-95A5-16F472B0074B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{41020E6F-BB79-4F8A-A48E-1B6C821F8200}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4178F982-1D35-4987-A314-9A2A96E4596F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{42EA1788-F9B6-4931-99E7-04040D947501}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{43108467-075C-421F-9C27-FA24A01C5A4E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{43879D12-5B65-44F0-B447-258353B0C2D9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4409EFE1-2BC8-4D67-989F-4C48660D4382}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{44449A59-E600-4FFA-906B-ED75A7167407}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{44F65443-F7FE-450C-B9B4-C23220FC811A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{45ACE76A-CFC7-4A77-8B6F-6137DE792E07}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{45BFC693-A7CB-4D4A-A17B-1B7A92F60B5B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{45DAB562-819E-4176-9C42-37910D7976E4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{46C0C2DB-1B57-4E24-A41A-A8C5CA9B6F97}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{47D32659-99B3-40A8-A57E-7294AECF5AE8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{47EA2CB3-A595-4F75-AE66-5626710EC35C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48766447-592B-4DD6-AC6F-C39D7D45C1B9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4885BF22-6C0B-453F-85BF-6719250DFFEE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48AC1BA6-171B-4827-BA5B-CB43C831766B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48ACF5D3-64FF-40C1-B07B-387B4ABAAA04}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48C4E872-16CF-432A-BC23-E226A18D3205}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48CD0094-D516-4FB9-A2DD-FA1C18DBF0E7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48F32F1A-33B9-4B5E-8FF6-60D6A51CEADF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{48FBC66A-2885-4CF0-ABCB-FE9B9797E65C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{494BAD1E-3464-4DAF-ACE4-06E0AF6C2141}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4983326C-DEC8-4528-9F11-ACF577850051}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{49E93B09-2E56-46F9-8831-786A721FAAB8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4A129A14-7DC8-4F2B-8D62-A56EE65B88C7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4A7A1D87-FD31-4C2D-AE2A-F9100986EBAA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4B45156C-B2FE-41E4-8B0B-479FF7C82105}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4B6C62AF-826A-4CC8-9FF9-AFCE755CB237}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4BBD3E95-8E9D-4700-A213-5D3D98E99753}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4D0291BA-0320-40B5-9F84-7982A5FF4C8D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4D353373-856B-4AD4-B586-5295BE1CC1DC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4D812634-CD22-4021-B8AA-C452968BAD41}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4DB4486F-812F-4D7E-B569-2A3D5211947D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4E868B97-0EFA-49A7-9CA1-717AE09190C1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4EA91B0C-AC48-4085-AF3E-2FBECA7705F0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4F91BC4F-4648-44D7-9F46-9FEE214725AD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{4F92B2D2-04EE-4FB7-BE42-9C3A0110B1B0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5003B80A-817D-4292-BA43-DB58B302D6FF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5167B60F-E368-4261-9659-677DBCD7C001}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{51B8B8B7-96B2-435D-AD7F-D8274FA5BEEF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{51BF5B39-FD4A-49F3-8E0B-FCFE894180E1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5232C594-38DA-4FC3-BD98-1195F2D4E758}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{524A729B-7525-4138-94E8-07E20C2ED220}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{525D4907-3E70-4A21-843A-AAF7604837EA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{53093C36-EFB1-44AA-B3BD-7724C21D39F8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{536746B6-12E4-4256-A584-31CF60FD10D5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{53876B4D-0DD6-4A8C-9BDB-B4491FC17BB1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5399C262-9FC0-40ED-AC5B-D0A7C565634D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5465DB8C-E315-46EB-B163-42F05A5C8D7B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{55222C6F-2FE4-4A21-960E-B2346A54C010}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{55272F68-23BA-468D-ABF4-03D8B8D43204}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5539D886-C330-4F75-896E-B03D49896C52}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5588B51E-58A0-4D53-A10D-138CC55A947E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{55D8D274-DECB-4775-813E-E11E056BC110}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{56CDD223-62E8-4E25-8E5D-44B18391516A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{56D506FC-FDBC-44A4-86D5-970F074E878F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{56FA1E02-6657-4E78-80BD-D782F6816863}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{571549E8-1505-4B22-B8F0-7413F76C8B52}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{57436DFF-91BF-432D-8A83-259F4420C778}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{576B16BF-BDEE-44C6-B6FA-34CF128AA58C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{57FB2C7E-5E39-4381-8923-565EA0CD8876}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5865A74B-A1EB-4F28-B67C-04C34BF921CB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5865F76B-28C6-48AD-BBF2-F859901313BD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{58986683-CE36-44E0-AF91-D4B1C577EDF9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{58E43697-D217-4C87-9D4D-1C410183EC87}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{58EE7262-FB3A-47B3-9080-8BFF54BDA41B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{58FB41C5-2384-4ED0-92A7-7D6B5E67969C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{59D8D94B-104B-4CC3-A0C7-BD0FBCF4C49F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5A41A948-D886-4DD2-902F-5B5B46DFE593}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5A44C2AA-D427-40C4-BC0D-10520F75FB08}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5B225184-9030-49FA-86DB-65F96C7F2FD3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5B4A6012-8F21-4DE3-AAF4-F35BECA01F97}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5B6CE1E9-B3AF-4A84-B387-B5D9DFDBA101}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5B9F678C-DADF-4B82-93AB-E36832C7AC37}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5BDCE574-0A8A-4A30-9C57-38AA44B21CAD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5D21B177-CE77-4C85-849D-63BEC76E8D01}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5D3CC77B-A902-43AB-B08C-95C938D80497}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5D618056-E69C-43A5-AF64-5EC536F92426}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5EE0A123-61E2-41E5-9125-679982ABDCD2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5EE58C9B-63F6-463F-A611-00369855F491}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F0D2C29-8A30-49A0-90A2-579E59C4F035}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F248296-FB20-496B-AF1C-3CF8BD5271DE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F39EE7C-558E-4B37-9A0E-7E01D6053DE7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F55706B-7894-4947-A03A-ABBC4200C632}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F682BEC-3666-4D51-A858-7EAC952ADC09}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F743A47-9196-453E-8985-E3A0E40E8950}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{5F7EC116-A73F-4B9C-AE26-ACD242E4F750}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6000B5A2-2769-4877-8E84-5D84761A3760}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{60748BC6-108A-46BD-8791-B771A1FEA0D3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6104583B-3EF7-409D-ACD6-6E83A2F0265E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{616CD486-F107-40D2-9167-E8401BE1F466}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{61950844-2B56-45B3-91ED-18B5AA30BCAD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6286A41F-6471-42F4-8C05-88861CA949EE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6290E763-5055-421F-AC4C-282FD160914F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{62B6A69F-EE76-4C0B-9798-1F7AD85E22CB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{633237DD-CCCC-46FA-A306-28E85B2BE1D2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{63EE7DFB-3124-4D1D-90B2-8387BA4CB9D9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{649F911D-EA14-4E2D-9D4D-A44E1BF473B3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{64B43D78-D6A4-48DC-8681-8255AC83803B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{64D8A21F-91DD-4406-BB3E-9422D6934E68}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{65394288-ADFC-4DD0-8182-40935EE06F26}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{65556858-CCC9-4503-8025-E91CE10DD53D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6557F2DA-AE49-46DE-9F7B-4BA39EFA20DF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6586669C-D051-4D74-82B5-53949E057E8B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6593FAD9-6B8A-47E0-8E8E-7D3844E7BAF8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{65DBB382-DC2F-4A3C-B138-43FDEAF37F87}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{65E093E9-8634-4B48-9F6E-4AA65BEB34A8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6614769C-4202-4222-B57C-A020B7D4D63B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6632E779-6EB9-4704-A176-060114576FE6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6697B9A9-5F49-4D5B-8896-E77F346FABFC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{66ABAD0D-556B-44B9-85F8-8E5AD338A319}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{66E28CDA-6190-4AC3-A835-A07A127641D6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{66E79962-7727-414A-B3FC-A00E741F4B23}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{67734263-E2CC-4235-83FC-2D8F8E2DAB3A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6A90C17D-D590-4D72-BF04-5CED4156956B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6AC788F1-EA2D-4FDB-A635-927FCB492D19}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6ADC9C16-785D-44F6-BF31-6C89F437A911}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6AFF7E73-A419-43E7-93C6-968569E1937A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6B1B94A1-3D25-4927-B5B1-5DE8C819B45E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6B6B8338-65A5-4FAC-87B7-D7B3B6E89AA3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6BA58A28-0E9E-488B-ACE0-5175E4F3F205}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6BE0D6B2-E714-4D85-9CC8-244701538603}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6DEAE883-51C1-4998-B271-32F1740AC8D8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6E0CC3AD-823D-44AC-BE33-DD65ECF3B701}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6E39DF27-A779-4333-9FA8-E6690312BB18}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6ECE0636-45B0-4CEE-A61A-0B3439723707}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6F219442-06D8-4864-A059-4F4F3C266708}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{6F418609-F683-40B7-AE69-E1771851EBA3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{702270B5-4E0B-4BB3-A6BB-45AFD78E6D40}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{70B9827F-797F-4707-A3AD-CC0266BBAD33}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{725936C6-506F-4A9E-BF9F-A23AFE427E18}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7289CCE1-507D-494D-902D-CE443A26F261}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{72AF35E5-FB54-4FD8-B14D-A36CC805966C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{72DEC6CA-50FC-4EA6-9F2D-42CA8F996C08}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{72F88646-7872-4606-B44C-67842494E274}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{758AEBBC-8A43-4E32-8BF8-DEB2A9E84756}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7599AD0E-CD66-4BC1-9ABE-1D2CAD2A6324}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{75BC2F6D-8B70-4B5F-B8FF-EEF3DF887FBA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{75C6DC7B-842C-4ACB-93A9-13E494BE5667}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{75FEBFAD-1250-4DA7-A129-07C2380F50EB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{76C88B8D-48E8-40D8-B9E1-9F7023D22ACC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{76CC47A3-B7CD-45D4-A22C-AAA9F7627416}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7736CAC4-ABB0-4C6F-82B4-8FD9711353F2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{77886CBB-D8B0-4EC7-9B17-85AC71036E02}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{778D2E30-1956-44DC-AFD7-CB7F50A2AE9F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{779071D2-6679-441F-AE67-B2935289C66F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{785504D7-D55B-4905-ADFB-02636C1BCA72}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{786796A0-D249-4795-BC4D-BD9277027B24}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{78D05E5B-012B-446A-9D7B-6C0ABEE14FD9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{78FCA5BB-8132-4F77-B551-B340D212B1A3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{792F505A-0B83-4FB1-B8A1-14E2AED2AE8A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{795517BF-C766-49A9-BA9D-123FCB439EAE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{797D9F98-1216-45F3-82A2-6E6888FC2B8B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{79ACA9CD-C82F-40C5-A88C-BDEBF2270EC8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{79C8AFD7-94D7-4756-B07E-298134559051}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{79CC1B68-DC24-4BA2-99CA-D0D3A70E3185}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7A317737-991B-4145-8F14-D399AB5BDA9D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7A373F64-A6E4-4F52-A41C-B2C7FBFE43D4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7A981176-B84D-423C-8206-1471B636F8A7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7AEFEB45-7F25-454B-B8DC-A122A37A6D19}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7B5E78E8-BBB0-49E1-A113-177CDAEE8BB0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7B9FF6A3-4732-46DA-A8DE-1A47A47D5435}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7BDA09D5-04DB-4570-B77B-7BD451A4764B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7C19ED0E-7B05-4B38-986A-7DB91191EF54}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7C216055-29CE-4D22-8BD4-333C6ECF68E1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7C66BDDC-74AD-4F1E-BC43-A23914D803DC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7C9F259D-7090-4A42-8FCC-DD1F03B9A72F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7CCEAEF2-91B1-4BFF-9C90-652E74B1C809}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7CD1589E-8E9A-426E-BD27-1525F7669D0A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7D72C48D-A978-4C34-9012-A7A2CFDA9401}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7DAE6168-FE0E-4671-A183-2C2E9E676DA6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7EF5FD24-7541-4405-8A9B-73701532CDA7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7F949254-2BB9-4B56-9A83-B1D543021582}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{7FF8D29D-C5D5-4E4B-B1A1-44E80198EB16}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{80A2F45C-24A5-46F3-8B60-7A5275C4080F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{80F2FB11-063A-4E02-BE23-1E055B9EB7A9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{81318886-647A-4010-9225-D114ADA43509}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8139DA1F-0373-4FEB-929C-4DEC47A714A4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{818DB92E-9889-4A6D-AE14-9111F5046563}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8211D1D6-AF70-4071-9B36-6A77D955F95F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{83627A1B-EDDB-48DD-8047-D56519FDAD62}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{83EC42C0-50E8-48C2-AA41-B1CE422CDE71}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8410150C-9040-4A9D-A6F7-85A10B7AD9D4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{842CA80D-F66B-4EF0-A760-236F2E10BB66}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{84338CD6-5809-450E-842A-351DB485712D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{84AC3086-3FA2-4446-B696-CA4A01D3C7B4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{84E08063-A885-4D3F-8EA7-7B3A2D666532}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{854A6EAE-0C31-4C00-96B7-5FB04DB59B00}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{85AABA74-88A5-40A4-ACAC-7E149BC7B566}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{85E0A3DD-6CCF-49C7-AEAF-188F49936EC3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{865FA662-B95F-4B1D-A765-D258E668D1B5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{869BE438-F5D9-4553-AA92-6622F58DC6C0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{86C449B5-110C-4FD1-84B4-C347DA047750}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{87E47A7E-A797-4006-9074-8BB93817F685}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{87FB6B48-AD7B-475B-849C-A6A0922AFF05}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8854A35E-A3C1-4A74-B0E4-282C1897CB98}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{88911565-3DF0-4E3F-A973-D551D5583EFE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8B52DBA2-BB81-4E4A-92AA-AC81A6119511}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8C0AF80E-444A-4F4A-8642-940E1E88113B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8C1E5A13-A7F9-4B90-9CFF-B586F078FC62}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8C30BCC8-96ED-4847-8E67-01AE271F1ADB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8C521080-F99F-42B6-8C9A-6915CC8BD804}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8D064450-9392-4FD8-83B8-E3745FBA0F5D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8DB8CDB1-9096-4AE0-BE4A-E65BAFC99C67}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8E4CFF79-4062-4188-9EC6-128C380ADB16}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8E63CECC-638C-4446-88E8-49252F8F779D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8E6D83BA-3F1D-440E-9739-362F6D780938}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8ED7E4CA-203F-40CF-AAF7-76D7562FE236}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8F079AF0-9E8D-4F96-A30E-EF27263EEA68}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8FA62ECA-74F1-4AE1-97A2-7072D3C59147}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8FCAC6D5-4F7E-485E-A506-456E47B40B47}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{8FFF008C-1A47-4743-AD02-D12A37DA558A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{901A9501-808D-4BED-9B3E-A0E338A70192}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{90AF69F8-42E9-4EDF-9299-5543EAAA8AC5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{90D106AB-F341-4193-A8A2-07A5DA94B59A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9170CB53-2484-4C1E-8411-075B5269E207}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{91A1555C-053B-4F61-98A3-60E901AD5BC7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{92141460-369E-4D59-9616-01EEDBAA97DD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{92307E2A-E01C-4B18-9266-0EA7AE58C9DE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{92DD5992-4BF9-4824-A87C-3777B45927CF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{93869559-5C25-4B2D-9F12-F632D2A46F6B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{93EAB25B-9B5F-4051-A9BC-ED790E815718}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{93EF1632-A147-4A86-A3BF-0E5473C89CB4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{940139EF-D13D-4FDC-91D8-7289DF8AFC21}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{94532545-DD9A-45AF-A29F-DD7F9B7830FB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{945A751F-C756-452A-B779-3F56CD45AC7C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{94957C4D-BA3A-483E-B970-DE73D68636B3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{949C79E1-9C02-4364-AEEC-B323D929F308}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{95561251-F5B0-44B6-9347-9CE2C08F839C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9587DC1B-B2C0-4926-8AD0-0C4E6C91E798}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{95996052-4DE3-438B-B6AA-E79BC2B00024}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{95B61744-67EA-485E-9056-477BE6A94183}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{95D441A0-66D1-4481-B7FA-E680ADE8F7FE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9646BFC6-6247-4957-8346-38B3B308FAC5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9659A389-0C56-4DCD-8F1A-5B4458A0D391}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9727BF77-31C0-4990-9B2F-C1E23C389725}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9736193F-374C-4321-91DB-4AB535D9D731}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9805180E-DDED-4DFF-92D6-4DCD54EA0B39}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9887E338-17EE-4DE4-AD4E-8A6BD5150975}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{98FD31E6-31AD-4F4C-97C9-35A52A5C1997}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9930441E-26C7-4A82-83CB-623D8A6BF944}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{99585E2D-329F-463D-BD67-C1936AB281A1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{99652CA1-7FD7-4DB4-8767-64E75DDC076C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9A694653-2005-4E7E-8946-F94F525461DB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9ACE26DB-FC56-4F28-9D9C-D5CE24FE729A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9B366F67-6FDB-46E9-BE63-9FF27FA52A99}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9BD3E88F-7C12-4B78-AA9C-02A19D73C3AB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9C8F9FCD-958B-4B5A-98FD-3391CA783848}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9E830695-7339-4925-9897-B8E6130A5B02}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9EA7DA92-8475-4D9A-B240-45C20A396E9B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9EEA6D5A-937A-4582-BD16-0CB6F224AF49}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9F0F0F0F-5318-40D2-8992-2BDCE736B1C3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9F3A845A-3D31-447F-A657-AF2942C2C0B6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9F40E6F6-2108-492C-A17D-FFF4D27B7EFC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{9F913E46-B471-4FDF-AB37-BA69FD0B94FA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A0065BC0-5DAC-4F3D-BF91-E2041890AC22}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A0F1062D-892F-49F7-9EE4-B11C7A62F677}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A1A1987E-6ABA-4482-BC28-299DEDB56654}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A1D9B4CA-6F03-481C-A640-82DA8EC1BFFB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A1F27C41-DCE4-4695-8B6F-6ACAA866FD7C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A25498FE-8639-4F9E-B6FD-4113876D83A8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A2F54517-C152-401F-BD7F-28BCDE64DDF2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A3602B58-ED8D-42F5-B32C-85D41D2B2EEA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A3786270-95A2-45A6-91B1-50C037EA7908}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A3AA8570-409A-4F8C-9A84-6BEEC54252AE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A3B167CF-D3A1-42F1-A651-CA7CD9F04F44}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A45FC60F-B3F8-4C35-B58E-F0EE490F45BF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A4659B89-8714-4D95-ADAA-6DE382768CB6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A5594E7D-F39B-48E0-B4CE-B171A8A7B052}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A57C1454-9C27-4354-87D6-89F723F14637}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A5B11E84-F58A-4E63-85BA-3074D06BA842}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A61BAF0F-79D9-48E1-91EF-923141412448}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A6543775-886D-4D78-993B-E1832E3BD309}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A67E8911-0ED7-4928-A9D2-8A3250894929}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A687EADD-4A5B-4911-B567-694215AEACB1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A6B638F0-5753-4863-A035-426408E97567}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A72C879B-CF0A-483C-8F7E-19BE3196307C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A7705226-105D-40B2-8836-A928BDE1B376}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A772A4E8-8749-4A68-A200-DA7A875C660F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A856A0FF-1FF0-49E2-B002-C33FBAB458BE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A8B2549E-FC9C-47D3-BA6E-BDDC5F96BBE8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A8E2E7E0-BD59-4185-A6B8-8F943C0F5BE8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A91441A8-A797-4424-B04C-3DFF3CB5A7FF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A9C8AD3E-C2B5-4F58-9CA9-516BD8CC07A8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A9D7DEFB-D657-4851-8EDC-94A271A165A5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{A9F937C9-989C-4B22-9501-E9577C468404}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AA1EFF47-01D6-4C8E-B266-060969FB8696}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AA48DDA5-EA5F-4DC1-9E49-FD226C2105F7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AA85D274-A605-4655-87F5-9E0316169C5F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AA98CFAB-B2CF-458E-BAD8-BF3A174AC7B2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AADEA489-856F-4AFA-9923-43015B63EDDF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ABAEF0B4-572A-488E-9D40-A3A88AD72B35}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AC0861C7-93D3-4C38-BFC3-6718FC8157C1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AC243110-0F15-47BB-9517-E214D2A101DB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AC583045-D1A1-490F-9F70-21F68F88B560}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AC7A70E5-DDA9-43CB-809C-7E89DE7F1FBF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ACE2EE6F-41E8-4644-ADF6-0AA5103B89C2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ACF6A329-7FED-4FF2-A317-146E31EC3158}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AD67E03E-D009-42C9-9A22-0DEBFA4B3B40}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AD7EF29A-0624-4345-A99B-1D146DB8CB44}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AD96681C-52AA-4F99-B0E0-DAFF19CEA82D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ADA7AF54-F82F-4F41-8A7B-0AF18EEA4C3D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AE4674A5-3207-487D-8613-087CA60C4FEA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AF3CD639-A250-46D0-A193-85ECA1B691BB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AF619289-A58F-4E09-84DE-655848EE9791}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AF7532B3-4F7C-451E-BE23-B2EE71D1A1CD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AFA94B64-785E-48F5-8142-FD0C1AC30B17}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{AFB695F7-9802-4386-B1D3-9FD63E1B08A7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B001FE50-99B6-4B1F-88FD-9785F39D3B45}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B0CEE171-AB35-4374-8A56-932B9C3F8A6E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B0E7EB25-5056-40E7-818E-465691ED985E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B1470256-7640-404A-95A3-77BE415EE419}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B1530CA5-F750-4C7A-B815-7E851C722612}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B1588ADD-5C61-4292-9522-D329C3BD65CA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B1611927-2C70-4885-8658-2CB6AC5D9F9C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B192C705-B9E2-457F-B9CE-607598D52FC4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B2485B85-1A3D-40A4-A408-2E34D9AD1017}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B2ECE5F5-FB8E-4B7A-89F3-89C10ABD81C1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B30ACA4C-8AE7-4EE8-B1FC-E0CE2C682DEE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B31CAB93-1DBC-4535-BEEB-B8F18FE22449}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B3886E6C-E12F-4580-B6AA-20D208E7D649}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B38E95EC-2B2F-4809-87E4-ED1BE6053001}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B43DA8EA-3B2A-4CE2-AACD-332299F5C7BE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B44BD8BB-861D-47D0-840F-0B0DF4D39E47}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B467CD6C-2ACE-4AC5-94CC-54778440216D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B4C7FA21-0278-4B5F-A1D6-6788796E5D70}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B56F19AD-F56E-4EBE-92C0-75963F256E1B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B6267656-72A2-43A2-8BB7-2C11DA7702EA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B68D6C24-4670-421D-9BE7-14F11AD00FDE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B7D6E720-6DE3-4768-89B9-D4BE802D0044}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B7D7E974-1390-447E-9C55-E1BDBB64B5F8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B7F09A90-1E2E-4240-B5BA-12889C144293}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B824288D-B7B4-4B31-8267-8B43E7AF9C75}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B8411ED2-2E77-4F9D-953D-3A9DE864358F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B8771447-6B0D-43AF-A2D5-265D051CE980}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B88A22E6-93C5-4552-BAC7-6C86260559EE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B91B97BA-F07C-46CD-AEF7-558CFE00E12F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B99F33B4-0131-4DD3-A5D3-597E9119F2BB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{B9D8CF8D-1D26-4520-81BE-3E9B853F0475}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BB548A68-0741-43A4-901F-65562FF8ED95}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BC4F4EA7-85D1-4726-9F5E-CCD5F380E9DB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BCF1B5AB-15C9-47E6-8420-5A279997B36C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BD5F2E36-440E-489B-B460-CA120CB8E12B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BD736FD4-93EC-419C-A60C-E2058F96F681}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BE11E480-7378-42C4-80BF-BE7543493C2C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BE2C965B-8745-48E5-AD68-245393E11EBE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BF6D5930-C2F8-48B9-9A8E-E302B3243059}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BF84B2D3-9ACE-4C48-9993-4E66DB49F1EC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{BFD56984-5AA8-49FA-9103-0B6854416004}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C0236B11-0BE7-4045-B892-BCA0825D36D9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C04D04AA-4689-4EAF-B668-B970AEB9C8A9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C058629F-4527-46E7-A8C4-278AC2FC3E8D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C0867F90-33CC-44A2-8302-CCF9425390C0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C0EC9073-2201-4415-9829-C68F6ECFC8FD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C0FA3366-EB90-48E9-8A9D-DF502F108190}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C15AC418-EDB6-450F-B0BD-59E9DF93003E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C2394316-5149-4B85-8625-6F2877EA1DB8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C249D896-23A9-4D2B-9F45-80B29F423CAF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C24AC217-4423-4EC1-9628-B23083947999}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C2F3EE67-8031-4487-B99D-28E0DAECA6B0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C2F7B18E-3600-4F6F-9DB7-66EDE8399F03}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C34D056F-F343-4F26-88BE-EF2179EC0F39}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C4B8F3D6-EDB6-495C-BD94-87E4FD097721}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C56D1D4B-35D2-4791-8194-21D288F22636}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C576FA82-8CCD-4EA9-AE05-AFB1B67B719B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C583CBD2-A5F7-44CE-9AD5-55F3CE15E95F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C632E74B-B4B6-41B1-A421-66F6A4E6B285}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C65F57B9-B6F3-4164-85CA-86F2D64A8156}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C677DFAE-9685-463F-892D-D459519C88FC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C6C5F06D-B42F-4CC9-AE41-C15095E71E82}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C6CFEFFD-E721-447A-8066-A3E6B9E3D931}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C6E5AFD9-9CBC-4929-889F-5F3C3464727C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C79C7792-2E61-4281-90EF-29761EF4959E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C7A7CEBE-9A45-4488-8660-6E28343478E8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C85E91EC-6CD7-4C25-8CEB-2098681759F6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C8F786BB-9644-44EA-9D2D-708DF131D073}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C90AECB6-48F7-40F5-A964-E61B0E905A18}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{C95D5A3F-125D-4D68-9647-D466FE48DB95}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CAA5369C-6068-4FFC-A93B-10EDDBA86E3C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CAAE36B2-932C-4D20-9D7C-D95769BB7CC1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CC5D8556-9142-4A21-B15D-B869A21F0645}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CC9D5402-10CA-45B2-84D2-B9D7F787F622}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CD0D28F9-A4B0-44D1-8AA5-CA18FBA6A154}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CD4D48C8-120E-4599-B15A-82A1954AD308}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CEC0F8D3-FD25-4CD8-AFD8-8E0E480BD543}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CEC19B37-A0D4-46D7-A406-770D4BFED9B1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CEC417FF-8362-42D6-8707-3C0F8B338F93}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CEC499E1-6634-4B12-91D4-514E4E635067}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CF719231-78F1-46D9-89DF-89AC65D09B41}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CF7E5D51-788A-44B7-B068-65EACBAD97A4}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CF8372E1-1338-4E6F-8658-E4FACA3C557B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CF9809B4-9E57-4EE2-A0A2-83437B35C3E0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{CFBD307B-F139-4023-AF13-AAFEEF5E6E55}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D083BD7D-4772-40AD-9820-369119322001}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D0C1EA32-39FF-44CF-9BE5-112DEDF5B585}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D0ECBB52-1897-446F-9CD5-FCE48FB4CDE7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D1223A5D-DF46-4879-853B-554E94ECC24C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D12CB2F7-52EF-4EF3-A83A-619EC6905B9B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D14D94BF-19E7-4E5E-87F9-4C6221F86D27}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D178E673-FEF6-4F2B-BB43-AF8615A7A505}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D1FADD57-ADB9-46F4-9E97-3888AF3BEB12}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D2017DD7-D2F4-478A-B155-9286043639D2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D21E8642-3206-47E0-96B5-6FEB069024D1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D23CF578-C55B-4D41-894D-CEBBE6B61ECD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D40AD482-4282-4A81-AF3B-BCD2EBC8E472}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D42BB681-9E6C-4E08-AE69-4F5F99D93053}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D4C833DA-23F0-4683-9A3B-E790327B9D41}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D56BBBD6-4408-4E4E-B7F3-90AF6F565D36}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D5906EF5-07B1-4981-BA48-319EB4E29ED7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D5960F8B-3D49-4CC3-8AB8-EC3F4B39E345}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D63CDEC6-5927-40C8-B301-A67ECD6AFF5E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D6A4436E-B9B7-4C1A-B98B-AE271299CF6F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D73040E8-413D-4902-AE50-383367268BF2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D80F01B6-49BE-4DC6-A972-05DE5FE7DF6D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D812EBD9-8A00-4F47-85F5-4875C7D8CDC2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D817F457-1F2A-482D-840F-ECAE66FB4698}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D89A2128-14EA-45BC-93BA-830F1F44CB53}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D94EA7FE-0F91-431C-A7FE-F4AFEB91B881}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{D99FD869-9030-427B-917F-F64DF31D37C5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DA6151C2-9BF5-4251-B7F9-014134D23115}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DA7CCECD-8ED8-418C-A957-3B21665F4481}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DB6A7BEA-7844-42CD-B45C-9CA24F69FEAB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DB771A65-3327-4D38-99D9-FCAEDC089715}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DB9B87A7-2B2E-463E-A98D-7BD4F993E109}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DC8DBA6F-8BAE-4E88-AC46-B5801F1A67C1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DCDD4EDA-7B45-46F8-8BB8-36060D61D656}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DE389356-4C36-44DE-943F-7CFF9FD25B35}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DE6B5CE5-1D1C-4F9E-B61B-A82F6E5324CE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DF25D800-18FE-4B79-B116-378C8B1F2B5B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{DF49FF6D-D35A-4B5D-B6B4-17CC6E1645FE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E0139573-FAFF-471F-8F90-835732676E21}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E0398A58-4CED-49BE-8DA8-72243F07AD63}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E04F1E1F-294C-4108-8238-C56F47FDEF2F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E0CD7325-8CE3-451F-B463-F3F0681FE676}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E0F22725-FC6D-41B8-95BD-52934410BB33}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E105CECF-BE65-4E63-874B-1188B0BF3DC3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E2495D81-2CB5-4605-9F6F-8F665974BF20}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E2D1CAC3-F1ED-418A-B49C-D1E8CCD2571C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E3187237-7D31-47CA-BFBA-2C06B2E8A8B3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E3280AE7-B4B9-42A9-AEDE-451E96BE9A97}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E33AF756-2FA5-4772-A642-53A9FB8714A6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E33CDD7B-26ED-45FF-A567-CA35938A8A24}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E352F464-8DA2-4036-858A-FD8091F4C4E3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E3D92378-DCF8-4B2E-9D82-E8C7BE1D5B32}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E3E1065C-006C-487C-BE48-6D51DDA5FE22}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E3FFC446-49A5-4147-B295-F2AEA5786A28}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E4459FD7-1576-4C20-9C58-51E77D3E1AC1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E510CDD7-828F-413F-B588-2682538DCFC8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E523C4CE-ECD1-41F3-9E8B-2990D08D8BEE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E59489C8-7538-46EE-B107-1E2D3AFA2218}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E69031C7-67F1-4902-9974-C89B56B4CA13}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E6EEEC9E-D2CD-40B6-8F54-D30576CB56CC}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E743C8FF-25FC-4AD8-81E4-1BDD37DAB630}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E74E5F29-C74D-49CE-9251-0A82A84EF1C8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E781BD52-973A-4CA8-A21B-5AD665578623}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E7E0AD4E-FE79-4B34-8BC9-675B388449A2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E855C8C5-2C51-4E4E-A057-537D1CA83D96}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E8B4295C-26B3-4F25-A42D-1C58ABC512E1}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E959A83E-C8FC-44FF-98C4-CEEDB69C54B8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{E995F091-51CA-422A-8696-DA092F33672F}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EA4632DF-4240-4C72-A2CE-673960158409}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EA814BFF-C56A-4AC9-B3FE-1CDA947DB273}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EB49AB5A-2EA2-4A05-909C-5D8D9C444530}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EB7ADCEB-82FD-4028-89FA-73C3CD60F227}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EB8FC756-757F-417D-897C-3B33723BA1A0}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ECC69E5D-DFFE-4108-93E9-6CB584330571}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ECEF4A61-00BC-4428-B007-4F0F83F907C8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{ED5B4772-B674-4FE7-BCA1-62EA473F409E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EDA45BDC-05E4-44C7-8BD6-595C71096216}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EDFCD47E-2725-4BD1-8F7C-D82736F5D5E5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EE10EEAE-D900-4434-959D-E2B80E0DB37C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EE3A350C-AE30-4BDC-A531-4C25F33A57B8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EE78F63E-C9B1-475B-8D69-2BFA1B7955F6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EF1101BA-04D5-4E92-87C3-49AD5FE4942D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EF254D09-ED31-4302-8784-C18304A0A71C}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EF2B68CD-6CF9-4522-9E24-FCDF8747DA70}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{EFEF3F4F-2B9E-4FB0-BAA8-2CE78710402A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F0668E9A-40F5-4933-93DA-8511BA69A170}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F08BC531-48C0-497D-B6A6-4CC56A1B3809}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F11890E8-BA34-47C3-A4F5-59178ED29946}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F18104CF-90D5-4585-AA51-DE55801935C7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F19EE368-2D32-44CB-A3E4-647451932BF8}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F1A5093E-6D55-4938-8B4E-41AB1994762A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F1C9ED7A-6F4D-41AF-8138-9880124F6959}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F1FB4E8D-A347-43B1-A743-018894787DB5}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F2099A7C-A352-4981-811F-3C2D7E5DA0AF}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F23A3584-A946-4FC7-AE67-F02FC675EE3A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F29FCB16-8E17-45AA-A832-E1AFFA537189}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F2A5D4D0-A051-4855-A48C-77B9963331EE}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F3726BB0-3B6E-4056-9B57-43D19611858A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F45552F2-800E-497F-8525-950E7B388B16}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F48212CE-8CBB-4E15-95FB-14C287496A60}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F681032E-7BAF-415E-A582-E8F856E240F7}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F6853D2F-4E9C-424D-91CB-65C1589A87BD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F6B4C362-ADD1-4A00-A342-1195F1B764A6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F6BD8A85-AFA4-406D-9E9D-6B6604BC6048}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F6C53B39-C6C0-4753-B242-8DB1CEDA4330}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F6F2D52F-3100-481F-B07E-833CE066FE7D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F706DFA7-BF8C-4D2F-8A66-C15A8209DE78}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F7658203-4233-4EFD-BEA9-DDE33720E1BD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F7A3A275-990C-4739-BDEB-FC506E314206}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F81F1346-22AE-46A9-ADE9-E44E9EDC510A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F88B4654-C01A-488E-A941-F5D82E6BA38B}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F8BED885-4926-432D-A262-2D6F749638AB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F8C5B21E-9D7A-4717-9F3E-602AC85D2DC9}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F8EDFD54-5D57-4BD0-9B20-24F15A87FCEA}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F953D3F1-72D5-45DA-99F8-459EC10B590D}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F9BEF5AC-5F28-41BC-B5D3-D1A76FF727CB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F9C45C6D-C773-4F46-98E0-1865EE7E8F64}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F9CE9F68-A711-4B27-B4ED-C305A8AC81CB}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F9E0FFA4-CF52-4A56-92AF-D32B8F2267E2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{F9E29242-E298-4676-9FA3-9E201875CCE6}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FA84620A-3C4F-47B0-A120-9A32598CAC18}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FC24E51F-3E95-4F28-96E7-ACAB4ABEBF6A}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FC7C075E-3526-40A3-AF64-E19A161E9E6E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FD653B72-09CB-450A-B085-C62E489B5132}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FD9BE2E3-F305-484F-9623-06D2B61334E2}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FE5DF56F-2570-4161-939F-800AF0E615CD}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FF2ED84E-3443-4687-A437-5B6993A40F7E}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FFBBA971-A5AA-4BFC-B56F-43BA7A1F6EC3}
Successfully deleted: [Empty Folder] C:\Users\BR\appdata\local\{FFE7DAC7-901A-45B6-8930-46FE7D7EFFC1}
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\user.js
Successfully deleted: [File] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
Successfully deleted: [File] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\searchplugins\mystart search.xml
Successfully deleted: [File] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\searchplugins\search_results.xml
Successfully deleted: [Folder] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\conduitcommon
Successfully deleted: [Folder] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\smartbar
Successfully deleted: [Folder] C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\extensions\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted the following from C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\prefs.js

user_pref("CT3196716.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT3196716.BrowserCompStateIsOpen_129774122767598898", true);
user_pref("CT3196716.CT3196716", "CT3196716");
user_pref("CT3196716.DSInstall", false);
user_pref("CT3196716.DialogsAlignMode", "LTR");
user_pref("CT3196716.DialogsGetterLastCheckTime", "Sun Aug 19 2012 17:15:25 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.EMailNotifierPollDate", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.ExternalComponentPollDate129755756828511878", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.ExternalComponentPollDate129757581393447276", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.FirstTime", true);
user_pref("CT3196716.FirstTimeFF3", true);
user_pref("CT3196716.FirstTimeHiddenVer", true);
user_pref("CT3196716.FixPageNotFoundErrors", true);
user_pref("CT3196716.HPInstall", false);
user_pref("CT3196716.HasUserGlobalKeys", true);
user_pref("CT3196716.HomePageProtectorEnabled", false);
user_pref("CT3196716.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3196716&SearchSource=13");
user_pref("CT3196716.Initialize", true);
user_pref("CT3196716.InitializeCommonPrefs", true);
user_pref("CT3196716.InstalledDate", "Sun Aug 19 2012 17:16:07 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.InvalidateCache", false);
user_pref("CT3196716.IsGrouping", false);
user_pref("CT3196716.IsInitSetupIni", true);
user_pref("CT3196716.IsMulticommunity", false);
user_pref("CT3196716.IsOpenThankYouPage", true);
user_pref("CT3196716.IsOpenUninstallPage", true);
user_pref("CT3196716.IsProtectorsInit", true);
user_pref("CT3196716.LanguagePackLastCheckTime", "Sun Aug 19 2012 17:15:25 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.Locale", "en");
user_pref("CT3196716.MCDetectTooltipHeight", "83");
user_pref("CT3196716.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT3196716.MCDetectTooltipWidth", "295");
user_pref("CT3196716.MyStuffEnabledAtInstallation", true);
user_pref("CT3196716.OriginalFirstVersion", "3.14.1.0");
user_pref("CT3196716.RadioIsPodcast", false);
user_pref("CT3196716.RadioLastCheckTime", "Sun Aug 19 2012 17:15:25 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.RadioLastUpdateIPServer", "3");
user_pref("CT3196716.RadioLastUpdateServer", "3");
user_pref("CT3196716.RadioMediaID", "9962");
user_pref("CT3196716.RadioMediaType", "Media Player");
user_pref("CT3196716.RadioMenuSelectedID", "EBRadioMenu_CT31967169962");
user_pref("CT3196716.RadioShrinkedFromSetup", false);
user_pref("CT3196716.RadioStationName", "California%20Rock");
user_pref("CT3196716.RadioStationURL", "hxxp://feedlive.net/california.asx");
user_pref("CT3196716.SavedHomepage", "hxxp://www.google.com/ig");
user_pref("CT3196716.SearchCaption", "WiseConvert Customized Web Search");
user_pref("CT3196716.SearchEngineBeforeUnload", "WiseConvert Customized Web Search");
user_pref("CT3196716.SearchFromAddressBarIsInit", true);
user_pref("CT3196716.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=");
user_pref("CT3196716.SearchProtectorEnabled", false);
user_pref("CT3196716.SearchProtectorToolbarDisabled", false);
user_pref("CT3196716.SendProtectorDataViaLogin", true);
user_pref("CT3196716.ServiceMapLastCheckTime", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.SettingsLastCheckTime", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.SettingsLastUpdate", "1344943776");
user_pref("CT3196716.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3196716&SearchSource=13");
user_pref("CT3196716.ThirdPartyComponentsInterval", 504);
user_pref("CT3196716.ThirdPartyComponentsLastCheck", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT3196716.ToolbarShrinkedFromSetup", false);
user_pref("CT3196716.WeatherNetwork", "");
user_pref("CT3196716.WeatherPollDate", "Sun Aug 19 2012 17:15:25 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.WeatherUnit", "C");
user_pref("CT3196716.alertChannelId", "1613210");
user_pref("CT3196716.backendstorage.cbcountry_001", "4341");
user_pref("CT3196716.backendstorage.cbfirsttime", "53756E2041756720313920323031322031373A31353A323720474D542D30373030202850616369666963204461796C696768742054696D6529");
user_pref("CT3196716.backendstorage.event_data", "253542253544");
user_pref("CT3196716.backendstorage.fired_events", "");
user_pref("CT3196716.backendstorage.key_date", "3139");
user_pref("CT3196716.backendstorage.shoppingapp.gk.exipres", "4672692041756720323420323031322031373A31353A323620474D542D30373030202850616369666963204461796C696768742054696D652
user_pref("CT3196716.backendstorage.shoppingapp.gk.geolocation", "63616E616461");
user_pref("CT3196716.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A31333435343231383237343934");
user_pref("CT3196716.globalFirstTimeInfoLastCheckTime", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.initDone", true);
user_pref("CT3196716.isAppTrackingManagerOn", true);
user_pref("CT3196716.isFirstRadioInstallation", false);
user_pref("CT3196716.navigateToUrlOnSearch", false);
user_pref("CT3196716.oldAppsList", "129755756823355459,129755756826636815,111,129757581393447276,129755756828511878,1000082,1000234,1000034,129876925696479818,1298232085360280
user_pref("CT3196716.revertSettingsEnabled", false);
user_pref("CT3196716.testingCtid", "");
user_pref("CT3196716.toolbarAppMetaDataLastCheckTime", "Sun Aug 19 2012 17:15:24 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3196716.toolbarContextMenuLastCheckTime", "Sun Aug 19 2012 17:15:25 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0,closeonexternalclick=1,savelocation=0,openposition=offset:(0;30)");
user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM3NjA5ODMzNCwidXVpZCI6NDA3MTM3OTEzOTQ5NjA4LCJzZXFfaWQiOjgyLCJzc2IiOjEzNDU0MjI5MjR9");
user_pref("CT3220468.CBOpenMAMSettings", "0");
user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U=");
user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA==");
user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzY4MjAxMzcxMjc0NDE4ODAy");
user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
user_pref("CT3220468.UserID", "UN32285137860680485");
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", 14);
user_pref("CT3220468.browser.search.defaultthis.engineName", true);
user_pref("CT3220468.cb_experience_000.enc", "MTU3");
user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");
user_pref("CT3220468.cb_user_id_000.enc", "Q0I4MzMwMDk4NTY0MThfMTM3NTc5Nzg2NDU2OF9GaXJlZm94");
user_pref("CT3220468.cbcountry_001", "CA");
user_pref("CT3220468.cbfirsttime.enc", "U3VuIEF1ZyAxOSAyMDEyIDE3OjM1OjE3IEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbWUp");
user_pref("CT3220468.countryCode", "CA");
user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableSearchFromAddressBar", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.fullUserID", "UN32285137860680485.UP.20130806061719");
user_pref("CT3220468.homepageuserchanged", true);
user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES", "openposition=offset:50;50,savelocation=0,resizable=no,scrollbars=no,titlebar=
user_pref("CT3220468.installId", "fft8FC2.tmp.exe");
user_pref("CT3220468.installType", "XPE");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isNewTabEnabled", true);
user_pref("CT3220468.isPerformedSmartBarTransition", "true");
user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.keyword", true);
user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN3228513786068048
user_pref("CT3220468.lastVersion", "10.16.70.505");
user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM3NjE0MTk3NzYwNA==");
user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_Easytobook.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_Easytobook_targeted.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_WindowShopper.enc", "b24=");
user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFV
user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3220468.mam_gk_calledSetupService.enc", "MQ==");
user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIzMzZjMjgwYS00OGZhLTRiZTItYj
user_pref("CT3220468.mam_gk_currentVersion.enc", "MS45LjAuNA==");
user_pref("CT3220468.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
user_pref("CT3220468.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM3NjE0MTk3NzkyMA==");
user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHM
user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3220468.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoi
user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3220468.mam_gk_userId.enc", "ZDAwZTBmMDAtYzJhMi00NzQyLWJhNWQtMzgyOGNjYjU1OGI3");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.geekstogo.com%2Fforum%2Ftopic%2F332384-can-not-stop-popups%2Fpa
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "FALSE");
user_pref("CT3220468.originalSearchAddressUrl", "hxxp://isearch.avg.com/search?cid=%7B28773a3c-8007-4e1f-b7c9-02d0bc90ec2f%7D&mid=acb71249790d47d0b54d318208999b7d-308b49fa64bb
user_pref("CT3220468.originalSearchEngine", "AVG Secure Search");
user_pref("CT3220468.originalSearchEngineName", "uTorrentControl_v2 Customized Web Search");
user_pref("CT3220468.price-gong.isManagedApp", "true");
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "2");
user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.searchSuggestEnabledByUser", "false");
user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1376002430663");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1375795165043");
user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1375798662678");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1376098336130");
user_pref("CT3220468.serviceLayer_services_clientErrorLog_lastUpdate", "1375795053023");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1375795164972");
user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1346109558997");
user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1354893023040");
user_pref("CT3220468.serviceLayer_services_login_10.16.70.505_lastUpdate", "1376054354423");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1375795165083");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1376002430548");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1376002430519");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1375795164807");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1376098336077");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1376002430589");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.homepage", true);
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3220468.startPage", "userChanged");
user_pref("CT3220468.toolbarBornServerTime", "20-8-2012");
user_pref("CT3220468.toolbarCurrentServerTime", "9-8-2013");
user_pref("CT3220468.toolbarLoginClientTime", "Tue Aug 06 2013 07:03:32 GMT-0700 (Pacific Daylight Time)");
user_pref("CT3220468.undefined", "{\"last_log\":1346303720,\"uuid\":580166457891257,\"seq_id\":1,\"ssb\":1346303720}");
user_pref("CT3220468.upgradeFromClearSBVersion", true);
user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5idXlhYmF0dGVyeS5jYWxscy5uZXQvOjo6Y2xpY2toYW5kbGVyOjo6MTM3NjA1NTQ2MDg0NCwsLGh0dHA6Ly93d3cuYnV5YWJhdHRlcnkuY2FsbHMubmV
user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376141965811,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CT3227981.FF19Solved", "true");
user_pref("CT3227981.UserID", "UN16999080948451144");
user_pref("CT3227981.browser.search.defaultthis.engineName", "true");
user_pref("CT3227981.fullUserID", "UN16999080948451144.IN.20130806160730");
user_pref("CT3227981.installDate", "06/08/2013 16:07:28");
user_pref("CT3227981.installSessionId", "{05556C02-BD27-445A-BD47-1D97AA361723}");
user_pref("CT3227981.installSp", "TRUE");
user_pref("CT3227981.installerVersion", "1.5.4.5");
user_pref("CT3227981.keyword", "true");
user_pref("CT3227981.originalHomepage", "hxxp://www.google.com/ig");
user_pref("CT3227981.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN32285137860680485&UM=&q=");
user_pref("CT3227981.originalSearchEngine", "");
user_pref("CT3227981.originalSearchEngineName", "uTorrentControl_v2 Customized Web Search");
user_pref("CT3227981.searchRevert", "false");
user_pref("CT3227981.searchUserMode", "2");
user_pref("CT3227981.smartbar.homepage", "true");
user_pref("CT3227981.versionFromInstaller", "10.16.9.6");
user_pref("CT3227981.xpeMode", "0");
user_pref("CT3287822_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1375835715149,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3196716&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3196716&SearchSource=13,hxxp://
user_pref("CommunityToolbar.ConduitSearchList", "WiseConvert Customized Web Search,WiseConvert Customized Web Search,WiseConvert Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3196716/CT3196716", "\"31621e8c3d31766da19b0097ec748db52\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3196716", "\"1340259244\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:1515\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3196716", "\"c912886ea3ba021d3a9ef2d6ad700899\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"8271f848f11474147a27c59bedc53342\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\BR\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\acm539rf.default\\conduitCommon\\modules\\3.14.1.0");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT3196716");
user_pref("CommunityToolbar.ToolbarsList2", "CT3196716");
user_pref("CommunityToolbar.ToolbarsList4", "CT3196716");
user_pref("CommunityToolbar.notifications.alertEnabled", false);
user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/ig");
user_pref("CommunityToolbar.originalSearchEngine", "WiseConvert Customized Web Search");
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3287822&CUI=UN64698979369841776&UM=2&SearchSource=13&UP=SP3097228F-60E2-44C9-8A9B-237AA81A54F6");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN32285137860680485&UM=&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3287822");
user_pref("browser.search.defaultthis.engineName", "MixiDJ V8 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287822&CUI=UN64698979369841776&UM=2&SearchSource=3&q={searchTerms}");
user_pref("extensions.503177579ce07.scode", "(function(){try{if('mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.sw
user_pref("extensions.50317a8167853.scode", "(function(){try{if('mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.sw
user_pref("extensions.incredibar.actvtyRptTime", "1345419817791");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "CA");
user_pref("extensions.incredibar.dfltLng", "EN");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.dfltlng", "en");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.did", "10650");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "429D92E261D943B5533572F1316577A5");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.hrdid", "b418c60e0000000000000626823ec88f");
user_pref("extensions.incredibar.id", "b418c60e0000000000000626823ec88f");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15571");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.instlday", "15571");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.isDcmntCmplt", true);
user_pref("extensions.incredibar.isdcmntcmplt", "false");
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:41:40");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "201%5F5");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8CBbqFsI&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8CBbqFsI&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6R8CBbqFsI");
user_pref("extensions.incredibar.upn2n", "92824910265193048");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:41:40");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1416:41:40");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10650");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "b418c60e0000000000000626823ec88f");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15571");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "201%5F5");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8CBbqFsI&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6R8CBbqFsI");
user_pref("extensions.incredibar_i.upn2n", "92824910265193048");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:41:40");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.wajam.affiliate_id", "4220");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
user_pref("extensions.wajam.supported_sites.ask.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_
user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABE
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.supported_sites.tripadvisor.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LAB
user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL
user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAM
user_pref("extensions.wajam.supported_sites.yelp.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME
user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.trace_log", "");
user_pref("extensions.wajam.unique_id", "E0B147D6BDCC471E99192E64D6A4C1CB");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.26");
user_pref("extensions.wajam.website_version", "1.00274.0");
user_pref("smartbar.addressBarOwnerCTID", "CT3287822");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3227981&CUI=UN16999080948451144&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3227981&oct
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN32285137860680485&UM=&q=,hxxp://search.conduit
user_pref("smartbar.defaultSearchOwnerCTID", "CT3287822");
user_pref("smartbar.homePageOwnerCTID", "CT3287822");
user_pref("smartbar.machineId", "B9FY2MB+GK5ST7I1IZFBRSDC+J4JNFBN2NM+XSNQSSXHRLHOTOJXBSCWNVQMLRQZUVYSZ9F/ET/7UIDI2+6YYG");
Emptied folder: C:\Users\BR\AppData\Roaming\mozilla\firefox\profiles\acm539rf.default\minidumps [112 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/08/2013 at 6:50:36.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#5
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
Hi ran Combofix but when I was Waiting for to prepare the log it froze I think when it rebooted up Malewarbytes came on automatically. I notice combofix said not run any programs dont no how to retrieve the info now?
  • 0

#7
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
sorry forgot to tell you what ever Combofix did seemed to work went to the site they usually poped up and nothing?
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

I would like to see the report so lets see if we can find the report this way.

Extra Combofix Report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\ComboFix.txt
  • click ok
  • copy and paste the report into this topic for me to review

Gringo
  • 0

#9
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
having trouble getting log, Windows cannot find it and ask me make sure spelling is correct etc.
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

Then it did not complete

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

after combofix has finished its scan please post the report back here.

Gringo
  • 0

Advertisements


#11
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
Hi Gringo, ran the program again in save mode but just like before a screen comes up asking to wait for the report and do not run any programs. Just time I waited over two hrs no report almost like its jamming?
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+

send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
  • 0

#13
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
tdss killer

08:59:18.0462 3176 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:59:19.0523 3176 ============================================================
08:59:19.0523 3176 Current date / time: 2013/08/11 08:59:19.0523
08:59:19.0523 3176 SystemInfo:
08:59:19.0523 3176
08:59:19.0523 3176 OS Version: 6.1.7601 ServicePack: 1.0
08:59:19.0523 3176 Product type: Workstation
08:59:19.0523 3176 ComputerName: BRIAN-PC
08:59:19.0523 3176 UserName: BR
08:59:19.0523 3176 Windows directory: C:\Windows
08:59:19.0523 3176 System windows directory: C:\Windows
08:59:19.0523 3176 Running under WOW64
08:59:19.0523 3176 Processor architecture: Intel x64
08:59:19.0523 3176 Number of processors: 4
08:59:19.0523 3176 Page size: 0x1000
08:59:19.0523 3176 Boot type: Normal boot
08:59:19.0523 3176 ============================================================
09:00:24.0568 3176 BG loaded
09:00:25.0270 3176 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:00:25.0302 3176 Drive \Device\Harddisk1\DR1 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:00:25.0317 3176 ============================================================
09:00:25.0317 3176 \Device\Harddisk0\DR0:
09:00:25.0364 3176 MBR partitions:
09:00:25.0364 3176 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:00:25.0364 3176 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x730C9000
09:00:25.0364 3176 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x730FB800, BlocksNum 0x160A800
09:00:25.0364 3176 \Device\Harddisk1\DR1:
09:00:25.0364 3176 MBR partitions:
09:00:25.0364 3176 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
09:00:25.0364 3176 ============================================================
09:00:25.0598 3176 C: <-> \Device\Harddisk0\DR0\Partition2
09:00:25.0770 3176 D: <-> \Device\Harddisk0\DR0\Partition3
09:00:25.0801 3176 K: <-> \Device\Harddisk1\DR1\Partition1
09:00:25.0801 3176 ============================================================
09:00:25.0801 3176 Initialize success
09:00:25.0801 3176 ============================================================
09:00:39.0451 4812 ============================================================
09:00:39.0451 4812 Scan started
09:00:39.0451 4812 Mode: Manual; SigCheck; TDLFS;
09:00:39.0451 4812 ============================================================
09:00:42.0874 4812 ================ Scan system memory ========================
09:00:42.0874 4812 System memory - ok
09:00:42.0874 4812 ================ Scan services =============================
09:00:43.0358 4812 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:00:43.0467 4812 1394ohci - ok
09:00:43.0608 4812 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:00:43.0654 4812 ACPI - ok
09:00:43.0748 4812 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:00:44.0372 4812 AcpiPmi - ok
09:00:44.0793 4812 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:00:44.0809 4812 AdobeARMservice - ok
09:00:46.0696 4812 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:00:46.0868 4812 AdobeFlashPlayerUpdateSvc - ok
09:00:47.0258 4812 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:00:47.0367 4812 adp94xx - ok
09:00:47.0695 4812 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:00:47.0757 4812 adpahci - ok
09:00:47.0929 4812 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:00:47.0991 4812 adpu320 - ok
09:00:48.0132 4812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:00:53.0296 4812 AeLookupSvc - ok
09:00:53.0530 4812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:00:53.0702 4812 AFD - ok
09:00:53.0827 4812 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:00:53.0858 4812 agp440 - ok
09:00:54.0045 4812 [ 3327E85CADB3B65EE36016E35BCC0ADC ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
09:00:54.0482 4812 ahcix64s - ok
09:00:54.0700 4812 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:00:55.0184 4812 ALG - ok
09:00:55.0262 4812 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:00:55.0340 4812 aliide - ok
09:00:55.0387 4812 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:00:55.0496 4812 amdide - ok
09:00:55.0699 4812 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:00:56.0104 4812 AmdK8 - ok
09:00:56.0135 4812 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:00:56.0213 4812 AmdPPM - ok
09:00:56.0323 4812 [ 12A5062C06E03FF70DB47800F91C7A13 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
09:00:56.0401 4812 amdsata - ok
09:00:56.0463 4812 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:00:56.0494 4812 amdsbs - ok
09:00:56.0541 4812 [ 8A7F289B45CEACAC761E14D5FAC59EB9 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
09:00:56.0572 4812 amdxata - ok
09:00:56.0728 4812 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:00:57.0181 4812 AppID - ok
09:00:57.0259 4812 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:00:57.0352 4812 AppIDSvc - ok
09:00:57.0430 4812 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
09:00:57.0493 4812 Appinfo - ok
09:00:57.0539 4812 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:00:57.0555 4812 arc - ok
09:00:57.0555 4812 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:00:57.0571 4812 arcsas - ok
09:00:57.0711 4812 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:00:57.0976 4812 aspnet_state - ok
09:00:58.0054 4812 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:00:58.0148 4812 AsyncMac - ok
09:00:58.0210 4812 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:00:58.0226 4812 atapi - ok
09:00:58.0569 4812 [ E0FABC10635C670BD7D89FD214A405D7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:00:58.0647 4812 athr - ok
09:00:59.0037 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:00:59.0209 4812 AudioEndpointBuilder - ok
09:00:59.0443 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:00:59.0489 4812 AudioSrv - ok
09:00:59.0712 4812 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:01:00.0581 4812 AxInstSV - ok
09:01:00.0815 4812 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:01:00.0893 4812 b06bdrv - ok
09:01:01.0080 4812 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:01:01.0111 4812 b57nd60a - ok
09:01:01.0733 4812 [ 68B86DD9D455A6A8DE6D13C84FB5CE31 ] BackupService C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
09:01:01.0842 4812 BackupService - ok
09:01:01.0951 4812 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:01:02.0029 4812 BDESVC - ok
09:01:02.0154 4812 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:01:02.0232 4812 Beep - ok
09:01:02.0669 4812 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:01:02.0731 4812 BFE - ok
09:01:02.0809 4812 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
09:01:02.0903 4812 BITS - ok
09:01:03.0012 4812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:01:03.0059 4812 blbdrive - ok
09:01:03.0137 4812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:01:03.0199 4812 bowser - ok
09:01:03.0231 4812 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:01:04.0057 4812 BrFiltLo - ok
09:01:04.0057 4812 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:01:04.0089 4812 BrFiltUp - ok
09:01:04.0120 4812 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:01:04.0182 4812 BridgeMP - ok
09:01:04.0276 4812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:01:04.0354 4812 Browser - ok
09:01:04.0369 4812 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:01:04.0479 4812 Brserid - ok
09:01:04.0494 4812 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:01:04.0525 4812 BrSerWdm - ok
09:01:04.0525 4812 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:01:04.0572 4812 BrUsbMdm - ok
09:01:04.0588 4812 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:01:04.0619 4812 BrUsbSer - ok
09:01:04.0666 4812 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:01:04.0713 4812 BTHMODEM - ok
09:01:04.0791 4812 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:01:04.0837 4812 bthserv - ok
09:01:05.0493 4812 catchme - ok
09:01:05.0524 4812 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:01:05.0602 4812 cdfs - ok
09:01:05.0758 4812 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:01:05.0836 4812 cdrom - ok
09:01:05.0976 4812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:01:06.0070 4812 CertPropSvc - ok
09:01:06.0163 4812 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:01:06.0241 4812 circlass - ok
09:01:06.0335 4812 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:01:06.0366 4812 CLFS - ok
09:01:06.0507 4812 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:01:06.0569 4812 clr_optimization_v2.0.50727_32 - ok
09:01:06.0850 4812 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:01:06.0943 4812 clr_optimization_v2.0.50727_64 - ok
09:01:07.0224 4812 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:01:07.0489 4812 clr_optimization_v4.0.30319_32 - ok
09:01:07.0599 4812 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:01:07.0630 4812 clr_optimization_v4.0.30319_64 - ok
09:01:07.0661 4812 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:01:07.0723 4812 CmBatt - ok
09:01:07.0755 4812 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:01:07.0786 4812 cmdide - ok
09:01:07.0817 4812 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:01:07.0833 4812 CNG - ok
09:01:07.0864 4812 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:01:07.0911 4812 Compbatt - ok
09:01:07.0957 4812 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:01:08.0004 4812 CompositeBus - ok
09:01:08.0035 4812 COMSysApp - ok
09:01:08.0379 4812 [ 20C701DCBA0704E9D38829BD510CD186 ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
09:01:08.0394 4812 CoordinatorServiceHost - ok
09:01:08.0457 4812 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:01:08.0457 4812 crcdisk - ok
09:01:09.0159 4812 [ 97558F429F8F09446AE51C1AA88C9B9B ] CrossLoopService C:\Users\BRIAN\AppData\Local\CrossLoop\CrossLoopService.exe
09:01:09.0424 4812 CrossLoopService - ok
09:01:09.0486 4812 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:01:09.0549 4812 CryptSvc - ok
09:01:09.0720 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:01:09.0783 4812 DcomLaunch - ok
09:01:09.0876 4812 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:01:09.0985 4812 defragsvc - ok
09:01:10.0095 4812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:01:10.0157 4812 DfsC - ok
09:01:10.0282 4812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:01:10.0360 4812 Dhcp - ok
09:01:10.0407 4812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:01:10.0453 4812 discache - ok
09:01:10.0516 4812 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:01:10.0547 4812 Disk - ok
09:01:10.0641 4812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:01:10.0765 4812 Dnscache - ok
09:01:10.0797 4812 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:01:10.0875 4812 dot3svc - ok
09:01:10.0953 4812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:01:11.0015 4812 DPS - ok
09:01:11.0093 4812 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:01:11.0155 4812 drmkaud - ok
09:01:11.0374 4812 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:01:11.0405 4812 DXGKrnl - ok
09:01:11.0483 4812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:01:11.0545 4812 EapHost - ok
09:01:12.0294 4812 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:01:12.0372 4812 ebdrv - ok
09:01:12.0435 4812 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:01:12.0575 4812 EFS - ok
09:01:12.0747 4812 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:01:12.0887 4812 ehRecvr - ok
09:01:12.0965 4812 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:01:13.0074 4812 ehSched - ok
09:01:13.0152 4812 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:01:13.0199 4812 elxstor - ok
09:01:13.0230 4812 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:01:13.0293 4812 ErrDev - ok
09:01:13.0449 4812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:01:13.0527 4812 EventSystem - ok
09:01:13.0542 4812 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:01:13.0620 4812 exfat - ok
09:01:13.0683 4812 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:01:13.0761 4812 fastfat - ok
09:01:13.0823 4812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:01:13.0885 4812 Fax - ok
09:01:13.0917 4812 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:01:13.0963 4812 fdc - ok
09:01:14.0010 4812 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:01:14.0088 4812 fdPHost - ok
09:01:14.0104 4812 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:01:14.0182 4812 FDResPub - ok
09:01:14.0229 4812 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:01:14.0260 4812 FileInfo - ok
09:01:14.0275 4812 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:01:14.0338 4812 Filetrace - ok
09:01:14.0447 4812 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:01:14.0790 4812 FLEXnet Licensing Service - ok
09:01:14.0915 4812 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
09:01:15.0071 4812 FLEXnet Licensing Service 64 - ok
09:01:15.0102 4812 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:01:15.0149 4812 flpydisk - ok
09:01:15.0196 4812 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:01:15.0211 4812 FltMgr - ok
09:01:15.0289 4812 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
09:01:15.0321 4812 FontCache - ok
09:01:15.0414 4812 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:01:15.0430 4812 FontCache3.0.0.0 - ok
09:01:15.0461 4812 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:01:15.0508 4812 FsDepends - ok
09:01:15.0555 4812 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:01:15.0586 4812 fssfltr - ok
09:01:15.0679 4812 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:01:15.0742 4812 fsssvc - ok
09:01:15.0820 4812 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:01:15.0851 4812 Fs_Rec - ok
09:01:15.0945 4812 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:01:15.0991 4812 fvevol - ok
09:01:16.0007 4812 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:01:16.0023 4812 gagp30kx - ok
09:01:16.0132 4812 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:01:16.0147 4812 GamesAppService - ok
09:01:16.0194 4812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:01:16.0241 4812 gpsvc - ok
09:01:16.0397 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:01:16.0397 4812 gupdate - ok
09:01:16.0397 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:01:16.0413 4812 gupdatem - ok
09:01:16.0428 4812 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:01:16.0475 4812 hcw85cir - ok
09:01:16.0537 4812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:01:16.0569 4812 HDAudBus - ok
09:01:16.0631 4812 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:01:16.0647 4812 HECIx64 - ok
09:01:16.0725 4812 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:01:16.0818 4812 HidBatt - ok
09:01:16.0849 4812 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:01:16.0896 4812 HidBth - ok
09:01:16.0943 4812 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:01:17.0005 4812 HidIr - ok
09:01:17.0083 4812 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:01:17.0146 4812 hidserv - ok
09:01:17.0255 4812 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:01:17.0271 4812 HidUsb - ok
09:01:17.0317 4812 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:01:17.0395 4812 hkmsvc - ok
09:01:17.0473 4812 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:01:17.0567 4812 HomeGroupListener - ok
09:01:17.0614 4812 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:01:17.0661 4812 HomeGroupProvider - ok
09:01:17.0895 4812 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
09:01:17.0973 4812 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
09:01:17.0973 4812 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
09:01:18.0519 4812 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
09:01:18.0550 4812 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
09:01:18.0550 4812 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
09:01:18.0581 4812 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
09:01:18.0628 4812 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
09:01:18.0628 4812 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
09:01:18.0831 4812 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
09:01:18.0909 4812 hpqwmiex - ok
09:01:18.0940 4812 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:01:18.0955 4812 HpSAMD - ok
09:01:19.0517 4812 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:01:19.0533 4812 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
09:01:19.0533 4812 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
09:01:19.0767 4812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:01:19.0829 4812 HTTP - ok
09:01:19.0876 4812 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:01:19.0891 4812 hwpolicy - ok
09:01:20.0094 4812 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:01:20.0157 4812 i8042prt - ok
09:01:20.0328 4812 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:01:20.0375 4812 iaStor - ok
09:01:20.0531 4812 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:01:20.0578 4812 iaStorV - ok
09:01:20.0859 4812 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:01:20.0905 4812 idsvc - ok
09:01:21.0639 4812 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:01:21.0763 4812 igfx - ok
09:01:21.0795 4812 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:01:21.0810 4812 iirsp - ok
09:01:21.0857 4812 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:01:21.0919 4812 IKEEXT - ok
09:01:22.0029 4812 [ EF75C94792187A143871FBB87611B0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:01:22.0060 4812 IntcAzAudAddService - ok
09:01:22.0138 4812 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:01:22.0153 4812 intelide - ok
09:01:22.0169 4812 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:01:22.0216 4812 intelppm - ok
09:01:22.0278 4812 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:01:22.0341 4812 IPBusEnum - ok
09:01:22.0403 4812 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:01:22.0465 4812 IpFilterDriver - ok
09:01:22.0606 4812 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:01:22.0668 4812 iphlpsvc - ok
09:01:22.0731 4812 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:01:22.0762 4812 IPMIDRV - ok
09:01:22.0793 4812 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:01:22.0855 4812 IPNAT - ok
09:01:22.0887 4812 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:01:22.0965 4812 IRENUM - ok
09:01:22.0996 4812 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:01:23.0027 4812 isapnp - ok
09:01:23.0089 4812 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:01:23.0121 4812 iScsiPrt - ok
09:01:23.0136 4812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:01:23.0152 4812 kbdclass - ok
09:01:23.0199 4812 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:01:23.0230 4812 kbdhid - ok
09:01:23.0245 4812 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:01:23.0261 4812 KeyIso - ok
09:01:23.0308 4812 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:01:23.0323 4812 KSecDD - ok
09:01:23.0370 4812 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:01:23.0386 4812 KSecPkg - ok
09:01:23.0401 4812 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:01:23.0433 4812 ksthunk - ok
09:01:23.0448 4812 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:01:23.0511 4812 KtmRm - ok
09:01:23.0557 4812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:01:23.0620 4812 LanmanServer - ok
09:01:23.0667 4812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:01:23.0745 4812 LanmanWorkstation - ok
09:01:23.0823 4812 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:01:23.0854 4812 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
09:01:23.0854 4812 LightScribeService - detected UnsignedFile.Multi.Generic (1)
09:01:23.0916 4812 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:01:23.0963 4812 lltdio - ok
09:01:23.0994 4812 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:01:24.0057 4812 lltdsvc - ok
09:01:24.0072 4812 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:01:24.0103 4812 lmhosts - ok
09:01:24.0244 4812 [ 8F2CFF01F12955477450DA5E572D4001 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
09:01:24.0259 4812 LMIGuardianSvc - ok
09:01:24.0291 4812 [ 0F28935ECF1FBDEC22BAF720A5A94564 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
09:01:24.0306 4812 LMIInfo - ok
09:01:24.0322 4812 [ CA86C7042E406070B905AE6CA45D22EA ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
09:01:24.0337 4812 LMIMaint - ok
09:01:24.0353 4812 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
09:01:24.0369 4812 lmimirr - ok
09:01:24.0384 4812 LMIRfsClientNP - ok
09:01:24.0400 4812 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
09:01:24.0415 4812 LMIRfsDriver - ok
09:01:24.0431 4812 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
09:01:24.0447 4812 LogMeIn - ok
09:01:24.0478 4812 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:01:24.0493 4812 LSI_FC - ok
09:01:24.0509 4812 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:01:24.0525 4812 LSI_SAS - ok
09:01:24.0540 4812 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:01:24.0556 4812 LSI_SAS2 - ok
09:01:24.0556 4812 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:01:24.0571 4812 LSI_SCSI - ok
09:01:24.0603 4812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:01:24.0649 4812 luafv - ok
09:01:24.0696 4812 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:01:24.0712 4812 MBAMProtector - ok
09:01:24.0759 4812 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:01:24.0774 4812 MBAMScheduler - ok
09:01:24.0805 4812 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:01:24.0821 4812 MBAMService - ok
09:01:24.0883 4812 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:01:24.0977 4812 Mcx2Svc - ok
09:01:25.0086 4812 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
09:01:25.0117 4812 MDM ( UnsignedFile.Multi.Generic ) - warning
09:01:25.0117 4812 MDM - detected UnsignedFile.Multi.Generic (1)
09:01:25.0149 4812 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:01:25.0180 4812 megasas - ok
09:01:25.0289 4812 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:01:25.0336 4812 MegaSR - ok
09:01:25.0351 4812 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:01:25.0414 4812 MMCSS - ok
09:01:25.0445 4812 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:01:25.0507 4812 Modem - ok
09:01:25.0539 4812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:01:25.0570 4812 monitor - ok
09:01:25.0632 4812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:01:25.0648 4812 mouclass - ok
09:01:25.0663 4812 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:01:25.0695 4812 mouhid - ok
09:01:25.0757 4812 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:01:25.0819 4812 mountmgr - ok
09:01:25.0897 4812 [ E6DB6C61739E18906DC2C4191F6EDEA2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:01:25.0913 4812 MozillaMaintenance - ok
09:01:25.0960 4812 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:01:25.0975 4812 MpFilter - ok
09:01:26.0007 4812 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:01:26.0022 4812 mpio - ok
09:01:26.0038 4812 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:01:26.0100 4812 mpsdrv - ok
09:01:26.0147 4812 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:01:26.0194 4812 MpsSvc - ok
09:01:26.0256 4812 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:01:26.0319 4812 MRxDAV - ok
09:01:26.0365 4812 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:01:26.0443 4812 mrxsmb - ok
09:01:26.0459 4812 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:01:26.0490 4812 mrxsmb10 - ok
09:01:26.0537 4812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:01:26.0553 4812 mrxsmb20 - ok
09:01:26.0584 4812 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:01:26.0599 4812 msahci - ok
09:01:26.0646 4812 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:01:26.0677 4812 msdsm - ok
09:01:26.0709 4812 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:01:26.0755 4812 MSDTC - ok
09:01:26.0787 4812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:01:26.0818 4812 Msfs - ok
09:01:26.0865 4812 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:01:26.0927 4812 mshidkmdf - ok
09:01:26.0989 4812 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:01:27.0005 4812 msisadrv - ok
09:01:27.0036 4812 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:01:27.0099 4812 MSiSCSI - ok
09:01:27.0099 4812 msiserver - ok
09:01:27.0145 4812 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:01:27.0177 4812 MSKSSRV - ok
09:01:27.0270 4812 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:01:27.0286 4812 MsMpSvc - ok
09:01:27.0317 4812 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:01:27.0364 4812 MSPCLOCK - ok
09:01:27.0379 4812 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:01:27.0442 4812 MSPQM - ok
09:01:27.0489 4812 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:01:27.0504 4812 MsRPC - ok
09:01:27.0535 4812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:01:27.0535 4812 mssmbios - ok
09:01:27.0567 4812 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:01:27.0613 4812 MSTEE - ok
09:01:27.0645 4812 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:01:27.0660 4812 MTConfig - ok
09:01:27.0676 4812 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:01:27.0691 4812 Mup - ok
09:01:27.0754 4812 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:01:27.0816 4812 napagent - ok
09:01:27.0847 4812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:01:27.0894 4812 NativeWifiP - ok
09:01:27.0988 4812 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:01:28.0003 4812 NDIS - ok
09:01:28.0019 4812 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:01:28.0050 4812 NdisCap - ok
09:01:28.0081 4812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:01:28.0113 4812 NdisTapi - ok
09:01:28.0144 4812 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:01:28.0191 4812 Ndisuio - ok
09:01:28.0237 4812 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:01:28.0300 4812 NdisWan - ok
09:01:28.0347 4812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:01:28.0409 4812 NDProxy - ok
09:01:28.0456 4812 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:01:28.0487 4812 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:01:28.0487 4812 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:01:28.0503 4812 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:01:28.0534 4812 NetBIOS - ok
09:01:28.0565 4812 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:01:28.0596 4812 NetBT - ok
09:01:28.0612 4812 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:01:28.0627 4812 Netlogon - ok
09:01:28.0674 4812 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:01:28.0737 4812 Netman - ok
09:01:28.0939 4812 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:01:29.0002 4812 NetMsmqActivator - ok
09:01:29.0002 4812 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:01:29.0017 4812 NetPipeActivator - ok
09:01:29.0049 4812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:01:29.0080 4812 netprofm - ok
09:01:29.0095 4812 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:01:29.0111 4812 NetTcpActivator - ok
09:01:29.0127 4812 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:01:29.0142 4812 NetTcpPortSharing - ok
09:01:29.0173 4812 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:01:29.0236 4812 nfrd960 - ok
09:01:29.0298 4812 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:01:29.0314 4812 NisDrv - ok
09:01:29.0345 4812 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:01:29.0361 4812 NisSrv - ok
09:01:29.0423 4812 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:01:29.0454 4812 NlaSvc - ok
09:01:29.0501 4812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:01:29.0532 4812 Npfs - ok
09:01:29.0563 4812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:01:29.0626 4812 nsi - ok
09:01:29.0657 4812 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:01:29.0719 4812 nsiproxy - ok
09:01:29.0985 4812 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:01:30.0047 4812 Ntfs - ok
09:01:30.0109 4812 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
09:01:30.0109 4812 NuidFltr - ok
09:01:30.0125 4812 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:01:30.0187 4812 Null - ok
09:01:30.0219 4812 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:01:30.0234 4812 nvraid - ok
09:01:30.0297 4812 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:01:30.0312 4812 nvstor - ok
09:01:30.0406 4812 [ 7C7EEF51979658CE15BBC04F96A77D56 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
09:01:30.0453 4812 nvstor64 - ok
09:01:30.0468 4812 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:01:30.0484 4812 nv_agp - ok
09:01:30.0624 4812 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:01:30.0655 4812 odserv - ok
09:01:30.0702 4812 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:01:30.0718 4812 ohci1394 - ok
09:01:30.0749 4812 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:01:30.0765 4812 ose - ok
09:01:30.0811 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:01:30.0874 4812 p2pimsvc - ok
09:01:30.0905 4812 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:01:30.0952 4812 p2psvc - ok
09:01:30.0983 4812 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:01:31.0014 4812 Parport - ok
09:01:31.0061 4812 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:01:31.0092 4812 partmgr - ok
09:01:31.0108 4812 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:01:31.0155 4812 PcaSvc - ok
09:01:31.0186 4812 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:01:31.0201 4812 pci - ok
09:01:31.0233 4812 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:01:31.0248 4812 pciide - ok
09:01:31.0311 4812 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:01:31.0342 4812 pcmcia - ok
09:01:31.0357 4812 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:01:31.0389 4812 pcw - ok
09:01:31.0404 4812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:01:31.0482 4812 PEAUTH - ok
09:01:31.0981 4812 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:01:32.0028 4812 PerfHost - ok
09:01:32.0106 4812 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:01:32.0200 4812 pla - ok
09:01:32.0309 4812 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:01:32.0387 4812 PlugPlay - ok
09:01:32.0418 4812 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:01:32.0449 4812 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:01:32.0449 4812 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:01:32.0481 4812 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:01:32.0496 4812 PNRPAutoReg - ok
09:01:32.0512 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:01:32.0527 4812 PNRPsvc - ok
09:01:32.0637 4812 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:01:32.0699 4812 PolicyAgent - ok
09:01:32.0746 4812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:01:32.0824 4812 Power - ok
09:01:32.0886 4812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:01:32.0917 4812 PptpMiniport - ok
09:01:32.0949 4812 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:01:32.0980 4812 Processor - ok
09:01:33.0027 4812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:01:33.0105 4812 ProfSvc - ok
09:01:33.0120 4812 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:01:33.0136 4812 ProtectedStorage - ok
09:01:33.0198 4812 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:01:33.0261 4812 Psched - ok
09:01:33.0323 4812 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:01:33.0354 4812 ql2300 - ok
09:01:33.0417 4812 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:01:33.0432 4812 ql40xx - ok
09:01:33.0463 4812 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:01:33.0479 4812 QWAVE - ok
09:01:33.0510 4812 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:01:33.0541 4812 QWAVEdrv - ok
09:01:33.0573 4812 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:01:33.0635 4812 RasAcd - ok
09:01:33.0697 4812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:01:33.0744 4812 RasAgileVpn - ok
09:01:33.0775 4812 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:01:33.0853 4812 RasAuto - ok
09:01:33.0900 4812 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:01:33.0931 4812 Rasl2tp - ok
09:01:33.0978 4812 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:01:34.0009 4812 RasMan - ok
09:01:34.0025 4812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:01:34.0056 4812 RasPppoe - ok
09:01:34.0087 4812 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:01:34.0150 4812 RasSstp - ok
09:01:34.0197 4812 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:01:34.0275 4812 rdbss - ok
09:01:34.0290 4812 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:01:34.0337 4812 rdpbus - ok
09:01:34.0353 4812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:01:34.0431 4812 RDPCDD - ok
09:01:34.0462 4812 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:01:34.0493 4812 RDPENCDD - ok
09:01:34.0509 4812 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:01:34.0540 4812 RDPREFMP - ok
09:01:34.0633 4812 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:01:34.0711 4812 RDPWD - ok
09:01:34.0743 4812 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:01:34.0758 4812 rdyboost - ok
09:01:34.0789 4812 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:01:34.0852 4812 RemoteAccess - ok
09:01:34.0914 4812 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:01:34.0961 4812 RemoteRegistry - ok
09:01:34.0992 4812 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:01:35.0008 4812 RimUsb - ok
09:01:35.0039 4812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:01:35.0101 4812 RpcEptMapper - ok
09:01:35.0133 4812 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:01:35.0195 4812 RpcLocator - ok
09:01:35.0273 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
09:01:35.0320 4812 RpcSs - ok
09:01:35.0367 4812 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:01:35.0429 4812 rspndr - ok
09:01:35.0460 4812 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:01:35.0523 4812 RTL8167 - ok
09:01:35.0538 4812 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:01:35.0554 4812 SamSs - ok
09:01:35.0585 4812 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:01:35.0616 4812 sbp2port - ok
09:01:35.0632 4812 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:01:35.0679 4812 SCardSvr - ok
09:01:35.0710 4812 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:01:35.0772 4812 scfilter - ok
09:01:35.0975 4812 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:01:36.0084 4812 Schedule - ok
09:01:36.0147 4812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:01:36.0178 4812 SCPolicySvc - ok
09:01:36.0240 4812 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:01:36.0318 4812 SDRSVC - ok
09:01:36.0365 4812 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:01:36.0427 4812 secdrv - ok
09:01:36.0474 4812 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:01:36.0537 4812 seclogon - ok
09:01:36.0568 4812 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:01:36.0615 4812 SENS - ok
09:01:36.0677 4812 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:01:36.0755 4812 SensrSvc - ok
09:01:36.0817 4812 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
09:01:37.0301 4812 Sentinel64 - ok
09:01:37.0332 4812 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:01:37.0363 4812 Serenum - ok
09:01:37.0395 4812 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:01:37.0457 4812 Serial - ok
09:01:37.0473 4812 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:01:37.0535 4812 sermouse - ok
09:01:37.0582 4812 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:01:37.0675 4812 SessionEnv - ok
09:01:37.0753 4812 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:01:37.0785 4812 sffdisk - ok
09:01:37.0816 4812 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:01:37.0847 4812 sffp_mmc - ok
09:01:37.0863 4812 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:01:37.0894 4812 sffp_sd - ok
09:01:37.0925 4812 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:01:37.0956 4812 sfloppy - ok
09:01:38.0019 4812 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:01:38.0081 4812 SharedAccess - ok
09:01:38.0143 4812 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:01:38.0206 4812 ShellHWDetection - ok
09:01:38.0221 4812 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:01:38.0284 4812 SiSRaid2 - ok
09:01:38.0315 4812 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:01:38.0346 4812 SiSRaid4 - ok
09:01:39.0220 4812 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:01:39.0298 4812 Skype C2C Service - ok
09:01:39.0407 4812 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:01:39.0438 4812 SkypeUpdate - ok
09:01:39.0469 4812 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:01:39.0501 4812 Smb - ok
09:01:39.0532 4812 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:01:39.0547 4812 SNMPTRAP - ok
09:01:39.0610 4812 [ BAECAF8945218EC7390BFE2277406354 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
09:01:39.0610 4812 SNTUSB64 - ok
09:01:39.0672 4812 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
09:01:39.0844 4812 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:01:39.0844 4812 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:01:39.0875 4812 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:01:39.0891 4812 spldr - ok
09:01:39.0937 4812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:01:40.0000 4812 Spooler - ok
09:01:40.0561 4812 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:01:40.0655 4812 sppsvc - ok
09:01:40.0686 4812 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:01:40.0733 4812 sppuinotify - ok
09:01:40.0842 4812 SQLANYs_SmpParts - ok
09:01:40.0951 4812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:01:41.0045 4812 srv - ok
09:01:41.0123 4812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:01:41.0170 4812 srv2 - ok
09:01:41.0185 4812 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:01:41.0232 4812 srvnet - ok
09:01:41.0279 4812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:01:41.0341 4812 SSDPSRV - ok
09:01:41.0357 4812 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:01:41.0388 4812 SstpSvc - ok
09:01:41.0482 4812 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:01:41.0497 4812 stexstor - ok
09:01:41.0529 4812 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:01:41.0560 4812 StillCam - ok
09:01:41.0607 4812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:01:41.0669 4812 stisvc - ok
09:01:41.0700 4812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:01:41.0716 4812 swenum - ok
09:01:41.0794 4812 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:01:41.0872 4812 swprv - ok
09:01:41.0965 4812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:01:42.0043 4812 SysMain - ok
09:01:42.0075 4812 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:01:42.0121 4812 TabletInputService - ok
09:01:42.0153 4812 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:01:42.0215 4812 TapiSrv - ok
09:01:42.0262 4812 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:01:42.0293 4812 TBS - ok
09:01:42.0371 4812 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:01:42.0433 4812 Tcpip - ok
09:01:42.0480 4812 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:01:42.0527 4812 TCPIP6 - ok
09:01:42.0574 4812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:01:42.0574 4812 tcpipreg - ok
09:01:42.0605 4812 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:01:42.0667 4812 TDPIPE - ok
09:01:42.0699 4812 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:01:42.0745 4812 TDTCP - ok
09:01:42.0792 4812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:01:42.0855 4812 tdx - ok
09:01:42.0901 4812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:01:42.0917 4812 TermDD - ok
09:01:43.0026 4812 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:01:43.0120 4812 TermService - ok
09:01:43.0135 4812 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:01:43.0151 4812 Themes - ok
09:01:43.0182 4812 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:01:43.0213 4812 THREADORDER - ok
09:01:43.0245 4812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:01:43.0307 4812 TrkWks - ok
09:01:43.0416 4812 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:01:43.0447 4812 TrustedInstaller - ok
09:01:43.0494 4812 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:01:43.0572 4812 tssecsrv - ok
09:01:43.0650 4812 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:01:43.0713 4812 TsUsbFlt - ok
09:01:43.0759 4812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:01:43.0822 4812 tunnel - ok
09:01:44.0274 4812 [ 7694DCA064D0B7E0D1A6972BB9C71B39 ] tvnserver C:\Users\BRIAN\AppData\Local\CrossLoop\tvnserver.exe
09:01:44.0477 4812 tvnserver ( UnsignedFile.Multi.Generic ) - warning
09:01:44.0477 4812 tvnserver - detected UnsignedFile.Multi.Generic (1)
09:01:44.0493 4812 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:01:44.0524 4812 uagp35 - ok
09:01:44.0617 4812 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:01:44.0695 4812 udfs - ok
09:01:44.0742 4812 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:01:44.0758 4812 UI0Detect - ok
09:01:44.0789 4812 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:01:44.0820 4812 uliagpkx - ok
09:01:44.0867 4812 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:01:44.0914 4812 umbus - ok
09:01:44.0945 4812 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:01:44.0992 4812 UmPass - ok
09:01:45.0039 4812 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:01:45.0101 4812 upnphost - ok
09:01:45.0195 4812 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:01:45.0226 4812 usbaudio - ok
09:01:45.0241 4812 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:01:45.0273 4812 usbccgp - ok
09:01:45.0304 4812 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:01:45.0319 4812 usbcir - ok
09:01:45.0335 4812 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:01:45.0366 4812 usbehci - ok
09:01:45.0413 4812 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:01:45.0429 4812 usbhub - ok
09:01:45.0460 4812 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:01:45.0475 4812 usbohci - ok
09:01:45.0507 4812 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:01:45.0553 4812 usbprint - ok
09:01:45.0585 4812 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:01:45.0616 4812 USBSTOR - ok
09:01:45.0663 4812 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:01:45.0709 4812 usbuhci - ok
09:01:45.0756 4812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:01:45.0834 4812 UxSms - ok
09:01:45.0881 4812 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:01:45.0897 4812 VaultSvc - ok
09:01:45.0928 4812 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:01:45.0943 4812 vdrvroot - ok
09:01:46.0006 4812 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:01:46.0053 4812 vds - ok
09:01:46.0068 4812 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:01:46.0084 4812 vga - ok
09:01:46.0099 4812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:01:46.0146 4812 VgaSave - ok
09:01:46.0193 4812 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:01:46.0209 4812 vhdmp - ok
09:01:46.0255 4812 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:01:46.0271 4812 viaide - ok
09:01:46.0287 4812 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:01:46.0302 4812 volmgr - ok
09:01:46.0349 4812 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:01:46.0380 4812 volmgrx - ok
09:01:46.0411 4812 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:01:46.0427 4812 volsnap - ok
09:01:46.0458 4812 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:01:46.0474 4812 vsmraid - ok
09:01:46.0692 4812 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:01:46.0786 4812 VSS - ok
09:01:46.0817 4812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:01:46.0848 4812 vwifibus - ok
09:01:46.0879 4812 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:01:46.0911 4812 vwififlt - ok
09:01:46.0942 4812 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:01:46.0989 4812 vwifimp - ok
09:01:47.0020 4812 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:01:47.0098 4812 W32Time - ok
09:01:47.0129 4812 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:01:47.0176 4812 WacomPen - ok
09:01:47.0223 4812 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:01:47.0285 4812 WANARP - ok
09:01:47.0316 4812 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:01:47.0347 4812 Wanarpv6 - ok
09:01:47.0394 4812 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:01:47.0441 4812 WatAdminSvc - ok
09:01:47.0659 4812 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:01:47.0706 4812 wbengine - ok
09:01:47.0722 4812 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:01:47.0737 4812 WbioSrvc - ok
09:01:47.0815 4812 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:01:47.0862 4812 wcncsvc - ok
09:01:47.0893 4812 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:01:47.0925 4812 WcsPlugInService - ok
09:01:47.0956 4812 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:01:47.0971 4812 Wd - ok
09:01:48.0003 4812 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:01:48.0034 4812 Wdf01000 - ok
09:01:48.0049 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:01:48.0143 4812 WdiServiceHost - ok
09:01:48.0159 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:01:48.0174 4812 WdiSystemHost - ok
09:01:48.0252 4812 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:01:48.0315 4812 WebClient - ok
09:01:48.0346 4812 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:01:48.0424 4812 Wecsvc - ok
09:01:48.0439 4812 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:01:48.0486 4812 wercplsupport - ok
09:01:48.0549 4812 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:01:48.0611 4812 WerSvc - ok
09:01:48.0642 4812 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:01:48.0673 4812 WfpLwf - ok
09:01:48.0705 4812 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:01:48.0720 4812 WIMMount - ok
09:01:48.0736 4812 WinDefend - ok
09:01:48.0751 4812 WinHttpAutoProxySvc - ok
09:01:48.0798 4812 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:01:48.0876 4812 Winmgmt - ok
09:01:49.0032 4812 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:01:49.0141 4812 WinRM - ok
09:01:49.0204 4812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:01:49.0266 4812 Wlansvc - ok
09:01:49.0344 4812 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:01:49.0360 4812 wlcrasvc - ok
09:01:49.0594 4812 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:01:49.0641 4812 wlidsvc - ok
09:01:49.0703 4812 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:01:49.0750 4812 WmiAcpi - ok
09:01:49.0875 4812 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:01:49.0921 4812 wmiApSrv - ok
09:01:49.0999 4812 WMPNetworkSvc - ok
09:01:50.0046 4812 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:01:50.0077 4812 WPCSvc - ok
09:01:50.0124 4812 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:01:50.0140 4812 WPDBusEnum - ok
09:01:50.0155 4812 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:01:50.0233 4812 ws2ifsl - ok
09:01:50.0249 4812 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:01:50.0296 4812 wscsvc - ok
09:01:50.0296 4812 WSearch - ok
09:01:50.0389 4812 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:01:50.0421 4812 wuauserv - ok
09:01:50.0483 4812 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:01:50.0545 4812 WudfPf - ok
09:01:50.0577 4812 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:01:50.0608 4812 WUDFRd - ok
09:01:50.0655 4812 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:01:50.0686 4812 wudfsvc - ok
09:01:50.0748 4812 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:01:50.0811 4812 WwanSvc - ok
09:01:50.0842 4812 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:01:50.0857 4812 YahooAUService - ok
09:01:50.0889 4812 ================ Scan global ===============================
09:01:50.0904 4812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:01:50.0935 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:01:50.0951 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:01:50.0967 4812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:01:51.0076 4812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:01:51.0076 4812 [Global] - ok
09:01:51.0076 4812 ================ Scan MBR ==================================
09:01:51.0091 4812 [ 49D5FEBD365C9F5CA5038AD661B01C12 ] \Device\Harddisk0\DR0
09:01:52.0511 4812 \Device\Harddisk0\DR0 - ok
09:01:52.0511 4812 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
09:01:52.0620 4812 \Device\Harddisk1\DR1 - ok
09:01:52.0620 4812 ================ Scan VBR ==================================
09:01:52.0636 4812 [ 2F4AFF096DEF36B989C7E886DB03AA7B ] \Device\Harddisk0\DR0\Partition1
09:01:52.0636 4812 \Device\Harddisk0\DR0\Partition1 - ok
09:01:52.0667 4812 [ AD846B9797576837D6FE819D2A724A0A ] \Device\Harddisk0\DR0\Partition2
09:01:52.0683 4812 \Device\Harddisk0\DR0\Partition2 - ok
09:01:52.0745 4812 [ 7656752BF671E58675D26081A015E806 ] \Device\Harddisk0\DR0\Partition3
09:01:52.0792 4812 \Device\Harddisk0\DR0\Partition3 - ok
09:01:52.0792 4812 [ 64C9BC92F93B573D3477B2E714A33554 ] \Device\Harddisk1\DR1\Partition1
09:01:52.0792 4812 \Device\Harddisk1\DR1\Partition1 - ok
09:01:52.0792 4812 ================ Scan active images ========================
09:01:52.0792 4812 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
09:01:52.0792 4812 C:\Windows\System32\drivers\crashdmp.sys - ok
09:01:52.0807 4812 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
09:01:52.0807 4812 C:\Windows\System32\drivers\atapi.sys - ok
09:01:52.0807 4812 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
09:01:52.0807 4812 C:\Windows\System32\drivers\Dumpata.sys - ok
09:01:52.0807 4812 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
09:01:52.0807 4812 C:\Windows\System32\drivers\dumpfve.sys - ok
09:01:52.0823 4812 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
09:01:52.0823 4812 C:\Windows\System32\drivers\beep.sys - ok
09:01:52.0823 4812 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
09:01:52.0823 4812 C:\Windows\System32\drivers\cdrom.sys - ok
09:01:52.0823 4812 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
09:01:52.0823 4812 C:\Windows\System32\drivers\null.sys - ok
09:01:52.0839 4812 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
09:01:52.0839 4812 C:\Windows\System32\drivers\videoprt.sys - ok
09:01:52.0839 4812 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
09:01:52.0839 4812 C:\Windows\System32\drivers\watchdog.sys - ok
09:01:52.0839 4812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
09:01:52.0839 4812 C:\Windows\System32\drivers\msfs.sys - ok
09:01:52.0839 4812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
09:01:52.0839 4812 C:\Windows\System32\drivers\npfs.sys - ok
09:01:52.0854 4812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
09:01:52.0854 4812 C:\Windows\System32\drivers\RDPCDD.sys - ok
09:01:52.0854 4812 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
09:01:52.0854 4812 C:\Windows\System32\drivers\RDPENCDD.sys - ok
09:01:52.0854 4812 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
09:01:52.0854 4812 C:\Windows\System32\drivers\RDPREFMP.sys - ok
09:01:52.0870 4812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
09:01:52.0870 4812 C:\Windows\System32\drivers\vga.sys - ok
09:01:52.0870 4812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
09:01:52.0870 4812 C:\Windows\System32\drivers\afd.sys - ok
09:01:52.0870 4812 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
09:01:52.0870 4812 C:\Windows\System32\drivers\tdi.sys - ok
09:01:52.0870 4812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
09:01:52.0870 4812 C:\Windows\System32\drivers\tdx.sys - ok
09:01:52.0885 4812 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
09:01:52.0885 4812 C:\Windows\System32\drivers\netbt.sys - ok
09:01:52.0885 4812 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
09:01:52.0885 4812 C:\Windows\System32\drivers\pacer.sys - ok
09:01:52.0885 4812 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
09:01:52.0885 4812 C:\Windows\System32\drivers\wfplwf.sys - ok
09:01:52.0901 4812 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
09:01:52.0901 4812 C:\Windows\System32\drivers\ws2ifsl.sys - ok
09:01:52.0901 4812 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
09:01:52.0901 4812 C:\Windows\System32\drivers\netbios.sys - ok
09:01:52.0901 4812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
09:01:52.0901 4812 C:\Windows\System32\drivers\termdd.sys - ok
09:01:52.0901 4812 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
09:01:52.0901 4812 C:\Windows\System32\drivers\vwififlt.sys - ok
09:01:52.0917 4812 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
09:01:52.0917 4812 C:\Windows\System32\drivers\wanarp.sys - ok
09:01:52.0917 4812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
09:01:52.0917 4812 C:\Windows\System32\drivers\discache.sys - ok
09:01:52.0917 4812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
09:01:52.0917 4812 C:\Windows\System32\drivers\mssmbios.sys - ok
09:01:52.0932 4812 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
09:01:52.0932 4812 C:\Windows\System32\drivers\nsiproxy.sys - ok
09:01:52.0932 4812 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
09:01:52.0932 4812 C:\Windows\System32\drivers\rdbss.sys - ok
09:01:52.0932 4812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
09:01:52.0932 4812 C:\Windows\System32\drivers\blbdrive.sys - ok
09:01:52.0948 4812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
09:01:52.0948 4812 C:\Windows\System32\drivers\dfsc.sys - ok
09:01:52.0948 4812 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
09:01:52.0948 4812 C:\Windows\System32\drivers\intelppm.sys - ok
09:01:52.0948 4812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
09:01:52.0948 4812 C:\Windows\System32\drivers\tunnel.sys - ok
09:01:52.0948 4812 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
09:01:52.0948 4812 C:\Windows\System32\ntdll.dll - ok
09:01:52.0963 4812 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
09:01:52.0963 4812 C:\Windows\System32\smss.exe - ok
09:01:52.0963 4812 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] C:\Windows\System32\drivers\igdkmd64.sys
09:01:52.0963 4812 C:\Windows\System32\drivers\igdkmd64.sys - ok
09:01:52.0963 4812 [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
09:01:52.0963 4812 C:\Windows\System32\drivers\dxgkrnl.sys - ok
09:01:52.0979 4812 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
09:01:52.0979 4812 C:\Windows\System32\drivers\dxgmms1.sys - ok
09:01:52.0979 4812 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
09:01:52.0979 4812 C:\Windows\System32\drivers\usbport.sys - ok
09:01:52.0979 4812 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
09:01:52.0979 4812 C:\Windows\System32\drivers\usbuhci.sys - ok
09:01:52.0979 4812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
09:01:52.0979 4812 C:\Windows\System32\drivers\hdaudbus.sys - ok
09:01:52.0995 4812 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
09:01:52.0995 4812 C:\Windows\System32\drivers\usbehci.sys - ok
09:01:52.0995 4812 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
09:01:52.0995 4812 C:\Windows\System32\autochk.exe - ok
09:01:52.0995 4812 [ E0FABC10635C670BD7D89FD214A405D7 ] C:\Windows\System32\drivers\athrx.sys
09:01:52.0995 4812 C:\Windows\System32\drivers\athrx.sys - ok
09:01:53.0010 4812 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
09:01:53.0010 4812 C:\Windows\System32\drivers\CompositeBus.sys - ok
09:01:53.0010 4812 [ 3B01789EE4EAEE97F5EB46B711387D5E ] C:\Windows\System32\drivers\Rt64win7.sys
09:01:53.0010 4812 C:\Windows\System32\drivers\Rt64win7.sys - ok
09:01:53.0010 4812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
09:01:53.0010 4812 C:\Windows\System32\drivers\vwifibus.sys - ok
09:01:53.0026 4812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
09:01:53.0026 4812 C:\Windows\System32\drivers\agilevpn.sys - ok
09:01:53.0026 4812 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
09:01:53.0026 4812 C:\Windows\System32\drivers\ks.sys - ok
09:01:53.0026 4812 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
09:01:53.0026 4812 C:\Windows\System32\drivers\ksthunk.sys - ok
09:01:53.0026 4812 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] C:\Windows\System32\drivers\lmimirr.sys
09:01:53.0026 4812 C:\Windows\System32\drivers\lmimirr.sys - ok
09:01:53.0041 4812 [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
09:01:53.0041 4812 C:\Windows\System32\drivers\serscan.sys - ok
09:01:53.0041 4812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
09:01:53.0041 4812 C:\Windows\System32\drivers\ndistapi.sys - ok
09:01:53.0041 4812 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
09:01:53.0041 4812 C:\Windows\System32\drivers\ndiswan.sys - ok
09:01:53.0057 4812 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
09:01:53.0057 4812 C:\Windows\System32\drivers\rasl2tp.sys - ok
09:01:53.0057 4812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
09:01:53.0057 4812 C:\Windows\System32\drivers\raspppoe.sys - ok
09:01:53.0057 4812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
09:01:53.0057 4812 C:\Windows\System32\drivers\kbdclass.sys - ok
09:01:53.0057 4812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
09:01:53.0057 4812 C:\Windows\System32\drivers\mouclass.sys - ok
09:01:53.0073 4812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
09:01:53.0073 4812 C:\Windows\System32\drivers\raspptp.sys - ok
09:01:53.0073 4812 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
09:01:53.0073 4812 C:\Windows\System32\drivers\rassstp.sys - ok
09:01:53.0073 4812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
09:01:53.0073 4812 C:\Windows\System32\drivers\swenum.sys - ok
09:01:53.0088 4812 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
09:01:53.0088 4812 C:\Windows\System32\drivers\umbus.sys - ok
09:01:53.0088 4812 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
09:01:53.0088 4812 C:\Windows\System32\drivers\usbhub.sys - ok
09:01:53.0088 4812 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
09:01:53.0088 4812 C:\Windows\System32\difxapi.dll - ok
09:01:53.0088 4812 [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
09:01:53.0088 4812 C:\Windows\System32\shell32.dll - ok
09:01:53.0104 4812 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
09:01:53.0104 4812 C:\Windows\System32\rpcrt4.dll - ok
09:01:53.0104 4812 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
09:01:53.0104 4812 C:\Windows\System32\sechost.dll - ok
09:01:53.0104 4812 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
09:01:53.0104 4812 C:\Windows\System32\comdlg32.dll - ok
09:01:53.0119 4812 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
09:01:53.0119 4812 C:\Windows\System32\imm32.dll - ok
09:01:53.0119 4812 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
09:01:53.0119 4812 C:\Windows\System32\kernel32.dll - ok
09:01:53.0119 4812 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
09:01:53.0119 4812 C:\Windows\System32\shlwapi.dll - ok
09:01:53.0119 4812 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
09:01:53.0119 4812 C:\Windows\System32\lpk.dll - ok
09:01:53.0135 4812 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
09:01:53.0135 4812 C:\Windows\System32\user32.dll - ok
09:01:53.0135 4812 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
09:01:53.0135 4812 C:\Windows\System32\oleaut32.dll - ok
09:01:53.0135 4812 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
09:01:53.0135 4812 C:\Windows\System32\ws2_32.dll - ok
09:01:53.0151 4812 [ 9E0D8010D7368856617D3FE0FA5DA58F ] C:\Windows\System32\iertutil.dll
09:01:53.0151 4812 C:\Windows\System32\iertutil.dll - ok
09:01:53.0151 4812 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
09:01:53.0151 4812 C:\Windows\System32\nsi.dll - ok
09:01:53.0151 4812 [ 792685A9538424CC1F3FA6A816FE147C ] C:\Windows\System32\urlmon.dll
09:01:53.0151 4812 C:\Windows\System32\urlmon.dll - ok
09:01:53.0151 4812 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
09:01:53.0151 4812 C:\Windows\System32\Wldap32.dll - ok
09:01:53.0166 4812 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
09:01:53.0166 4812 C:\Windows\System32\imagehlp.dll - ok
09:01:53.0166 4812 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
09:01:53.0166 4812 C:\Windows\System32\msctf.dll - ok
09:01:53.0166 4812 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
09:01:53.0166 4812 C:\Windows\System32\gdi32.dll - ok
09:01:53.0182 4812 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
09:01:53.0182 4812 C:\Windows\System32\clbcatq.dll - ok
09:01:53.0182 4812 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
09:01:53.0182 4812 C:\Windows\System32\usp10.dll - ok
09:01:53.0182 4812 [ FAF6EC2460AD5FBBD38D8E1AE28B0D77 ] C:\Windows\System32\wininet.dll
09:01:53.0182 4812 C:\Windows\System32\wininet.dll - ok
09:01:53.0182 4812 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
09:01:53.0182 4812 C:\Windows\System32\psapi.dll - ok
09:01:53.0197 4812 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
09:01:53.0197 4812 C:\Windows\System32\setupapi.dll - ok
09:01:53.0197 4812 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
09:01:53.0197 4812 C:\Windows\System32\advapi32.dll - ok
09:01:53.0197 4812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
09:01:53.0197 4812 C:\Windows\System32\drivers\ndproxy.sys - ok
09:01:53.0213 4812 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
09:01:53.0213 4812 C:\Windows\System32\drivers\drmk.sys - ok
09:01:53.0213 4812 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
09:01:53.0213 4812 C:\Windows\System32\drivers\portcls.sys - ok
09:01:53.0213 4812 [ EF75C94792187A143871FBB87611B0B7 ] C:\Windows\System32\drivers\RTKVHD64.sys
09:01:53.0213 4812 C:\Windows\System32\drivers\RTKVHD64.sys - ok
09:01:53.0213 4812 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
09:01:53.0213 4812 C:\Windows\System32\normaliz.dll - ok
09:01:53.0229 4812 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
09:01:53.0229 4812 C:\Windows\System32\ole32.dll - ok
09:01:53.0229 4812 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
09:01:53.0229 4812 C:\Windows\System32\msvcrt.dll - ok
09:01:53.0229 4812 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
09:01:53.0229 4812 C:\Windows\System32\devobj.dll - ok
09:01:53.0244 4812 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
09:01:53.0244 4812 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
09:01:53.0244 4812 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
09:01:53.0244 4812 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
09:01:53.0244 4812 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
09:01:53.0244 4812 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
09:01:53.0244 4812 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
09:01:53.0244 4812 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
09:01:53.0260 4812 [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
09:01:53.0260 4812 C:\Windows\System32\crypt32.dll - ok
09:01:53.0260 4812 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
09:01:53.0260 4812 C:\Windows\System32\KernelBase.dll - ok
09:01:53.0260 4812 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
09:01:53.0260 4812 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
09:01:53.0275 4812 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
09:01:53.0275 4812 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
09:01:53.0275 4812 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
09:01:53.0275 4812 C:\Windows\System32\cfgmgr32.dll - ok
09:01:53.0275 4812 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
09:01:53.0275 4812 C:\Windows\System32\wintrust.dll - ok
09:01:53.0291 4812 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
09:01:53.0291 4812 C:\Windows\System32\comctl32.dll - ok
09:01:53.0291 4812 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
09:01:53.0291 4812 C:\Windows\System32\msasn1.dll - ok
09:01:53.0291 4812 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
09:01:53.0291 4812 C:\Windows\System32\drivers\usbccgp.sys - ok
09:01:53.0291 4812 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
09:01:53.0291 4812 C:\Windows\System32\drivers\usbd.sys - ok
09:01:53.0307 4812 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
09:01:53.0307 4812 C:\Windows\System32\drivers\hidclass.sys - ok
09:01:53.0307 4812 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
09:01:53.0307 4812 C:\Windows\System32\drivers\hidparse.sys - ok
09:01:53.0307 4812 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
09:01:53.0307 4812 C:\Windows\System32\drivers\hidusb.sys - ok
09:01:53.0322 4812 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
09:01:53.0322 4812 C:\Windows\System32\drivers\kbdhid.sys - ok
09:01:53.0322 4812 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
09:01:53.0322 4812 C:\Windows\System32\drivers\USBSTOR.SYS - ok
09:01:53.0322 4812 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
09:01:53.0322 4812 C:\Windows\SysWOW64\normaliz.dll - ok
09:01:53.0322 4812 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
09:01:53.0322 4812 C:\Windows\System32\drivers\dxapi.sys - ok
09:01:53.0338 4812 [ 73601028E7C44154318AE91D2EB2EDB3 ] C:\Windows\System32\win32k.sys
09:01:53.0338 4812 C:\Windows\System32\win32k.sys - ok
09:01:53.0338 4812 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
09:01:53.0338 4812 C:\Windows\System32\csrsrv.dll - ok
09:01:53.0338 4812 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
09:01:53.0338 4812 C:\Windows\System32\csrss.exe - ok
09:01:53.0353 4812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
09:01:53.0353 4812 C:\Windows\System32\basesrv.dll - ok
09:01:53.0353 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
09:01:53.0353 4812 C:\Windows\System32\winsrv.dll - ok
09:01:53.0353 4812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
09:01:53.0353 4812 C:\Windows\System32\drivers\monitor.sys - ok
09:01:53.0353 4812 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
09:01:53.0353 4812 C:\Windows\System32\drivers\mouhid.sys - ok
09:01:53.0369 4812 [ D4012918D3A3847B44B888D56BC095D6 ] C:\Windows\System32\drivers\nuidfltr.sys
09:01:53.0369 4812 C:\Windows\System32\drivers\nuidfltr.sys - ok
09:01:53.0369 4812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
09:01:53.0369 4812 C:\Windows\System32\sxssrv.dll - ok
09:01:53.0369 4812 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
09:01:53.0369 4812 C:\Windows\System32\tsddd.dll - ok
09:01:53.0385 4812 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
09:01:53.0385 4812 C:\Windows\System32\wininit.exe - ok
09:01:53.0385 4812 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
09:01:53.0385 4812 C:\Windows\System32\cdd.dll - ok
09:01:53.0385 4812 [ 0F5CD07A098D6A5989019CC377722989 ] C:\Windows\System32\KBDCA.DLL
09:01:53.0385 4812 C:\Windows\System32\KBDCA.DLL - ok
09:01:53.0385 4812 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
09:01:53.0385 4812 C:\Windows\System32\profapi.dll - ok
09:01:53.0400 4812 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
09:01:53.0400 4812 C:\Windows\System32\RpcRtRemote.dll - ok
09:01:53.0400 4812 [ 283C64A094A763C2F3DE2C926AEAE8CD ] C:\Windows\System32\KBDCAN.DLL
09:01:53.0400 4812 C:\Windows\System32\KBDCAN.DLL - ok
09:01:53.0400 4812 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
09:01:53.0400 4812 C:\Windows\System32\KBDUS.DLL - ok
09:01:53.0416 4812 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
09:01:53.0416 4812 C:\Windows\System32\sxs.dll - ok
09:01:53.0416 4812 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
09:01:53.0416 4812 C:\Windows\System32\WlS0WndH.dll - ok
09:01:53.0416 4812 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
09:01:53.0416 4812 C:\Windows\System32\cryptbase.dll - ok
09:01:53.0431 4812 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
09:01:53.0431 4812 C:\Windows\System32\apphelp.dll - ok
09:01:53.0431 4812 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
09:01:53.0431 4812 C:\Windows\System32\lsasrv.dll - ok
09:01:53.0431 4812 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
09:01:53.0431 4812 C:\Windows\System32\lsass.exe - ok
09:01:53.0431 4812 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
09:01:53.0431 4812 C:\Windows\System32\lsm.exe - ok
09:01:53.0447 4812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
09:01:53.0447 4812 C:\Windows\System32\services.exe - ok
09:01:53.0447 4812 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
09:01:53.0447 4812 C:\Windows\System32\sspisrv.dll - ok
09:01:53.0447 4812 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
09:01:53.0447 4812 C:\Windows\System32\sspicli.dll - ok
09:01:53.0447 4812 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
09:01:53.0447 4812 C:\Windows\System32\scesrv.dll - ok
09:01:53.0463 4812 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
09:01:53.0463 4812 C:\Windows\System32\scext.dll - ok
09:01:53.0463 4812 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
09:01:53.0463 4812 C:\Windows\System32\secur32.dll - ok
09:01:53.0463 4812 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
09:01:53.0463 4812 C:\Windows\System32\sysntfy.dll - ok
09:01:53.0478 4812 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
09:01:53.0478 4812 C:\Windows\System32\wmsgapi.dll - ok
09:01:53.0478 4812 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
09:01:53.0478 4812 C:\Windows\System32\samsrv.dll - ok
09:01:53.0478 4812 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
09:01:53.0478 4812 C:\Windows\System32\srvcli.dll - ok
09:01:53.0494 4812 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
09:01:53.0494 4812 C:\Windows\System32\cryptdll.dll - ok
09:01:53.0494 4812 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
09:01:53.0494 4812 C:\Windows\System32\wevtapi.dll - ok
09:01:53.0494 4812 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
09:01:53.0494 4812 C:\Windows\System32\authz.dll - ok
09:01:53.0494 4812 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
09:01:53.0494 4812 C:\Windows\System32\cngaudit.dll - ok
09:01:53.0509 4812 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
09:01:53.0509 4812 C:\Windows\System32\ncrypt.dll - ok
09:01:53.0509 4812 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
09:01:53.0509 4812 C:\Windows\System32\bcrypt.dll - ok
09:01:53.0509 4812 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
09:01:53.0509 4812 C:\Windows\System32\msprivs.dll - ok
09:01:53.0525 4812 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
09:01:53.0525 4812 C:\Windows\System32\negoexts.dll - ok
09:01:53.0525 4812 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
09:01:53.0525 4812 C:\Windows\System32\netjoin.dll - ok
09:01:53.0525 4812 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
09:01:53.0525 4812 C:\Windows\System32\kerberos.dll - ok
09:01:53.0525 4812 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
09:01:53.0525 4812 C:\Windows\System32\atmfd.dll - ok
09:01:53.0541 4812 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
09:01:53.0541 4812 C:\Windows\System32\cryptsp.dll - ok
09:01:53.0541 4812 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
09:01:53.0541 4812 C:\Windows\System32\mswsock.dll - ok
09:01:53.0541 4812 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
09:01:53.0541 4812 C:\Windows\System32\msv1_0.dll - ok
09:01:53.0556 4812 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
09:01:53.0556 4812 C:\Windows\System32\wship6.dll - ok
09:01:53.0556 4812 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
09:01:53.0556 4812 C:\Windows\System32\netlogon.dll - ok
09:01:53.0556 4812 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
09:01:53.0556 4812 C:\Windows\System32\dnsapi.dll - ok
09:01:53.0556 4812 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
09:01:53.0556 4812 C:\Windows\System32\logoncli.dll - ok
09:01:53.0572 4812 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
09:01:53.0572 4812 C:\Windows\System32\schannel.dll - ok
09:01:53.0572 4812 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
09:01:53.0572 4812 C:\Windows\System32\wdigest.dll - ok
09:01:53.0572 4812 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
09:01:53.0572 4812 C:\Windows\System32\rsaenh.dll - ok
09:01:53.0587 4812 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
09:01:53.0587 4812 C:\Windows\System32\TSpkg.dll - ok
09:01:53.0587 4812 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
09:01:53.0587 4812 C:\Windows\System32\LIVESSP.DLL - ok
09:01:53.0587 4812 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
09:01:53.0587 4812 C:\Windows\System32\pku2u.dll - ok
09:01:53.0587 4812 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
09:01:53.0587 4812 C:\Windows\System32\bcryptprimitives.dll - ok
09:01:53.0603 4812 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
09:01:53.0603 4812 C:\Windows\System32\winlogon.exe - ok
09:01:53.0603 4812 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
09:01:53.0603 4812 C:\Windows\System32\winsta.dll - ok
09:01:53.0603 4812 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
09:01:53.0603 4812 C:\Windows\System32\credssp.dll - ok
09:01:53.0619 4812 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
09:01:53.0619 4812 C:\Windows\System32\efslsaext.dll - ok
09:01:53.0619 4812 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
09:01:53.0619 4812 C:\Windows\System32\scecli.dll - ok
09:01:53.0619 4812 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
09:01:53.0619 4812 C:\Windows\System32\ubpm.dll - ok
09:01:53.0634 4812 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
09:01:53.0634 4812 C:\Windows\System32\svchost.exe - ok
09:01:53.0634 4812 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
09:01:53.0634 4812 C:\Windows\System32\umpnpmgr.dll - ok
09:01:53.0634 4812 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
09:01:53.0634 4812 C:\Windows\System32\SPInf.dll - ok
09:01:53.0634 4812 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
09:01:53.0634 4812 C:\Windows\System32\devrtl.dll - ok
09:01:53.0650 4812 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
09:01:53.0650 4812 C:\Windows\System32\userenv.dll - ok
09:01:53.0650 4812 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
09:01:53.0650 4812 C:\Windows\System32\gpapi.dll - ok
09:01:53.0650 4812 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
09:01:53.0650 4812 C:\Windows\System32\pcwum.dll - ok
09:01:53.0665 4812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
09:01:53.0665 4812 C:\Windows\System32\umpo.dll - ok
09:01:53.0665 4812 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
09:01:53.0665 4812 C:\Windows\System32\powrprof.dll - ok
09:01:53.0665 4812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
09:01:53.0665 4812 C:\Windows\System32\drivers\luafv.sys - ok
09:01:53.0665 4812 [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
09:01:53.0665 4812 C:\Windows\System32\drivers\mbam.sys - ok
09:01:53.0681 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
09:01:53.0681 4812 C:\Windows\System32\rpcss.dll - ok
09:01:53.0681 4812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
09:01:53.0681 4812 C:\Windows\System32\RpcEpMap.dll - ok
09:01:53.0681 4812 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:01:53.0681 4812 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
09:01:53.0697 4812 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
09:01:53.0697 4812 C:\Windows\System32\wshqos.dll - ok
09:01:53.0697 4812 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
09:01:53.0697 4812 C:\Windows\System32\WSHTCPIP.DLL - ok
09:01:53.0697 4812 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
09:01:53.0697 4812 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
09:01:53.0697 4812 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
09:01:53.0697 4812 C:\Windows\System32\FirewallAPI.dll - ok
09:01:53.0712 4812 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
09:01:53.0712 4812 C:\Windows\System32\LogonUI.exe - ok
09:01:53.0712 4812 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
09:01:53.0712 4812 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
09:01:53.0712 4812 [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
09:01:53.0712 4812 C:\Windows\System32\authui.dll - ok
09:01:53.0712 4812 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
09:01:53.0728 4812 C:\Windows\System32\version.dll - ok
09:01:53.0728 4812 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
09:01:53.0728 4812 C:\Windows\System32\wtsapi32.dll - ok
09:01:53.0728 4812 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
09:01:53.0728 4812 C:\Windows\System32\ntmarta.dll - ok
09:01:53.0728 4812 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
09:01:53.0728 4812 C:\Windows\System32\cryptui.dll - ok
09:01:53.0743 4812 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
09:01:53.0743 4812 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
09:01:53.0743 4812 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
09:01:53.0743 4812 C:\Windows\System32\samlib.dll - ok
09:01:53.0743 4812 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
09:01:53.0743 4812 C:\Windows\System32\shacct.dll - ok
09:01:53.0759 4812 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
09:01:53.0759 4812 C:\Windows\System32\propsys.dll - ok
09:01:53.0759 4812 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
09:01:53.0759 4812 C:\Windows\System32\uxtheme.dll - ok
09:01:53.0759 4812 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
09:01:53.0759 4812 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
09:01:53.0759 4812 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
09:01:53.0759 4812 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
09:01:53.0775 4812 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
09:01:53.0775 4812 C:\Windows\System32\dui70.dll - ok
09:01:53.0775 4812 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
09:01:53.0775 4812 C:\Windows\System32\duser.dll - ok
09:01:53.0775 4812 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
09:01:53.0775 4812 C:\Windows\System32\wevtsvc.dll - ok
09:01:53.0790 4812 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
09:01:53.0790 4812 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
09:01:53.0790 4812 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
09:01:53.0790 4812 C:\Windows\System32\fltLib.dll - ok
09:01:53.0790 4812 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
09:01:53.0790 4812 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
09:01:53.0790 4812 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
09:01:53.0806 4812 C:\Windows\System32\drivers\MpFilter.sys - ok
09:01:53.0806 4812 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
09:01:53.0806 4812 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
09:01:53.0806 4812 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
09:01:53.0806 4812 C:\Windows\System32\SndVolSSO.dll - ok
09:01:53.0806 4812 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
09:01:53.0806 4812 C:\Windows\System32\hid.dll - ok
09:01:53.0821 4812 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
09:01:53.0821 4812 C:\Windows\System32\MMDevAPI.dll - ok
09:01:53.0821 4812 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
09:01:53.0821 4812 C:\Windows\System32\dwmapi.dll - ok
09:01:53.0821 4812 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
09:01:53.0821 4812 C:\Windows\System32\xmllite.dll - ok
09:01:53.0837 4812 [ 5C00818741B2A76EB09AF08A5362277E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85EA3D45-E8B1-4077-BE6E-0DFB4F1BB23B}\mpengine.dll
09:01:53.0837 4812 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85EA3D45-E8B1-4077-BE6E-0DFB4F1BB23B}\mpengine.dll - ok
09:01:53.0837 4812 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
09:01:53.0837 4812 C:\Windows\System32\WindowsCodecs.dll - ok
09:01:53.0837 4812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
09:01:53.0837 4812 C:\Windows\System32\wlansvc.dll - ok
09:01:53.0837 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
09:01:53.0837 4812 C:\Windows\System32\audiosrv.dll - ok
09:01:53.0853 4812 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
09:01:53.0853 4812 C:\Windows\System32\FntCache.dll - ok
09:01:53.0853 4812 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
09:01:53.0853 4812 C:\Windows\System32\avrt.dll - ok
09:01:53.0853 4812 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
09:01:53.0853 4812 C:\Windows\System32\mmcss.dll - ok
09:01:53.0868 4812 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
09:01:53.0868 4812 C:\Windows\System32\adtschema.dll - ok
09:01:53.0868 4812 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
09:01:53.0868 4812 C:\Windows\System32\VaultCredProvider.dll - ok
09:01:53.0868 4812 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
09:01:53.0868 4812 C:\Windows\System32\winbrand.dll - ok
09:01:53.0868 4812 [ 1B61AB6F60BA3EE3BAE852F682029C07 ] C:\Windows\System32\LMIinit.dll
09:01:53.0868 4812 C:\Windows\System32\LMIinit.dll - ok
09:01:53.0884 4812 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
09:01:53.0884 4812 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
09:01:53.0884 4812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
09:01:53.0884 4812 C:\Windows\System32\netprofm.dll - ok
09:01:53.0884 4812 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
09:01:53.0884 4812 C:\Windows\System32\BioCredProv.dll - ok
09:01:53.0899 4812 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
09:01:53.0899 4812 C:\Windows\System32\credui.dll - ok
09:01:53.0899 4812 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
09:01:53.0899 4812 C:\Windows\System32\winbio.dll - ok
09:01:53.0899 4812 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
09:01:53.0899 4812 C:\Windows\System32\netapi32.dll - ok
09:01:53.0915 4812 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
09:01:53.0915 4812 C:\Windows\System32\vaultcli.dll - ok
09:01:53.0915 4812 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
09:01:53.0915 4812 C:\Windows\System32\audiodg.exe - ok
09:01:53.0915 4812 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
09:01:53.0915 4812 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
09:01:53.0915 4812 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
09:01:53.0915 4812 C:\Windows\System32\netutils.dll - ok
09:01:53.0931 4812 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
09:01:53.0931 4812 C:\Windows\System32\wkscli.dll - ok
09:01:53.0931 4812 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
09:01:53.0931 4812 C:\Windows\System32\WUDFPlatform.dll - ok
09:01:53.0931 4812 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
09:01:53.0931 4812 C:\Windows\System32\samcli.dll - ok
09:01:53.0946 4812 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
09:01:53.0946 4812 C:\Windows\System32\certCredProvider.dll - ok
09:01:53.0946 4812 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
09:01:53.0946 4812 C:\Windows\System32\MPSSVC.dll - ok
09:01:53.0946 4812 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
09:01:53.0946 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
09:01:53.0946 4812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
09:01:53.0946 4812 C:\Windows\System32\gpsvc.dll - ok
09:01:53.0962 4812 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
09:01:53.0962 4812 C:\Windows\System32\drivers\fltMgr.sys - ok
09:01:53.0962 4812 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
09:01:53.0962 4812 C:\Windows\System32\winmm.dll - ok
09:01:53.0962 4812 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
09:01:53.0962 4812 C:\Windows\System32\provsvc.dll - ok
09:01:53.0977 4812 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
09:01:53.0977 4812 C:\Windows\System32\PSHED.DLL - ok
09:01:53.0977 4812 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
09:01:53.0977 4812 C:\Windows\System32\rasplap.dll - ok
09:01:53.0977 4812 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
09:01:53.0977 4812 C:\Windows\System32\nlaapi.dll - ok
09:01:53.0977 4812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
09:01:53.0977 4812 C:\Windows\System32\profsvc.dll - ok
09:01:53.0993 4812 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
09:01:53.0993 4812 C:\Windows\System32\themeservice.dll - ok
09:01:53.0993 4812 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
09:01:53.0993 4812 C:\Windows\System32\atl.dll - ok
09:01:53.0993 4812 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
09:01:53.0993 4812 C:\Windows\System32\dsrole.dll - ok
09:01:54.0009 4812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
09:01:54.0009 4812 C:\Windows\System32\es.dll - ok
09:01:54.0009 4812 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
09:01:54.0009 4812 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
09:01:54.0009 4812 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
09:01:54.0009 4812 C:\Windows\System32\slc.dll - ok
09:01:54.0009 4812 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
09:01:54.0009 4812 C:\Windows\System32\rasapi32.dll - ok
09:01:54.0024 4812 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
09:01:54.0024 4812 C:\Windows\System32\rasman.dll - ok
09:01:54.0024 4812 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
09:01:54.0024 4812 C:\Windows\System32\rtutils.dll - ok
09:01:54.0024 4812 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
09:01:54.0024 4812 C:\Windows\System32\wdmaud.drv - ok
09:01:54.0024 4812 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
09:01:54.0024 4812 C:\Windows\System32\comres.dll - ok
09:01:54.0040 4812 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
09:01:54.0040 4812 C:\Windows\System32\drivers\lltdio.sys - ok
09:01:54.0040 4812 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
09:01:54.0040 4812 C:\Windows\System32\ksuser.dll - ok
09:01:54.0040 4812 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
09:01:54.0040 4812 C:\Windows\System32\Sens.dll - ok
09:01:54.0055 4812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
09:01:54.0055 4812 C:\Windows\System32\uxsms.dll - ok
09:01:54.0055 4812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
09:01:54.0055 4812 C:\Windows\System32\drivers\nwifi.sys - ok
09:01:54.0055 4812 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
09:01:54.0055 4812 C:\Windows\System32\UXInit.dll - ok
09:01:54.0055 4812 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
09:01:54.0055 4812 C:\Windows\System32\drivers\ndisuio.sys - ok
09:01:54.0071 4812 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
09:01:54.0071 4812 C:\Windows\System32\drivers\rspndr.sys - ok
09:01:54.0071 4812 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
09:01:54.0071 4812 C:\Windows\System32\IPHLPAPI.DLL - ok
09:01:54.0071 4812 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
09:01:54.0071 4812 C:\Windows\System32\lmhsvc.dll - ok
09:01:54.0087 4812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
09:01:54.0087 4812 C:\Windows\System32\nsisvc.dll - ok
09:01:54.0087 4812 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
09:01:54.0087 4812 C:\Windows\System32\oleacc.dll - ok
09:01:54.0087 4812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
09:01:54.0087 4812 C:\Windows\System32\dhcpcore.dll - ok
09:01:54.0102 4812 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
09:01:54.0102 4812 C:\Windows\System32\nrpsrv.dll - ok
09:01:54.0102 4812 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
09:01:54.0102 4812 C:\Windows\System32\winnsi.dll - ok
09:01:54.0102 4812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
09:01:54.0102 4812 C:\Windows\System32\dnsrslvr.dll - ok
09:01:54.0102 4812 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
09:01:54.0102 4812 C:\Windows\System32\eapphost.dll - ok
09:01:54.0118 4812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
09:01:54.0118 4812 C:\Windows\System32\eapsvc.dll - ok
09:01:54.0118 4812 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
09:01:54.0118 4812 C:\Windows\System32\keyiso.dll - ok
09:01:54.0118 4812 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
09:01:54.0118 4812 C:\Windows\System32\dhcpcore6.dll - ok
09:01:54.0133 4812 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
09:01:54.0133 4812 C:\Windows\System32\FWPUCLNT.DLL - ok
09:01:54.0133 4812 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
09:01:54.0133 4812 C:\Windows\System32\UIAutomationCore.dll - ok
09:01:54.0133 4812 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
09:01:54.0133 4812 C:\Windows\System32\umb.dll - ok
09:01:54.0133 4812 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
09:01:54.0133 4812 C:\Windows\System32\wlanmsm.dll - ok
09:01:54.0149 4812 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
09:01:54.0149 4812 C:\Windows\System32\dhcpcsvc.dll - ok
09:01:54.0149 4812 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
09:01:54.0149 4812 C:\Windows\System32\dnsext.dll - ok
09:01:54.0149 4812 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
09:01:54.0149 4812 C:\Windows\System32\onex.dll - ok
09:01:54.0165 4812 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
09:01:54.0165 4812 C:\Windows\System32\wlansec.dll - ok
09:01:54.0165 4812 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
09:01:54.0165 4812 C:\Windows\System32\eappprxy.dll - ok
09:01:54.0165 4812 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
09:01:54.0165 4812 C:\Windows\System32\dhcpcsvc6.dll - ok
09:01:54.0165 4812 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
09:01:54.0165 4812 C:\Windows\System32\eappcfg.dll - ok
09:01:54.0180 4812 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
09:01:54.0180 4812 C:\Windows\System32\AudioSes.dll - ok
09:01:54.0180 4812 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
09:01:54.0180 4812 C:\Windows\System32\l2gpstore.dll - ok
09:01:54.0180 4812 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
09:01:54.0180 4812 C:\Windows\System32\WinSCard.dll - ok
09:01:54.0196 4812 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
09:01:54.0196 4812 C:\Windows\System32\wlanutil.dll - ok
09:01:54.0196 4812 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
09:01:54.0196 4812 C:\Windows\System32\wlgpclnt.dll - ok
09:01:54.0196 4812 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
09:01:54.0196 4812 C:\Windows\System32\msacm32.dll - ok
09:01:54.0196 4812 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
09:01:54.0196 4812 C:\Windows\System32\msacm32.drv - ok
09:01:54.0211 4812 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
09:01:54.0211 4812 C:\Windows\System32\msxml6.dll - ok
09:01:54.0211 4812 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
09:01:54.0211 4812 C:\Windows\System32\midimap.dll - ok
09:01:54.0211 4812 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
09:01:54.0211 4812 C:\Windows\System32\AudioEng.dll - ok
09:01:54.0227 4812 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
09:01:54.0227 4812 C:\Windows\System32\AUDIOKSE.dll - ok
09:01:54.0227 4812 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
09:01:54.0227 4812 C:\Windows\System32\msimg32.dll - ok
09:01:54.0227 4812 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
09:01:54.0227 4812 C:\Windows\System32\shsvcs.dll - ok
09:01:54.0227 4812 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
09:01:54.0227 4812 C:\Windows\System32\imageres.dll - ok
09:01:54.0243 4812 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
09:01:54.0243 4812 C:\Windows\System32\netcfgx.dll - ok
09:01:54.0243 4812 [ C3EB845FB0BEDE92462FF0420C0EC3BB ] C:\Windows\System32\RtkAPO64.dll
09:01:54.0243 4812 C:\Windows\System32\RtkAPO64.dll - ok
09:01:54.0243 4812 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
09:01:54.0243 4812 C:\Windows\System32\drivers\vwifimp.sys - ok
09:01:54.0258 4812 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
09:01:54.0258 4812 C:\Windows\System32\schedsvc.dll - ok
09:01:54.0258 4812 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
09:01:54.0258 4812 C:\Windows\System32\ktmw32.dll - ok
09:01:54.0258 4812 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
09:01:54.0258 4812 C:\Windows\System32\WMALFXGFXDSP.dll - ok
09:01:54.0258 4812 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
09:01:54.0258 4812 C:\Windows\System32\fveapi.dll - ok
09:01:54.0274 4812 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
09:01:54.0274 4812 C:\Windows\System32\fvecerts.dll - ok
09:01:54.0274 4812 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
09:01:54.0274 4812 C:\Windows\System32\taskcomp.dll - ok
09:01:54.0274 4812 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
09:01:54.0274 4812 C:\Windows\System32\tbs.dll - ok
09:01:54.0289 4812 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
09:01:54.0289 4812 C:\Windows\System32\mfplat.dll - ok
09:01:54.0289 4812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
09:01:54.0289 4812 C:\Windows\System32\drivers\http.sys - ok
09:01:54.0289 4812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
09:01:54.0289 4812 C:\Windows\System32\spoolsv.exe - ok
09:01:54.0289 4812 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
09:01:54.0289 4812 C:\Windows\System32\BFE.DLL - ok
09:01:54.0305 4812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
09:01:54.0305 4812 C:\Windows\System32\drivers\bowser.sys - ok
09:01:54.0305 4812 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
09:01:54.0305 4812 C:\Windows\System32\drivers\cdfs.sys - ok
09:01:54.0305 4812 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
09:01:54.0305 4812 C:\Windows\System32\drivers\mpsdrv.sys - ok
09:01:54.0321 4812 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
09:01:54.0321 4812 C:\Windows\System32\drivers\mrxsmb.sys - ok
09:01:54.0321 4812 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
09:01:54.0321 4812 C:\Windows\System32\drivers\mrxsmb10.sys - ok
09:01:54.0321 4812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
09:01:54.0321 4812 C:\Windows\System32\drivers\mrxsmb20.sys - ok
09:01:54.0321 4812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
09:01:54.0321 4812 C:\Windows\System32\wkssvc.dll - ok
09:01:54.0336 4812 [ 255476B54C82A89416EFDF09FD62F107 ] C:\Windows\System32\drivers\sentinel64.sys
09:01:54.0336 4812 C:\Windows\System32\drivers\sentinel64.sys - ok
09:01:54.0336 4812 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
09:01:54.0336 4812 C:\Windows\System32\wfapigp.dll - ok
09:01:54.0336 4812 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
09:01:54.0336 4812 C:\Windows\System32\mscms.dll - ok
09:01:54.0352 4812 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
09:01:54.0352 4812 C:\Windows\System32\pcasvc.dll - ok
09:01:54.0352 4812 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
09:01:54.0352 4812 C:\Windows\System32\wiarpc.dll - ok
09:01:54.0352 4812 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:01:54.0352 4812 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
09:01:54.0352 4812 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
09:01:54.0352 4812 C:\Windows\System32\actxprxy.dll - ok
09:01:54.0367 4812 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
09:01:54.0367 4812 C:\Windows\SysWOW64\ntdll.dll - ok
09:01:54.0367 4812 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
09:01:54.0367 4812 C:\Windows\System32\snmptrap.exe - ok
09:01:54.0367 4812 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
09:01:54.0367 4812 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
09:01:54.0383 4812 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
09:01:54.0383 4812 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
09:01:54.0383 4812 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
09:01:54.0383 4812 C:\Windows\System32\wow64.dll - ok
09:01:54.0383 4812 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
09:01:54.0383 4812 C:\Windows\System32\sstpsvc.dll - ok
09:01:54.0383 4812 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
09:01:54.0383 4812 C:\Windows\System32\wow64win.dll - ok
09:01:54.0399 4812 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
09:01:54.0399 4812 C:\Windows\System32\wow64cpu.dll - ok
09:01:54.0399 4812 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
09:01:54.0399 4812 C:\Windows\SysWOW64\kernel32.dll - ok
09:01:54.0399 4812 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
09:01:54.0399 4812 C:\Windows\SysWOW64\KernelBase.dll - ok
09:01:54.0414 4812 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
09:01:54.0414 4812 C:\Windows\SysWOW64\user32.dll - ok
09:01:54.0414 4812 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
09:01:54.0414 4812 C:\Windows\SysWOW64\gdi32.dll - ok
09:01:54.0414 4812 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
09:01:54.0414 4812 C:\Windows\SysWOW64\lpk.dll - ok
09:01:54.0414 4812 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
09:01:54.0430 4812 C:\Windows\SysWOW64\msvcrt.dll - ok
09:01:54.0430 4812 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
09:01:54.0430 4812 C:\Windows\SysWOW64\usp10.dll - ok
09:01:54.0430 4812 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
09:01:54.0430 4812 C:\Windows\SysWOW64\advapi32.dll - ok
09:01:54.0430 4812 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
09:01:54.0430 4812 C:\Windows\SysWOW64\rpcrt4.dll - ok
09:01:54.0445 4812 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
09:01:54.0445 4812 C:\Windows\SysWOW64\sechost.dll - ok
09:01:54.0445 4812 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
09:01:54.0445 4812 C:\Windows\SysWOW64\cryptbase.dll - ok
09:01:54.0445 4812 [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
09:01:54.0445 4812 C:\Windows\SysWOW64\shell32.dll - ok
09:01:54.0461 4812 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
09:01:54.0461 4812 C:\Windows\SysWOW64\sspicli.dll - ok
09:01:54.0461 4812 [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe
09:01:54.0461 4812 C:\Windows\System32\mpnotify.exe - ok
09:01:54.0461 4812 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
09:01:54.0461 4812 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
09:01:54.0461 4812 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
09:01:54.0461 4812 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
09:01:54.0477 4812 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
09:01:54.0477 4812 C:\Windows\System32\conhost.exe - ok
09:01:54.0477 4812 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
09:01:54.0477 4812 C:\Windows\System32\wscapi.dll - ok
09:01:54.0477 4812 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
09:01:54.0477 4812 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
09:01:54.0492 4812 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
09:01:54.0492 4812 C:\Windows\System32\cabinet.dll - ok
09:01:54.0492 4812 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
09:01:54.0492 4812 C:\Windows\SysWOW64\ole32.dll - ok
09:01:54.0492 4812 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
09:01:54.0492 4812 C:\Windows\SysWOW64\shlwapi.dll - ok
09:01:54.0492 4812 [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
09:01:54.0492 4812 C:\Windows\SysWOW64\crypt32.dll - ok
09:01:54.0508 4812 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
09:01:54.0508 4812 C:\Windows\SysWOW64\oleaut32.dll - ok
09:01:54.0508 4812 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
09:01:54.0508 4812 C:\Windows\System32\p2pcollab.dll - ok
09:01:54.0508 4812 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
09:01:54.0508 4812 C:\Windows\SysWOW64\msasn1.dll - ok
09:01:54.0508 4812 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
09:01:54.0508 4812 C:\Windows\SysWOW64\wintrust.dll - ok
09:01:54.0523 4812 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
09:01:54.0523 4812 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
09:01:54.0523 4812 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
09:01:54.0523 4812 C:\Windows\System32\QAGENTRT.DLL - ok
09:01:54.0523 4812 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
09:01:54.0523 4812 C:\Windows\SysWOW64\imm32.dll - ok
09:01:54.0539 4812 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
09:01:54.0539 4812 C:\Windows\SysWOW64\msctf.dll - ok
09:01:54.0539 4812 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
09:01:54.0539 4812 C:\Windows\System32\cryptsvc.dll - ok
09:01:54.0539 4812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
09:01:54.0539 4812 C:\Windows\System32\dps.dll - ok
09:01:54.0539 4812 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
09:01:54.0539 4812 C:\Windows\System32\fveui.dll - ok
09:01:54.0555 4812 [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
09:01:54.0555 4812 C:\Windows\System32\cryptnet.dll - ok
09:01:54.0555 4812 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
09:01:54.0555 4812 C:\Windows\System32\FDResPub.dll - ok
09:01:54.0555 4812 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
09:01:54.0555 4812 C:\Windows\System32\WSDApi.dll - ok
09:01:54.0570 4812 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
09:01:54.0570 4812 C:\Windows\SysWOW64\svchost.exe - ok
09:01:54.0570 4812 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll
09:01:54.0570 4812 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll - ok
09:01:54.0570 4812 [ 8F2CFF01F12955477450DA5E572D4001 ] C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
09:01:54.0570 4812 C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe - ok
09:01:54.0570 4812 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
09:01:54.0570 4812 C:\Windows\System32\vssapi.dll - ok
09:01:54.0586 4812 [ A8BD9D6A7DBDDFFC7283BF9222004EC1 ] C:\Program Files (x86)\LogMeIn\x64\LMIGuardianDll.dll
09:01:54.0586 4812 C:\Program Files (x86)\LogMeIn\x64\LMIGuardianDll.dll - ok
09:01:54.0586 4812 [ 4909501F53DA2EB6603848944C45F524 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll
09:01:54.0586 4812 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll - ok
09:01:54.0586 4812 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
09:01:54.0586 4812 C:\Windows\System32\taskschd.dll - ok
09:01:54.0601 4812 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
09:01:54.0601 4812 C:\Windows\System32\webservices.dll - ok
09:01:54.0601 4812 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
09:01:54.0601 4812 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
09:01:54.0601 4812 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
09:01:54.0601 4812 C:\Windows\System32\slwga.dll - ok
09:01:54.0617 4812 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
09:01:54.0617 4812 C:\Windows\System32\sppc.dll - ok
09:01:54.0617 4812 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
09:01:54.0617 4812 C:\Windows\SysWOW64\setupapi.dll - ok
09:01:54.0617 4812 [ 0F28935ECF1FBDEC22BAF720A5A94564 ] C:\Program Files (x86)\LogMeIn\x64\rainfo.sys
09:01:54.0617 4812 C:\Program Files (x86)\LogMeIn\x64\rainfo.sys - ok
09:01:54.0617 4812 [ CA86C7042E406070B905AE6CA45D22EA ] C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
09:01:54.0617 4812 C:\Program Files (x86)\LogMeIn\x64\ramaint.exe - ok
09:01:54.0633 4812 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
09:01:54.0633 4812 C:\Windows\System32\wsock32.dll - ok
09:01:54.0633 4812 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
09:01:54.0633 4812 C:\Windows\System32\browcli.dll - ok
09:01:54.0633 4812 [ 1369DF1AA12A11876B41627099923EDB ] C:\Windows\System32\dfscli.dll
09:01:54.0633 4812 C:\Windows\System32\dfscli.dll - ok
09:01:54.0648 4812 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
09:01:54.0648 4812 C:\Windows\System32\fundisc.dll - ok
09:01:54.0648 4812 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
09:01:54.0648 4812 C:\Windows\System32\schedcli.dll - ok
09:01:54.0648 4812 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
09:01:54.0648 4812 C:\Windows\System32\winspool.drv - ok
09:01:54.0648 4812 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
09:01:54.0648 4812 C:\Windows\System32\mpr.dll - ok
09:01:54.0664 4812 [ D3760BC17E1755091B7120CF32DBF56B ] C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
09:01:54.0664 4812 C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe - ok
09:01:54.0664 4812 [ C57D3FAA50E6F395759FFB7C709BD944 ] C:\Windows\System32\drivers\LMIRfsDriver.sys
09:01:54.0664 4812 C:\Windows\System32\drivers\LMIRfsDriver.sys - ok
09:01:54.0664 4812 [ D986493AAC2D682CCE4352C31871E6A3 ] C:\Program Files (x86)\LogMeIn\x64\LogMeIn.dll
09:01:54.0664 4812 C:\Program Files (x86)\LogMeIn\x64\LogMeIn.dll - ok
09:01:54.0679 4812 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
09:01:54.0679 4812 C:\Windows\System32\vsstrace.dll - ok
09:01:54.0679 4812 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
09:01:54.0679 4812 C:\Windows\SysWOW64\cfgmgr32.dll - ok
09:01:54.0679 4812 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
09:01:54.0679 4812 C:\Windows\SysWOW64\devobj.dll - ok
09:01:54.0679 4812 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
09:01:54.0679 4812 C:\Windows\SysWOW64\version.dll - ok
09:01:54.0695 4812 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
09:01:54.0695 4812 C:\Windows\SysWOW64\winspool.drv - ok
09:01:54.0695 4812 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
09:01:54.0695 4812 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
09:01:54.0695 4812 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
09:01:54.0695 4812 C:\Windows\SysWOW64\clbcatq.dll - ok
09:01:54.0711 4812 [ 42431657491D8E29F1E8824651148EB8 ] C:\Windows\System32\LMIRfsClientNP.dll
09:01:54.0711 4812 C:\Windows\System32\LMIRfsClientNP.dll - ok
09:01:54.0711 4812 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
09:01:54.0711 4812 C:\Windows\SysWOW64\cryptsp.dll - ok
09:01:54.0711 4812 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
09:01:54.0711 4812 C:\Windows\SysWOW64\rsaenh.dll - ok
09:01:54.0711 4812 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
09:01:54.0711 4812 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
09:01:54.0726 4812 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
09:01:54.0726 4812 C:\Windows\System32\winhttp.dll - ok
09:01:54.0726 4812 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
09:01:54.0726 4812 C:\Windows\System32\webio.dll - ok
09:01:54.0726 4812 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
09:01:54.0726 4812 C:\Windows\System32\httpapi.dll - ok
09:01:54.0742 4812 [ 391CD109EF28629644C267C855314DEE ] C:\Windows\System32\ieframe.dll
09:01:54.0742 4812 C:\Windows\System32\ieframe.dll - ok
09:01:54.0742 4812 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
09:01:54.0742 4812 C:\Windows\System32\dllhost.exe - ok
09:01:54.0742 4812 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
09:01:54.0742 4812 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
09:01:54.0742 4812 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
09:01:54.0742 4812 C:\Windows\System32\IDStore.dll - ok
09:01:54.0757 4812 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
09:01:54.0757 4812 C:\Windows\System32\taskhost.exe - ok
09:01:54.0757 4812 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
09:01:54.0757 4812 C:\Windows\System32\PlaySndSrv.dll - ok
09:01:54.0757 4812 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
09:01:54.0757 4812 C:\Windows\System32\taskeng.exe - ok
09:01:54.0773 4812 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
09:01:54.0773 4812 C:\Windows\System32\userinit.exe - ok
09:01:54.0773 4812 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
09:01:54.0773 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
09:01:54.0773 4812 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
09:01:54.0773 4812 C:\Windows\System32\dwm.exe - ok
09:01:54.0773 4812 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
09:01:54.0773 4812 C:\Windows\System32\rasadhlp.dll - ok
09:01:54.0789 4812 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
09:01:54.0789 4812 C:\Windows\System32\localspl.dll - ok
09:01:54.0789 4812 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
09:01:54.0789 4812 C:\Windows\System32\dwmredir.dll - ok
09:01:54.0789 4812 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
09:01:54.0789 4812 C:\Windows\System32\dwmcore.dll - ok
09:01:54.0789 4812 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
09:01:54.0804 4812 C:\Windows\System32\MsCtfMonitor.dll - ok
09:01:54.0804 4812 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
09:01:54.0804 4812 C:\Windows\System32\msutb.dll - ok
09:01:54.0804 4812 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
09:01:54.0804 4812 C:\Windows\System32\esent.dll - ok
09:01:54.0804 4812 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
09:01:54.0804 4812 C:\Windows\System32\HotStartUserAgent.dll - ok
09:01:54.0820 4812 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
09:01:54.0820 4812 C:\Windows\System32\TSChannel.dll - ok
09:01:54.0820 4812 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
09:01:54.0820 4812 C:\Windows\System32\spoolss.dll - ok
09:01:54.0820 4812 [ AE88D95101648D5AE1040CAAEC79BBF9 ] C:\Windows\System32\LMIport.dll
09:01:54.0820 4812 C:\Windows\System32\LMIport.dll - ok
09:01:54.0835 4812 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
09:01:54.0835 4812 C:\Windows\System32\PrintIsolationProxy.dll - ok
09:01:54.0835 4812 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
09:01:54.0835 4812 C:\Windows\explorer.exe - ok
09:01:54.0835 4812 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
09:01:54.0835 4812 C:\Windows\System32\FXSMON.dll - ok
09:01:54.0835 4812 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
09:01:54.0835 4812 C:\Windows\System32\hpz3lw71.dll - ok
09:01:54.0851 4812 [ D2600D5000CFD439AA791E56BD763AD8 ] C:\Windows\System32\pdfcmnnt.dll
09:01:54.0851 4812 C:\Windows\System32\pdfcmnnt.dll - ok
09:01:54.0851 4812 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
09:01:54.0851 4812 C:\Windows\System32\tcpmon.dll - ok
09:01:54.0851 4812 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
09:01:54.0851 4812 C:\Windows\System32\snmpapi.dll - ok
09:01:54.0851 4812 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
09:01:54.0851 4812 C:\Windows\System32\wsnmp32.dll - ok
09:01:54.0867 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:01:54.0867 4812 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
09:01:54.0867 4812 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
09:01:54.0867 4812 C:\Windows\System32\usbmon.dll - ok
09:01:54.0867 4812 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
09:01:54.0867 4812 C:\Windows\System32\WSDMon.dll - ok
09:01:54.0882 4812 [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll
09:01:54.0882 4812 C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll - ok
09:01:54.0882 4812 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
09:01:54.0882 4812 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
09:01:54.0882 4812 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
09:01:54.0882 4812 C:\Windows\SysWOW64\netapi32.dll - ok
09:01:54.0898 4812 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
09:01:54.0898 4812 C:\Windows\SysWOW64\netutils.dll - ok
09:01:54.0898 4812 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
09:01:54.0898 4812 C:\Windows\SysWOW64\nsi.dll - ok
09:01:54.0898 4812 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
09:01:54.0898 4812 C:\Windows\SysWOW64\srvcli.dll - ok
09:01:54.0898 4812 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
09:01:54.0898 4812 C:\Windows\SysWOW64\winnsi.dll - ok
09:01:54.0913 4812 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
09:01:54.0913 4812 C:\Windows\SysWOW64\wkscli.dll - ok
09:01:54.0913 4812 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
09:01:54.0913 4812 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
09:01:54.0913 4812 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
09:01:54.0913 4812 C:\Windows\System32\fdPnp.dll - ok
09:01:54.0929 4812 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
09:01:54.0929 4812 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
09:01:54.0929 4812 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
09:01:54.0929 4812 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
09:01:54.0929 4812 [ 9EB2940B250149ABC96134C8B78B947B ] C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll
09:01:54.0929 4812 C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll - ok
09:01:54.0929 4812 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
09:01:54.0929 4812 C:\Windows\System32\win32spl.dll - ok
09:01:54.0945 4812 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
09:01:54.0945 4812 C:\Windows\System32\inetpp.dll - ok
09:01:54.0945 4812 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
09:01:54.0945 4812 C:\Windows\System32\cscapi.dll - ok
09:01:54.0945 4812 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
09:01:54.0945 4812 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
09:01:54.0960 4812 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
09:01:54.0960 4812 C:\Windows\System32\mgmtapi.dll - ok
09:01:54.0960 4812 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
09:01:54.0960 4812 C:\Windows\System32\tcpmib.dll - ok
09:01:54.0960 4812 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
09:01:54.0960 4812 C:\Windows\System32\PrintIsolationHost.exe - ok
09:01:54.0960 4812 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
09:01:54.0960 4812 C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
09:01:54.0976 4812 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
09:01:54.0976 4812 C:\Windows\System32\ExplorerFrame.dll - ok
09:01:54.0976 4812 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
09:01:54.0976 4812 C:\Windows\SysWOW64\imagehlp.dll - ok
09:01:54.0976 4812 [ 5FF0856B24470F5121DD22685F212C27 ] C:\Program Files (x86)\File Type Assistant\tsassist.exe
09:01:54.0976 4812 C:\Program Files (x86)\File Type Assistant\tsassist.exe - ok
09:01:54.0991 4812 [ B6D0EB60B3F01A0B5554894784651190 ] C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL
09:01:54.0991 4812 C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL - ok
09:01:54.0991 4812 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
09:01:54.0991 4812 C:\Windows\SysWOW64\msi.dll - ok
09:01:54.0991 4812 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
09:01:54.0991 4812 C:\Windows\System32\d3d10_1.dll - ok
09:01:55.0007 4812 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
09:01:55.0007 4812 C:\Windows\System32\d3d10_1core.dll - ok
09:01:55.0007 4812 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
09:01:55.0007 4812 C:\Windows\SysWOW64\msimg32.dll - ok
09:01:55.0007 4812 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
09:01:55.0007 4812 C:\Windows\SysWOW64\dwmapi.dll - ok
09:01:55.0007 4812 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
09:01:55.0007 4812 C:\Windows\SysWOW64\uxtheme.dll - ok
09:01:55.0023 4812 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
09:01:55.0023 4812 C:\Windows\System32\dxgi.dll - ok
09:01:55.0023 4812 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
09:01:55.0023 4812 C:\Windows\System32\d3d11.dll - ok
09:01:55.0023 4812 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
09:01:55.0023 4812 C:\Windows\System32\EhStorShell.dll - ok
09:01:55.0023 4812 [ 0704205E1C718F156FAB7D938EA7FC14 ] C:\Windows\System32\igd10umd64.dll
09:01:55.0023 4812 C:\Windows\System32\igd10umd64.dll - ok
09:01:55.0038 4812 [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\SysWOW64\wininet.dll
09:01:55.0038 4812 C:\Windows\SysWOW64\wininet.dll - ok
09:01:55.0038 4812 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
09:01:55.0038 4812 C:\Windows\System32\ntshrui.dll - ok
09:01:55.0038 4812 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
09:01:55.0038 4812 C:\Windows\SysWOW64\ntmarta.dll - ok
09:01:55.0054 4812 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
09:01:55.0054 4812 C:\Windows\SysWOW64\propsys.dll - ok
09:01:55.0054 4812 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
09:01:55.0054 4812 C:\Windows\SysWOW64\Wldap32.dll - ok
09:01:55.0054 4812 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
09:01:55.0054 4812 C:\Windows\System32\IconCodecService.dll - ok
09:01:55.0054 4812 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
09:01:55.0054 4812 C:\Windows\System32\runonce.exe - ok
09:01:55.0069 4812 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
09:01:55.0069 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
09:01:55.0069 4812 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
09:01:55.0069 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
09:01:55.0069 4812 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
09:01:55.0069 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
09:01:55.0085 4812 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
09:01:55.0085 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
09:01:55.0085 4812 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
09:01:55.0085 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
09:01:55.0085 4812 [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\SysWOW64\iertutil.dll
09:01:55.0085 4812 C:\Windows\SysWOW64\iertutil.dll - ok
09:01:55.0101 4812 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
09:01:55.0101 4812 C:\Windows\SysWOW64\runonce.exe - ok
09:01:55.0101 4812 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
09:01:55.0101 4812 C:\Windows\SysWOW64\cscapi.dll - ok
09:01:55.0101 4812 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
09:01:55.0101 4812 C:\Windows\SysWOW64\dbghelp.dll - ok
09:01:55.0101 4812 [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
09:01:55.0101 4812 C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
09:01:55.0116 4812 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
09:01:55.0116 4812 C:\Windows\SysWOW64\apphelp.dll - ok
09:01:55.0116 4812 [ D9A08472D8D0218A0AE2C9D9F63EA531 ] C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
09:01:55.0116 4812 C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe - ok
09:01:55.0132 4812 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
09:01:55.0132 4812 C:\Windows\SysWOW64\mstask.dll - ok
09:01:55.0132 4812 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
09:01:55.0132 4812 C:\Windows\SysWOW64\profapi.dll - ok
09:01:55.0132 4812 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
09:01:55.0132 4812 C:\Windows\SysWOW64\userenv.dll - ok
09:01:55.0132 4812 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
09:01:55.0132 4812 C:\Windows\System32\dbghelp.dll - ok
09:01:55.0147 4812 [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\SysWOW64\urlmon.dll
09:01:55.0147 4812 C:\Windows\SysWOW64\urlmon.dll - ok
09:01:55.0147 4812 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
09:01:55.0147 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
09:01:55.0147 4812 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
09:01:55.0147 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
09:01:55.0163 4812 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
09:01:55.0163 4812 C:\Windows\SysWOW64\secur32.dll - ok
09:01:55.0163 4812 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
09:01:55.0163 4812 C:\Windows\SysWOW64\cmd.exe - ok
09:01:55.0163 4812 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
09:01:55.0163 4812 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
09:01:55.0179 4812 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
09:01:55.0179 4812 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
09:01:55.0179 4812 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
09:01:55.0179 4812 C:\Windows\System32\uDWM.dll - ok
09:01:55.0179 4812 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
09:01:55.0179 4812 C:\Windows\SysWOW64\winbrand.dll - ok
09:01:55.0179 4812 [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\SysWOW64\ieframe.dll
09:01:55.0179 4812 C:\Windows\SysWOW64\ieframe.dll - ok
09:01:55.0194 4812 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:01:55.0194 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
09:01:55.0194 4812 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
09:01:55.0194 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
09:01:55.0194 4812 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
09:01:55.0194 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
09:01:55.0210 4812 [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
09:01:55.0210 4812 C:\Windows\System32\netbios.dll - ok
09:01:55.0210 4812 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
09:01:55.0210 4812 C:\Windows\SysWOW64\ws2_32.dll - ok
09:01:55.0210 4812 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
09:01:55.0210 4812 C:\Windows\SysWOW64\wtsapi32.dll - ok
09:01:55.0225 4812 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:01:55.0225 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
09:01:55.0225 4812 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
09:01:55.0225 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
09:01:55.0225 4812 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
09:01:55.0225 4812 C:\Windows\SysWOW64\mpr.dll - ok
09:01:55.0225 4812 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
09:01:55.0225 4812 C:\Windows\SysWOW64\psapi.dll - ok
09:01:55.0241 4812 [ 7CF1B716372B89568AE4C0FE769F5869 ] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
09:01:55.0241 4812 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe - ok
09:01:55.0241 4812 [ BFC68382466436FAE8B7A27966FB98CB ] C:\Windows\AppPatch\acwow64.dll
09:01:55.0241 4812 C:\Windows\AppPatch\acwow64.dll - ok
09:01:55.0241 4812 [ BEC27CF5564827EAB7F08C98EE55B1CC ] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\pdm.dll
09:01:55.0241 4812 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\pdm.dll - ok
09:01:55.0257 4812 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
09:01:55.0257 4812 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
09:01:55.0257 4812 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
09:01:55.0257 4812 C:\Windows\System32\HPZinw12.dll - ok
09:01:55.0257 4812 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
09:01:55.0257 4812 C:\Windows\System32\netman.dll - ok
09:01:55.0257 4812 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
09:01:55.0257 4812 C:\Windows\System32\security.dll - ok
09:01:55.0272 4812 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
09:01:55.0272 4812 C:\Windows\System32\nlasvc.dll - ok
09:01:55.0272 4812 [ 94A0142B6AE74333BCCF6502D567CBB6 ] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\msdbg2.dll
09:01:55.0272 4812 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\msdbg2.dll - ok
09:01:55.0272 4812 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
09:01:55.0272 4812 C:\Windows\System32\ncsi.dll - ok
09:01:55.0288 4812 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
09:01:55.0288 4812 C:\Windows\System32\aepic.dll - ok
09:01:55.0288 4812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
09:01:55.0288 4812 C:\Windows\System32\drivers\PEAuth.sys - ok
09:01:55.0288 4812 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
09:01:55.0288 4812 C:\Windows\System32\ssdpapi.dll - ok
09:01:55.0288 4812 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
09:01:55.0288 4812 C:\Windows\System32\drivers\secdrv.sys - ok
09:01:55.0303 4812 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
09:01:55.0303 4812 C:\Windows\System32\HPZipm12.dll - ok
09:01:55.0303 4812 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
09:01:55.0303 4812 C:\Windows\System32\sfc.dll - ok
09:01:55.0303 4812 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
09:01:55.0303 4812 C:\Windows\System32\sfc_os.dll - ok
09:01:55.0319 4812 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
09:01:55.0319 4812 C:\Windows\System32\drivers\srvnet.sys - ok
09:01:55.0319 4812 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
09:01:55.0319 4812 C:\Windows\System32\seclogon.dll - ok
09:01:55.0319 4812 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
09:01:55.0319 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
09:01:55.0319 4812 [ 647C11534C7AF0C5FF599D930476511F ] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\csm.dll
09:01:55.0319 4812 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\csm.dll - ok
09:01:55.0335 4812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
09:01:55.0335 4812 C:\Windows\System32\drivers\tcpipreg.sys - ok
09:01:55.0335 4812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
09:01:55.0335 4812 C:\Windows\System32\sysmain.dll - ok
09:01:55.0335 4812 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
09:01:55.0335 4812 C:\Windows\System32\tapisrv.dll - ok
09:01:55.0350 4812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
09:01:55.0350 4812 C:\Windows\System32\wiaservc.dll - ok
09:01:55.0350 4812 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
09:01:55.0350 4812 C:\Windows\SysWOW64\winsta.dll - ok
09:01:55.0350 4812 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
09:01:55.0350 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
09:01:55.0350 4812 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
09:01:55.0366 4812 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
09:01:55.0366 4812 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
09:01:55.0366 4812 C:\Windows\System32\wiatrace.dll - ok
09:01:55.0366 4812 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
09:01:55.0366 4812 C:\Windows\System32\wsdchngr.dll - ok
09:01:55.0366 4812 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
09:01:55.0366 4812 C:\Windows\System32\aeevts.dll - ok
09:01:55.0381 4812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
09:01:55.0381 4812 C:\Windows\System32\trkwks.dll - ok
09:01:55.0381 4812 [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
09:01:55.0381 4812 C:\Windows\SysWOW64\shdocvw.dll - ok
09:01:55.0381 4812 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:01:55.0381 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
09:01:55.0397 4812 [ C964590AE89867A55D77B847E6B00613 ] C:\Windows\System32\hpowiav1.dll
09:01:55.0397 4812 C:\Windows\System32\hpowiav1.dll - ok
09:01:55.0397 4812 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
09:01:55.0397 4812 C:\Windows\System32\wbem\WMIsvc.dll - ok
09:01:55.0397 4812 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
09:01:55.0397 4812 C:\Windows\System32\wuapi.dll - ok
09:01:55.0397 4812 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
09:01:55.0397 4812 C:\Windows\System32\wbemcomn.dll - ok
09:01:55.0413 4812 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
09:01:55.0413 4812 C:\Windows\System32\wups.dll - ok
09:01:55.0413 4812 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
09:01:55.0413 4812 C:\Windows\System32\NapiNSP.dll - ok
09:01:55.0413 4812 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
09:01:55.0413 4812 C:\Windows\System32\pnrpnsp.dll - ok
09:01:55.0428 4812 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
09:01:55.0428 4812 C:\Windows\System32\winrnr.dll - ok
09:01:55.0428 4812 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
09:01:55.0428 4812 C:\Windows\System32\wbem\wbemprox.dll - ok
09:01:55.0428 4812 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
09:01:55.0428 4812 C:\Windows\System32\wbem\WinMgmtR.dll - ok
09:01:55.0428 4812 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
09:01:55.0428 4812 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
09:01:55.0444 4812 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
09:01:55.0444 4812 C:\Windows\System32\wbem\wbemcore.dll - ok
09:01:55.0444 4812 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
09:01:55.0444 4812 C:\Windows\System32\wbem\fastprox.dll - ok
09:01:55.0444 4812 [ 223A96BAC91792E1A954BFEB49FBE02C ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
09:01:55.0444 4812 C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe - ok
09:01:55.0459 4812 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
09:01:55.0459 4812 C:\Windows\System32\SensApi.dll - ok
09:01:55.0459 4812 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
09:01:55.0459 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
09:01:55.0459 4812 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
09:01:55.0459 4812 C:\Windows\System32\dsound.dll - ok
09:01:55.0475 4812 [ 4A6467401DE7A6660BB56EB7F6D63AD0 ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.dll
09:01:55.0475 4812 C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.dll - ok
09:01:55.0475 4812 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
09:01:55.0475 4812 C:\Windows\System32\wer.dll - ok
09:01:55.0475 4812 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
09:01:55.0475 4812 C:\Windows\System32\ntdsapi.dll - ok
09:01:55.0475 4812 [ 90CC31E54E79E9E5800FFF3CCF2FC5DB ] C:\Windows\System32\inetmib1.dll
09:01:55.0475 4812 C:\Windows\System32\inetmib1.dll - ok
09:01:55.0491 4812 [ E4C2DD4742B95F15BD5C2DC679D98409 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
09:01:55.0491 4812 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
09:01:55.0491 4812 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
09:01:55.0491 4812 C:\Windows\System32\msxml3.dll - ok
09:01:55.0491 4812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
09:01:55.0491 4812 C:\Windows\System32\drivers\srv2.sys - ok
09:01:55.0506 4812 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
09:01:55.0506 4812 C:\Windows\System32\wbem\esscli.dll - ok
09:01:55.0506 4812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
09:01:55.0506 4812 C:\Windows\System32\drivers\srv.sys - ok
09:01:55.0506 4812 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
09:01:55.0506 4812 C:\Windows\System32\iphlpsvc.dll - ok
09:01:55.0506 4812 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
09:01:55.0506 4812 C:\Windows\System32\sqmapi.dll - ok
09:01:55.0522 4812 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
09:01:55.0522 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
09:01:55.0522 4812 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
09:01:55.0522 4812 C:\Windows\System32\wdscore.dll - ok
09:01:55.0522 4812 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
09:01:55.0522 4812 C:\Windows\System32\rasmans.dll - ok
09:01:55.0522 4812 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
09:01:55.0522 4812 C:\Windows\System32\dssenh.dll - ok
09:01:55.0537 4812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
09:01:55.0537 4812 C:\Windows\System32\srvsvc.dll - ok
09:01:55.0537 4812 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
09:01:55.0537 4812 C:\Windows\System32\wbem\wbemsvc.dll - ok
09:01:55.0537 4812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
09:01:55.0537 4812 C:\Windows\System32\browser.dll - ok
09:01:55.0553 4812 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
09:01:55.0553 4812 C:\Windows\System32\rastapi.dll - ok
09:01:55.0553 4812 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
09:01:55.0553 4812 C:\Windows\System32\tapi32.dll - ok
09:01:55.0553 4812 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
09:01:55.0553 4812 C:\Windows\System32\netmsg.dll - ok
09:01:55.0553 4812 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
09:01:55.0553 4812 C:\Windows\System32\wbem\wmiutils.dll - ok
09:01:55.0569 4812 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
09:01:55.0569 4812 C:\Windows\System32\hnetcfg.dll - ok
09:01:55.0569 4812 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
09:01:55.0569 4812 C:\Windows\System32\sscore.dll - ok
09:01:55.0569 4812 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
09:01:55.0569 4812 C:\Windows\System32\wbem\repdrvfs.dll - ok
09:01:55.0584 4812 [ 65210D92B7901BBAEC7B15AF820F4E0D ] C:\Program Files (x86)\LogMeIn\x64\rntfywnd.dll
09:01:55.0584 4812 C:\Program Files (x86)\LogMeIn\x64\rntfywnd.dll - ok
09:01:55.0584 4812 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
09:01:55.0584 4812 C:\Windows\System32\clusapi.dll - ok
09:01:55.0584 4812 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
09:01:55.0584 4812 C:\Windows\System32\resutils.dll - ok
09:01:55.0584 4812 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
09:01:55.0584 4812 C:\Windows\System32\unimdm.tsp - ok
09:01:55.0600 4812 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
09:01:55.0600 4812 C:\Windows\System32\kmddsp.tsp - ok
09:01:55.0600 4812 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
09:01:55.0600 4812 C:\Windows\System32\uniplat.dll - ok
09:01:55.0600 4812 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
09:01:55.0600 4812 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
09:01:55.0615 4812 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
09:01:55.0615 4812 C:\Windows\System32\hidphone.tsp - ok
09:01:55.0615 4812 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
09:01:55.0615 4812 C:\Windows\System32\ndptsp.tsp - ok
09:01:55.0615 4812 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
09:01:55.0615 4812 C:\Windows\System32\ncobjapi.dll - ok
09:01:55.0631 4812 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
09:01:55.0631 4812 C:\Windows\System32\wbem\wbemess.dll - ok
09:01:55.0631 4812 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
09:01:55.0631 4812 C:\Windows\System32\rasppp.dll - ok
09:01:55.0631 4812 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
09:01:55.0631 4812 C:\Windows\System32\vpnike.dll - ok
09:01:55.0631 4812 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
09:01:55.0631 4812 C:\Windows\System32\raschap.dll - ok
09:01:55.0647 4812 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
09:01:55.0647 4812 C:\Windows\System32\ipnathlp.dll - ok
09:01:55.0647 4812 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
09:01:55.0647 4812 C:\Windows\System32\mprapi.dll - ok
09:01:55.0647 4812 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
09:01:55.0647 4812 C:\Windows\System32\netshell.dll - ok
09:01:55.0662 4812 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
09:01:55.0662 4812 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
09:01:55.0662 4812 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll
09:01:55.0662 4812 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll - ok
09:01:55.0662 4812 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
09:01:55.0662 4812 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
09:01:55.0662 4812 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
09:01:55.0662 4812 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
09:01:55.0678 4812 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
09:01:55.0678 4812 C:\Windows\SysWOW64\shfolder.dll - ok
09:01:55.0678 4812 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
09:01:55.0678 4812 C:\Windows\System32\shfolder.dll - ok
09:01:55.0678 4812 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
09:01:55.0678 4812 C:\Windows\SysWOW64\sxs.dll - ok
09:01:55.0693 4812 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
09:01:55.0693 4812 C:\Windows\System32\wbem\cimwin32.dll - ok
09:01:55.0693 4812 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL
09:01:55.0693 4812 C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL - ok
09:01:55.0693 4812 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
09:01:55.0693 4812 C:\Windows\System32\hidserv.dll - ok
09:01:55.0693 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
09:01:55.0709 4812 C:\Windows\System32\wdi.dll - ok
09:01:55.0709 4812 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
09:01:55.0709 4812 C:\Windows\System32\wpdbusenum.dll - ok
09:01:55.0709 4812 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
09:01:55.0709 4812 C:\Windows\System32\riched20.dll - ok
09:01:55.0709 4812 [ 3181F76ED237CC3D50D10CEA05AF8B60 ] C:\Windows\System32\riched32.dll
09:01:55.0709 4812 C:\Windows\System32\riched32.dll - ok
09:01:55.0725 4812 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
09:01:55.0725 4812 C:\Windows\System32\diagperf.dll - ok
09:01:55.0725 4812 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
09:01:55.0725 4812 C:\Windows\System32\perftrack.dll - ok
09:01:55.0725 4812 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
09:01:55.0725 4812 C:\Windows\System32\PortableDeviceApi.dll - ok
09:01:55.0725 4812 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
09:01:55.0725 4812 C:\Windows\System32\npmproxy.dll - ok
09:01:55.0740 4812 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
09:01:55.0740 4812 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
09:01:55.0740 4812 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
09:01:55.0740 4812 C:\Windows\System32\drivers\WUDFRd.sys - ok
09:01:55.0740 4812 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
09:01:55.0740 4812 C:\Windows\System32\Apphlpdm.dll - ok
09:01:55.0756 4812 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
09:01:55.0756 4812 C:\Windows\System32\framedynos.dll - ok
09:01:55.0756 4812 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
09:01:55.0756 4812 C:\Windows\System32\pnpts.dll - ok
09:01:55.0756 4812 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
09:01:55.0756 4812 C:\Windows\System32\wdiasqmmodule.dll - ok
09:01:55.0756 4812 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
09:01:55.0771 4812 C:\Windows\System32\radardt.dll - ok
09:01:55.0771 4812 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\BR\AppData\Local\Temp\FEB2B63A-9E72-42C5-9B74-74D9E7375D5A.exe
09:01:55.0771 4812 C:\Users\BR\AppData\Local\Temp\FEB2B63A-9E72-42C5-9B74-74D9E7375D5A.exe - ok
09:01:55.0771 4812 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
09:01:55.0771 4812 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
09:01:55.0771 4812 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
09:01:55.0771 4812 C:\Windows\SysWOW64\FXSRESM.dll - ok
09:01:55.0787 4812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
09:01:55.0787 4812 C:\Windows\System32\aelupsvc.dll - ok
09:01:55.0787 4812 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
09:01:55.0787 4812 C:\Windows\System32\drivers\WUDFPf.sys - ok
09:01:55.0787 4812 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
09:01:55.0787 4812 C:\Windows\System32\FXSRESM.dll - ok
09:01:55.0803 4812 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
09:01:55.0803 4812 C:\Windows\System32\WUDFSvc.dll - ok
09:01:55.0803 4812 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
09:01:55.0803 4812 C:\Windows\SysWOW64\ncrypt.dll - ok
09:01:55.0803 4812 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
09:01:55.0803 4812 C:\Windows\SysWOW64\bcrypt.dll - ok
09:01:55.0803 4812 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
09:01:55.0803 4812 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
09:01:55.0818 4812 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
09:01:55.0818 4812 C:\Windows\SysWOW64\gpapi.dll - ok
09:01:55.0818 4812 [ 44C1FDD56432AEC7425A35EE0734BA4C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93AA4F62-2B28-4F87-A619-8BA0915ABF18}\gapaengine.dll
09:01:55.0818 4812 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93AA4F62-2B28-4F87-A619-8BA0915ABF18}\gapaengine.dll - ok
09:01:55.0818 4812 [ 7B4A2F45FA65A2C88D7950168F26277B ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93AA4F62-2B28-4F87-A619-8BA0915ABF18}\nisfull.vdm
09:01:55.0818 4812 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93AA4F62-2B28-4F87-A619-8BA0915ABF18}\nisfull.vdm - ok
09:01:55.0818 4812 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
09:01:55.0818 4812 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
09:01:55.0834 4812 [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
09:01:55.0834 4812 C:\Windows\SysWOW64\cryptnet.dll - ok
09:01:55.0834 4812 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
09:01:55.0834 4812 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
09:01:55.0834 4812 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
09:01:55.0834 4812 C:\Windows\SysWOW64\SensApi.dll - ok
09:01:55.0849 4812 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
09:01:55.0849 4812 C:\Windows\System32\WUDFHost.exe - ok
09:01:55.0849 4812 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
09:01:55.0849 4812 C:\Windows\SysWOW64\dsrole.dll - ok
09:01:55.0849 4812 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
09:01:55.0849 4812 C:\Windows\SysWOW64\SPInf.dll - ok
09:01:55.0849 4812 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
09:01:55.0849 4812 C:\Windows\System32\WUDFx.dll - ok
09:01:55.0865 4812 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
09:01:55.0865 4812 C:\Windows\SysWOW64\msxml6.dll - ok
09:01:55.0865 4812 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll
09:01:55.0865 4812 C:\Windows\SysWOW64\ndiscapCfg.dll - ok
09:01:55.0865 4812 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
09:01:55.0865 4812 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
09:01:55.0881 4812 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
09:01:55.0881 4812 C:\Windows\System32\ndiscapCfg.dll - ok
09:01:55.0881 4812 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll
09:01:55.0881 4812 C:\Windows\SysWOW64\rascfg.dll - ok
09:01:55.0881 4812 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
09:01:55.0881 4812 C:\Windows\System32\rascfg.dll - ok
09:01:55.0881 4812 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
09:01:55.0881 4812 C:\Windows\SysWOW64\mprapi.dll - ok
09:01:55.0896 4812 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL
09:01:55.0896 4812 C:\Windows\SysWOW64\WMVCORE.DLL - ok
09:01:55.0896 4812 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
09:01:55.0896 4812 C:\Windows\SysWOW64\mprmsg.dll - ok
09:01:55.0896 4812 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
09:01:55.0896 4812 C:\Windows\System32\mprmsg.dll - ok
09:01:55.0912 4812 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
09:01:55.0912 4812 C:\Windows\System32\WMVCORE.DLL - ok
09:01:55.0912 4812 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll
09:01:55.0912 4812 C:\Windows\SysWOW64\tcpipcfg.dll - ok
09:01:55.0912 4812 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
09:01:55.0912 4812 C:\Windows\System32\tcpipcfg.dll - ok
09:01:55.0912 4812 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
09:01:55.0912 4812 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
09:01:55.0927 4812 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
09:01:55.0927 4812 C:\Windows\SysWOW64\EhStorShell.dll - ok
09:01:55.0927 4812 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
09:01:55.0927 4812 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
09:01:55.0927 4812 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
09:01:55.0927 4812 C:\Windows\SysWOW64\WMASF.DLL - ok
09:01:55.0943 4812 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
09:01:55.0943 4812 C:\Windows\System32\WMASF.DLL - ok
09:01:55.0943 4812 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
09:01:55.0943 4812 C:\Windows\SysWOW64\ntshrui.dll - ok
09:01:55.0943 4812 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
09:01:55.0943 4812 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok
09:01:55.0959 4812 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
09:01:55.0959 4812 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
09:01:55.0959 4812 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
09:01:55.0959 4812 C:\Windows\SysWOW64\slc.dll - ok
09:01:55.0959 4812 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
09:01:55.0959 4812 C:\Windows\SysWOW64\imageres.dll - ok
09:01:55.0959 4812 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
09:01:55.0959 4812 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
09:01:55.0974 4812 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
09:01:55.0974 4812 C:\Windows\System32\PortableDeviceTypes.dll - ok
09:01:55.0974 4812 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
09:01:55.0974 4812 C:\Windows\SysWOW64\logoncli.dll - ok
09:01:55.0974 4812 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
09:01:55.0974 4812 C:\Windows\SysWOW64\dimsjob.dll - ok
09:01:55.0990 4812 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
09:01:55.0990 4812 C:\Windows\System32\dimsjob.dll - ok
09:01:55.0990 4812 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
09:01:55.0990 4812 C:\Windows\SysWOW64\taskschd.dll - ok
09:01:55.0990 4812 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
09:01:55.0990 4812 C:\Windows\SysWOW64\netprofm.dll - ok
09:01:55.0990 4812 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
09:01:55.0990 4812 C:\Windows\SysWOW64\nlaapi.dll - ok
09:01:56.0005 4812 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
09:01:56.0005 4812 C:\Windows\SysWOW64\npmproxy.dll - ok
09:01:56.0005 4812 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
09:01:56.0005 4812 C:\Windows\SysWOW64\pautoenr.dll - ok
09:01:56.0005 4812 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
09:01:56.0005 4812 C:\Windows\System32\pautoenr.dll - ok
09:01:56.0021 4812 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
09:01:56.0021 4812 C:\Windows\SysWOW64\certcli.dll - ok
09:01:56.0021 4812 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
09:01:56.0021 4812 C:\Windows\System32\certcli.dll - ok
09:01:56.0021 4812 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
09:01:56.0021 4812 C:\Windows\SysWOW64\atl.dll - ok
09:01:56.0021 4812 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
09:01:56.0021 4812 C:\Windows\SysWOW64\CertEnroll.dll - ok
09:01:56.0037 4812 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
09:01:56.0037 4812 C:\Windows\System32\CertEnroll.dll - ok
09:01:56.0037 4812 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
09:01:56.0037 4812 C:\Windows\SysWOW64\mswsock.dll - ok
09:01:56.0037 4812 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
09:01:56.0037 4812 C:\Windows\SysWOW64\wship6.dll - ok
09:01:56.0052 4812 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
09:01:56.0052 4812 C:\Windows\System32\nci.dll - ok
09:01:56.0052 4812 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
09:01:56.0052 4812 C:\Windows\SysWOW64\nci.dll - ok
09:01:56.0052 4812 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
09:01:56.0052 4812 C:\Windows\System32\wlaninst.dll - ok
09:01:56.0068 4812 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
09:01:56.0068 4812 C:\Windows\System32\wwaninst.dll - ok
09:01:56.0068 4812 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll
09:01:56.0068 4812 C:\Windows\SysWOW64\wlaninst.dll - ok
09:01:56.0068 4812 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
09:01:56.0068 4812 C:\Windows\SysWOW64\rundll32.exe - ok
09:01:56.0068 4812 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
09:01:56.0068 4812 C:\Windows\System32\rundll32.exe - ok
09:01:56.0083 4812 [ 7F21DA4760CE9B4B1B12CBC58C2A642A ] C:\Windows\SysWOW64\apisetschema.dll
09:01:56.0083 4812 C:\Windows\SysWOW64\apisetschema.dll - ok
09:01:56.0083 4812 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
09:01:56.0083 4812 C:\Windows\SysWOW64\netshell.dll - ok
09:01:56.0083 4812 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
09:01:56.0083 4812 C:\Windows\SysWOW64\actxprxy.dll - ok
09:01:56.0083 4812 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
09:01:56.0083 4812 C:\Windows\SysWOW64\winhttp.dll - ok
09:01:56.0099 4812 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
09:01:56.0099 4812 C:\Windows\SysWOW64\credssp.dll - ok
09:01:56.0099 4812 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
09:01:56.0099 4812 C:\Windows\SysWOW64\dnsapi.dll - ok
09:01:56.0099 4812 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
09:01:56.0099 4812 C:\Windows\SysWOW64\NapiNSP.dll - ok
09:01:56.0115 4812 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
09:01:56.0115 4812 C:\Windows\SysWOW64\pnrpnsp.dll - ok
09:01:56.0115 4812 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
09:01:56.0115 4812 C:\Windows\SysWOW64\winrnr.dll - ok
09:01:56.0115 4812 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
09:01:56.0115 4812 C:\Windows\SysWOW64\rasadhlp.dll - ok
09:01:56.0115 4812 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
09:01:56.0115 4812 C:\Windows\SysWOW64\spfileq.dll - ok
09:01:56.0130 4812 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
09:01:56.0130 4812 C:\Windows\System32\spfileq.dll - ok
09:01:56.0130 4812 [ 662BA98309818AF2C17D4E48BF4021C4 ] C:\Program Files\Windows Defender\MpClient.dll
09:01:56.0130 4812 C:\Program Files\Windows Defender\MpClient.dll - ok
09:01:56.0130 4812 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
09:01:56.0130 4812 C:\Windows\System32\IPSECSVC.DLL - ok
09:01:56.0146 4812 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
09:01:56.0146 4812 C:\Windows\SysWOW64\authz.dll - ok
09:01:56.0146 4812 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
09:01:56.0146 4812 C:\Windows\SysWOW64\FirewallAPI.dll - ok
09:01:56.0146 4812 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll
09:01:56.0146 4812 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
09:01:56.0146 4812 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
09:01:56.0146 4812 C:\Windows\System32\FwRemoteSvr.dll - ok
09:01:56.0161 4812 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
09:01:56.0161 4812 C:\Windows\System32\wuaueng.dll - ok
09:01:56.0161 4812 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
09:01:56.0161 4812 C:\Windows\SysWOW64\esent.dll - ok
09:01:56.0161 4812 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
09:01:56.0161 4812 C:\Windows\SysWOW64\webio.dll - ok
09:01:56.0177 4812 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
09:01:56.0177 4812 C:\Windows\SysWOW64\cabinet.dll - ok
09:01:56.0177 4812 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll
09:01:56.0177 4812 C:\Windows\SysWOW64\mspatcha.dll - ok
09:01:56.0177 4812 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
09:01:56.0177 4812 C:\Windows\System32\mspatcha.dll - ok
09:01:56.0193 4812 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
09:01:56.0193 4812 C:\Windows\SysWOW64\wmsgapi.dll - ok
09:01:56.0193 4812 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
09:01:56.0193 4812 C:\Windows\SysWOW64\wups.dll - ok
09:01:56.0193 4812 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
09:01:56.0193 4812 C:\Windows\System32\wups2.dll - ok
09:01:56.0193 4812 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
09:01:56.0193 4812 C:\Windows\SysWOW64\msxml3.dll - ok
09:01:56.0208 4812 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
09:01:56.0208 4812 C:\Windows\SysWOW64\wer.dll - ok
09:01:56.0208 4812 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
09:01:56.0208 4812 C:\Windows\SysWOW64\security.dll - ok
09:01:56.0208 4812 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
09:01:56.0208 4812 C:\Windows\SysWOW64\schannel.dll - ok
09:01:56.0224 4812 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
09:01:56.0224 4812 C:\Windows\SysWOW64\dssenh.dll - ok
09:01:56.0224 4812 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
09:01:56.0224 4812 C:\Windows\SysWOW64\samcli.dll - ok
09:01:56.0224 4812 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
09:01:56.0224 4812 C:\Windows\SysWOW64\browcli.dll - ok
09:01:56.0224 4812 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
09:01:56.0224 4812 C:\Windows\SysWOW64\schedcli.dll - ok
09:01:56.0239 4812 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
09:01:56.0239 4812 C:\Windows\System32\wbem\wmipcima.dll - ok
09:01:56.0239 4812 [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\SysWOW64\slwga.dll
09:01:56.0239 4812 C:\Windows\SysWOW64\slwga.dll - ok
09:01:56.0239 4812 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\SysWOW64\sppc.dll
09:01:56.0239 4812 C:\Windows\SysWOW64\sppc.dll - ok
09:01:56.0255 4812 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
09:01:56.0255 4812 C:\Windows\SysWOW64\wmi.dll - ok
09:01:56.0255 4812 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
09:01:56.0255 4812 C:\Windows\System32\wmi.dll - ok
09:01:56.0255 4812 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
09:01:56.0255 4812 C:\Windows\SysWOW64\powrprof.dll - ok
09:01:56.0255 4812 [ 52F71A5790E1B6FFC34648F3B311EEE1 ] C:\Windows\SysWOW64\jscript.dll
09:01:56.0255 4812 C:\Windows\SysWOW64\jscript.dll - ok
09:01:56.0271 4812 [ 4A3D82F996C5B700D42ACCA94C2B9ABD ] C:\Windows\System32\jscript.dll
09:01:56.0271 4812 C:\Windows\System32\jscript.dll - ok
09:01:56.0271 4812 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
09:01:56.0271 4812 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
09:01:56.0271 4812 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
09:01:56.0271 4812 C:\Windows\SysWOW64\wbemcomn.dll - ok
09:01:56.0286 4812 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
09:01:56.0286 4812 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
09:01:56.0286 4812 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
09:01:56.0286 4812 C:\Windows\SysWOW64\ntdsapi.dll - ok
09:01:56.0286 4812 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
09:01:56.0286 4812 C:\Windows\SysWOW64\ncobjapi.dll - ok
09:01:56.0302 4812 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
09:01:56.0302 4812 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
09:01:56.0302 4812 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
09:01:56.0302 4812 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
09:01:56.0302 4812 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
09:01:56.0302 4812 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
09:01:56.0302 4812 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
09:01:56.0302 4812 C:\Windows\SysWOW64\framedynos.dll - ok
09:01:56.0317 4812 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll
09:01:56.0317 4812 C:\Windows\SysWOW64\tzres.dll - ok
09:01:56.0317 4812 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
09:01:56.0317 4812 C:\Windows\System32\wbem\wmiprov.dll - ok
09:01:56.0317 4812 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
09:01:56.0317 4812 C:\Windows\SysWOW64\davclnt.dll - ok
09:01:56.0333 4812 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
09:01:56.0333 4812 C:\Windows\SysWOW64\oleacc.dll - ok
09:01:56.0333 4812 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
09:01:56.0333 4812 C:\Windows\SysWOW64\oleaccrc.dll - ok
09:01:56.0333 4812 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
09:01:56.0333 4812 C:\Windows\SysWOW64\drprov.dll - ok
09:01:56.0333 4812 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
09:01:56.0333 4812 C:\Windows\System32\drprov.dll - ok
09:01:56.0349 4812 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
09:01:56.0349 4812 C:\Windows\SysWOW64\ntlanman.dll - ok
09:01:56.0349 4812 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
09:01:56.0349 4812 C:\Windows\System32\davclnt.dll - ok
09:01:56.0349 4812 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
09:01:56.0349 4812 C:\Windows\System32\ntlanman.dll - ok
09:01:56.0349 4812 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
09:01:56.0349 4812 C:\Windows\SysWOW64\davhlpr.dll - ok
09:01:56.0364 4812 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
09:01:56.0364 4812 C:\Windows\System32\davhlpr.dll - ok
09:01:56.0364 4812 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
09:01:56.0364 4812 C:\Windows\System32\msi.dll - ok
09:01:56.0364 4812 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
09:01:56.0364 4812 C:\Windows\servicing\TrustedInstaller.exe - ok
09:01:56.0380 4812 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\SysWOW64\dpx.dll
09:01:56.0380 4812 C:\Windows\SysWOW64\dpx.dll - ok
09:01:56.0380 4812 [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
09:01:56.0380 4812 C:\Windows\SysWOW64\srclient.dll - ok
09:01:56.0380 4812 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
09:01:56.0380 4812 C:\Windows\SysWOW64\spp.dll - ok
09:01:56.0380 4812 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
09:01:56.0380 4812 C:\Windows\SysWOW64\wdscore.dll - ok
09:01:56.0395 4812 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
09:01:56.0395 4812 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
09:01:56.0395 4812 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
09:01:56.0395 4812 C:\Windows\SysWOW64\ktmw32.dll - ok
09:01:56.0395 4812 [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
09:01:56.0395 4812 C:\Windows\servicing\CbsMsg.dll - ok
09:01:56.0411 4812 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
09:01:56.0411 4812 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
09:01:56.0411 4812 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
09:01:56.0411 4812 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
09:01:56.0411 4812 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
09:01:56.0411 4812 C:\Windows\SysWOW64\vssapi.dll - ok
09:01:56.0427 4812 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
09:01:56.0427 4812 C:\Windows\SysWOW64\vsstrace.dll - ok
09:01:56.0427 4812 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
09:01:56.0427 4812 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
09:01:56.0427 4812 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\SysWOW64\sxsstore.dll
09:01:56.0427 4812 C:\Windows\SysWOW64\sxsstore.dll - ok
09:01:56.0427 4812 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
09:01:56.0427 4812 C:\Windows\SysWOW64\sqmapi.dll - ok
09:01:56.0442 4812 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
09:01:56.0442 4812 C:\Windows\servicing\CbsApi.dll - ok
09:01:56.0442 4812 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
09:01:56.0442 4812 C:\Windows\System32\dpx.dll - ok
09:01:56.0442 4812 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
09:01:56.0442 4812 C:\Windows\System32\spp.dll - ok
09:01:56.0458 4812 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
09:01:56.0458 4812 C:\Windows\System32\srclient.dll - ok
09:01:56.0458 4812 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
09:01:56.0458 4812 C:\Windows\System32\sxsstore.dll - ok
09:01:56.0458 4812 [ 66275E52615AF9D2F18EB3442D00CFE3 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
09:01:56.0458 4812 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
09:01:56.0458 4812 [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
09:01:56.0458 4812 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
09:01:56.0473 4812 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
09:01:56.0473 4812 C:\Windows\System32\wbem\NCProv.dll - ok
09:01:56.0473 4812 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
09:01:56.0473 4812 C:\Windows\SysWOW64\msvcp71.dll - ok
09:01:56.0473 4812 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
09:01:56.0473 4812 C:\Windows\SysWOW64\msvcr71.dll - ok
09:01:56.0489 4812 [ C3FB3C42DB9501D330DA4E84FB4DE931 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
09:01:56.0489 4812 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
09:01:56.0489 4812 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
09:01:56.0489 4812 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok
09:01:56.0489 4812 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
09:01:56.0489 4812 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
09:01:56.0505 4812 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
09:01:56.0505 4812 C:\Windows\SysWOW64\sfc.dll - ok
09:01:56.0505 4812 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
09:01:56.0505 4812 C:\Windows\SysWOW64\sfc_os.dll - ok
09:01:56.0505 4812 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
09:01:56.0505 4812 C:\Windows\SysWOW64\SndVolSSO.dll - ok
09:01:56.0505 4812 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
09:01:56.0505 4812 C:\Windows\SysWOW64\hid.dll - ok
09:01:56.0520 4812 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
09:01:56.0520 4812 C:\Windows\SysWOW64\MMDevAPI.dll - ok
09:01:56.0520 4812 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
09:01:56.0520 4812 C:\Windows\SysWOW64\timedate.cpl - ok
09:01:56.0520 4812 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
09:01:56.0520 4812 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
09:01:56.0536 4812 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
09:01:56.0536 4812 C:\Windows\SysWOW64\linkinfo.dll - ok
09:01:56.0536 4812 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
09:01:56.0536 4812 C:\Windows\SysWOW64\msiltcfg.dll - ok
09:01:56.0536 4812 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
09:01:56.0536 4812 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
09:01:56.0551 4812 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
09:01:56.0551 4812 C:\Windows\SysWOW64\msftedit.dll - ok
09:01:56.0551 4812 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
09:01:56.0551 4812 C:\Windows\SysWOW64\msls31.dll - ok
09:01:56.0551 4812 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
09:01:56.0551 4812 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
09:01:56.0551 4812 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
09:01:56.0551 4812 C:\Windows\SysWOW64\gameux.dll - ok
09:01:56.0567 4812 [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\SysWOW64\authui.dll
09:01:56.0567 4812 C:\Windows\SysWOW64\authui.dll - ok
09:01:56.0567 4812 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
09:01:56.0567 4812 C:\Windows\SysWOW64\cryptui.dll - ok
09:01:56.0567 4812 [ 0D1C1A2F6D647D674CCE988F78E6CBDC ] C:\Windows\System32\igfxtray.exe
09:01:56.0567 4812 C:\Windows\System32\igfxtray.exe - ok
09:01:56.0583 4812 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\SysWOW64\DeviceCenter.dll
09:01:56.0583 4812 C:\Windows\SysWOW64\DeviceCenter.dll - ok
09:01:56.0583 4812 [ EA8009061898202FAFE9073EEEBA3808 ] C:\Windows\System32\hccutils.dll
09:01:56.0583 4812 C:\Windows\System32\hccutils.dll - ok
09:01:56.0583 4812 [ 58F5D67BEC2ECC4CD7DCDDAF25251BE5 ] C:\Windows\System32\hkcmd.exe
09:01:56.0583 4812 C:\Windows\System32\hkcmd.exe - ok
09:01:56.0583 4812 [ 2A5540429E42263D690304CAC414C6B3 ] C:\Windows\System32\igfxsrvc.exe
09:01:56.0583 4812 C:\Windows\System32\igfxsrvc.exe - ok
09:01:56.0598 4812 [ 05A9258DF5FB17C13541F10620E3E529 ] C:\Windows\System32\igfxpers.exe
09:01:56.0598 4812 C:\Windows\System32\igfxpers.exe - ok
09:01:56.0598 4812 [ 4DD2AA3845D260EF4B8A5276E1237A10 ] C:\Windows\System32\igfxsrvc.dll
09:01:56.0598 4812 C:\Windows\System32\igfxsrvc.dll - ok
09:01:56.0598 4812 [ BC6A2175D5EAC9D9CDB0D8A2C901202B ] C:\Windows\System32\igfxdev.dll
09:01:56.0598 4812 C:\Windows\System32\igfxdev.dll - ok
09:01:56.0614 4812 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
09:01:56.0614 4812 C:\Windows\SysWOW64\SearchFolder.dll - ok
09:01:56.0614 4812 [ 6AFF84B17F88C807C1E9089ED6263C66 ] C:\Windows\System32\igfxrenu.lrc
09:01:56.0614 4812 C:\Windows\System32\igfxrenu.lrc - ok
09:01:56.0614 4812 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
09:01:56.0614 4812 C:\Program Files\Microsoft Security Client\msseces.exe - ok
09:01:56.0614 4812 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\SysWOW64\StructuredQuery.dll
09:01:56.0614 4812 C:\Windows\SysWOW64\StructuredQuery.dll - ok
09:01:56.0629 4812 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
09:01:56.0629 4812 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
09:01:56.0629 4812 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
09:01:56.0629 4812 C:\Windows\SysWOW64\winmm.dll - ok
09:01:56.0629 4812 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
09:01:56.0629 4812 C:\Windows\SysWOW64\advpack.dll - ok
09:01:56.0645 4812 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
09:01:56.0645 4812 C:\Windows\System32\advpack.dll - ok
09:01:56.0645 4812 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
09:01:56.0645 4812 C:\Windows\SysWOW64\devrtl.dll - ok
09:01:56.0645 4812 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
09:01:56.0645 4812 C:\Windows\System32\timedate.cpl - ok
09:01:56.0645 4812 [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
09:01:56.0645 4812 C:\Windows\System32\shdocvw.dll - ok
09:01:56.0661 4812 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
09:01:56.0661 4812 C:\Windows\System32\linkinfo.dll - ok
09:01:56.0661 4812 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
09:01:56.0661 4812 C:\Windows\System32\msiltcfg.dll - ok
09:01:56.0661 4812 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
09:01:56.0661 4812 C:\Windows\SysWOW64\msutb.dll - ok
09:01:56.0676 4812 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
09:01:56.0676 4812 C:\Windows\SysWOW64\shacct.dll - ok
09:01:56.0676 4812 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
09:01:56.0676 4812 C:\Windows\SysWOW64\samlib.dll - ok
09:01:56.0676 4812 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
09:01:56.0676 4812 C:\Windows\SysWOW64\xmllite.dll - ok
09:01:56.0676 4812 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
09:01:56.0676 4812 C:\Windows\System32\gameux.dll - ok
09:01:56.0692 4812 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
09:01:56.0692 4812 C:\Windows\System32\msftedit.dll - ok
09:01:56.0692 4812 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
09:01:56.0692 4812 C:\Windows\System32\msls31.dll - ok
09:01:56.0692 4812 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
09:01:56.0692 4812 C:\Windows\System32\DeviceCenter.dll - ok
09:01:56.0707 4812 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
09:01:56.0707 4812 C:\Windows\System32\SearchFolder.dll - ok
09:01:56.0707 4812 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
09:01:56.0707 4812 C:\Windows\SysWOW64\comdlg32.dll - ok
09:01:56.0707 4812 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
09:01:56.0707 4812 C:\Windows\SysWOW64\dxgi.dll - ok
09:01:56.0707 4812 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
09:01:56.0707 4812 C:\Windows\System32\StructuredQuery.dll - ok
09:01:56.0723 4812 [ 5A8D771D47C92CFEC4E1656E4FAC2D94 ] C:\Windows\SysWOW64\en-US\crypt32.dll.mui
09:01:56.0723 4812 C:\Windows\SysWOW64\en-US\crypt32.dll.mui - ok
09:01:56.0723 4812 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
09:01:56.0723 4812 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
09:01:56.0723 4812 [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\Windows\SysWOW64\msxml3r.dll
09:01:56.0723 4812 C:\Windows\SysWOW64\msxml3r.dll - ok
09:01:56.0739 4812 [ 0BDF121EBD33DA510BD82051C795E199 ] C:\Windows\SysWOW64\NlsData0003.dll
09:01:56.0739 4812 C:\Windows\SysWOW64\NlsData0003.dll - ok
09:01:56.0739 4812 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\SysWOW64\stdole2.tlb
09:01:56.0739 4812 C:\Windows\SysWOW64\stdole2.tlb - ok
09:01:56.0739 4812 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll
09:01:56.0739 4812 C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
09:01:56.0754 4812 [ B5506B451BFE7148ECA7056BDA2970BD ] C:\Windows\SysWOW64\riched32.dll
09:01:56.0754 4812 C:\Windows\SysWOW64\riched32.dll - ok
09:01:56.0754 4812 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
09:01:56.0754 4812 C:\Windows\SysWOW64\riched20.dll - ok
09:01:56.0754 4812 [ 46F67F80214C3EB2E9D0FFBB69B3F51A ] C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui
09:01:56.0754 4812 C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui - ok
09:01:56.0754 4812 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
09:01:56.0754 4812 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
09:01:56.0770 4812 [ ED55C0A4CF8F93CAD9BD29023BCBEF64 ] C:\Program Files (x86)\Trademanager\AliIM.exe
09:01:56.0770 4812 C:\Program Files (x86)\Trademanager\AliIM.exe - ok
09:01:56.0770 4812 [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
09:01:56.0770 4812 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
09:01:56.0770 4812 [ 59FE95F7FEDE6D69C007E2CD05356F07 ] C:\Program Files (x86)\uTorrent\uTorrent.exe
09:01:56.0770 4812 C:\Program Files (x86)\uTorrent\uTorrent.exe - ok
09:01:56.0785 4812 [ 1F74B33DC1296273C07F329466B8BE0F ] C:\Windows\SysWOW64\en-US\runonce.exe.mui
09:01:56.0785 4812 C:\Windows\SysWOW64\en-US\runonce.exe.mui - ok
09:01:56.0785 4812 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
09:01:56.0785 4812 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
09:01:56.0785 4812 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Trademanager\msvcp100.dll
09:01:56.0785 4812 C:\Program Files (x86)\Trademanager\msvcp100.dll - ok
09:01:56.0801 4812 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
09:01:56.0801 4812 C:\Windows\SysWOW64\thumbcache.dll - ok
09:01:56.0801 4812 [ FB7680DC6B75024E74DC4876A184638C ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
09:01:56.0801 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe - ok
09:01:56.0801 4812 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
09:01:56.0801 4812 C:\Windows\SysWOW64\d3d9.dll - ok
09:01:56.0801 4812 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
09:01:56.0801 4812 C:\Windows\SysWOW64\hnetcfg.dll - ok
09:01:56.0817 4812 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
09:01:56.0817 4812 C:\Windows\SysWOW64\d3d8thk.dll - ok
09:01:56.0817 4812 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
09:01:56.0817 4812 C:\Windows\System32\thumbcache.dll - ok
09:01:56.0817 4812 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
09:01:56.0817 4812 C:\Windows\SysWOW64\msacm32.dll - ok
09:01:56.0832 4812 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:01:56.0832 4812 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
09:01:56.0832 4812 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
09:01:56.0832 4812 C:\Windows\SysWOW64\olepro32.dll - ok
09:01:56.0832 4812 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
09:01:56.0832 4812 C:\Windows\SysWOW64\avrt.dll - ok
09:01:56.0848 4812 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
09:01:56.0848 4812 C:\Windows\SysWOW64\mapi32.dll - ok
09:01:56.0848 4812 [ 740F0BA28010164DFCB6B85D00FE8B9A ] C:\Program Files (x86)\Trademanager\UpdateAssist.dll
09:01:56.0848 4812 C:\Program Files (x86)\Trademanager\UpdateAssist.dll - ok
09:01:56.0848 4812 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Trademanager\msvcr100.dll
09:01:56.0848 4812 C:\Program Files (x86)\Trademanager\msvcr100.dll - ok
09:01:56.0863 4812 [ 36FDB8C775B1F7D2069B8C8D0CD09084 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
09:01:56.0863 4812 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
09:01:56.0863 4812 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
09:01:56.0863 4812 C:\Windows\SysWOW64\stobject.dll - ok
09:01:56.0863 4812 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
09:01:56.0863 4812 C:\Windows\System32\stobject.dll - ok
09:01:56.0879 4812 [ 427374C5EAA370A6EF96A96B1360EC90 ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe
09:01:56.0879 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe - ok
09:01:56.0879 4812 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
09:01:56.0879 4812 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
09:01:56.0879 4812 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
09:01:56.0879 4812 C:\Windows\SysWOW64\mscoree.dll - ok
09:01:56.0895 4812 [ 8D94AF31255F87C8AE61C9B04B21656B ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\uTMEMUIMgrEngine.dll
09:01:56.0895 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\uTMEMUIMgrEngine.dll - ok
09:01:56.0895 4812 [ B20B18DF8EB3C821E071541FC3DFF1AB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
09:01:56.0895 4812 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
09:01:56.0895 4812 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:01:56.0895 4812 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
09:01:56.0910 4812 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
09:01:56.0910 4812 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
09:01:56.0910 4812 [ A24A9926D72DBF4A96F7F52475944C37 ] C:\Program Files (x86)\Trademanager\GUIBase.dll
09:01:56.0910 4812 C:\Program Files (x86)\Trademanager\GUIBase.dll - ok
09:01:56.0910 4812 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
09:01:56.0910 4812 C:\Windows\SysWOW64\batmeter.dll - ok
09:01:56.0926 4812 [ 39C15C444D66C6A0638A556BB82F12AA ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\Language\en\uEasyBackupMonitorRes.dll
09:01:56.0926 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\Language\en\uEasyBackupMonitorRes.dll - ok
09:01:56.0926 4812 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
09:01:56.0926 4812 C:\Windows\System32\batmeter.dll - ok
09:01:56.0926 4812 [ 79BA5D2CF3C5AEAF5AD86ACECE5B76D4 ] C:\Windows\SysWOW64\en-US\sdbinst.exe.mui
09:01:56.0926 4812 C:\Windows\SysWOW64\en-US\sdbinst.exe.mui - ok
09:01:56.0926 4812 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
09:01:56.0926 4812 C:\Windows\SysWOW64\wlanutil.dll - ok
09:01:56.0941 4812 [ ED27D1D75BF5E683AD3EDD9E3123520A ] C:\Windows\SysWOW64\inetcomm.dll
09:01:56.0941 4812 C:\Windows\SysWOW64\inetcomm.dll - ok
09:01:56.0941 4812 [ A6E69E7ABAF9815390C4E3F45836CE5B ] C:\Program Files\Internet Explorer\sqmapi.dll
09:01:56.0941 4812 C:\Program Files\Internet Explorer\sqmapi.dll - ok
09:01:56.0941 4812 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
09:01:56.0941 4812 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - ok
09:01:56.0957 4812 [ AF31E7D2C385F647ADFD5F5736B3BA64 ] C:\Windows\SysWOW64\mshtml.dll
09:01:56.0957 4812 C:\Windows\SysWOW64\mshtml.dll - ok
09:01:56.0957 4812 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
09:01:56.0957 4812 C:\Windows\SysWOW64\wlanapi.dll - ok
09:01:56.0957 4812 [ B6048A71CA6BE52B37BEB52BCD3A85E1 ] C:\Program Files (x86)\Trademanager\xparammodule.dll
09:01:56.0957 4812 C:\Program Files (x86)\Trademanager\xparammodule.dll - ok
09:01:56.0973 4812 [ 04E9854A10F8FB8C8D8891B164D51102 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll
09:01:56.0973 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll - ok
09:01:56.0973 4812 [ 00D2C06A552F782C1F16ACF77DB765A5 ] C:\Program Files (x86)\Trademanager\atl100.dll
09:01:56.0973 4812 C:\Program Files (x86)\Trademanager\atl100.dll - ok
09:01:56.0973 4812 [ A7A7DA4D6C44660852D058635B83B108 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
09:01:56.0973 4812 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
09:01:56.0988 4812 [ FBF906D86026A454B99333EE13A05CC4 ] C:\Program Files (x86)\Trademanager\rv2log.dll
09:01:56.0988 4812 C:\Program Files (x86)\Trademanager\rv2log.dll - ok
09:01:56.0988 4812 [ 3A8DEA755049105FBD048CEFD833D7DC ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.18120_none_8381793eed62418f\GdiPlus.dll
09:01:56.0988 4812 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.18120_none_8381793eed62418f\GdiPlus.dll - ok
09:01:56.0988 4812 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
09:01:56.0988 4812 C:\Windows\SysWOW64\es.dll - ok
09:01:57.0004 4812 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
09:01:57.0004 4812 C:\Windows\SysWOW64\prnfldr.dll - ok
09:01:57.0004 4812 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
09:01:57.0004 4812 C:\Windows\System32\prnfldr.dll - ok
09:01:57.0004 4812 [ AFEDF76687BEBAECBE97996464838743 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c0a3dbd8b8c2033b811036ff7043ef3\System.ni.dll
09:01:57.0004 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c0a3dbd8b8c2033b811036ff7043ef3\System.ni.dll - ok
09:01:57.0019 4812 [ CA62FF1AD311E168154E76621518E683 ] C:\Program Files (x86)\Trademanager\rv2core.dll
09:01:57.0019 4812 C:\Program Files (x86)\Trademanager\rv2core.dll - ok
09:01:57.0019 4812 [ A33452A42BDF214E7FC40CB470515605 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
09:01:57.0019 4812 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
09:01:57.0019 4812 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
09:01:57.0019 4812 C:\Windows\SysWOW64\networkexplorer.dll - ok
09:01:57.0019 4812 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
09:01:57.0019 4812 C:\Windows\System32\networkexplorer.dll - ok
09:01:57.0035 4812 [ 98C6F2A9A981A54222602B87C6310BDE ] C:\Program Files\Internet Explorer\iexplore.exe
09:01:57.0035 4812 C:\Program Files\Internet Explorer\iexplore.exe - ok
09:01:57.0035 4812 [ 5569C7A3E51C0B931A2E1D822FF29D18 ] C:\Program Files (x86)\Trademanager\wwutils.dll
09:01:57.0035 4812 C:\Program Files (x86)\Trademanager\wwutils.dll - ok
09:01:57.0035 4812 [ 018747BA483057E3E59516C204476190 ] C:\Program Files (x86)\Trademanager\pcre.dll
09:01:57.0035 4812 C:\Program Files (x86)\Trademanager\pcre.dll - ok
09:01:57.0051 4812 [ CE2470B271A73C52630E6B3890B1DD0F ] C:\Program Files (x86)\Trademanager\wwparams.dll
09:01:57.0051 4812 C:\Program Files (x86)\Trademanager\wwparams.dll - ok
09:01:57.0051 4812 [ 2A66F5F731B8E1E3701468A5867FCEDE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02309fbbabbd12cfb07d79a684f4c821\WindowsBase.ni.dll
09:01:57.0051 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02309fbbabbd12cfb07d79a684f4c821\WindowsBase.ni.dll - ok
09:01:57.0051 4812 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
09:01:57.0051 4812 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
09:01:57.0066 4812 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
09:01:57.0066 4812 C:\Windows\SysWOW64\duser.dll - ok
09:01:57.0066 4812 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
09:01:57.0066 4812 C:\Windows\SysWOW64\dui70.dll - ok
09:01:57.0066 4812 [ E9DDE4A328F575AFF47B602AC54EA3CF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9d6e1198b5cf137fc0d97f0930fd3e4\PresentationCore.ni.dll
09:01:57.0066 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9d6e1198b5cf137fc0d97f0930fd3e4\PresentationCore.ni.dll - ok
09:01:57.0082 4812 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll
09:01:57.0082 4812 C:\Windows\SysWOW64\UIAnimation.dll - ok
09:01:57.0082 4812 [ D8B82963F6DC26277DF9DEFD23BA7660 ] C:\Program Files (x86)\Trademanager\libeay32.dll
09:01:57.0082 4812 C:\Program Files (x86)\Trademanager\libeay32.dll - ok
09:01:57.0082 4812 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
09:01:57.0082 4812 C:\Windows\System32\UIAnimation.dll - ok
09:01:57.0097 4812 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
09:01:57.0097 4812 C:\Windows\SysWOW64\wsock32.dll - ok
09:01:57.0097 4812 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
09:01:57.0097 4812 C:\Windows\SysWOW64\AudioSes.dll - ok
09:01:57.0097 4812 [ 6B449CDD4EABC2D5A125ADA90B500C22 ] C:\Windows\SysWOW64\igdumdx32.dll
09:01:57.0097 4812 C:\Windows\SysWOW64\igdumdx32.dll - ok
09:01:57.0097 4812 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
09:01:57.0097 4812 C:\Windows\System32\DXP.dll - ok
09:01:57.0113 4812 [ A5E7025E2B9FFD21956CD5D3E08BFE0D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
09:01:57.0113 4812 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok
09:01:57.0113 4812 [ 8F3B77391E30E351A0AD76C90BBC3B51 ] C:\Windows\SysWOW64\igdumd32.dll
09:01:57.0113 4812 C:\Windows\SysWOW64\igdumd32.dll - ok
09:01:57.0129 4812 [ 672BF211B2A092DBDE5FAEB2474B860B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ec4178796e7d9e9b088b26997a6dc866\PresentationFramework.ni.dll
09:01:57.0129 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ec4178796e7d9e9b088b26997a6dc866\PresentationFramework.ni.dll - ok
09:01:57.0129 4812 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
09:01:57.0129 4812 C:\Windows\SysWOW64\AltTab.dll - ok
09:01:57.0129 4812 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
09:01:57.0129 4812 C:\Windows\System32\AltTab.dll - ok
09:01:57.0144 4812 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
09:01:57.0144 4812 C:\Windows\SysWOW64\pnidui.dll - ok
09:01:57.0144 4812 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
09:01:57.0144 4812 C:\Windows\System32\pnidui.dll - ok
09:01:57.0144 4812 [ F807AFC35912F6D59DB225FF928078DD ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cb4cf75e03a2ece5f14766e9175f47e6\System.Xaml.ni.dll
09:01:57.0144 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cb4cf75e03a2ece5f14766e9175f47e6\System.Xaml.ni.dll - ok
09:01:57.0144 4812 [ 463DE26C548D0851B2A8A77D4C8F09C1 ] C:\Program Files (x86)\Trademanager\WWUIUnits.dll
09:01:57.0144 4812 C:\Program Files (x86)\Trademanager\WWUIUnits.dll - ok
09:01:57.0160 4812 [ 489D34E0BC141CB5AE9589EDCDD041EF ] C:\Program Files (x86)\Trademanager\rvnw.dll
09:01:57.0160 4812 C:\Program Files (x86)\Trademanager\rvnw.dll - ok
09:01:57.0160 4812 [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\SysWOW64\DWrite.dll
09:01:57.0160 4812 C:\Windows\SysWOW64\DWrite.dll - ok
09:01:57.0160 4812 [ 0166C2D81C2C3A9F140436B3C1D174BA ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
09:01:57.0160 4812 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
09:01:57.0175 4812 [ 9383D302F0D95DB0802308CF250727F3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
09:01:57.0175 4812 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
09:01:57.0175 4812 [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
09:01:57.0175 4812 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
09:01:57.0175 4812 [ 4FDBE7D6A2A383BC5194054D94BFDC63 ] C:\Program Files (x86)\Photobucket Desktop\System.Reactive.dll
09:01:57.0175 4812 C:\Program Files (x86)\Photobucket Desktop\System.Reactive.dll - ok
09:01:57.0191 4812 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
09:01:57.0191 4812 C:\Windows\SysWOW64\QUTIL.DLL - ok
09:01:57.0191 4812 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
09:01:57.0191 4812 C:\Windows\System32\QUTIL.DLL - ok
09:01:57.0191 4812 [ FF7449B6B2E9B9E7B4C9EEF7715C99BD ] C:\Program Files (x86)\Trademanager\rvwindow.dll
09:01:57.0191 4812 C:\Program Files (x86)\Trademanager\rvwindow.dll - ok
09:01:57.0191 4812 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
09:01:57.0191 4812 C:\Windows\SysWOW64\wevtapi.dll - ok
09:01:57.0207 4812 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
09:01:57.0207 4812 C:\Windows\SysWOW64\ActionCenter.dll - ok
09:01:57.0207 4812 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
09:01:57.0207 4812 C:\Windows\SysWOW64\msvfw32.dll - ok
09:01:57.0207 4812 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
09:01:57.0207 4812 C:\Windows\System32\ActionCenter.dll - ok
09:01:57.0222 4812 [ 32E121426A6164909C51821CC60B8E9B ] C:\Program Files (x86)\Trademanager\SDKDB.dll
09:01:57.0222 4812 C:\Program Files (x86)\Trademanager\SDKDB.dll - ok
09:01:57.0222 4812 [ F60E263F985A821E334E24949EB95F41 ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
09:01:57.0222 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe - ok
09:01:57.0222 4812 [ 32211831678E2881AE5894020C430C5B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4b941173df4023ff803c93f6a84cc925\System.Runtime.Remoting.ni.dll
09:01:57.0222 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4b941173df4023ff803c93f6a84cc925\System.Runtime.Remoting.ni.dll - ok
09:01:57.0238 4812 [ 958BA6FF8641926386B1D16F2D22F4B1 ] C:\Program Files (x86)\Photobucket Desktop\en-US\Photobucket.App.resources.dll
09:01:57.0238 4812 C:\Program Files (x86)\Photobucket Desktop\en-US\Photobucket.App.resources.dll - ok
09:01:57.0238 4812 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
09:01:57.0238 4812 C:\Windows\System32\FXSST.dll - ok
09:01:57.0238 4812 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
09:01:57.0238 4812 C:\Windows\SysWOW64\mfplat.dll - ok
09:01:57.0253 4812 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
09:01:57.0253 4812 C:\Windows\SysWOW64\FXSAPI.dll - ok
09:01:57.0253 4812 [ 82BD68CCB2B944115DF1544CFD723B8B ] C:\Program Files (x86)\Trademanager\contextmode.dll
09:01:57.0253 4812 C:\Program Files (x86)\Trademanager\contextmode.dll - ok
09:01:57.0253 4812 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
09:01:57.0253 4812 C:\Windows\System32\FXSAPI.dll - ok
09:01:57.0253 4812 [ ACE756DDB386DBF14992DE56A7505C29 ] C:\Program Files (x86)\Trademanager\imconfig.dll
09:01:57.0253 4812 C:\Program Files (x86)\Trademanager\imconfig.dll - ok
09:01:57.0269 4812 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
09:01:57.0269 4812 C:\Windows\SysWOW64\Syncreg.dll - ok
09:01:57.0269 4812 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
09:01:57.0269 4812 C:\Windows\System32\Syncreg.dll - ok
09:01:57.0269 4812 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
09:01:57.0269 4812 C:\Windows\ehome\ehSSO.dll - ok
09:01:57.0285 4812 [ 6CE25A4F4F2F70EBF004C9006C647F32 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
09:01:57.0285 4812 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - ok
09:01:57.0285 4812 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
09:01:57.0285 4812 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
09:01:57.0285 4812 [ 13ACC53ADC4A5BA5CE1F100AEC573063 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6af6587a49ca918291917ca318dabbbc\System.Xml.ni.dll
09:01:57.0285 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6af6587a49ca918291917ca318dabbbc\System.Xml.ni.dll - ok
09:01:57.0300 4812 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
09:01:57.0300 4812 C:\Windows\System32\WPDShServiceObj.dll - ok
09:01:57.0300 4812 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
09:01:57.0300 4812 C:\Windows\SysWOW64\bthprops.cpl - ok
09:01:57.0300 4812 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
09:01:57.0300 4812 C:\Windows\System32\bthprops.cpl - ok
09:01:57.0300 4812 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
09:01:57.0300 4812 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - ok
09:01:57.0316 4812 [ 38260B8123F8E8317B4B5494771E8388 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\fbd506dcd9a25540d1e5bf95c7bcd896\System.Core.ni.dll
09:01:57.0316 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\fbd506dcd9a25540d1e5bf95c7bcd896\System.Core.ni.dll - ok
09:01:57.0316 4812 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
09:01:57.0316 4812 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
09:01:57.0316 4812 [ 8488F73673CAC4E82524CAB4DF2FFBA7 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Views.dll
09:01:57.0316 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Views.dll - ok
09:01:57.0331 4812 [ 59A6413FB2CC89FD8651B1D2962FB8B9 ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\msvcp60.dll
09:01:57.0331 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\msvcp60.dll - ok
09:01:57.0331 4812 [ E9D684A1B7769168A85B9C480AE01375 ] C:\Program Files (x86)\Trademanager\rv2archive.dll
09:01:57.0331 4812 C:\Program Files (x86)\Trademanager\rv2archive.dll - ok
09:01:57.0331 4812 [ 5DB0DF20904F9CAD21A902119DD33992 ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\uArcEasyCopy.dll
09:01:57.0331 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\uArcEasyCopy.dll - ok
09:01:57.0347 4812 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
09:01:57.0347 4812 C:\Windows\SysWOW64\pdh.dll - ok
09:01:57.0347 4812 [ 75978BEA7B889CDE19486F77FAE93D33 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Presentation.dll
09:01:57.0347 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Presentation.dll - ok
09:01:57.0347 4812 [ 98FCF49D259D51BD7C3DF2CD4E90B749 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Web.dll
09:01:57.0347 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Web.dll - ok
09:01:57.0363 4812 [ 7A69BF45B6BD06124F8F13E7E6A30343 ] C:\Users\BR\AppData\Roaming\HP SimpleSave Application\FileMapInfoDB.dll
09:01:57.0363 4812 C:\Users\BR\AppData\Roaming\HP SimpleSave Application\FileMapInfoDB.dll - ok
09:01:57.0363 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
09:01:57.0363 4812 C:\Windows\System32\pnrpsvc.dll - ok
09:01:57.0363 4812 [ 540CADD776E7A444A0F6DBD37E2A5DB4 ] C:\Program Files (x86)\Photobucket Desktop\ApplicationFramework.dll
09:01:57.0363 4812 C:\Program Files (x86)\Photobucket Desktop\ApplicationFramework.dll - ok
09:01:57.0363 4812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
09:01:57.0363 4812 C:\Windows\System32\FXSSVC.exe - ok
09:01:57.0378 4812 [ 8BB973283D503C9DEE003476810018C1 ] C:\Program Files (x86)\Photobucket Desktop\Microsoft.Practices.Unity.dll
09:01:57.0378 4812 C:\Program Files (x86)\Photobucket Desktop\Microsoft.Practices.Unity.dll - ok
09:01:57.0378 4812 [ 2F6C94BA73C976FAF939358D84E653E9 ] C:\Windows\SysWOW64\azroles.dll
09:01:57.0378 4812 C:\Windows\SysWOW64\azroles.dll - ok
09:01:57.0378 4812 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
09:01:57.0378 4812 C:\Windows\SysWOW64\srchadmin.dll - ok
09:01:57.0394 4812 [ BA2CF067FDB95903964A2349DCFEB251 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelPerformanceCounters.dll
09:01:57.0394 4812 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelPerformanceCounters.dll - ok
09:01:57.0394 4812 [ AB8D77E4444E15180B0AF74AFAE3B368 ] C:\Program Files (x86)\Trademanager\imbizloader.dll
09:01:57.0394 4812 C:\Program Files (x86)\Trademanager\imbizloader.dll - ok
09:01:57.0394 4812 [ F60B556C2E1892C57939C0897949EF7D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\en-US\ServiceModelPerformanceCounters.dll.mui
09:01:57.0394 4812 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\en-US\ServiceModelPerformanceCounters.dll.mui - ok
09:01:57.0409 4812 [ D76ADFFFC61C29AC83C1CEC84CFD3C55 ] C:\Windows\SysWOW64\en-US\umpo.dll.mui
09:01:57.0409 4812 C:\Windows\SysWOW64\en-US\umpo.dll.mui - ok
09:01:57.0409 4812 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
09:01:57.0409 4812 C:\Windows\SysWOW64\httpapi.dll - ok
09:01:57.0409 4812 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
09:01:57.0409 4812 C:\Windows\SysWOW64\wmp.dll - ok
09:01:57.0409 4812 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\SysWOW64\netlogon.dll
09:01:57.0409 4812 C:\Windows\SysWOW64\netlogon.dll - ok
09:01:57.0425 4812 [ 0A20244D04397E0A660A65138B043916 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.dll
09:01:57.0425 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.dll - ok
09:01:57.0425 4812 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
09:01:57.0425 4812 C:\Windows\System32\srchadmin.dll - ok
09:01:57.0425 4812 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\SysWOW64\drt.dll
09:01:57.0425 4812 C:\Windows\SysWOW64\drt.dll - ok
09:01:57.0425 4812 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
09:01:57.0441 4812 C:\Windows\System32\drivers\ndis.sys - ok
09:01:57.0441 4812 [ BF8B2168974CF4939FECE6930D5DB98F ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.Presentation.dll
09:01:57.0441 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.Presentation.dll - ok
09:01:57.0441 4812 [ 485C80E87FEF14D4FAD02663AEBDC67E ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.DAL.dll
09:01:57.0441 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.DAL.dll - ok
09:01:57.0441 4812 [ 1472E4441EAA243C398B31338DCC8E92 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Services.Contract.dll
09:01:57.0441 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Services.Contract.dll - ok
09:01:57.0456 4812 [ EBE393798F87798489091C9CD25AAE4D ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.Views.dll
09:01:57.0456 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.Views.dll - ok
09:01:57.0456 4812 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
09:01:57.0456 4812 C:\Windows\SysWOW64\devenum.dll - ok
09:01:57.0456 4812 [ 6979CF08DFFCB81308F841FBD387038A ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.Client.dll
09:01:57.0456 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.Client.dll - ok
09:01:57.0472 4812 [ 0DF34F7EF3BD18DC00C3E03E6E1CA315 ] C:\Windows\SysWOW64\WsmRes.dll
09:01:57.0472 4812 C:\Windows\SysWOW64\WsmRes.dll - ok
09:01:57.0472 4812 [ 5CAE802126EB625C00AEB22E21ACCB1C ] C:\Program Files (x86)\Trademanager\WWApplication.dll
09:01:57.0472 4812 C:\Program Files (x86)\Trademanager\WWApplication.dll - ok
09:01:57.0472 4812 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
09:01:57.0472 4812 C:\Windows\SysWOW64\ncsi.dll - ok
09:01:57.0487 4812 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
09:01:57.0487 4812 C:\Windows\System32\tbssvc.dll - ok
09:01:57.0487 4812 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
09:01:57.0487 4812 C:\Windows\SysWOW64\msdmo.dll - ok
09:01:57.0487 4812 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
09:01:57.0487 4812 C:\Windows\SysWOW64\SearchIndexer.exe - ok
09:01:57.0503 4812 [ 442C3F4C6024AAEC47FD270934F54A49 ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.Business.dll
09:01:57.0503 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.Business.dll - ok
09:01:57.0503 4812 [ 6035702749940FE1AA744CAC5B3E9AC3 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Unity.dll
09:01:57.0503 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Unity.dll - ok
09:01:57.0503 4812 [ 10E4A1D2132CCB5C6759F038CDB6F3C9 ] C:\Windows\System32\calc.exe
09:01:57.0503 4812 C:\Windows\System32\calc.exe - ok
09:01:57.0519 4812 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
09:01:57.0519 4812 C:\Windows\SysWOW64\avicap32.dll - ok
09:01:57.0519 4812 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
09:01:57.0519 4812 C:\Windows\SysWOW64\rasdlg.dll - ok
09:01:57.0519 4812 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
09:01:57.0519 4812 C:\Windows\System32\SearchIndexer.exe - ok
09:01:57.0519 4812 [ 6DF78BB163D443D95B21F58808320AF7 ] C:\Program Files (x86)\Photobucket Desktop\Microsoft.Practices.ServiceLocation.dll
09:01:57.0519 4812 C:\Program Files (x86)\Photobucket Desktop\Microsoft.Practices.ServiceLocation.dll - ok
09:01:57.0534 4812 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
09:01:57.0534 4812 C:\Windows\System32\rasdlg.dll - ok
09:01:57.0534 4812 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
09:01:57.0534 4812 C:\Windows\SysWOW64\wshqos.dll - ok
09:01:57.0534 4812 [ C12DEAE527FC8512CEB898B1F07CE607 ] C:\Program Files (x86)\Photobucket Desktop\System.Reactive.Windows.Threading.dll
09:01:57.0534 4812 C:\Program Files (x86)\Photobucket Desktop\System.Reactive.Windows.Threading.dll - ok
09:01:57.0550 4812 [ 5ECC169762FCCE84CE45B6CB1C4908D5 ] C:\Program Files (x86)\Trademanager\GUICore.dll
09:01:57.0550 4812 C:\Program Files (x86)\Trademanager\GUICore.dll - ok
09:01:57.0550 4812 [ A072B04165C379DFEF863214EF14EB5F ] C:\Program Files (x86)\Photobucket Desktop\log4net.dll
09:01:57.0550 4812 C:\Program Files (x86)\Photobucket Desktop\log4net.dll - ok
09:01:57.0550 4812 [ C4A522D8992E47EBEC582255ACD4F7BB ] C:\Program Files (x86)\Trademanager\rvcomlib.dll
09:01:57.0550 4812 C:\Program Files (x86)\Trademanager\rvcomlib.dll - ok
09:01:57.0565 4812 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
09:01:57.0565 4812 C:\Windows\SysWOW64\perfdisk.dll - ok
09:01:57.0565 4812 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
09:01:57.0565 4812 C:\Windows\SysWOW64\msacm32.drv - ok
09:01:57.0565 4812 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
09:01:57.0565 4812 C:\Windows\SysWOW64\wdmaud.drv - ok
09:01:57.0565 4812 [ EC6986EEB138B5F75EBD29ED1A9A071E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\af542b07d5ab8851604628f895888336\System.Configuration.ni.dll
09:01:57.0565 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\af542b07d5ab8851604628f895888336\System.Configuration.ni.dll - ok
09:01:57.0581 4812 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
09:01:57.0581 4812 C:\Windows\SysWOW64\ksuser.dll - ok
09:01:57.0581 4812 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
09:01:57.0581 4812 C:\Windows\SysWOW64\rasapi32.dll - ok
09:01:57.0581 4812 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
09:01:57.0581 4812 C:\Windows\SysWOW64\midimap.dll - ok
09:01:57.0597 4812 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
09:01:57.0597 4812 C:\Windows\SysWOW64\tquery.dll - ok
09:01:57.0597 4812 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
09:01:57.0597 4812 C:\Windows\SysWOW64\rasman.dll - ok
09:01:57.0597 4812 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
09:01:57.0597 4812 C:\Windows\SysWOW64\mssprxy.dll - ok
09:01:57.0612 4812 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
09:01:57.0612 4812 C:\Windows\SysWOW64\rtutils.dll - ok
09:01:57.0612 4812 [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
09:01:57.0612 4812 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
09:01:57.0612 4812 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
09:01:57.0612 4812 C:\Windows\SysWOW64\mssrch.dll - ok
09:01:57.0612 4812 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
09:01:57.0612 4812 C:\Windows\SysWOW64\msidle.dll - ok
09:01:57.0628 4812 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
09:01:57.0628 4812 C:\Windows\SysWOW64\dot3api.dll - ok
09:01:57.0628 4812 [ B3267F82FFFF28384AC8A196651A5CD4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\67dd6be3025ef27a6c035a656ae85b63\PresentationFramework.Aero.ni.dll
09:01:57.0628 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\67dd6be3025ef27a6c035a656ae85b63\PresentationFramework.Aero.ni.dll - ok
09:01:57.0628 4812 [ A02DF508DD706162E72B8CF50F4F8DC0 ] C:\Program Files (x86)\Trademanager\imdb.dll
09:01:57.0628 4812 C:\Program Files (x86)\Trademanager\imdb.dll - ok
09:01:57.0643 4812 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
09:01:57.0643 4812 C:\Windows\System32\dot3api.dll - ok
09:01:57.0643 4812 [ 5E0FAA499E0DB871486F8B0789D7845A ] C:\Windows\SysWOW64\KBDCA.DLL
09:01:57.0643 4812 C:\Windows\SysWOW64\KBDCA.DLL - ok
09:01:57.0643 4812 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
09:01:57.0643 4812 C:\Windows\SysWOW64\wlanhlp.dll - ok
09:01:57.0659 4812 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
09:01:57.0659 4812 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
09:01:57.0659 4812 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
09:01:57.0659 4812 C:\Windows\System32\wlanhlp.dll - ok
09:01:57.0659 4812 [ 3AB57A33A6E3A1476695D5A6E856C06A ] C:\Program Files (x86)\Photobucket Desktop\System.Windows.Interactivity.dll
09:01:57.0659 4812 C:\Program Files (x86)\Photobucket Desktop\System.Windows.Interactivity.dll - ok
09:01:57.0659 4812 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\SysWOW64\calc.exe
09:01:57.0659 4812 C:\Windows\SysWOW64\calc.exe - ok
09:01:57.0675 4812 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
09:01:57.0675 4812 C:\Windows\System32\wlanapi.dll - ok
09:01:57.0675 4812 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
09:01:57.0675 4812 C:\Windows\System32\tquery.dll - ok
09:01:57.0675 4812 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
09:01:57.0675 4812 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
09:01:57.0675 4812 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
09:01:57.0675 4812 C:\Windows\SysWOW64\mlang.dll - ok
09:01:57.0690 4812 [ 12395E528456DFE82979ACFEA96D290C ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui
09:01:57.0690 4812 C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok
09:01:57.0690 4812 [ B8FD0D18BF855064F2733713B8C35749 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Patterns.dll
09:01:57.0690 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Patterns.dll - ok
09:01:57.0690 4812 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
09:01:57.0690 4812 C:\Windows\SysWOW64\WWanAPI.dll - ok
09:01:57.0706 4812 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
09:01:57.0706 4812 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
09:01:57.0706 4812 [ C48524CC4B8EFD10141CA9101084639E ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Services.dll
09:01:57.0706 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Services.dll - ok
09:01:57.0706 4812 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
09:01:57.0706 4812 C:\Windows\SysWOW64\d2d1.dll - ok
09:01:57.0721 4812 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
09:01:57.0721 4812 C:\Windows\System32\WWanAPI.dll - ok
09:01:57.0721 4812 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
09:01:57.0721 4812 C:\Windows\SysWOW64\wwapi.dll - ok
09:01:57.0721 4812 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
09:01:57.0721 4812 C:\Windows\System32\mssrch.dll - ok
09:01:57.0721 4812 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
09:01:57.0721 4812 C:\Windows\System32\wwapi.dll - ok
09:01:57.0737 4812 [ D9FEE457FE43EF56BB262B1FC6A6F0EB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\860349acf665c9efa5de11e159a8bb8a\System.Data.ni.dll
09:01:57.0737 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\860349acf665c9efa5de11e159a8bb8a\System.Data.ni.dll - ok
09:01:57.0737 4812 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
09:01:57.0737 4812 C:\Windows\SysWOW64\QAGENT.DLL - ok
09:01:57.0737 4812 [ 29B86B3C8253280151EEBE843A9648CD ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
09:01:57.0737 4812 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
09:01:57.0753 4812 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
09:01:57.0753 4812 C:\Windows\System32\QAGENT.DLL - ok
09:01:57.0753 4812 [ F52B871E58080F0928D414E4F444E5F5 ] C:\Program Files (x86)\Photobucket Desktop\EntityFramework.dll
09:01:57.0753 4812 C:\Program Files (x86)\Photobucket Desktop\EntityFramework.dll - ok
09:01:57.0753 4812 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
09:01:57.0753 4812 C:\Windows\System32\msidle.dll - ok
09:01:57.0768 4812 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
09:01:57.0768 4812 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
09:01:57.0768 4812 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
09:01:57.0768 4812 C:\Windows\System32\mssprxy.dll - ok
09:01:57.0768 4812 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
09:01:57.0768 4812 C:\Windows\System32\en-US\tquery.dll.mui - ok
09:01:57.0784 4812 [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll
09:01:57.0784 4812 C:\Windows\System32\zipfldr.dll - ok
09:01:57.0784 4812 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll
09:01:57.0784 4812 C:\Windows\SysWOW64\wmdrmdev.dll - ok
09:01:57.0784 4812 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll
09:01:57.0784 4812 C:\Windows\SysWOW64\drmv2clt.dll - ok
09:01:57.0799 4812 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
09:01:57.0799 4812 C:\Windows\SysWOW64\upnp.dll - ok
09:01:57.0799 4812 [ E12E31E80ADBC03E42D797DA4927AC29 ] C:\Program Files (x86)\Photobucket Desktop\Photobucket.Entities.dll
09:01:57.0799 4812 C:\Program Files (x86)\Photobucket Desktop\Photobucket.Entities.dll - ok
09:01:57.0799 4812 [ 3C1E67B14C02F3752A0797F3047C1305 ] C:\Program Files (x86)\Trademanager\uacagent.dll
09:01:57.0799 4812 C:\Program Files (x86)\Trademanager\uacagent.dll - ok
09:01:57.0815 4812 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
09:01:57.0815 4812 C:\Windows\SysWOW64\blackbox.dll - ok
09:01:57.0815 4812 [ 6A21E1930937BBB4975923BF03442BD2 ] C:\Program Files (x86)\Photobucket Desktop\System.Data.SqlServerCe.dll
09:01:57.0815 4812 C:\Program Files (x86)\Photobucket Desktop\System.Data.SqlServerCe.dll - ok
09:01:57.0815 4812 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
09:01:57.0815 4812 C:\Windows\SysWOW64\ssdpapi.dll - ok
09:01:57.0831 4812 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
09:01:57.0831 4812 C:\Windows\System32\wuauclt.exe - ok
09:01:57.0831 4812 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
09:01:57.0831 4812 C:\Windows\System32\wmdrmdev.dll - ok
09:01:57.0831 4812 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
09:01:57.0831 4812 C:\Windows\System32\drmv2clt.dll - ok
09:01:57.0846 4812 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
09:01:57.0846 4812 C:\Windows\System32\wucltux.dll - ok
09:01:57.0846 4812 [ 295E5C0F4610F8A8C5115FE7946BFC98 ] C:\Windows\SysWOW64\aliedit\aliedit.dll
09:01:57.0846 4812 C:\Windows\SysWOW64\aliedit\aliedit.dll - ok
09:01:57.0846 4812 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
09:01:57.0846 4812 C:\Windows\System32\blackbox.dll - ok
09:01:57.0862 4812 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
09:01:57.0862 4812 C:\Windows\System32\wmp.dll - ok
09:01:57.0862 4812 [ 9278F24EE075EAE889A2483A92D98F55 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\e530f142251fb9ed307b2c680bc3e59c\System.Transactions.ni.dll
09:01:57.0862 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\e530f142251fb9ed307b2c680bc3e59c\System.Transactions.ni.dll - ok
09:01:57.0862 4812 [ 41962D5E18E9874390BC1F074571A6BB ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
09:01:57.0862 4812 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
09:01:57.0877 4812 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
09:01:57.0877 4812 C:\Windows\System32\upnp.dll - ok
09:01:57.0877 4812 [ 322BFB6D8CF5318F9A0919DAB89D44D6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\91bc7f6fd5295405b227cecc0e232ce8\System.Numerics.ni.dll
09:01:57.0877 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\91bc7f6fd5295405b227cecc0e232ce8\System.Numerics.ni.dll - ok
09:01:57.0877 4812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
09:01:57.0877 4812 C:\Windows\System32\ssdpsrv.dll - ok
09:01:57.0893 4812 [ 36EAA92725A89058A1FE0DD33CFA66EA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\0486d782cba718e5c0e2e00e0572594e\System.Data.OracleClient.ni.dll
09:01:57.0893 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\0486d782cba718e5c0e2e00e0572594e\System.Data.OracleClient.ni.dll - ok
09:01:57.0893 4812 [ 1F398290F4DE7B00BCCC4DDDC193E2D5 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
09:01:57.0893 4812 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - ok
09:01:57.0893 4812 [ 4BF940A921BFAC209EC6CF31E091EA05 ] C:\Program Files (x86)\Photobucket Desktop\x86\sqlceme40.dll
09:01:57.0893 4812 C:\Program Files (x86)\Photobucket Desktop\x86\sqlceme40.dll - ok
09:01:57.0909 4812 [ 282330E65F75357142A1CEF7616A6FD0 ] C:\Program Files (x86)\Trademanager\imbiz.dll
09:01:57.0909 4812 C:\Program Files (x86)\Trademanager\imbiz.dll - ok
09:01:57.0909 4812 [ A836803227004B6F513C825B25665E73 ] C:\Program Files (x86)\Photobucket Desktop\x86\sqlceer40EN.dll
09:01:57.0909 4812 C:\Program Files (x86)\Photobucket Desktop\x86\sqlceer40EN.dll - ok
09:01:57.0909 4812 [ EA1507A4313C11FC3DC6431956AAC6CA ] C:\Program Files (x86)\Trademanager\P2PEnv.dll
09:01:57.0909 4812 C:\Program Files (x86)\Trademanager\P2PEnv.dll - ok
09:01:57.0924 4812 [ C0F61F97910A7EF4D88C16337C15EB05 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\58f68f30db100905cc5423c0eb8e8ed4\System.Data.Entity.ni.dll
09:01:57.0924 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\58f68f30db100905cc5423c0eb8e8ed4\System.Data.Entity.ni.dll - ok
09:01:57.0924 4812 [ 0443EF9053740FD3BD303D7E81E309F6 ] C:\Program Files (x86)\Trademanager\imnet.dll
09:01:57.0924 4812 C:\Program Files (x86)\Trademanager\imnet.dll - ok
09:01:57.0924 4812 [ C12BFD63A0F1661467745F3C399D0CD8 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\b7368ab5d966353f0740331e36fc855f\System.ComponentModel.DataAnnotations.ni.dll
09:01:57.0924 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\b7368ab5d966353f0740331e36fc855f\System.ComponentModel.DataAnnotations.ni.dll - ok
09:01:57.0940 4812 [ C865BDF1A9DAC9506C3E2942A1450BEA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\6c0f6fa9ebf49a9cf011cb792ced4203\Microsoft.CSharp.ni.dll
09:01:57.0940 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\6c0f6fa9ebf49a9cf011cb792ced4203\Microsoft.CSharp.ni.dll - ok
09:01:57.0940 4812 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
09:01:57.0940 4812 C:\Windows\System32\mlang.dll - ok
09:01:57.0940 4812 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
09:01:57.0940 4812 C:\Windows\SysWOW64\wmploc.DLL - ok
09:01:57.0940 4812 [ 771D5438DFF57D46D92B20E9AF3A2B09 ] C:\Program Files (x86)\Trademanager\Peripheral.dll
09:01:57.0940 4812 C:\Program Files (x86)\Trademanager\Peripheral.dll - ok
09:01:57.0955 4812 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
09:01:57.0955 4812 C:\Windows\System32\wmploc.DLL - ok
09:01:57.0955 4812 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
09:01:57.0955 4812 C:\Windows\SysWOW64\msimtf.dll - ok
09:01:57.0971 4812 [ 5161648A3A88C31FBECB0FE59552E72C ] C:\Program Files (x86)\Trademanager\zlibwapi.dll
09:01:57.0971 4812 C:\Program Files (x86)\Trademanager\zlibwapi.dll - ok
09:01:57.0971 4812 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\SysWOW64\d3d11.dll
09:01:57.0971 4812 C:\Windows\SysWOW64\d3d11.dll - ok
09:01:57.0971 4812 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
09:01:57.0971 4812 C:\Windows\SysWOW64\d3d10warp.dll - ok
09:01:57.0987 4812 [ FCC8F25A5F5A4D6BD57D917DB7A00D78 ] C:\Windows\SysWOW64\crtdll.dll
09:01:57.0987 4812 C:\Windows\SysWOW64\crtdll.dll - ok
09:01:57.0987 4812 [ E709DA9CAABE556AD785BBCB0F360489 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a968fe6349af6537d579fce17acd5e27\System.Dynamic.ni.dll
09:01:57.0987 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a968fe6349af6537d579fce17acd5e27\System.Dynamic.ni.dll - ok
09:01:57.0987 4812 [ C178B0C1060F63E52973B0616A25B3F2 ] C:\Program Files (x86)\Photobucket Desktop\System.Data.SqlServerCe.Entity.dll
09:01:57.0987 4812 C:\Program Files (x86)\Photobucket Desktop\System.Data.SqlServerCe.Entity.dll - ok
09:01:58.0002 4812 [ 8262F70AD910A05D4EF491FA16C8C18A ] C:\Program Files (x86)\Trademanager\alinet.dll
09:01:58.0002 4812 C:\Program Files (x86)\Trademanager\alinet.dll - ok
09:01:58.0002 4812 [ 4C2BABC3AF4BA1323B09D888B08C1B48 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\128dda6c7afee087bb3ff8a32c64f9fd\System.Xml.Linq.ni.dll
09:01:58.0002 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\128dda6c7afee087bb3ff8a32c64f9fd\System.Xml.Linq.ni.dll - ok
09:01:58.0002 4812 [ CB811C14C225DD07B98E676DFB0221E6 ] C:\Windows\SysWOW64\jscript9.dll
09:01:58.0002 4812 C:\Windows\SysWOW64\jscript9.dll - ok
09:01:58.0018 4812 [ 02A8E2C4EA8E3C5648B6862FA5E4CA36 ] C:\Program Files (x86)\Photobucket Desktop\Microsoft.Practices.Composite.Presentation.dll
09:01:58.0018 4812 C:\Program Files (x86)\Photobucket Desktop\Microsoft.Practices.Composite.Presentation.dll - ok
09:01:58.0018 4812 [ 67118E7FF3A602FBD1E5455A4AF3F8F3 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
09:01:58.0018 4812 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll - ok
09:01:58.0018 4812 [ 2754AEDFD10D98BF6D1C7EC02D431806 ] C:\Program Files (x86)\Trademanager\wwsdkcom.dll
09:01:58.0018 4812 C:\Program Files (x86)\Trademanager\wwsdkcom.dll - ok
09:01:58.0033 4812 [ 5C4617A16AC979349B8DE1BA5D4BE8F3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.ni.dll
09:01:58.0033 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.ni.dll - ok
09:01:58.0033 4812 [ C755E17BAC396F9A9F468320B3F6CF46 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
09:01:58.0033 4812 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
09:01:58.0033 4812 [ 0571AF1E9A2D8E0B7F56B2EAD89CABD9 ] C:\Program Files (x86)\Trademanager\protocol.dll
09:01:58.0033 4812 C:\Program Files (x86)\Trademanager\protocol.dll - ok
09:01:58.0049 4812 [ 6E09B9E13494EFADFCCED6FCB91403FF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.Wrapper.dll
09:01:58.0049 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.Wrapper.dll - ok
09:01:58.0049 4812 [ 916A020A8C88A48B7F67AEE1D8F9CECD ] C:\Program Files\Internet Explorer\ieproxy.dll
09:01:58.0049 4812 C:\Program Files\Internet Explorer\ieproxy.dll - ok
09:01:58.0049 4812 [ EC133C3E2A97AA6FBC276DCCCD0645BF ] C:\Program Files (x86)\Photobucket Desktop\x86\sqlcese40.dll
09:01:58.0049 4812 C:\Program Files (x86)\Photobucket Desktop\x86\sqlcese40.dll - ok
09:01:58.0065 4812 [ D450DE8AC4579DD3F3D01F1B3C96C9EB ] C:\Program Files (x86)\Trademanager\wwsdk.dll
09:01:58.0065 4812 C:\Program Files (x86)\Trademanager\wwsdk.dll - ok
09:01:58.0065 4812 [ 5F47EBED49510F87297B620765F73FB3 ] C:\Program Files (x86)\Trademanager\alidcp.dll
09:01:58.0065 4812 C:\Program Files (x86)\Trademanager\alidcp.dll - ok
09:01:58.0065 4812 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll
09:01:58.0065 4812 C:\Windows\SysWOW64\wmpps.dll - ok
09:01:58.0080 4812 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
09:01:58.0080 4812 C:\Windows\System32\wmpps.dll - ok
09:01:58.0080 4812 [ AB97D171A77B5F4BAFB033BF539BED42 ] C:\Program Files (x86)\Photobucket Desktop\x86\sqlceqp40.dll
09:01:58.0080 4812 C:\Program Files (x86)\Photobucket Desktop\x86\sqlceqp40.dll - ok
09:01:58.0080 4812 [ 2A350CD909638E3D616E2CEFDC20C993 ] C:\Program Files (x86)\Photobucket Desktop\Hardcodet.Wpf.TaskbarNotification.dll
09:01:58.0080 4812 C:\Program Files (x86)\Photobucket Desktop\Hardcodet.Wpf.TaskbarNotification.dll - ok
09:01:58.0096 4812 [ D99B15627FEED22B0670CC0E246E51B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a6c1bfa66e0c02057bd59138e48db3ad\System.Runtime.Serialization.ni.dll
09:01:58.0096 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a6c1bfa66e0c02057bd59138e48db3ad\System.Runtime.Serialization.ni.dll - ok
09:01:58.0096 4812 [ AD2299486D092552473567E22748C19C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\8aa0687e6d54a0454eaf9bcb2ef51bc4\System.Security.ni.dll
09:01:58.0096 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\8aa0687e6d54a0454eaf9bcb2ef51bc4\System.Security.ni.dll - ok
09:01:58.0096 4812 [ 8D4478C5881748F37543EB8006304343 ] C:\Program Files (x86)\Trademanager\AVTransBiz.dll
09:01:58.0096 4812 C:\Program Files (x86)\Trademanager\AVTransBiz.dll - ok
09:01:58.0111 4812 [ 119B7AB67250A5AEB7F0F74D8F202EF5 ] C:\Program Files (x86)\Trademanager\P2PBiz.dll
09:01:58.0111 4812 C:\Program Files (x86)\Trademanager\P2PBiz.dll - ok
09:01:58.0111 4812 [ 6C336CFAA592740C28030C3868836CE4 ] C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Client.dll
09:01:58.0111 4812 C:\Program Files (x86)\Photobucket Desktop\nVentive.Umbrella.Client.dll - ok
09:01:58.0111 4812 [ C4668B1B4A18629E5573D9704B634443 ] C:\Program Files (x86)\Trademanager\ww_network2.dll
09:01:58.0111 4812 C:\Program Files (x86)\Trademanager\ww_network2.dll - ok
09:01:58.0127 4812 [ 9C83A0C873FB55066A5535BB55E5EF80 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\203d9fcb7dfa54b7923d01ca8bfea8d0\System.Drawing.ni.dll
09:01:58.0127 4812 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\203d9fcb7dfa54b7923d01ca8bfea8d0\System.Drawing.ni.dll - ok
09:01:58.0127 4812 [ 46D9B5D7DD21FACACE29FAFD02DF5B57 ] C:\Program Files (x86)\Trademanager\filetransbiz.dll
09:01:58.0127 4812 C:\Program Files (x86)\Trademanager\filetransbiz.dll - ok
09:01:58.0127 4812 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\12025805.sys
09:01:58.0127 4812 C:\Windows\System32\drivers\12025805.sys - ok
09:01:58.0143 4812 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
09:01:58.0143 4812 C:\Windows\SysWOW64\dllhost.exe - ok
09:01:58.0143 4812 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\SysWOW64\webcheck.dll
09:01:58.0143 4812 C:\Windows\SysWOW64\webcheck.dll - ok
09:01:58.0143 4812 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
09:01:58.0143 4812 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
09:01:58.0158 4812 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
09:01:58.0158 4812 C:\Windows\System32\webcheck.dll - ok
09:01:58.0158 4812 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
09:01:58.0158 4812 C:\Windows\System32\SearchProtocolHost.exe - ok
09:01:58.0158 4812 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
09:01:58.0158 4812 C:\Windows\SysWOW64\SyncCenter.dll - ok
09:01:58.0174 4812 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
09:01:58.0174 4812 C:\Windows\SysWOW64\msshooks.dll - ok
09:01:58.0174 4812 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
09:01:58.0174 4812 C:\Windows\System32\SyncCenter.dll - ok
09:01:58.0174 4812 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
09:01:58.0174 4812 C:\Windows\System32\msshooks.dll - ok
09:01:58.0189 4812 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
09:01:58.0189 4812 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
09:01:58.0189 4812 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
09:01:58.0189 4812 C:\Windows\System32\SearchFilterHost.exe - ok
09:01:58.0189 4812 [ 4259A86E04E4BE26D1CB40287D2A82C3 ] C:\Program Files (x86)\Trademanager\graffitigui.dll
09:01:58.0189 4812 C:\Program Files (x86)\Trademanager\graffitigui.dll - ok
09:01:58.0205 4812 [ C03A37C718384319E58CD6A3EAC50D40 ] C:\Program Files (x86)\Trademanager\alimessagetool.exe
09:01:58.0205 4812 C:\Program Files (x86)\Trademanager\alimessagetool.exe - ok
09:01:58.0205 4812 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
09:01:58.0205 4812 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
09:01:58.0205 4812 [ 57FD03B3BD0ECF0EF576E8AF68FEF64F ] C:\Program Files (x86)\Trademanager\AliAppLoader.exe
09:01:58.0205 4812 C:\Program Files (x86)\Trademanager\AliAppLoader.exe - ok
09:01:58.0221 4812 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
09:01:58.0221 4812 C:\Windows\System32\mscoree.dll - ok
09:01:58.0221 4812 [ C1BFC79F99F2026A1E13343B014E6932 ] C:\Program Files (x86)\Trademanager\alideskloader.exe
09:01:58.0221 4812 C:\Program Files (x86)\Trademanager\alideskloader.exe - ok
09:01:58.0221 4812 [ 9FC0A51C9D0E6D5883EC6C66C316DB8E ] C:\Program Files (x86)\Trademanager\messagetoolapplication.dll
09:01:58.0221 4812 C:\Program Files (x86)\Trademanager\messagetoolapplication.dll - ok
09:01:58.0236 4812 [ C0D46CA25972777BD01AF2580EADA639 ] C:\Windows\SysWOW64\en-US\msvfw32.dll.mui
09:01:58.0236 4812 C:\Windows\SysWOW64\en-US\msvfw32.dll.mui - ok
09:01:58.0236 4812 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
09:01:58.0236 4812 C:\Windows\SysWOW64\mssph.dll - ok
09:01:58.0252 4812 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
09:01:58.0252 4812 C:\Windows\SysWOW64\imapi2.dll - ok
09:01:58.0252 4812 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
09:01:58.0252 4812 C:\Windows\System32\mssph.dll - ok
09:01:58.0252 4812 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
09:01:58.0252 4812 C:\Windows\System32\imapi2.dll - ok
09:01:58.0267 4812 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
09:01:58.0267 4812 C:\Windows\SysWOW64\hgcpl.dll - ok
09:01:58.0267 4812 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
09:01:58.0267 4812 C:\Windows\System32\mapi32.dll - ok
09:01:58.0283 4812 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
09:01:58.0283 4812 C:\Windows\System32\hgcpl.dll - ok
09:01:58.0283 4812 [ 1AF8E9F6732B8458519BECF364EC90DB ] C:\Program Files (x86)\Trademanager\miser\aliimsafe.exe
09:01:58.0283 4812 C:\Program Files (x86)\Trademanager\miser\aliimsafe.exe - ok
09:01:58.0283 4812 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
09:01:58.0283 4812 C:\Windows\SysWOW64\provsvc.dll - ok
09:01:58.0299 4812 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
09:01:58.0299 4812 C:\Windows\System32\fdPHost.dll - ok
09:01:58.0299 4812 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\SysWOW64\fdWSD.dll
09:01:58.0299 4812 C:\Windows\SysWOW64\fdWSD.dll - ok
09:01:58.0299 4812 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
09:01:58.0299 4812 C:\Windows\System32\fdWSD.dll - ok
09:01:58.0314 4812 [ DCEABBA22E12CC44C2E7785C0EB9C6E3 ] C:\Windows\SysWOW64\avifil32.dll
09:01:58.0314 4812 C:\Windows\SysWOW64\avifil32.dll - ok
09:01:58.0314 4812 [ C1F569D8469517038D1A68762810907A ] C:\Windows\SysWOW64\en-US\avicap32.dll.mui
09:01:58.0314 4812 C:\Windows\SysWOW64\en-US\avicap32.dll.mui - ok
09:01:58.0314 4812 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
09:01:58.0314 4812 C:\Windows\SysWOW64\WSDApi.dll - ok
09:01:58.0330 4812 [ 26DBB1480924951CC2B6DA3849907E89 ] C:\Program Files (x86)\Trademanager\unifiedconfig.dll
09:01:58.0330 4812 C:\Program Files (x86)\Trademanager\unifiedconfig.dll - ok
09:01:58.0330 4812 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
09:01:58.0330 4812 C:\Windows\SysWOW64\webservices.dll - ok
09:01:58.0330 4812 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\SysWOW64\fdSSDP.dll
09:01:58.0330 4812 C:\Windows\SysWOW64\fdSSDP.dll - ok
09:01:58.0345 4812 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
09:01:58.0345 4812 C:\Windows\System32\fdSSDP.dll - ok
09:01:58.0345 4812 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
09:01:58.0345 4812 C:\Windows\SysWOW64\fundisc.dll - ok
09:01:58.0361 4812 [ 5EFEAF59DFA42AD25DF0E5170E9E6172 ] C:\Program Files (x86)\Trademanager\CrashDumper.exe
09:01:58.0361 4812 C:\Program Files (x86)\Trademanager\CrashDumper.exe - ok
09:01:58.0361 4812 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
09:01:58.0361 4812 C:\Windows\SysWOW64\fdProxy.dll - ok
09:01:58.0361 4812 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
09:01:58.0361 4812 C:\Windows\System32\fdProxy.dll - ok
09:01:58.0377 4812 [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\SysWOW64\netbios.dll
09:01:58.0377 4812 C:\Windows\SysWOW64\netbios.dll - ok
09:01:58.0377 4812 [ 27F499537A59D4738F6F896F9FC213CB ] C:\Program Files (x86)\Trademanager\IMMessage.dll
09:01:58.0377 4812 C:\Program Files (x86)\Trademanager\IMMessage.dll - ok
09:01:58.0377 4812 [ 8E493D5F7495FE64072CF6F515A3F009 ] C:\Program Files (x86)\Trademanager\SysNotify.dll
09:01:58.0377 4812 C:\Program Files (x86)\Trademanager\SysNotify.dll - ok
09:01:58.0377 4812 [ 3D2C68EF3814AEA923FF098F823174D2 ] C:\Program Files (x86)\Trademanager\controlhandler.dll
09:01:58.0377 4812 C:\Program Files (x86)\Trademanager\controlhandler.dll - ok
09:01:58.0392 4812 [ AC9A9B64AF7005E488390E38AE00D117 ] C:\Windows\SysWOW64\jsproxy.dll
09:01:58.0392 4812 C:\Windows\SysWOW64\jsproxy.dll - ok
09:01:58.0392 4812 ============================================================
09:01:58.0392 4812 Scan finished
09:01:58.0392 4812 ============================================================
09:01:58.0408 4248 Detected object count: 10
09:01:58.0408 4248 Actual detected object count: 10
09:05:09.0026 4248 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe - copied to quarantine
09:05:09.0041 4248 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:09.0119 4248 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - copied to quarantine
09:05:09.0182 4248 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:09.0182 4248 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - copied to quarantine
09:05:09.0260 4248 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:09.0338 4248 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - copied to quarantine
09:05:09.0400 4248 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:09.0462 4248 c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
09:05:09.0728 4248 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:09.0806 4248 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - copied to quarantine
09:05:09.0962 4248 MDM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:10.0055 4248 C:\Windows\system32\HPZinw12.dll - copied to quarantine
09:05:10.0102 4248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:10.0133 4248 C:\Windows\system32\HPZipm12.dll - copied to quarantine
09:05:10.0164 4248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:10.0180 4248 C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe - copied to quarantine
09:05:10.0305 4248 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:05:10.0336 4248 C:\Users\BRIAN\AppData\Local\CrossLoop\tvnserver.exe - copied to quarantine
09:05:10.0445 4248 tvnserver ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Did you run the second tool?


gringo
  • 0

#15
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
yes sorry here it is

RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : BR [Admin rights]
Mode : Remove -- Date : 08/11/2013 09:32:20
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] StartHelper.exe -- C:\Users\BR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 2 ¤¤¤
[BR][SUSP PATH] HP SimpleSave Monitor.lnk : C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk @C:\Users\BR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [-][7] -> DELETED
[BRIAN][SUSP PATH] HP SimpleSave Monitor.lnk : C:\Users\BRIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk @C:\Users\BR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [-][7] -> DELETED

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-65M2BX ATA Device +++++
--- User ---
[MBR] e02f5bc5774f9ff9332ffc82eaa6578d
[BSP] b52ce2cacc4d04132904884f1780787d : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 942482 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1930409984 | Size: 11285 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_08112013_093220.txt >>
RKreport[0]_S_08112013_093157.txt
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP