here are the logs:
# AdwCleaner v2.009 - Logfile created 11/24/2012 at 14:28:53
# Updated 24/11/2012 by Xplode
# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)
# User : djokrall - DJOKRALL-PC
# Boot Mode : Normal
# Running from : C:\Users\djokrall\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\user.js
File Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\bhxmi1za.default-1349642571038\searchplugins\MyStart Search.xml
File Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected]File Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\searchplugins\Askcom.xml
File Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\searchplugins\mywebsearch.xml
File Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\searchplugins\Search_Results.xml
File Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\searchplugins\search-here.xml
Folder Deleted : C:\Program Files\BringMeSports_1cEI
Folder Deleted : C:\Program Files\Common Files\FreeCause
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\I Want This
Folder Deleted : C:\Program Files\Shop To Win
Folder Deleted : C:\Program Files\TotalRecipeSearch_14EI
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\djokrall\AppData\Local\Babylon
Folder Deleted : C:\Users\djokrall\AppData\Local\Conduit
Folder Deleted : C:\Users\djokrall\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
Folder Deleted : C:\Users\djokrall\AppData\Local\OpenCandy
Folder Deleted : C:\Users\djokrall\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\djokrall\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\djokrall\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\djokrall\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\djokrall\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\djokrall\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\djokrall\AppData\Roaming\Babylon
Folder Deleted : C:\Users\djokrall\AppData\Roaming\iWin
Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\ConduitCommon
Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\CT3018509
Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f}
Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected]Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected]Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected]Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\FCTB
Folder Deleted : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\GamesBar
Folder Deleted : C:\Users\djokrall\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\djokrall\AppData\Roaming\RebateInformer
Folder Deleted : C:\Users\djokrall\Documents\ShopToWin
***** [Registry] *****
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\CouponAlert_2p
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\AppDataLow\Software\iWon
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BringMeSports_1cInstaller.Start
Key Deleted : HKLM\SOFTWARE\Classes\BringMeSports_1cInstaller.Start.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\FCSB000062377.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCSB000062377.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2976654
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\FCSB000062385
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@ei.BringMeSports_1c.com/Plugin
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v16.0.2 (en-US)
Profile name : default
File : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\prefs.js
C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\user.js ... Deleted !
Deleted : user_pref("CT3018509..clientLogIsEnabled", false);
Deleted : user_pref("CT3018509..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3018509..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3018509.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3018509.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3018509.AppTrackingLastCheckTime", "Sat Dec 10 2011 13:52:39 GMT-0500 (Eastern Standard[...]
Deleted : user_pref("CT3018509.BrowserCompStateIsOpen_129575141437797586", true);
Deleted : user_pref("CT3018509.BrowserCompStateIsOpen_129683388555092712", true);
Deleted : user_pref("CT3018509.BrowserCompStateIsOpen_129774349446762757", true);
Deleted : user_pref("CT3018509.CT3018509", "CT3018509");
Deleted : user_pref("CT3018509.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT3018509.CurrentServerDate", "7-10-2012");
Deleted : user_pref("CT3018509.DSInstall", false);
Deleted : user_pref("CT3018509.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3018509.DialogsGetterLastCheckTime", "Sun Oct 07 2012 16:40:44 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT3018509.DownloadReferralCookieData", "");
Deleted : user_pref("CT3018509.EMailNotifierPollDate", "Sat Jun 23 2012 20:13:04 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3018509.ExternalComponentPollDate129510405198305199", "Fri Jun 22 2012 18:57:11 GMT-040[...]
Deleted : user_pref("CT3018509.ExternalComponentPollDate129510405203040747", "Fri Jun 22 2012 18:57:11 GMT-040[...]
Deleted : user_pref("CT3018509.FirstServerDate", "13-11-2011");
Deleted : user_pref("CT3018509.FirstTime", true);
Deleted : user_pref("CT3018509.FirstTimeFF3", true);
Deleted : user_pref("CT3018509.FixPageNotFoundErrors", false);
Deleted : user_pref("CT3018509.GroupingInvalidateCache", false);
Deleted : user_pref("CT3018509.GroupingLastCheckTime", "0");
Deleted : user_pref("CT3018509.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT3018509.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3018509.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3018509.HPInstall", false);
Deleted : user_pref("CT3018509.HasUserGlobalKeys", true);
Deleted : user_pref("CT3018509.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3018509.HomepageBeforeUnload", "www.yahoo.com");
Deleted : user_pref("CT3018509.Initialize", true);
Deleted : user_pref("CT3018509.InitializeCommonPrefs", true);
Deleted : user_pref("CT3018509.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3018509.InstallationType", "Unknown");
Deleted : user_pref("CT3018509.InstalledDate", "Sat Nov 12 2011 16:13:23 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT3018509.InvalidateCache", false);
Deleted : user_pref("CT3018509.IsAlertDBUpdated", true);
Deleted : user_pref("CT3018509.IsGrouping", false);
Deleted : user_pref("CT3018509.IsInitSetupIni", true);
Deleted : user_pref("CT3018509.IsMulticommunity", false);
Deleted : user_pref("CT3018509.IsOpenThankYouPage", true);
Deleted : user_pref("CT3018509.IsOpenUninstallPage", true);
Deleted : user_pref("CT3018509.IsProtectorsInit", true);
Deleted : user_pref("CT3018509.LanguagePackLastCheckTime", "Sun Oct 07 2012 16:40:44 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT3018509.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3018509.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3018509.LastLogin_3.10.0.1", "Thu Apr 19 2012 16:20:50 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.LastLogin_3.12.0.7", "Fri Apr 27 2012 16:10:43 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.LastLogin_3.12.2.3", "Wed May 30 2012 06:47:41 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.LastLogin_3.13.0.6", "Mon Jul 16 2012 07:22:39 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.LastLogin_3.14.1.0", "Sat Sep 01 2012 06:37:04 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.LastLogin_3.15.1.0", "Sun Oct 07 2012 16:40:44 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.LastLogin_3.8.0.8", "Mon Dec 05 2011 15:10:25 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT3018509.LastLogin_3.8.1.0", "Mon Jan 09 2012 11:46:16 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT3018509.LastLogin_3.9.0.3", "Tue Mar 06 2012 14:59:48 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT3018509.LatestVersion", "3.15.1.0");
Deleted : user_pref("CT3018509.Locale", "en-us");
Deleted : user_pref("CT3018509.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3018509.MCDetectTooltipShow", false);
Deleted : user_pref("CT3018509.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3018509.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3018509.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3018509.OriginalFirstVersion", "3.8.0.8");
Deleted : user_pref("CT3018509.RadioIsPodcast", false);
Deleted : user_pref("CT3018509.RadioLastCheckTime", "Thu Jun 21 2012 14:20:33 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3018509.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3018509.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3018509.RadioMediaID", "9962");
Deleted : user_pref("CT3018509.RadioMediaType", "Media Player");
Deleted : user_pref("CT3018509.RadioMenuSelectedID", "EBRadioMenu_CT30185099962");
Deleted : user_pref("CT3018509.RadioShrinked", "shrinked");
Deleted : user_pref("CT3018509.RadioShrinkedFromSetup", true);
Deleted : user_pref("CT3018509.RadioStationName", "California%20Rock");
Deleted : user_pref("CT3018509.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT3018509.SHRINK_TOOLBAR", 0);
Deleted : user_pref("CT3018509.SearchCaption", "Game Master 2.1 Customized Web Search");
Deleted : user_pref("CT3018509.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT3018509.SearchEngineBeforeUnload", "Ask.com");
Deleted : user_pref("CT3018509.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3018509.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT301[...]
Deleted : user_pref("CT3018509.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3018509.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3018509.SearchInNewTabLastCheckTime", "Sun Oct 07 2012 16:40:41 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT3018509.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3018509.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT3018509.SearchProtectorEnabled", false);
Deleted : user_pref("CT3018509.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3018509.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3018509.ServiceMapLastCheckTime", "Sun Oct 07 2012 16:40:43 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT3018509.SettingsLastCheckTime", "Sun Oct 07 2012 16:40:40 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3018509.SettingsLastUpdate", "1348502557");
Deleted : user_pref("CT3018509.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3018509&SearchSource=13");
Deleted : user_pref("CT3018509.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3018509.ThirdPartyComponentsLastCheck", "Sat Jun 16 2012 14:22:31 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT3018509.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3018509.ToolbarShrinkedFromSetup", true);
Deleted : user_pref("CT3018509.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3018509");
Deleted : user_pref("CT3018509.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3018509.UserID", "UN22890941671309084");
Deleted : user_pref("CT3018509.ValidationData_Search", 2);
Deleted : user_pref("CT3018509.ValidationData_Toolbar", 2);
Deleted : user_pref("CT3018509.alertChannelId", "1410096");
Deleted : user_pref("CT3018509.approveUntrustedApps", false);
Deleted : user_pref("CT3018509.backendstorage.cb_experience_000", "38");
Deleted : user_pref("CT3018509.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT3018509.backendstorage.cb_user_id_000", "43423139333936393634343938325F46697265666F78")[...]
Deleted : user_pref("CT3018509.backendstorage.cbcountry_000", "5553");
Deleted : user_pref("CT3018509.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT3018509.backendstorage.cbfirsttime", "536174204E6F7620313220323031312031363A31333A32352[...]
Deleted : user_pref("CT3018509.backendstorage.favorites", "3134373833");
Deleted : user_pref("CT3018509.backendstorage.last-search-provider", "2262696E6722");
Deleted : user_pref("CT3018509.backendstorage.last-social-provider", "227477697474657222");
Deleted : user_pref("CT3018509.backendstorage.search-providers", "7B227961686F6F223A5B322C31333339383832323638[...]
Deleted : user_pref("CT3018509.backendstorage.shoppingapp.gk.exipres", "546875204A756E20323820323031322031383A[...]
Deleted : user_pref("CT3018509.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT3018509.backendstorage.social-providers", "7B2266616365626F6F6B223A5B312C31333430303435[...]
Deleted : user_pref("CT3018509.backendstorage.url_history", "6A6176617363726970743A5941484F4F2E7974732E656E645[...]
Deleted : user_pref("CT3018509.backendstorage.url_history0001", "687474703A2F2F617070732E6D7973746172742E636F6[...]
Deleted : user_pref("CT3018509.components.1000034", true);
Deleted : user_pref("CT3018509.components.1000080", true);
Deleted : user_pref("CT3018509.components.1000082", false);
Deleted : user_pref("CT3018509.components.129570392343604094", false);
Deleted : user_pref("CT3018509.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3018509.globalFirstTimeInfoLastCheckTime", "Sat Jun 23 2012 09:51:18 GMT-0400 (Eastern [...]
Deleted : user_pref("CT3018509.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3018509.initDone", true);
Deleted : user_pref("CT3018509.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3018509.isFirstRadioInstallation", false);
Deleted : user_pref("CT3018509.myStuffEnabled", true);
Deleted : user_pref("CT3018509.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3018509.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3018509.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3018509.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3018509.oldAppsList", "129510405195990639,129510405197729003,111,129510405198305199,129[...]
Deleted : user_pref("CT3018509.revertSettingsEnabled", false);
Deleted : user_pref("CT3018509.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3018509.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3018509.testingCtid", "");
Deleted : user_pref("CT3018509.toolbarAppMetaDataLastCheckTime", "Sun Oct 07 2012 16:40:44 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3018509.toolbarContextMenuLastCheckTime", "Sat Jun 16 2012 11:41:01 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3018509.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3018509/CT3018509[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1410096/1405754/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3018509", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3018509",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3018509&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/maxi.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play_min[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\djokrall\\AppData\\Roaming\\Mozilla[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://app5.playtika.com/playtika/php/view/socia[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://cdn.tictacti.com/widgets/WidgetView.html?[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://cdn.tictacti.com/widgets/WidgetView.html?[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://oryte.com/content/games/players/solitaire[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://oryte.com/content/games/players/sonic.php[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://app5.playtika.com/playtika/php/view/social/fb[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.tictacti.com/widgets/WidgetView.html?tagT[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://oryte.com/content/games/alawar/alawarplayer.p[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://oryte.com/content/games/players/come2play.php[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://oryte.com/content/games/players/solitaire.php[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://oryte.com/content/games/players/sonic.php", "[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://oryte.com/mochigadget", "640x683");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3018509");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3018509");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3018509");
Deleted : user_pref("CommunityToolbar.globalUserId", "bc7c231d-030b-46d7-a4a9-9346099826d3");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Jun 23 2012 18:55:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Jun 23 2012 18:55:17 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Jun 23 2012 18:55:09 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "69a18171-0e00-4786-8471-add105722b78");
Deleted : user_pref("CommunityToolbar.originalHomepage", "www.yahoo.com");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Deleted : user_pref("browser.search.order.1", "Search Results");
Deleted : user_pref("browser.search.selectedEngine", "Search Results");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/421");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=108907");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 7);
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "20da66b2000000000000001c258900cc");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15336");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 7);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1716:35:27");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "14.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 88202448);
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1716:35:27");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108907");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "20da66b2000000000000001c258900cc");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "20da66b2000000000000001c258900cc");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15336");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:35:27");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.RecipeHub_2j.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opense[...]
Deleted : user_pref("extensions.RecipeHub_2j.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jh[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1336817055);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.active", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.addressbar", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.affid", "0");
Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundver", 15);
Deleted : user_pref("extensions.crossriderapp2258.2258.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1336817055");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1336817055");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.expiration", "Sun Oct 07 2012 16:[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.expiration", "Sun Oct 14 2012 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.value", "1349642434");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.value", "1346236600616");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.value", "%2221%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%2235998%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.value", "1346236600163");
Deleted : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
Deleted : user_pref("extensions.crossriderapp2258.2258.domain", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.emailsig", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.exposesites", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.group", 0);
Deleted : user_pref("extensions.crossriderapp2258.2258.homepage", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.iframe", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.value", "82");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.expiration", "Sun Oct 07[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp2258.2258.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
Deleted : user_pref("extensions.crossriderapp2258.2258.newtab", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.opensearch", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.ver", 6);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.ver", 3);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.code", "(function(e){function u(c,b){[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "(function(b,a){function h(){v[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,13,16,15,1000014");
Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsversion", 15);
Deleted : user_pref("extensions.crossriderapp2258.2258.premium", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
Deleted : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp2258.2258.ver", 90);
Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", 14);
Deleted : user_pref("extensions.crossriderapp2258.apps", "2258");
Deleted : user_pref("extensions.crossriderapp2258.bic", "13728952041d61ff7fa8f41080035914");
Deleted : user_pref("extensions.crossriderapp2258.cid", 2258);
Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);
Deleted : user_pref("extensions.crossriderapp2258.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1336817168);
Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22494041);
Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22494042);
Deleted : user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1340708509162");
Deleted : user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1340708509158");
Deleted : user_pref("extensions.crossriderapp2258.modetype", "production");
Deleted : user_pref("extensions.crossriderapp2397.2397.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp2397.2397.InstallationTime", 1339878872);
Deleted : user_pref("extensions.crossriderapp2397.2397.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.active", true);
Deleted : user_pref("extensions.crossriderapp2397.2397.addressbar", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.affid", "0");
Deleted : user_pref("extensions.crossriderapp2397.2397.backgroundjs", "\n\n/**********************************[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.backgroundver", 16);
Deleted : user_pref("extensions.crossriderapp2397.2397.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp2397.2397.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_channels.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_channels.value", "%7B%22app0%[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_displayed_messages.expiration[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_displayed_messages.value", "%[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_geolocation.expiration", "Sun[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_geolocation.value", "%22US%22[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_messages.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_messages.value", "%7B%22data%[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_placeholders.expiration", "Fr[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderNotifier_placeholders.value", "%7B%22M[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderSidebar_showed.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.CrossriderSidebar_showed.value", "true");
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.InstallationTime.value", "1339878872");
Deleted : user_pref("extensions.crossriderapp2397.2397.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.description", "Find out about exciting and fun games th[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.domain", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.emailsig", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.exposesites", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.group", 0);
Deleted : user_pref("extensions.crossriderapp2397.2397.homepage", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.iframe", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_appVer.value", "149");
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_nextCheck.expiration", "Sun Oct 07[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp2397.2397.js", "\nbase64 = {\n _keyStr: \"ABCDEFGHIJKLMNOPQRSTUV[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.name", "Game Discovery");
Deleted : user_pref("extensions.crossriderapp2397.2397.newtab", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.opensearch", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_16.code", "(function(b,a){function h(){v[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_17.code", "/*!\n * jQuery JavaScript Lib[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_17.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_28.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_5.code", "(function(f){f.ui=f.ui||{};var[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_5.name", "notifications");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_5.ver", 2);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_6.code", "appAPI.sidebar=(function(x){va[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_6.name", "sidebar");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_6.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,ho[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_7.name", "hooks");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_7.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchE[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_9.name", "search_engine_hook");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins.plugin_9.ver", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins_lists.plugins_0", "17,14,16,47");
Deleted : user_pref("extensions.crossriderapp2397.2397.plugins_lists.plugins_1", "17,14,13,16,15,4,1,7,9,6,5,2[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp2397.2397.pluginsversion", 14);
Deleted : user_pref("extensions.crossriderapp2397.2397.premium", true);
Deleted : user_pref("extensions.crossriderapp2397.2397.publisher", "Popstiko");
Deleted : user_pref("extensions.crossriderapp2397.2397.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp2397.2397.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp2397.2397.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.thankyou", "");
Deleted : user_pref("extensions.crossriderapp2397.2397.updateinterval", 1);
Deleted : user_pref("extensions.crossriderapp2397.2397.ver", 149);
Deleted : user_pref("extensions.crossriderapp2397.adsOldValue", 14);
Deleted : user_pref("extensions.crossriderapp2397.apps", "2397");
Deleted : user_pref("extensions.crossriderapp2397.bic", "13728952041d61ff7fa8f41080035914");
Deleted : user_pref("extensions.crossriderapp2397.cid", 2397);
Deleted : user_pref("extensions.crossriderapp2397.firstrun", false);
Deleted : user_pref("extensions.crossriderapp2397.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp2397.installationdate", 1339881149);
Deleted : user_pref("extensions.crossriderapp2397.lastcheck", 22494041);
Deleted : user_pref("extensions.crossriderapp2397.lastcheckitem", 22494042);
Deleted : user_pref("extensions.crossriderapp2397.misc.lastBgWorkerTimer", "1342709792108");
Deleted : user_pref("extensions.crossriderapp2397.misc.lastDomWorkerTimer", "1342709792106");
Deleted : user_pref("extensions.crossriderapp2397.modetype", "production");
Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...]
Deleted : user_pref("extensions.enabledAddons", "
[email protected]:1.2.0,
[email protected]:1.3,textli[...]
Deleted : user_pref("extensions.incredibarmusic.admin", false);
Deleted : user_pref("extensions.incredibarmusic.aflt", "orgnl");
Deleted : user_pref("extensions.incredibarmusic.autoRvrt", "false");
Deleted : user_pref("extensions.incredibarmusic.dfltLng", "");
Deleted : user_pref("extensions.incredibarmusic.excTlbr", false);
Deleted : user_pref("extensions.incredibarmusic.id", "20da66b2000000000000001c258900cc");
Deleted : user_pref("extensions.incredibarmusic.instlDay", "15564");
Deleted : user_pref("extensions.incredibarmusic.instlRef", "");
Deleted : user_pref("extensions.incredibarmusic.prdct", "incredibarmusic");
Deleted : user_pref("extensions.incredibarmusic.prtnrId", "incredibar");
Deleted : user_pref("extensions.incredibarmusic.tlbrId", "base");
Deleted : user_pref("extensions.incredibarmusic.tlbrSrchUrl", "hxxp://mystart.incredibar.com/?loc=Music_TB&i=3[...]
Deleted : user_pref("extensions.incredibarmusic.vrsn", "1.5.23.13");
Deleted : user_pref("extensions.incredibarmusic.vrsni", "1.5.23.13");
Deleted : user_pref("extensions.incredibarmusic_i.newTab", false);
Deleted : user_pref("extensions.incredibarmusic_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibarmusic_i.vrsnTs", "1.5.23.1311:01:30");
Deleted : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea[...]
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.sahtb.alerts.menu", "[{\"text\":\"[b]
Click here for Pogo Scrabble Coupo[...]
Deleted : user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"2[...]
Deleted : user_pref("extensions.sahtb.url.prefs.data", "<ToolbarPrefs>\r\n <XMLVersion Number=\"{bdd09e8b-8dee[...]
Deleted : user_pref("extensions.toolbar.mindspark._14Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._14Members_.recentlyClosed", "{\"list\":[{\"url\":\"hxxp://w[...]
Deleted : user_pref("extensions.toolbar.mindspark._1cMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._20Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.recentlyClosed", "{\"list\":[{\"url\":\"hxxp://w[...]
Deleted : user_pref("extensions.toolbar.mindspark._39Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.AutoSearchEventData", "auto%20search");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.ClearCacheDate", 23);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.DNSCatch", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.DisplayEULA", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.DnsCatchEventData", "dns%20catch");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.EBOMode", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.FirstLaunchShown", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.InstallDomain", "freecause.com");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.InstallType", "standard");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.LoadLayoutDate.100685", 23);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.NewTabSearchEventData", "tab%20search");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.ShowRecommendedOptions", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.StateReportDate", "1340370868209");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.TopRightSearchEventData", "top%20right%20search[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.beforeInstallSaved", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.beforeinstall.homepage", "hxxp%3A//www.ask.com/[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.beforeinstall.search", "Ask.com");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.customNewTab", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.helpUsImprove", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.hideOthers", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.partnerauth", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.processAddrBar", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.restoreSearch", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.searchHistory", true);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.session", "21976B90C805DED1705A2F462BBF454FCB7F[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.showFirstLaunchOptions", false);
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.tb_lang", "en");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.tool_id", "100685");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.user_id", "114495000");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.user_key", "93fac702e912b68427121986f44ed219637[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.user_layouts", "100685");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.user_lnames", "Shop%20to%20Win%2037");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.vars.disablecuidinject", "1");
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.vars.lastcheck", "Sat%20Jun%2023%202012%2002%3A[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.xml_service_url", "6bb94bbf55fe2f255901a560824a[...]
Deleted : user_pref("freecause5701241f8b56a0d455d2bd14aeac91fc.yahooSearch", false);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.DNSCatch", false);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.FirstLaunchShown", true);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.LastDate", 7);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.customNewTab", false);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.CaptureType", 3);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.clickSendingStats.20121007.connection_e[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.clickSendingStats.20121007.invalid_cert[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.clickSendingStats.20121007.server_error[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.clickSendingStats.20121007.success", 0)[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.currentOffset", 2);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.dcaConfigInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.enableVoicebox", false);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.epochTimeInterval", "1440");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.eulaVersion", 20110301);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.externalJSInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.externalJSRshInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.externalJSSerpInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.externalJSShoppingcartInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastDcaConfigModification", "Tue, 05 Ju[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastDcaConfigTime", "1349642444661");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastDcaConfigUrl", "hxxps://dcs-config.[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastDcaStatus", 1);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastEpochTime", "1349642449850");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastEpochTimeUrl", "hxxps://dcs.consume[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastEventSendAttemptDate", "20121007");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastEventSendSuccessDate", "20121007");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSModification", "Tue, 15 M[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSRshModification", "Tue, 1[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSRshTime", "1349642443762"[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSRshUrl", "hxxps://dcs-fil[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSSerpModification", "Mon, [...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSSerpTime", "1349642444470[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSSerpUrl", "hxxps://dcs-fi[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSShoppingcartModification"[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSShoppingcartTime", "13496[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSShoppingcartUrl", "hxxps:[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSTime", "1349642442689");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastExternalJSUrl", "hxxps://dcs-files.[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastPingTime", "1349642498846");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastPrivacyRulesModification", "Mon, 17[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastPrivacyRulesTime", "1349642442647")[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastPrivacyRulesUrl", "hxxps://dcs-file[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastWhitelistModification", "Fri, 05 Oc[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastWhitelistTime", "1349642444657");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.lastWhitelistUrl", "hxxps://dcs-files.c[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.panelID", "FCZ3E7Bfox");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.pingInterval", "1440");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.privacyFailures", 0);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.privacyFailuresThreshold", 6);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.privacyRulesInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.probationLength", 1440);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.rulesVersion", "2003");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.userID", "FCZ3E7B68264897");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.version", "1.7.0.9411");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.dca.whitelistInterval", "60");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.installDate", "06242012");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.dca.version", "1.0.39");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.processAddrBar", false);
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.tb_lang", "en");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.user_id", "68264897");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.vars.dcaAlertShown", "1");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.vars.disablecuidinject", "1");
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.vars.lastcheck", "Wed%20Jul%2011%202012%2008%3A[...]
Deleted : user_pref("freecausefa3d1246250b4212a2bef1387ccca2e7.yahooSearch", false);
Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=00A2EB3E[...]
Deleted : user_pref("playsushi.position.button", true);
Profile name : default-1349642571038 [Profil par défaut]
File : C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\bhxmi1za.default-1349642571038\prefs.js
Deleted : user_pref("CT2724386_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
Deleted : user_pref("browser.search.selectedEngine", "MyStart Search");
-\\ Google Chrome v [Unable to get version]
File : C:\Users\djokrall\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.1] : search_url ={"browser":{"last_known_google_url":"hxxp://www.google.com/","last_prompted_google_url":"hxxp://www.[...]
*************************
AdwCleaner[S1].txt - [70548 octets] - [24/11/2012 14:28:53]
########## EOF - C:\AdwCleaner[S1].txt - [70609 octets] ##########
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback :
http://www.geekstogo...13-roguekiller/Website :
http://tigzy.geeksto...roguekiller.phpBlog :
http://tigzyrk.blogspot.com/Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : djokrall [Admin rights]
Mode : Scan -- Date : 11/24/2012 14:36:14
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ISUSPM ("C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler) -> FOUND
[RUN][SUSP PATH] HKCU\[...]\Run : DW6 ("C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-646951214-2927039730-2231423905-1000[...]\Run : ISUSPM ("C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-646951214-2927039730-2231423905-1000[...]\Run : DW6 ("C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe") -> FOUND
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 5032 : wscript.exe C:\Users\djokrall\AppData\Local\Temp\launchie.vbs //B -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725050GLA360 ATA Device +++++
--- User ---
[MBR] 45e529626d80a9baf5eef71992ba14d2
[BSP] 309fdfd200901d3359dd1e035123a213 : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 467435 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 957307680 | Size: 9501 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_11242012_02d1436.txt >>
RKreport[1]_S_11242012_02d1436.txt
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback :
http://www.geekstogo...13-roguekiller/Website :
http://tigzy.geeksto...roguekiller.phpBlog :
http://tigzyrk.blogspot.com/Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : djokrall [Admin rights]
Mode : Remove -- Date : 11/24/2012 14:37:19
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ISUSPM ("C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler) -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : DW6 ("C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe") -> DELETED
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> DELETED
[TASK][ROGUE ST] 5032 : wscript.exe C:\Users\djokrall\AppData\Local\Temp\launchie.vbs //B -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725050GLA360 ATA Device +++++
--- User ---
[MBR] 45e529626d80a9baf5eef71992ba14d2
[BSP] 309fdfd200901d3359dd1e035123a213 : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 467435 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 957307680 | Size: 9501 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2]_D_11242012_02d1437.txt >>
RKreport[1]_S_11242012_02d1436.txt ; RKreport[2]_D_11242012_02d1437.txt
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback :
http://www.geekstogo...13-roguekiller/Website :
http://tigzy.geeksto...roguekiller.phpBlog :
http://tigzyrk.blogspot.com/Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : djokrall [Admin rights]
Mode : Shortcuts HJfix -- Date : 11/24/2012 14:38:38
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 2 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 84 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 75 / Fail 0
Backup: [NOT FOUND]
Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume3 -- 0x2 --> Restored
[G:] \Device\HarddiskVolume4 -- 0x2 --> Restored
[H:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[I:] \Device\HarddiskVolume6 -- 0x2 --> Restored
Finished : << RKreport[3]_SC_11242012_02d1438.txt >>
RKreport[1]_S_11242012_02d1436.txt ; RKreport[2]_D_11242012_02d1437.txt ; RKreport[3]_SC_11242012_02d1438.txt
14:39:42.0739 3240 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:39:43.0199 3240 ============================================================
14:39:43.0199 3240 Current date / time: 2012/11/24 14:39:43.0199
14:39:43.0199 3240 SystemInfo:
14:39:43.0199 3240
14:39:43.0199 3240 OS Version: 6.0.6002 ServicePack: 2.0
14:39:43.0199 3240 Product type: Workstation
14:39:43.0199 3240 ComputerName: DJOKRALL-PC
14:39:43.0199 3240 UserName: djokrall
14:39:43.0199 3240 Windows directory: C:\Windows
14:39:43.0199 3240 System windows directory: C:\Windows
14:39:43.0199 3240 Processor architecture: Intel x86
14:39:43.0199 3240 Number of processors: 2
14:39:43.0199 3240 Page size: 0x1000
14:39:43.0199 3240 Boot type: Normal boot
14:39:43.0199 3240 ============================================================
14:39:44.0739 3240 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
14:39:44.0759 3240 ============================================================
14:39:44.0759 3240 \Device\Harddisk0\DR0:
14:39:44.0759 3240 MBR partitions:
14:39:44.0759 3240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x390F5AE1
14:39:44.0759 3240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x390F5B20, BlocksNum 0x128ED70
14:39:44.0759 3240 ============================================================
14:39:44.0779 3240 C: <-> \Device\Harddisk0\DR0\Partition1
14:39:44.0949 3240 D: <-> \Device\Harddisk0\DR0\Partition2
14:39:44.0949 3240 ============================================================
14:39:44.0949 3240 Initialize success
14:39:44.0949 3240 ============================================================
14:40:12.0218 1524 Deinitialize success
14:42:53.0334 3452 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:42:53.0724 3452 ============================================================
14:42:53.0724 3452 Current date / time: 2012/11/24 14:42:53.0724
14:42:53.0724 3452 SystemInfo:
14:42:53.0724 3452
14:42:53.0724 3452 OS Version: 6.0.6002 ServicePack: 2.0
14:42:53.0724 3452 Product type: Workstation
14:42:53.0724 3452 ComputerName: DJOKRALL-PC
14:42:53.0724 3452 UserName: djokrall
14:42:53.0724 3452 Windows directory: C:\Windows
14:42:53.0724 3452 System windows directory: C:\Windows
14:42:53.0724 3452 Processor architecture: Intel x86
14:42:53.0724 3452 Number of processors: 2
14:42:53.0724 3452 Page size: 0x1000
14:42:53.0724 3452 Boot type: Normal boot
14:42:53.0724 3452 ============================================================
14:42:57.0484 3452 BG loaded
14:42:58.0295 3452 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
14:42:58.0357 3452 ============================================================
14:42:58.0357 3452 \Device\Harddisk0\DR0:
14:42:58.0389 3452 MBR partitions:
14:42:58.0389 3452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x390F5AE1
14:42:58.0389 3452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x390F5B20, BlocksNum 0x128ED70
14:42:58.0389 3452 ============================================================
14:42:58.0576 3452 C: <-> \Device\Harddisk0\DR0\Partition1
14:42:58.0794 3452 D: <-> \Device\Harddisk0\DR0\Partition2
14:42:58.0794 3452 ============================================================
14:42:58.0794 3452 Initialize success
14:42:58.0794 3452 ============================================================
14:43:25.0612 2624 ============================================================
14:43:25.0612 2624 Scan started
14:43:25.0612 2624 Mode: Manual; SigCheck; TDLFS;
14:43:25.0612 2624 ============================================================
14:43:28.0217 2624 ================ Scan system memory ========================
14:43:28.0217 2624 System memory - ok
14:43:28.0217 2624 ================ Scan services =============================
14:43:29.0028 2624 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:43:29.0278 2624 ACPI - ok
14:43:29.0402 2624 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:43:29.0449 2624 AdobeARMservice - ok
14:43:29.0839 2624 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:43:29.0902 2624 AdobeFlashPlayerUpdateSvc - ok
14:43:33.0661 2624 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:43:33.0739 2624 adp94xx - ok
14:43:33.0755 2624 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:43:33.0802 2624 adpahci - ok
14:43:33.0848 2624 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:43:33.0895 2624 adpu160m - ok
14:43:33.0926 2624 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:43:33.0958 2624 adpu320 - ok
14:43:34.0082 2624 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:43:35.0455 2624 AeLookupSvc - ok
14:43:35.0689 2624 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
14:43:35.0845 2624 AFD - ok
14:43:36.0001 2624 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:43:36.0048 2624 agp440 - ok
14:43:36.0079 2624 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:43:36.0110 2624 aic78xx - ok
14:43:36.0126 2624 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
14:43:36.0251 2624 ALG - ok
14:43:36.0298 2624 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
14:43:36.0329 2624 aliide - ok
14:43:36.0360 2624 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:43:36.0376 2624 amdagp - ok
14:43:36.0391 2624 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
14:43:36.0407 2624 amdide - ok
14:43:36.0422 2624 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:43:36.0454 2624 AmdK7 - ok
14:43:36.0485 2624 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:43:36.0532 2624 AmdK8 - ok
14:43:36.0578 2624 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
14:43:36.0610 2624 Appinfo - ok
14:43:36.0641 2624 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
14:43:36.0672 2624 arc - ok
14:43:36.0703 2624 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:43:36.0719 2624 arcsas - ok
14:43:36.0797 2624 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:43:36.0844 2624 aspnet_state - ok
14:43:36.0875 2624 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:43:36.0922 2624 AsyncMac - ok
14:43:36.0953 2624 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
14:43:36.0984 2624 atapi - ok
14:43:37.0031 2624 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:43:37.0109 2624 AudioEndpointBuilder - ok
14:43:37.0109 2624 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:43:37.0140 2624 Audiosrv - ok
14:43:37.0171 2624 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
14:43:37.0218 2624 Beep - ok
14:43:37.0234 2624 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
14:43:37.0280 2624 BFE - ok
14:43:37.0327 2624 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
14:43:37.0436 2624 BITS - ok
14:43:37.0468 2624 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:43:37.0561 2624 blbdrive - ok
14:43:37.0592 2624 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:43:37.0624 2624 bowser - ok
14:43:37.0639 2624 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:43:37.0670 2624 BrFiltLo - ok
14:43:37.0702 2624 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:43:37.0733 2624 BrFiltUp - ok
14:43:37.0764 2624 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
14:43:37.0811 2624 Browser - ok
14:43:37.0826 2624 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:43:37.0951 2624 Brserid - ok
14:43:37.0951 2624 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:43:38.0029 2624 BrSerWdm - ok
14:43:38.0045 2624 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:43:38.0107 2624 BrUsbMdm - ok
14:43:38.0154 2624 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:43:38.0201 2624 BrUsbSer - ok
14:43:38.0232 2624 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:43:38.0310 2624 BTHMODEM - ok
14:43:38.0341 2624 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:43:38.0388 2624 cdfs - ok
14:43:38.0419 2624 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:43:38.0466 2624 cdrom - ok
14:43:38.0497 2624 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
14:43:38.0528 2624 CertPropSvc - ok
14:43:38.0560 2624 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
14:43:38.0606 2624 circlass - ok
14:43:38.0638 2624 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
14:43:38.0653 2624 CLFS - ok
14:43:38.0700 2624 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:43:38.0747 2624 clr_optimization_v2.0.50727_32 - ok
14:43:38.0840 2624 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:43:39.0074 2624 clr_optimization_v4.0.30319_32 - ok
14:43:39.0137 2624 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:43:39.0184 2624 cmdide - ok
14:43:39.0215 2624 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:43:39.0246 2624 Compbatt - ok
14:43:39.0262 2624 COMSysApp - ok
14:43:39.0308 2624 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:43:39.0355 2624 crcdisk - ok
14:43:39.0386 2624 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:43:39.0496 2624 Crusoe - ok
14:43:39.0636 2624 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:43:39.0714 2624 CryptSvc - ok
14:43:39.0761 2624 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:43:39.0839 2624 DcomLaunch - ok
14:43:39.0870 2624 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:43:39.0917 2624 DfsC - ok
14:43:40.0026 2624 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
14:43:40.0120 2624 DFSR - ok
14:43:40.0166 2624 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:43:40.0213 2624 Dhcp - ok
14:43:40.0244 2624 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
14:43:40.0276 2624 disk - ok
14:43:40.0307 2624 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:43:40.0354 2624 Dnscache - ok
14:43:40.0369 2624 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:43:40.0416 2624 dot3svc - ok
14:43:40.0447 2624 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:43:40.0478 2624 Dot4 - ok
14:43:40.0494 2624 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:43:40.0541 2624 Dot4Print - ok
14:43:40.0556 2624 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:43:40.0603 2624 dot4usb - ok
14:43:40.0634 2624 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
14:43:40.0666 2624 DPS - ok
14:43:40.0697 2624 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:43:40.0728 2624 drmkaud - ok
14:43:40.0775 2624 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:43:40.0806 2624 DXGKrnl - ok
14:43:40.0837 2624 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:43:40.0884 2624 E1G60 - ok
14:43:40.0915 2624 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
14:43:40.0946 2624 EapHost - ok
14:43:40.0993 2624 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
14:43:41.0009 2624 Ecache - ok
14:43:41.0071 2624 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:43:41.0102 2624 ehRecvr - ok
14:43:41.0134 2624 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:43:41.0165 2624 ehSched - ok
14:43:41.0196 2624 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:43:41.0243 2624 ehstart - ok
14:43:41.0321 2624 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:43:41.0352 2624 elxstor - ok
14:43:41.0383 2624 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:43:41.0492 2624 EMDMgmt - ok
14:43:41.0586 2624 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:43:41.0633 2624 ErrDev - ok
14:43:41.0664 2624 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
14:43:41.0695 2624 EventSystem - ok
14:43:41.0726 2624 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
14:43:41.0773 2624 exfat - ok
14:43:41.0789 2624 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:43:41.0836 2624 fastfat - ok
14:43:41.0867 2624 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:43:41.0914 2624 fdc - ok
14:43:41.0945 2624 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
14:43:41.0992 2624 fdPHost - ok
14:43:42.0007 2624 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:43:42.0085 2624 FDResPub - ok
14:43:42.0101 2624 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:43:42.0116 2624 FileInfo - ok
14:43:42.0132 2624 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:43:42.0194 2624 Filetrace - ok
14:43:42.0210 2624 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:43:42.0241 2624 flpydisk - ok
14:43:42.0272 2624 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:43:42.0288 2624 FltMgr - ok
14:43:42.0366 2624 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
14:43:42.0428 2624 FontCache - ok
14:43:42.0475 2624 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:43:42.0506 2624 FontCache3.0.0.0 - ok
14:43:42.0538 2624 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:43:42.0584 2624 Fs_Rec - ok
14:43:42.0616 2624 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:43:42.0631 2624 gagp30kx - ok
14:43:42.0694 2624 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
14:43:42.0709 2624 GamesAppService - ok
14:43:42.0818 2624 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
14:43:42.0896 2624 gpsvc - ok
14:43:42.0990 2624 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:43:43.0006 2624 gupdate - ok
14:43:43.0006 2624 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:43:43.0021 2624 gupdatem - ok
14:43:43.0099 2624 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:43:43.0193 2624 HDAudBus - ok
14:43:43.0255 2624 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:43:43.0318 2624 HidBth - ok
14:43:43.0349 2624 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:43:43.0458 2624 HidIr - ok
14:43:43.0489 2624 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
14:43:43.0536 2624 hidserv - ok
14:43:43.0567 2624 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:43:43.0598 2624 HidUsb - ok
14:43:43.0630 2624 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:43:43.0676 2624 hkmsvc - ok
14:43:43.0754 2624 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
14:43:43.0770 2624 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
14:43:43.0770 2624 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
14:43:43.0786 2624 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:43:43.0817 2624 HpCISSs - ok
14:43:43.0864 2624 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
14:43:43.0926 2624 HSF_DP - ok
14:43:43.0942 2624 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
14:43:43.0973 2624 HSXHWBS2 - ok
14:43:44.0004 2624 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:43:44.0051 2624 HTTP - ok
14:43:44.0082 2624 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:43:44.0098 2624 i2omp - ok
14:43:44.0129 2624 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:43:44.0207 2624 i8042prt - ok
14:43:44.0222 2624 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:43:44.0254 2624 iaStorV - ok
14:43:44.0300 2624 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:43:44.0347 2624 idsvc - ok
14:43:44.0378 2624 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:43:44.0410 2624 iirsp - ok
14:43:44.0456 2624 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
14:43:44.0503 2624 IKEEXT - ok
14:43:44.0706 2624 [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:43:44.0800 2624 IntcAzAudAddService - ok
14:43:44.0831 2624 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
14:43:44.0862 2624 intelide - ok
14:43:44.0878 2624 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:43:44.0924 2624 intelppm - ok
14:43:44.0956 2624 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:43:45.0002 2624 IPBusEnum - ok
14:43:45.0049 2624 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:43:45.0143 2624 IpFilterDriver - ok
14:43:45.0205 2624 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:43:45.0283 2624 iphlpsvc - ok
14:43:45.0299 2624 IpInIp - ok
14:43:45.0330 2624 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:43:45.0377 2624 IPMIDRV - ok
14:43:45.0408 2624 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:43:45.0455 2624 IPNAT - ok
14:43:45.0486 2624 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:43:45.0533 2624 IRENUM - ok
14:43:45.0548 2624 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:43:45.0564 2624 isapnp - ok
14:43:45.0611 2624 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:43:45.0642 2624 iScsiPrt - ok
14:43:45.0658 2624 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:43:45.0673 2624 iteatapi - ok
14:43:45.0689 2624 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:43:45.0720 2624 iteraid - ok
14:43:45.0751 2624 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:43:45.0767 2624 kbdclass - ok
14:43:45.0798 2624 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:43:45.0907 2624 kbdhid - ok
14:43:45.0923 2624 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
14:43:45.0970 2624 KeyIso - ok
14:43:46.0032 2624 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:43:46.0094 2624 KSecDD - ok
14:43:46.0141 2624 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:43:46.0250 2624 KtmRm - ok
14:43:46.0297 2624 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
14:43:46.0360 2624 LanmanServer - ok
14:43:46.0406 2624 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:43:46.0484 2624 LanmanWorkstation - ok
14:43:46.0578 2624 [ 9039717A906DA0AE38420918801D9AB3 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:43:46.0609 2624 LightScribeService - ok
14:43:46.0672 2624 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:43:46.0718 2624 lltdio - ok
14:43:46.0750 2624 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:43:46.0796 2624 lltdsvc - ok
14:43:46.0812 2624 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:43:46.0874 2624 lmhosts - ok
14:43:46.0906 2624 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:43:46.0952 2624 LSI_FC - ok
14:43:46.0968 2624 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:43:46.0984 2624 LSI_SAS - ok
14:43:47.0015 2624 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:43:47.0062 2624 LSI_SCSI - ok
14:43:47.0077 2624 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
14:43:47.0124 2624 luafv - ok
14:43:47.0171 2624 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:43:47.0202 2624 Mcx2Svc - ok
14:43:47.0233 2624 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:43:47.0264 2624 mdmxsdk - ok
14:43:47.0296 2624 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
14:43:47.0327 2624 megasas - ok
14:43:47.0358 2624 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:43:47.0420 2624 MegaSR - ok
14:43:47.0467 2624 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
14:43:47.0561 2624 MMCSS - ok
14:43:47.0592 2624 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
14:43:47.0639 2624 Modem - ok
14:43:47.0670 2624 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:43:47.0732 2624 monitor - ok
14:43:47.0748 2624 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:43:47.0764 2624 mouclass - ok
14:43:47.0779 2624 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:43:47.0826 2624 mouhid - ok
14:43:47.0842 2624 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:43:47.0873 2624 MountMgr - ok
14:43:48.0013 2624 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:43:48.0044 2624 MozillaMaintenance - ok
14:43:48.0091 2624 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:43:48.0122 2624 MpFilter - ok
14:43:48.0154 2624 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
14:43:48.0185 2624 mpio - ok
14:43:48.0232 2624 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:43:48.0278 2624 mpsdrv - ok
14:43:48.0341 2624 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
14:43:48.0388 2624 MpsSvc - ok
14:43:48.0434 2624 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:43:48.0466 2624 Mraid35x - ok
14:43:48.0497 2624 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:43:48.0544 2624 MRxDAV - ok
14:43:48.0590 2624 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:43:48.0637 2624 mrxsmb - ok
14:43:48.0668 2624 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:43:48.0700 2624 mrxsmb10 - ok
14:43:48.0762 2624 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:43:48.0793 2624 mrxsmb20 - ok
14:43:48.0856 2624 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
14:43:48.0887 2624 msahci - ok
14:43:49.0058 2624 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:43:49.0105 2624 msdsm - ok
14:43:49.0136 2624 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
14:43:49.0277 2624 MSDTC - ok
14:43:49.0324 2624 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:43:49.0433 2624 Msfs - ok
14:43:49.0511 2624 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:43:49.0542 2624 msisadrv - ok
14:43:49.0604 2624 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:43:49.0760 2624 MSiSCSI - ok
14:43:49.0760 2624 msiserver - ok
14:43:49.0870 2624 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:43:49.0948 2624 MSKSSRV - ok
14:43:50.0135 2624 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:43:50.0166 2624 MsMpSvc - ok
14:43:50.0275 2624 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:43:50.0384 2624 MSPCLOCK - ok
14:43:50.0447 2624 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:43:50.0540 2624 MSPQM - ok
14:43:50.0618 2624 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:43:50.0665 2624 MsRPC - ok
14:43:50.0712 2624 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:43:50.0759 2624 mssmbios - ok
14:43:50.0774 2624 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:43:50.0837 2624 MSTEE - ok
14:43:50.0884 2624 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
14:43:50.0915 2624 Mup - ok
14:43:50.0946 2624 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
14:43:50.0993 2624 napagent - ok
14:43:51.0024 2624 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:43:51.0055 2624 NativeWifiP - ok
14:43:51.0102 2624 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:43:51.0133 2624 NDIS - ok
14:43:51.0164 2624 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:43:51.0196 2624 NdisTapi - ok
14:43:51.0211 2624 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:43:51.0274 2624 Ndisuio - ok
14:43:51.0305 2624 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:43:51.0367 2624 NdisWan - ok
14:43:51.0383 2624 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:43:51.0430 2624 NDProxy - ok
14:43:51.0445 2624 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:43:51.0508 2624 NetBIOS - ok
14:43:51.0554 2624 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:43:51.0601 2624 netbt - ok
14:43:51.0617 2624 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
14:43:51.0648 2624 Netlogon - ok
14:43:51.0679 2624 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
14:43:51.0757 2624 Netman - ok
14:43:51.0835 2624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:51.0913 2624 NetMsmqActivator - ok
14:43:51.0929 2624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:51.0944 2624 NetPipeActivator - ok
14:43:51.0991 2624 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
14:43:52.0038 2624 netprofm - ok
14:43:52.0038 2624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:52.0054 2624 NetTcpActivator - ok
14:43:52.0069 2624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:52.0085 2624 NetTcpPortSharing - ok
14:43:52.0132 2624 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:43:52.0163 2624 nfrd960 - ok
14:43:52.0194 2624 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:43:52.0225 2624 NisDrv - ok
14:43:52.0303 2624 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:43:52.0334 2624 NisSrv - ok
14:43:52.0381 2624 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:43:52.0444 2624 NlaSvc - ok
14:43:52.0475 2624 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:43:52.0506 2624 Npfs - ok
14:43:52.0522 2624 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
14:43:52.0568 2624 nsi - ok
14:43:52.0584 2624 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:43:52.0631 2624 nsiproxy - ok
14:43:52.0818 2624 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:43:52.0880 2624 Ntfs - ok
14:43:52.0896 2624 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:43:52.0958 2624 ntrigdigi - ok
14:43:52.0990 2624 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
14:43:53.0005 2624 NuidFltr - ok
14:43:53.0005 2624 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
14:43:53.0036 2624 Null - ok
14:43:53.0146 2624 [ D958A2B5F6AD5C3B8CCDC4D7DA62466C ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
14:43:53.0192 2624 NVENETFD - ok
14:43:53.0551 2624 [ FBBA09782F2FAC5A57619DF378BA9372 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:43:53.0770 2624 nvlddmkm - ok
14:43:53.0816 2624 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:43:53.0848 2624 nvraid - ok
14:43:53.0863 2624 [ C44EE36DD84FA95EB81D79C374756003 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
14:43:53.0894 2624 nvsmu - ok
14:43:53.0926 2624 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:43:53.0941 2624 nvstor - ok
14:43:53.0972 2624 [ CF7769F13B3ECC5E2BF1B3D1C5831AE8 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:43:54.0004 2624 nvsvc - ok
14:43:54.0019 2624 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:43:54.0050 2624 nv_agp - ok
14:43:54.0066 2624 NwlnkFlt - ok
14:43:54.0082 2624 NwlnkFwd - ok
14:43:54.0113 2624 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:43:54.0175 2624 ohci1394 - ok
14:43:54.0238 2624 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:43:54.0347 2624 p2pimsvc - ok
14:43:54.0362 2624 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
14:43:54.0456 2624 p2psvc - ok
14:43:54.0487 2624 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:43:54.0581 2624 Parport - ok
14:43:54.0659 2624 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:43:54.0706 2624 partmgr - ok
14:43:54.0737 2624 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:43:54.0830 2624 Parvdm - ok
14:43:54.0862 2624 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
14:43:54.0924 2624 PcaSvc - ok
14:43:54.0955 2624 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
14:43:54.0986 2624 pci - ok
14:43:55.0018 2624 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
14:43:55.0033 2624 pciide - ok
14:43:55.0064 2624 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:43:55.0111 2624 pcmcia - ok
14:43:55.0158 2624 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:43:55.0283 2624 PEAUTH - ok
14:43:55.0564 2624 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
14:43:55.0720 2624 pla - ok
14:43:55.0766 2624 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:43:55.0829 2624 PlugPlay - ok
14:43:55.0860 2624 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:43:55.0907 2624 PNRPAutoReg - ok
14:43:55.0922 2624 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:43:55.0985 2624 PNRPsvc - ok
14:43:56.0032 2624 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:43:56.0094 2624 PolicyAgent - ok
14:43:56.0125 2624 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:43:56.0188 2624 PptpMiniport - ok
14:43:56.0203 2624 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
14:43:56.0266 2624 Processor - ok
14:43:56.0297 2624 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
14:43:56.0359 2624 ProfSvc - ok
14:43:56.0375 2624 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:43:56.0406 2624 ProtectedStorage - ok
14:43:56.0453 2624 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:43:56.0515 2624 PSched - ok
14:43:56.0562 2624 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:43:56.0624 2624 ql2300 - ok
14:43:56.0671 2624 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:43:56.0718 2624 ql40xx - ok
14:43:56.0749 2624 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
14:43:56.0796 2624 QWAVE - ok
14:43:56.0812 2624 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:43:56.0843 2624 QWAVEdrv - ok
14:43:57.0014 2624 [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
14:43:57.0046 2624 RapportCerberus_43926 - ok
14:43:57.0139 2624 [ E59302E32009F38A24AB573B039D8F21 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
14:43:57.0155 2624 RapportEI - ok
14:43:57.0186 2624 [ 25BFCB71DE17B2DE56800219F8E80959 ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys
14:43:57.0217 2624 RapportKELL - ok
14:43:57.0358 2624 [ 4D7B30001787A7E36B899BE4693C8769 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
14:43:57.0420 2624 RapportMgmtService - ok
14:43:57.0451 2624 [ 0DE51300C256DE1206EE892521764C76 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
14:43:57.0482 2624 RapportPG - ok
14:43:57.0498 2624 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:43:57.0560 2624 RasAcd - ok
14:43:57.0576 2624 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
14:43:57.0654 2624 RasAuto - ok
14:43:57.0685 2624 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:43:57.0732 2624 Rasl2tp - ok
14:43:57.0810 2624 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
14:43:57.0872 2624 RasMan - ok
14:43:57.0888 2624 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:43:57.0966 2624 RasPppoe - ok
14:43:58.0013 2624 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:43:58.0060 2624 RasSstp - ok
14:43:58.0138 2624 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:43:58.0169 2624 rdbss - ok
14:43:58.0216 2624 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:43:58.0262 2624 RDPCDD - ok
14:43:58.0309 2624 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:43:58.0356 2624 rdpdr - ok
14:43:58.0528 2624 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:43:58.0574 2624 RDPENCDD - ok
14:43:58.0964 2624 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:43:59.0089 2624 RDPWD - ok
14:43:59.0136 2624 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:43:59.0183 2624 RemoteAccess - ok
14:43:59.0214 2624 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:43:59.0276 2624 RemoteRegistry - ok
14:43:59.0323 2624 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:43:59.0417 2624 RpcLocator - ok
14:43:59.0432 2624 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
14:43:59.0495 2624 RpcSs - ok
14:43:59.0526 2624 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:43:59.0573 2624 rspndr - ok
14:43:59.0588 2624 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
14:43:59.0635 2624 SamSs - ok
14:43:59.0729 2624 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:43:59.0760 2624 sbp2port - ok
14:43:59.0791 2624 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:43:59.0869 2624 SCardSvr - ok
14:43:59.0932 2624 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
14:44:00.0010 2624 Schedule - ok
14:44:00.0025 2624 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:44:00.0072 2624 SCPolicySvc - ok
14:44:00.0103 2624 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:44:00.0166 2624 SDRSVC - ok
14:44:00.0197 2624 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:44:00.0290 2624 secdrv - ok
14:44:00.0322 2624 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
14:44:00.0400 2624 seclogon - ok
14:44:00.0446 2624 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
14:44:00.0509 2624 SENS - ok
14:44:00.0524 2624 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:44:00.0618 2624 Serenum - ok
14:44:00.0649 2624 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
14:44:00.0727 2624 Serial - ok
14:44:00.0758 2624 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:44:00.0836 2624 sermouse - ok
14:44:00.0868 2624 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
14:44:00.0914 2624 SessionEnv - ok
14:44:00.0946 2624 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:44:00.0977 2624 sffdisk - ok
14:44:00.0992 2624 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:44:01.0039 2624 sffp_mmc - ok
14:44:01.0055 2624 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:44:01.0086 2624 sffp_sd - ok
14:44:01.0102 2624 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:44:01.0164 2624 sfloppy - ok
14:44:01.0226 2624 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:44:01.0289 2624 SharedAccess - ok
14:44:01.0320 2624 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:44:01.0351 2624 ShellHWDetection - ok
14:44:01.0382 2624 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:44:01.0414 2624 sisagp - ok
14:44:01.0429 2624 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:44:01.0460 2624 SiSRaid2 - ok
14:44:01.0492 2624 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:44:01.0523 2624 SiSRaid4 - ok
14:44:01.0648 2624 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
14:44:01.0757 2624 slsvc - ok
14:44:01.0804 2624 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:44:01.0835 2624 SLUINotify - ok
14:44:01.0882 2624 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:44:01.0897 2624 Smb - ok
14:44:01.0928 2624 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:44:01.0960 2624 SNMPTRAP - ok
14:44:01.0991 2624 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
14:44:02.0038 2624 spldr - ok
14:44:02.0053 2624 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
14:44:02.0100 2624 Spooler - ok
14:44:02.0147 2624 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:44:02.0194 2624 srv - ok
14:44:02.0225 2624 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:44:02.0272 2624 srv2 - ok
14:44:02.0287 2624 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:44:02.0318 2624 srvnet - ok
14:44:02.0350 2624 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:44:02.0381 2624 SSDPSRV - ok
14:44:02.0412 2624 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:44:02.0428 2624 SstpSvc - ok
14:44:02.0474 2624 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
14:44:02.0552 2624 stisvc - ok
14:44:02.0599 2624 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:44:02.0615 2624 swenum - ok
14:44:02.0708 2624 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
14:44:02.0786 2624 swprv - ok
14:44:02.0833 2624 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:44:02.0849 2624 Symc8xx - ok
14:44:02.0864 2624 SymIM - ok
14:44:02.0864 2624 SymIMMP - ok
14:44:02.0896 2624 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:44:02.0927 2624 Sym_hi - ok
14:44:02.0942 2624 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:44:02.0974 2624 Sym_u3 - ok
14:44:03.0020 2624 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
14:44:03.0114 2624 SysMain - ok
14:44:03.0145 2624 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:44:03.0176 2624 TabletInputService - ok
14:44:03.0223 2624 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:44:03.0286 2624 TapiSrv - ok
14:44:03.0301 2624 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
14:44:03.0364 2624 TBS - ok
14:44:03.0520 2624 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:44:03.0598 2624 Tcpip - ok
14:44:03.0629 2624 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:44:03.0691 2624 Tcpip6 - ok
14:44:03.0769 2624 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:44:03.0816 2624 tcpipreg - ok
14:44:03.0847 2624 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:44:03.0894 2624 TDPIPE - ok
14:44:03.0925 2624 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:44:03.0972 2624 TDTCP - ok
14:44:03.0988 2624 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:44:04.0019 2624 tdx - ok
14:44:04.0034 2624 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:44:04.0050 2624 TermDD - ok
14:44:04.0159 2624 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
14:44:04.0190 2624 TermService - ok
14:44:04.0206 2624 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
14:44:04.0237 2624 Themes - ok
14:44:04.0253 2624 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
14:44:04.0284 2624 THREADORDER - ok
14:44:04.0331 2624 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
14:44:04.0378 2624 TrkWks - ok
14:44:04.0424 2624 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:44:04.0456 2624 TrustedInstaller - ok
14:44:04.0487 2624 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:44:04.0534 2624 tssecsrv - ok
14:44:04.0565 2624 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:44:04.0596 2624 tunmp - ok
14:44:04.0627 2624 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:44:04.0674 2624 tunnel - ok
14:44:04.0690 2624 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:44:04.0705 2624 uagp35 - ok
14:44:04.0752 2624 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:44:04.0783 2624 udfs - ok
14:44:04.0846 2624 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:44:04.0908 2624 UI0Detect - ok
14:44:04.0955 2624 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:44:04.0986 2624 uliagpkx - ok
14:44:05.0002 2624 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:44:05.0033 2624 uliahci - ok
14:44:05.0048 2624 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:44:05.0080 2624 UlSata - ok
14:44:05.0095 2624 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:44:05.0126 2624 ulsata2 - ok
14:44:05.0142 2624 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:44:05.0189 2624 umbus - ok
14:44:05.0236 2624 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
14:44:05.0282 2624 upnphost - ok
14:44:05.0314 2624 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:44:05.0454 2624 usbccgp - ok
14:44:05.0470 2624 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:44:05.0563 2624 usbcir - ok
14:44:05.0610 2624 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:44:05.0641 2624 usbehci - ok
14:44:05.0672 2624 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:44:05.0719 2624 usbhub - ok
14:44:05.0797 2624 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:44:05.0860 2624 usbohci - ok
14:44:05.0891 2624 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:44:05.0938 2624 usbprint - ok
14:44:05.0969 2624 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:44:06.0016 2624 usbscan - ok
14:44:06.0047 2624 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:44:06.0094 2624 USBSTOR - ok
14:44:06.0140 2624 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:44:06.0187 2624 usbuhci - ok
14:44:06.0218 2624 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
14:44:06.0265 2624 UxSms - ok
14:44:06.0328 2624 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
14:44:06.0406 2624 vds - ok
14:44:06.0452 2624 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:44:06.0546 2624 vga - ok
14:44:06.0577 2624 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:44:06.0655 2624 VgaSave - ok
14:44:06.0702 2624 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:44:06.0749 2624 viaagp - ok
14:44:06.0796 2624 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:44:06.0858 2624 ViaC7 - ok
14:44:06.0874 2624 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
14:44:06.0905 2624 viaide - ok
14:44:06.0920 2624 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:44:06.0952 2624 volmgr - ok
14:44:06.0983 2624 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:44:07.0014 2624 volmgrx - ok
14:44:07.0045 2624 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:44:07.0076 2624 volsnap - ok
14:44:07.0123 2624 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:44:07.0186 2624 vsmraid - ok
14:44:07.0232 2624 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
14:44:07.0310 2624 VSS - ok
14:44:07.0342 2624 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
14:44:07.0388 2624 W32Time - ok
14:44:07.0404 2624 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:44:07.0498 2624 WacomPen - ok
14:44:07.0513 2624 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:44:07.0576 2624 Wanarp - ok
14:44:07.0576 2624 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:44:07.0622 2624 Wanarpv6 - ok
14:44:07.0685 2624 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:44:07.0747 2624 wcncsvc - ok
14:44:07.0825 2624 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:44:07.0888 2624 WcsPlugInService - ok
14:44:07.0903 2624 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
14:44:07.0934 2624 Wd - ok
14:44:07.0966 2624 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:44:08.0012 2624 Wdf01000 - ok
14:44:08.0028 2624 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:44:08.0075 2624 WdiServiceHost - ok
14:44:08.0075 2624 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:44:08.0122 2624 WdiSystemHost - ok
14:44:08.0137 2624 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
14:44:08.0168 2624 WebClient - ok
14:44:08.0200 2624 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:44:08.0231 2624 Wecsvc - ok
14:44:08.0246 2624 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:44:08.0278 2624 wercplsupport - ok
14:44:08.0293 2624 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
14:44:08.0340 2624 WerSvc - ok
14:44:08.0371 2624 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:44:08.0402 2624 winachsf - ok
14:44:08.0465 2624 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:44:08.0496 2624 WinDefend - ok
14:44:08.0512 2624 WinHttpAutoProxySvc - ok
14:44:08.0730 2624 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:44:08.0761 2624 Winmgmt - ok
14:44:08.0886 2624 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
14:44:08.0980 2624 WinRM - ok
14:44:09.0058 2624 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:44:09.0120 2624 Wlansvc - ok
14:44:09.0151 2624 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:44:09.0214 2624 WmiAcpi - ok
14:44:09.0276 2624 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:44:09.0338 2624 wmiApSrv - ok
14:44:09.0463 2624 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:44:09.0588 2624 WMPNetworkSvc - ok
14:44:09.0666 2624 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:44:09.0728 2624 WPCSvc - ok
14:44:09.0760 2624 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:44:09.0806 2624 WPDBusEnum - ok
14:44:09.0962 2624 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:44:10.0025 2624 WPFFontCache_v0400 - ok
14:44:10.0056 2624 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:44:10.0103 2624 ws2ifsl - ok
14:44:10.0134 2624 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
14:44:10.0181 2624 wscsvc - ok
14:44:10.0181 2624 WSearch - ok
14:44:10.0259 2624 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:44:10.0321 2624 wuauserv - ok
14:44:10.0368 2624 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:44:10.0399 2624 WUDFRd - ok
14:44:10.0415 2624 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:44:10.0462 2624 wudfsvc - ok
14:44:10.0493 2624 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
14:44:10.0508 2624 XAudio - ok
14:44:10.0540 2624 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
14:44:10.0586 2624 XAudioService - ok
14:44:10.0696 2624 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:44:10.0727 2624 YahooAUService - ok
14:44:10.0742 2624 ================ Scan global ===============================
14:44:10.0758 2624 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:44:10.0805 2624 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:44:10.0820 2624 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:44:10.0898 2624 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:44:10.0898 2624 [Global] - ok
14:44:10.0914 2624 ================ Scan MBR ==================================
14:44:10.0930 2624 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
14:44:12.0022 2624 \Device\Harddisk0\DR0 - ok
14:44:12.0022 2624 ================ Scan VBR ==================================
14:44:12.0037 2624 [ 34334591CBB1762E0238FC8B94B2C7FC ] \Device\Harddisk0\DR0\Partition1
14:44:12.0037 2624 \Device\Harddisk0\DR0\Partition1 - ok
14:44:12.0068 2624 [ C0410E2A4DE372BE7086ACEE51705053 ] \Device\Harddisk0\DR0\Partition2
14:44:12.0068 2624 \Device\Harddisk0\DR0\Partition2 - ok
14:44:12.0068 2624 ================ Scan active images ========================
14:44:12.0084 2624 [ 36975327EF03949CC378AB01E316B574 ] C:\WINDOWS\System32\drivers\crashdmp.sys
14:44:12.0100 2624 C:\WINDOWS\System32\drivers\crashdmp.sys - ok
14:44:12.0115 2624 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] C:\WINDOWS\System32\drivers\atapi.sys
14:44:12.0115 2624 C:\WINDOWS\System32\drivers\atapi.sys - ok
14:44:12.0115 2624 [ C67EBF9C05531C406E1E079FF669A2E6 ] C:\WINDOWS\System32\drivers\Dumpata.sys
14:44:12.0115 2624 C:\WINDOWS\System32\drivers\Dumpata.sys - ok
14:44:12.0131 2624 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\WINDOWS\System32\drivers\tunnel.sys
14:44:12.0131 2624 C:\WINDOWS\System32\drivers\tunnel.sys - ok
14:44:12.0146 2624 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\WINDOWS\System32\drivers\TUNMP.SYS
14:44:12.0146 2624 C:\WINDOWS\System32\drivers\TUNMP.SYS - ok
14:44:12.0146 2624 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\WINDOWS\System32\drivers\i8042prt.sys
14:44:12.0146 2624 C:\WINDOWS\System32\drivers\i8042prt.sys - ok
14:44:12.0162 2624 [ 224191001E78C89DFA78924C3EA595FF ] C:\WINDOWS\System32\drivers\intelppm.sys
14:44:12.0162 2624 C:\WINDOWS\System32\drivers\intelppm.sys - ok
14:44:12.0178 2624 [ 5BF6A1326A335C5298477754A506D263 ] C:\WINDOWS\System32\drivers\mouclass.sys
14:44:12.0178 2624 C:\WINDOWS\System32\drivers\mouclass.sys - ok
14:44:12.0178 2624 [ CE697FEE0D479290D89BEC80DFE793B7 ] C:\WINDOWS\System32\drivers\usbohci.sys
14:44:12.0178 2624 C:\WINDOWS\System32\drivers\usbohci.sys - ok
14:44:12.0193 2624 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\WINDOWS\System32\drivers\usbport.sys
14:44:12.0193 2624 C:\WINDOWS\System32\drivers\usbport.sys - ok
14:44:12.0193 2624 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\WINDOWS\System32\drivers\usbehci.sys
14:44:12.0193 2624 C:\WINDOWS\System32\drivers\usbehci.sys - ok
14:44:12.0209 2624 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\WINDOWS\System32\drivers\hdaudbus.sys
14:44:12.0209 2624 C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
14:44:12.0224 2624 [ FE440536BD98AF772130DC3A6FE1915F ] C:\WINDOWS\System32\drivers\HSXHWBS2.sys
14:44:12.0224 2624 C:\WINDOWS\System32\drivers\HSXHWBS2.sys - ok
14:44:12.0224 2624 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\WINDOWS\System32\drivers\ks.sys
14:44:12.0224 2624 C:\WINDOWS\System32\drivers\ks.sys - ok
14:44:12.0240 2624 [ 88749FBF8BEB18C90E7D6626C8C1910B ] C:\WINDOWS\System32\drivers\HSX_DP.sys
14:44:12.0240 2624 C:\WINDOWS\System32\drivers\HSX_DP.sys - ok
14:44:12.0256 2624 [ 72CC6A8CA7891031D6380DB5025C773C ] C:\WINDOWS\System32\drivers\HSX_CNXT.sys
14:44:12.0256 2624 C:\WINDOWS\System32\drivers\HSX_CNXT.sys - ok
14:44:12.0256 2624 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\WINDOWS\System32\drivers\modem.sys
14:44:12.0256 2624 C:\WINDOWS\System32\drivers\modem.sys - ok
14:44:12.0271 2624 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\WINDOWS\System32\drivers\1394bus.sys
14:44:12.0271 2624 C:\WINDOWS\System32\drivers\1394bus.sys - ok
14:44:12.0271 2624 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\WINDOWS\System32\drivers\ohci1394.sys
14:44:12.0271 2624 C:\WINDOWS\System32\drivers\ohci1394.sys - ok
14:44:12.0287 2624 [ 6B4BFFB9BECD728097024276430DB314 ] C:\WINDOWS\System32\drivers\cdrom.sys
14:44:12.0287 2624 C:\WINDOWS\System32\drivers\cdrom.sys - ok
14:44:12.0287 2624 [ D958A2B5F6AD5C3B8CCDC4D7DA62466C ] C:\WINDOWS\System32\drivers\nvmfdx32.sys
14:44:12.0287 2624 C:\WINDOWS\System32\drivers\nvmfdx32.sys - ok
14:44:12.0302 2624 [ FBBA09782F2FAC5A57619DF378BA9372 ] C:\WINDOWS\System32\drivers\nvlddmkm.sys
14:44:12.0302 2624 C:\WINDOWS\System32\drivers\nvlddmkm.sys - ok
14:44:12.0302 2624 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:44:12.0302 2624 C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
14:44:12.0318 2624 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\WINDOWS\System32\drivers\watchdog.sys
14:44:12.0318 2624 C:\WINDOWS\System32\drivers\watchdog.sys - ok
14:44:12.0318 2624 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\WINDOWS\System32\drivers\wmiacpi.sys
14:44:12.0318 2624 C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
14:44:12.0334 2624 [ 232FA340531D940AAC623B121A595034 ] C:\WINDOWS\System32\drivers\msiscsi.sys
14:44:12.0334 2624 C:\WINDOWS\System32\drivers\msiscsi.sys - ok
14:44:12.0334 2624 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\WINDOWS\System32\drivers\Storport.sys
14:44:12.0334 2624 C:\WINDOWS\System32\drivers\Storport.sys - ok
14:44:12.0349 2624 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\WINDOWS\System32\drivers\tdi.sys
14:44:12.0349 2624 C:\WINDOWS\System32\drivers\tdi.sys - ok
14:44:12.0349 2624 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\WINDOWS\System32\drivers\rasl2tp.sys
14:44:12.0349 2624 C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
14:44:12.0365 2624 [ 0E186E90404980569FB449BA7519AE61 ] C:\WINDOWS\System32\drivers\ndistapi.sys
14:44:12.0365 2624 C:\WINDOWS\System32\drivers\ndistapi.sys - ok
14:44:12.0365 2624 [ 818F648618AE34F729FDB47EC68345C3 ] C:\WINDOWS\System32\drivers\ndiswan.sys
14:44:12.0365 2624 C:\WINDOWS\System32\drivers\ndiswan.sys - ok
14:44:12.0380 2624 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\WINDOWS\System32\drivers\raspppoe.sys
14:44:12.0380 2624 C:\WINDOWS\System32\drivers\raspppoe.sys - ok
14:44:12.0380 2624 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\WINDOWS\System32\drivers\raspptp.sys
14:44:12.0380 2624 C:\WINDOWS\System32\drivers\raspptp.sys - ok
14:44:12.0396 2624 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\WINDOWS\System32\drivers\rassstp.sys
14:44:12.0396 2624 C:\WINDOWS\System32\drivers\rassstp.sys - ok
14:44:12.0412 2624 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\WINDOWS\System32\drivers\termdd.sys
14:44:12.0412 2624 C:\WINDOWS\System32\drivers\termdd.sys - ok
14:44:12.0412 2624 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\WINDOWS\System32\drivers\kbdclass.sys
14:44:12.0412 2624 C:\WINDOWS\System32\drivers\kbdclass.sys - ok
14:44:12.0427 2624 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\WINDOWS\System32\drivers\swenum.sys
14:44:12.0427 2624 C:\WINDOWS\System32\drivers\swenum.sys - ok
14:44:12.0427 2624 [ E384487CB84BE41D09711C30CA79646C ] C:\WINDOWS\System32\drivers\mssmbios.sys
14:44:12.0427 2624 C:\WINDOWS\System32\drivers\mssmbios.sys - ok
14:44:12.0443 2624 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\WINDOWS\System32\drivers\umbus.sys
14:44:12.0443 2624 C:\WINDOWS\System32\drivers\umbus.sys - ok
14:44:12.0443 2624 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\WINDOWS\System32\drivers\usbhub.sys
14:44:12.0443 2624 C:\WINDOWS\System32\drivers\usbhub.sys - ok
14:44:12.0458 2624 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\WINDOWS\System32\drivers\ndproxy.sys
14:44:12.0458 2624 C:\WINDOWS\System32\drivers\ndproxy.sys - ok
14:44:12.0458 2624 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\WINDOWS\System32\drivers\drmk.sys
14:44:12.0458 2624 C:\WINDOWS\System32\drivers\drmk.sys - ok
14:44:12.0474 2624 [ 218286724EC530FF252648369E05B090 ] C:\WINDOWS\System32\drivers\portcls.sys
14:44:12.0474 2624 C:\WINDOWS\System32\drivers\portcls.sys - ok
14:44:12.0474 2624 [ 84ED2154239F9D013BBD3220755ADA8B ] C:\WINDOWS\System32\drivers\RTKVHDA.sys
14:44:12.0474 2624 C:\WINDOWS\System32\drivers\RTKVHDA.sys - ok
14:44:12.0490 2624 [ 3AF684252780CF87DC2809F85B8F7591 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
14:44:12.0490 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys - ok
14:44:12.0490 2624 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\WINDOWS\System32\drivers\beep.sys
14:44:12.0505 2624 C:\WINDOWS\System32\drivers\beep.sys - ok
14:44:12.0505 2624 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\WINDOWS\System32\drivers\fs_rec.sys
14:44:12.0505 2624 C:\WINDOWS\System32\drivers\fs_rec.sys - ok
14:44:12.0521 2624 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\WINDOWS\System32\drivers\null.sys
14:44:12.0521 2624 C:\WINDOWS\System32\drivers\null.sys - ok
14:44:12.0521 2624 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\WINDOWS\System32\drivers\hidparse.sys
14:44:12.0521 2624 C:\WINDOWS\System32\drivers\hidparse.sys - ok
14:44:12.0536 2624 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\WINDOWS\System32\drivers\kbdhid.sys
14:44:12.0536 2624 C:\WINDOWS\System32\drivers\kbdhid.sys - ok
14:44:12.0536 2624 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\WINDOWS\System32\drivers\videoprt.sys
14:44:12.0536 2624 C:\WINDOWS\System32\drivers\videoprt.sys - ok
14:44:12.0552 2624 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\WINDOWS\System32\drivers\vga.sys
14:44:12.0552 2624 C:\WINDOWS\System32\drivers\vga.sys - ok
14:44:12.0552 2624 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
14:44:12.0552 2624 C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
14:44:12.0568 2624 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\WINDOWS\System32\drivers\msfs.sys
14:44:12.0568 2624 C:\WINDOWS\System32\drivers\msfs.sys - ok
14:44:12.0568 2624 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
14:44:12.0568 2624 C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
14:44:12.0583 2624 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\WINDOWS\System32\drivers\npfs.sys
14:44:12.0583 2624 C:\WINDOWS\System32\drivers\npfs.sys - ok
14:44:12.0583 2624 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\WINDOWS\System32\drivers\rasacd.sys
14:44:12.0583 2624 C:\WINDOWS\System32\drivers\rasacd.sys - ok
14:44:12.0599 2624 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\WINDOWS\System32\drivers\smb.sys
14:44:12.0599 2624 C:\WINDOWS\System32\drivers\smb.sys - ok
14:44:12.0599 2624 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\WINDOWS\System32\drivers\tdx.sys
14:44:12.0599 2624 C:\WINDOWS\System32\drivers\tdx.sys - ok
14:44:12.0599 2624 [ 3911B972B55FEA0478476B2E777B29FA ] C:\WINDOWS\System32\drivers\afd.sys
14:44:12.0599 2624 C:\WINDOWS\System32\drivers\afd.sys - ok
14:44:12.0614 2624 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\WINDOWS\System32\drivers\netbt.sys
14:44:12.0614 2624 C:\WINDOWS\System32\drivers\netbt.sys - ok
14:44:12.0630 2624 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\WINDOWS\System32\drivers\pacer.sys
14:44:12.0630 2624 C:\WINDOWS\System32\drivers\pacer.sys - ok
14:44:12.0630 2624 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\WINDOWS\System32\drivers\netbios.sys
14:44:12.0630 2624 C:\WINDOWS\System32\drivers\netbios.sys - ok
14:44:12.0646 2624 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\WINDOWS\System32\drivers\wanarp.sys
14:44:12.0646 2624 C:\WINDOWS\System32\drivers\wanarp.sys - ok
14:44:12.0646 2624 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\WINDOWS\System32\drivers\rdbss.sys
14:44:12.0646 2624 C:\WINDOWS\System32\drivers\rdbss.sys - ok
14:44:12.0661 2624 [ E59302E32009F38A24AB573B039D8F21 ] C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
14:44:12.0661 2624 C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys - ok
14:44:12.0661 2624 [ 0DE51300C256DE1206EE892521764C76 ] C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
14:44:12.0661 2624 C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys - ok
14:44:12.0677 2624 [ 609773E344A97410CE4EBF74A8914FCF ] C:\WINDOWS\System32\drivers\nsiproxy.sys
14:44:12.0677 2624 C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
14:44:12.0677 2624 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\WINDOWS\System32\drivers\dfsc.sys
14:44:12.0677 2624 C:\WINDOWS\System32\drivers\dfsc.sys - ok
14:44:12.0692 2624 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\WINDOWS\System32\drivers\usbccgp.sys
14:44:12.0692 2624 C:\WINDOWS\System32\drivers\usbccgp.sys - ok
14:44:12.0692 2624 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\WINDOWS\System32\drivers\usbd.sys
14:44:12.0692 2624 C:\WINDOWS\System32\drivers\usbd.sys - ok
14:44:12.0708 2624 [ 5961CADB7CAD938368D2028725EF771D ] C:\WINDOWS\System32\drivers\hidclass.sys
14:44:12.0708 2624 C:\WINDOWS\System32\drivers\hidclass.sys - ok
14:44:12.0708 2624 [ CCA4B519B17E23A00B826C55716809CC ] C:\WINDOWS\System32\drivers\hidusb.sys
14:44:12.0708 2624 C:\WINDOWS\System32\drivers\hidusb.sys - ok
14:44:12.0724 2624 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\WINDOWS\System32\ntdll.dll
14:44:12.0724 2624 C:\WINDOWS\System32\ntdll.dll - ok
14:44:12.0724 2624 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\WINDOWS\System32\smss.exe
14:44:12.0724 2624 C:\WINDOWS\System32\smss.exe - ok
14:44:12.0739 2624 [ 10761177A6EBE45843F443E99509F5E7 ] C:\WINDOWS\System32\autochk.exe
14:44:12.0739 2624 C:\WINDOWS\System32\autochk.exe - ok
14:44:12.0739 2624 [ BE3DA31C191BC222D9AD503C5224F2AD ] C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:44:12.0739 2624 C:\WINDOWS\System32\drivers\USBSTOR.SYS - ok
14:44:12.0755 2624 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\WINDOWS\System32\usp10.dll
14:44:12.0755 2624 C:\WINDOWS\System32\usp10.dll - ok
14:44:12.0755 2624 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\WINDOWS\System32\urlmon.dll
14:44:12.0755 2624 C:\WINDOWS\System32\urlmon.dll - ok
14:44:12.0770 2624 [ 50CAA7072C171B9887215C83D52069E4 ] C:\WINDOWS\System32\advapi32.dll
14:44:12.0770 2624 C:\WINDOWS\System32\advapi32.dll - ok
14:44:12.0770 2624 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\WINDOWS\System32\shlwapi.dll
14:44:12.0770 2624 C:\WINDOWS\System32\shlwapi.dll - ok
14:44:12.0786 2624 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\WINDOWS\System32\msctf.dll
14:44:12.0786 2624 C:\WINDOWS\System32\msctf.dll - ok
14:44:12.0786 2624 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\WINDOWS\System32\Wldap32.dll
14:44:12.0786 2624 C:\WINDOWS\System32\Wldap32.dll - ok
14:44:12.0802 2624 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\WINDOWS\System32\wininet.dll
14:44:12.0802 2624 C:\WINDOWS\System32\wininet.dll - ok
14:44:12.0802 2624 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\WINDOWS\System32\rpcrt4.dll
14:44:12.0802 2624 C:\WINDOWS\System32\rpcrt4.dll - ok
14:44:12.0817 2624 [ 3178C47DB9F1615E5334029607BD3459 ] C:\WINDOWS\System32\iertutil.dll
14:44:12.0817 2624 C:\WINDOWS\System32\iertutil.dll - ok
14:44:12.0817 2624 [ 7856E3B4594714EF89BB97375E8644EE ] C:\WINDOWS\System32\gdi32.dll
14:44:12.0817 2624 C:\WINDOWS\System32\gdi32.dll - ok
14:44:12.0833 2624 [ 574B473FACAA0E91702B86578440B525 ] C:\WINDOWS\System32\kernel32.dll
14:44:12.0833 2624 C:\WINDOWS\System32\kernel32.dll - ok
14:44:12.0833 2624 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\WINDOWS\System32\lpk.dll
14:44:12.0848 2624 C:\WINDOWS\System32\lpk.dll - ok
14:44:12.0848 2624 [ 75510147B94598407666F4802797C75A ] C:\WINDOWS\System32\user32.dll
14:44:12.0848 2624 C:\WINDOWS\System32\user32.dll - ok
14:44:12.0848 2624 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\WINDOWS\System32\ws2_32.dll
14:44:12.0848 2624 C:\WINDOWS\System32\ws2_32.dll - ok
14:44:12.0864 2624 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\WINDOWS\System32\nsi.dll
14:44:12.0864 2624 C:\WINDOWS\System32\nsi.dll - ok
14:44:12.0864 2624 [ 9586E7CB2255A8B097A7E4538202585E ] C:\WINDOWS\System32\ole32.dll
14:44:12.0864 2624 C:\WINDOWS\System32\ole32.dll - ok
14:44:12.0880 2624 [ C394079EB162E812D682C73FA96AF6E4 ] C:\WINDOWS\System32\clbcatq.dll
14:44:12.0880 2624 C:\WINDOWS\System32\clbcatq.dll - ok
14:44:12.0880 2624 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\WINDOWS\System32\oleaut32.dll
14:44:12.0880 2624 C:\WINDOWS\System32\oleaut32.dll - ok
14:44:12.0895 2624 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\WINDOWS\System32\imagehlp.dll
14:44:12.0895 2624 C:\WINDOWS\System32\imagehlp.dll - ok
14:44:12.0895 2624 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\WINDOWS\System32\comdlg32.dll
14:44:12.0895 2624 C:\WINDOWS\System32\comdlg32.dll - ok
14:44:12.0911 2624 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\WINDOWS\System32\imm32.dll
14:44:12.0911 2624 C:\WINDOWS\System32\imm32.dll - ok
14:44:12.0911 2624 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\WINDOWS\System32\setupapi.dll
14:44:12.0911 2624 C:\WINDOWS\System32\setupapi.dll - ok
14:44:12.0926 2624 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\WINDOWS\System32\shell32.dll
14:44:12.0926 2624 C:\WINDOWS\System32\shell32.dll - ok
14:44:12.0926 2624 [ 17AF64D727545F2804F6E6D998327E3F ] C:\WINDOWS\System32\msvcrt.dll
14:44:12.0926 2624 C:\WINDOWS\System32\msvcrt.dll - ok
14:44:12.0942 2624 [ 6F29236AB5926100972924BD29D9D225 ] C:\WINDOWS\System32\normaliz.dll
14:44:12.0942 2624 C:\WINDOWS\System32\normaliz.dll - ok
14:44:12.0942 2624 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\WINDOWS\System32\comctl32.dll
14:44:12.0942 2624 C:\WINDOWS\System32\comctl32.dll - ok
14:44:12.0958 2624 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\WINDOWS\System32\psapi.dll
14:44:12.0958 2624 C:\WINDOWS\System32\psapi.dll - ok
14:44:12.0958 2624 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\WINDOWS\System32\drivers\dxapi.sys
14:44:12.0958 2624 C:\WINDOWS\System32\drivers\dxapi.sys - ok
14:44:12.0973 2624 [ 8A9E46EB3A8C3AB5450B0661437BFA27 ] C:\WINDOWS\System32\win32k.sys
14:44:12.0973 2624 C:\WINDOWS\System32\win32k.sys - ok
14:44:12.0973 2624 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\WINDOWS\System32\csrsrv.dll
14:44:12.0973 2624 C:\WINDOWS\System32\csrsrv.dll - ok
14:44:12.0989 2624 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\WINDOWS\System32\csrss.exe
14:44:12.0989 2624 C:\WINDOWS\System32\csrss.exe - ok
14:44:12.0989 2624 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\WINDOWS\System32\basesrv.dll
14:44:12.0989 2624 C:\WINDOWS\System32\basesrv.dll - ok
14:44:13.0004 2624 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\WINDOWS\System32\winsrv.dll
14:44:13.0004 2624 C:\WINDOWS\System32\winsrv.dll - ok
14:44:13.0004 2624 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\WINDOWS\System32\drivers\monitor.sys
14:44:13.0004 2624 C:\WINDOWS\System32\drivers\monitor.sys - ok
14:44:13.0020 2624 [ CC21507D246861671A0BF97E75CE1B00 ] C:\WINDOWS\System32\tsddd.dll
14:44:13.0020 2624 C:\WINDOWS\System32\tsddd.dll - ok
14:44:13.0020 2624 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\WINDOWS\System32\secur32.dll
14:44:13.0020 2624 C:\WINDOWS\System32\secur32.dll - ok
14:44:13.0036 2624 [ 665417528489096BBCB8AEA46D3DA924 ] C:\WINDOWS\System32\userenv.dll
14:44:13.0036 2624 C:\WINDOWS\System32\userenv.dll - ok
14:44:13.0036 2624 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\WINDOWS\System32\wininit.exe
14:44:13.0036 2624 C:\WINDOWS\System32\wininit.exe - ok
14:44:13.0051 2624 [ 12C8D6C564702B0776512932290A3F6B ] C:\WINDOWS\System32\KBDUS.DLL
14:44:13.0051 2624 C:\WINDOWS\System32\KBDUS.DLL - ok
14:44:13.0051 2624 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\WINDOWS\System32\apphelp.dll
14:44:13.0051 2624 C:\WINDOWS\System32\apphelp.dll - ok
14:44:13.0067 2624 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\WINDOWS\System32\services.exe
14:44:13.0067 2624 C:\WINDOWS\System32\services.exe - ok
14:44:13.0067 2624 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\WINDOWS\System32\WlS0WndH.dll
14:44:13.0067 2624 C:\WINDOWS\System32\WlS0WndH.dll - ok
14:44:13.0082 2624 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\WINDOWS\System32\sxs.dll
14:44:13.0082 2624 C:\WINDOWS\System32\sxs.dll - ok
14:44:13.0082 2624 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\WINDOWS\System32\cdd.dll
14:44:13.0082 2624 C:\WINDOWS\System32\cdd.dll - ok
14:44:13.0098 2624 [ A3E186B4B935905B829219502557314E ] C:\WINDOWS\System32\lsass.exe
14:44:13.0098 2624 C:\WINDOWS\System32\lsass.exe - ok
14:44:13.0098 2624 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\WINDOWS\System32\lsm.exe
14:44:13.0098 2624 C:\WINDOWS\System32\lsm.exe - ok
14:44:13.0114 2624 [ D90911B3FA05D7B930C1286084B404DE ] C:\WINDOWS\System32\scesrv.dll
14:44:13.0114 2624 C:\WINDOWS\System32\scesrv.dll - ok
14:44:13.0114 2624 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\WINDOWS\System32\lsasrv.dll
14:44:13.0114 2624 C:\WINDOWS\System32\lsasrv.dll - ok
14:44:13.0129 2624 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\WINDOWS\System32\sysntfy.dll
14:44:13.0129 2624 C:\WINDOWS\System32\sysntfy.dll - ok
14:44:13.0129 2624 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\WINDOWS\System32\wmsgapi.dll
14:44:13.0129 2624 C:\WINDOWS\System32\wmsgapi.dll - ok
14:44:13.0145 2624 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\WINDOWS\System32\authz.dll
14:44:13.0145 2624 C:\WINDOWS\System32\authz.dll - ok
14:44:13.0145 2624 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\WINDOWS\System32\netapi32.dll
14:44:13.0145 2624 C:\WINDOWS\System32\netapi32.dll - ok
14:44:13.0160 2624 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\WINDOWS\System32\samsrv.dll
14:44:13.0160 2624 C:\WINDOWS\System32\samsrv.dll - ok
14:44:13.0160 2624 [ 459B48188494490707DCA8BAA91AA185 ] C:\WINDOWS\System32\cryptdll.dll
14:44:13.0160 2624 C:\WINDOWS\System32\cryptdll.dll - ok
14:44:13.0176 2624 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\WINDOWS\System32\dnsapi.dll
14:44:13.0176 2624 C:\WINDOWS\System32\dnsapi.dll - ok
14:44:13.0176 2624 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\WINDOWS\System32\ncobjapi.dll
14:44:13.0176 2624 C:\WINDOWS\System32\ncobjapi.dll - ok
14:44:13.0192 2624 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\WINDOWS\System32\crypt32.dll
14:44:13.0192 2624 C:\WINDOWS\System32\crypt32.dll - ok
14:44:13.0192 2624 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\WINDOWS\System32\feclient.dll
14:44:13.0192 2624 C:\WINDOWS\System32\feclient.dll - ok
14:44:13.0207 2624 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\WINDOWS\System32\mpr.dll
14:44:13.0207 2624 C:\WINDOWS\System32\mpr.dll - ok
14:44:13.0207 2624 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\WINDOWS\System32\msasn1.dll
14:44:13.0207 2624 C:\WINDOWS\System32\msasn1.dll - ok
14:44:13.0223 2624 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\WINDOWS\System32\ntdsapi.dll
14:44:13.0223 2624 C:\WINDOWS\System32\ntdsapi.dll - ok
14:44:13.0223 2624 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\WINDOWS\System32\samlib.dll
14:44:13.0223 2624 C:\WINDOWS\System32\samlib.dll - ok
14:44:13.0238 2624 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\WINDOWS\System32\aelupsvc.dll
14:44:13.0238 2624 C:\WINDOWS\System32\aelupsvc.dll - ok
14:44:13.0238 2624 [ A1545B731579895D8CC44FC0481C1192 ] C:\WINDOWS\System32\alg.exe
14:44:13.0238 2624 C:\WINDOWS\System32\alg.exe - ok
14:44:13.0254 2624 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\WINDOWS\System32\appinfo.dll
14:44:13.0254 2624 C:\WINDOWS\System32\appinfo.dll - ok
14:44:13.0254 2624 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\WINDOWS\System32\SLC.dll
14:44:13.0254 2624 C:\WINDOWS\System32\SLC.dll - ok
14:44:13.0270 2624 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\WINDOWS\System32\rascfg.dll
14:44:13.0270 2624 C:\WINDOWS\System32\rascfg.dll - ok
14:44:13.0270 2624 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\WINDOWS\System32\wevtapi.dll
14:44:13.0270 2624 C:\WINDOWS\System32\wevtapi.dll - ok
14:44:13.0285 2624 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\WINDOWS\System32\audiosrv.dll
14:44:13.0285 2624 C:\WINDOWS\System32\audiosrv.dll - ok
14:44:13.0285 2624 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\WINDOWS\System32\IPHLPAPI.DLL
14:44:13.0285 2624 C:\WINDOWS\System32\IPHLPAPI.DLL - ok
14:44:13.0301 2624 [ 9028559C132146FB75EB7ACF384B086A ] C:\WINDOWS\System32\dhcpcsvc.dll
14:44:13.0301 2624 C:\WINDOWS\System32\dhcpcsvc.dll - ok
14:44:13.0301 2624 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\WINDOWS\System32\winlogon.exe
14:44:13.0301 2624 C:\WINDOWS\System32\winlogon.exe - ok
14:44:13.0316 2624 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\WINDOWS\System32\dhcpcsvc6.dll
14:44:13.0316 2624 C:\WINDOWS\System32\dhcpcsvc6.dll - ok
14:44:13.0332 2624 [ 6B09105742C75DF80CEF21700F20F55A ] C:\WINDOWS\System32\winnsi.dll
14:44:13.0332 2624 C:\WINDOWS\System32\winnsi.dll - ok
14:44:13.0332 2624 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\WINDOWS\System32\winsta.dll
14:44:13.0332 2624 C:\WINDOWS\System32\winsta.dll - ok
14:44:13.0348 2624 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\WINDOWS\System32\BFE.DLL
14:44:13.0348 2624 C:\WINDOWS\System32\BFE.DLL - ok
14:44:13.0348 2624 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\WINDOWS\System32\cngaudit.dll
14:44:13.0348 2624 C:\WINDOWS\System32\cngaudit.dll - ok
14:44:13.0348 2624 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\WINDOWS\System32\ncrypt.dll
14:44:13.0363 2624 C:\WINDOWS\System32\ncrypt.dll - ok
14:44:13.0363 2624 [ 93952506C6D67330367F7E7934B6A02F ] C:\WINDOWS\System32\qmgr.dll
14:44:13.0363 2624 C:\WINDOWS\System32\qmgr.dll - ok
14:44:13.0379 2624 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\WINDOWS\System32\bcrypt.dll
14:44:13.0379 2624 C:\WINDOWS\System32\bcrypt.dll - ok
14:44:13.0379 2624 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\WINDOWS\System32\browser.dll
14:44:13.0379 2624 C:\WINDOWS\System32\browser.dll - ok
14:44:13.0394 2624 [ 4211249955AF9133E2E357CC92B54DFD ] C:\WINDOWS\System32\comres.dll
14:44:13.0394 2624 C:\WINDOWS\System32\comres.dll - ok
14:44:13.0394 2624 [ 26F139DDEC6407508071930D3D07337E ] C:\WINDOWS\System32\credssp.dll
14:44:13.0394 2624 C:\WINDOWS\System32\credssp.dll - ok
14:44:13.0394 2624 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\WINDOWS\System32\cryptsvc.dll
14:44:13.0394 2624 C:\WINDOWS\System32\cryptsvc.dll - ok
14:44:13.0410 2624 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\WINDOWS\System32\dfsrres.dll
14:44:13.0410 2624 C:\WINDOWS\System32\dfsrres.dll - ok
14:44:13.0410 2624 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\WINDOWS\System32\msprivs.dll
14:44:13.0410 2624 C:\WINDOWS\System32\msprivs.dll - ok
14:44:13.0426 2624 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\WINDOWS\System32\oleres.dll
14:44:13.0426 2624 C:\WINDOWS\System32\oleres.dll - ok
14:44:13.0426 2624 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\WINDOWS\System32\kerberos.dll
14:44:13.0426 2624 C:\WINDOWS\System32\kerberos.dll - ok
14:44:13.0441 2624 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\WINDOWS\System32\dot3svc.dll
14:44:13.0441 2624 C:\WINDOWS\System32\dot3svc.dll - ok
14:44:13.0441 2624 [ 22CFAEB9172F5F198048401485CD0571 ] C:\WINDOWS\System32\WSHTCPIP.DLL
14:44:13.0441 2624 C:\WINDOWS\System32\WSHTCPIP.DLL - ok
14:44:13.0457 2624 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\WINDOWS\System32\dps.dll
14:44:13.0457 2624 C:\WINDOWS\System32\dps.dll - ok
14:44:13.0457 2624 [ C0B95E40D85CD807D614E264248A45B9 ] C:\WINDOWS\System32\eapsvc.dll
14:44:13.0457 2624 C:\WINDOWS\System32\eapsvc.dll - ok
14:44:13.0472 2624 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\WINDOWS\System32\wship6.dll
14:44:13.0472 2624 C:\WINDOWS\System32\wship6.dll - ok
14:44:13.0472 2624 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\WINDOWS\System32\wshqos.dll
14:44:13.0472 2624 C:\WINDOWS\System32\wshqos.dll - ok
14:44:13.0488 2624 [ 9BE3744D295A7701EB425332014F0797 ] C:\WINDOWS\ehome\ehrecvr.exe
14:44:13.0488 2624 C:\WINDOWS\ehome\ehrecvr.exe - ok
14:44:13.0488 2624 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\WINDOWS\ehome\ehsched.exe
14:44:13.0488 2624 C:\WINDOWS\ehome\ehsched.exe - ok
14:44:13.0504 2624 [ FC62A635063B762E1C3C60EA77279378 ] C:\WINDOWS\System32\NapiNSP.dll
14:44:13.0504 2624 C:\WINDOWS\System32\NapiNSP.dll - ok
14:44:13.0504 2624 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\WINDOWS\System32\nlasvc.dll
14:44:13.0504 2624 C:\WINDOWS\System32\nlasvc.dll - ok
14:44:13.0519 2624 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\WINDOWS\System32\pnrpnsp.dll
14:44:13.0519 2624 C:\WINDOWS\System32\pnrpnsp.dll - ok
14:44:13.0535 2624 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\WINDOWS\ehome\ehstart.dll
14:44:13.0535 2624 C:\WINDOWS\ehome\ehstart.dll - ok
14:44:13.0535 2624 [ 8617350C9B590B63E620881092751BCB ] C:\WINDOWS\System32\mswsock.dll
14:44:13.0535 2624 C:\WINDOWS\System32\mswsock.dll - ok
14:44:13.0550 2624 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\WINDOWS\System32\emdmgmt.dll
14:44:13.0550 2624 C:\WINDOWS\System32\emdmgmt.dll - ok
14:44:13.0550 2624 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\WINDOWS\System32\msv1_0.dll
14:44:13.0550 2624 C:\WINDOWS\System32\msv1_0.dll - ok
14:44:13.0566 2624 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\WINDOWS\System32\netlogon.dll
14:44:13.0566 2624 C:\WINDOWS\System32\netlogon.dll - ok
14:44:13.0566 2624 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\WINDOWS\System32\wevtsvc.dll
14:44:13.0566 2624 C:\WINDOWS\System32\wevtsvc.dll - ok
14:44:13.0582 2624 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\WINDOWS\System32\winbrand.dll
14:44:13.0582 2624 C:\WINDOWS\System32\winbrand.dll - ok
14:44:13.0582 2624 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\WINDOWS\System32\fdPHost.dll
14:44:13.0582 2624 C:\WINDOWS\System32\fdPHost.dll - ok
14:44:13.0597 2624 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\WINDOWS\System32\FDResPub.dll
14:44:13.0597 2624 C:\WINDOWS\System32\FDResPub.dll - ok
14:44:13.0597 2624 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\WINDOWS\System32\schannel.dll
14:44:13.0597 2624 C:\WINDOWS\System32\schannel.dll - ok
14:44:13.0613 2624 [ 8CE364388C8ECA59B14B539179276D44 ] C:\WINDOWS\System32\FntCache.dll
14:44:13.0613 2624 C:\WINDOWS\System32\FntCache.dll - ok
14:44:13.0613 2624 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\WINDOWS\System32\wdigest.dll
14:44:13.0613 2624 C:\WINDOWS\System32\wdigest.dll - ok
14:44:13.0628 2624 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\WINDOWS\System32\PresentationHost.exe
14:44:13.0628 2624 C:\WINDOWS\System32\PresentationHost.exe - ok
14:44:13.0628 2624 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\WINDOWS\System32\rsaenh.dll
14:44:13.0628 2624 C:\WINDOWS\System32\rsaenh.dll - ok
14:44:13.0644 2624 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\WINDOWS\System32\gpapi.dll
14:44:13.0644 2624 C:\WINDOWS\System32\gpapi.dll - ok
14:44:13.0644 2624 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\WINDOWS\System32\KMSVC.DLL
14:44:13.0644 2624 C:\WINDOWS\System32\KMSVC.DLL - ok
14:44:13.0660 2624 [ F8873D15018F411588BEC02C1725BADA ] C:\WINDOWS\System32\TSpkg.dll
14:44:13.0660 2624 C:\WINDOWS\System32\TSpkg.dll - ok
14:44:13.0660 2624 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
14:44:13.0660 2624 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
14:44:13.0675 2624 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\WINDOWS\System32\IKEEXT.DLL
14:44:13.0675 2624 C:\WINDOWS\System32\IKEEXT.DLL - ok
14:44:13.0675 2624 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\WINDOWS\System32\IPBusEnum.dll
14:44:13.0675 2624 C:\WINDOWS\System32\IPBusEnum.dll - ok
14:44:13.0691 2624 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\WINDOWS\System32\keyiso.dll
14:44:13.0691 2624 C:\WINDOWS\System32\keyiso.dll - ok
14:44:13.0706 2624 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\WINDOWS\System32\lltdres.dll
14:44:13.0706 2624 C:\WINDOWS\System32\lltdres.dll - ok
14:44:13.0706 2624 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\WINDOWS\System32\srvsvc.dll
14:44:13.0706 2624 C:\WINDOWS\System32\srvsvc.dll - ok
14:44:13.0722 2624 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\WINDOWS\System32\wkssvc.dll
14:44:13.0722 2624 C:\WINDOWS\System32\wkssvc.dll - ok
14:44:13.0722 2624 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\WINDOWS\ehome\ehres.dll
14:44:13.0722 2624 C:\WINDOWS\ehome\ehres.dll - ok
14:44:13.0738 2624 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\WINDOWS\System32\lmhsvc.dll
14:44:13.0738 2624 C:\WINDOWS\System32\lmhsvc.dll - ok
14:44:13.0738 2624 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\WINDOWS\System32\FirewallAPI.dll
14:44:13.0738 2624 C:\WINDOWS\System32\FirewallAPI.dll - ok
14:44:13.0753 2624 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\WINDOWS\System32\mmcss.dll
14:44:13.0753 2624 C:\WINDOWS\System32\mmcss.dll - ok
14:44:13.0753 2624 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\WINDOWS\System32\msimsg.dll
14:44:13.0753 2624 C:\WINDOWS\System32\msimsg.dll - ok
14:44:13.0769 2624 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\WINDOWS\System32\QAGENTRT.DLL
14:44:13.0769 2624 C:\WINDOWS\System32\QAGENTRT.DLL - ok
14:44:13.0769 2624 [ C8052711DAECC48B982434C5116CA401 ] C:\WINDOWS\System32\netman.dll
14:44:13.0769 2624 C:\WINDOWS\System32\netman.dll - ok
14:44:13.0784 2624 [ 4EF5DF1B011B05737ECB8F0B7B171510 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
14:44:13.0784 2624 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
14:44:13.0784 2624 [ ED640F4CE585058119B824CC76591D9C ] C:\WINDOWS\System32\netprof.dll
14:44:13.0784 2624 C:\WINDOWS\System32\netprof.dll - ok
14:44:13.0800 2624 [ CA461A203EF40A98C1C23DE3CBEE68B2 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
14:44:13.0800 2624 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
14:44:13.0800 2624 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\WINDOWS\System32\nsisvc.dll
14:44:13.0800 2624 C:\WINDOWS\System32\nsisvc.dll - ok
14:44:13.0816 2624 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\WINDOWS\System32\p2psvc.dll
14:44:13.0816 2624 C:\WINDOWS\System32\p2psvc.dll - ok
14:44:13.0816 2624 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\WINDOWS\System32\pcasvc.dll
14:44:13.0816 2624 C:\WINDOWS\System32\pcasvc.dll - ok
14:44:13.0831 2624 [ B1689DF169143F57053F795390C99DB3 ] C:\WINDOWS\System32\pla.dll
14:44:13.0831 2624 C:\WINDOWS\System32\pla.dll - ok
14:44:13.0831 2624 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\WINDOWS\System32\umpnpmgr.dll
14:44:13.0831 2624 C:\WINDOWS\System32\umpnpmgr.dll - ok
14:44:13.0847 2624 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\WINDOWS\System32\polstore.dll
14:44:13.0847 2624 C:\WINDOWS\System32\polstore.dll - ok
14:44:13.0847 2624 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\WINDOWS\System32\profsvc.dll
14:44:13.0847 2624 C:\WINDOWS\System32\profsvc.dll - ok
14:44:13.0862 2624 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\WINDOWS\System32\psbase.dll
14:44:13.0862 2624 C:\WINDOWS\System32\psbase.dll - ok
14:44:13.0862 2624 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\WINDOWS\System32\qwave.dll
14:44:13.0862 2624 C:\WINDOWS\System32\qwave.dll - ok
14:44:13.0878 2624 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\WINDOWS\System32\drivers\qwavedrv.sys
14:44:13.0878 2624 C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
14:44:13.0878 2624 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\WINDOWS\System32\rasauto.dll
14:44:13.0878 2624 C:\WINDOWS\System32\rasauto.dll - ok
14:44:13.0894 2624 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\WINDOWS\System32\rasmans.dll
14:44:13.0894 2624 C:\WINDOWS\System32\rasmans.dll - ok
14:44:13.0894 2624 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\WINDOWS\System32\mprdim.dll
14:44:13.0894 2624 C:\WINDOWS\System32\mprdim.dll - ok
14:44:13.0909 2624 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\WINDOWS\System32\sstpsvc.dll
14:44:13.0909 2624 C:\WINDOWS\System32\sstpsvc.dll - ok
14:44:13.0909 2624 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\WINDOWS\System32\Locator.exe
14:44:13.0909 2624 C:\WINDOWS\System32\Locator.exe - ok
14:44:13.0925 2624 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\WINDOWS\System32\schedsvc.dll
14:44:13.0925 2624 C:\WINDOWS\System32\schedsvc.dll - ok
14:44:13.0925 2624 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\WINDOWS\System32\sdrsvc.dll
14:44:13.0925 2624 C:\WINDOWS\System32\sdrsvc.dll - ok
14:44:13.0940 2624 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\WINDOWS\System32\seclogon.dll
14:44:13.0940 2624 C:\WINDOWS\System32\seclogon.dll - ok
14:44:13.0940 2624 [ A9BBAB5759771E523F55563D6CBE140F ] C:\WINDOWS\System32\Sens.dll
14:44:13.0940 2624 C:\WINDOWS\System32\Sens.dll - ok
14:44:13.0956 2624 [ D2193326F729B163125610DBF3E17D57 ] C:\WINDOWS\System32\SessEnv.dll
14:44:13.0956 2624 C:\WINDOWS\System32\SessEnv.dll - ok
14:44:13.0956 2624 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\WINDOWS\System32\ipnathlp.dll
14:44:13.0956 2624 C:\WINDOWS\System32\ipnathlp.dll - ok
14:44:13.0972 2624 [ C7230FBEE14437716701C15BE02C27B8 ] C:\WINDOWS\System32\shsvcs.dll
14:44:13.0972 2624 C:\WINDOWS\System32\shsvcs.dll - ok
14:44:13.0972 2624 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\WINDOWS\System32\SLsvc.exe
14:44:13.0972 2624 C:\WINDOWS\System32\SLsvc.exe - ok
14:44:13.0987 2624 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\WINDOWS\System32\SLUINotify.dll
14:44:13.0987 2624 C:\WINDOWS\System32\SLUINotify.dll - ok
14:44:13.0987 2624 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\WINDOWS\System32\tcpipcfg.dll
14:44:13.0987 2624 C:\WINDOWS\System32\tcpipcfg.dll - ok
14:44:14.0003 2624 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\WINDOWS\System32\spoolsv.exe
14:44:14.0003 2624 C:\WINDOWS\System32\spoolsv.exe - ok
14:44:14.0003 2624 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\WINDOWS\System32\ssdpsrv.dll
14:44:14.0003 2624 C:\WINDOWS\System32\ssdpsrv.dll - ok
14:44:14.0018 2624 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\WINDOWS\System32\swprv.dll
14:44:14.0018 2624 C:\WINDOWS\System32\swprv.dll - ok
14:44:14.0018 2624 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\WINDOWS\System32\sysmain.dll
14:44:14.0018 2624 C:\WINDOWS\System32\sysmain.dll - ok
14:44:14.0034 2624 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\WINDOWS\System32\tapisrv.dll
14:44:14.0034 2624 C:\WINDOWS\System32\tapisrv.dll - ok
14:44:14.0034 2624 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\WINDOWS\System32\termsrv.dll
14:44:14.0034 2624 C:\WINDOWS\System32\termsrv.dll - ok
14:44:14.0050 2624 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\WINDOWS\servicing\TrustedInstaller.exe
14:44:14.0050 2624 C:\WINDOWS\servicing\TrustedInstaller.exe - ok
14:44:14.0065 2624 [ ECEF404F62863755951E09C802C94AD5 ] C:\WINDOWS\System32\UI0Detect.exe
14:44:14.0065 2624 C:\WINDOWS\System32\UI0Detect.exe - ok
14:44:14.0065 2624 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\WINDOWS\System32\upnphost.dll
14:44:14.0065 2624 C:\WINDOWS\System32\upnphost.dll - ok
14:44:14.0081 2624 [ 01DD1004181FD46ECDC3628228EB269D ] C:\WINDOWS\System32\dwm.exe
14:44:14.0081 2624 C:\WINDOWS\System32\dwm.exe - ok
14:44:14.0081 2624 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\WINDOWS\System32\vds.exe
14:44:14.0081 2624 C:\WINDOWS\System32\vds.exe - ok
14:44:14.0096 2624 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\WINDOWS\System32\VSSVC.exe
14:44:14.0096 2624 C:\WINDOWS\System32\VSSVC.exe - ok
14:44:14.0096 2624 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\WINDOWS\System32\w32time.dll
14:44:14.0096 2624 C:\WINDOWS\System32\w32time.dll - ok
14:44:14.0112 2624 [ A3CD60FD826381B49F03832590E069AF ] C:\WINDOWS\System32\wcncsvc.dll
14:44:14.0112 2624 C:\WINDOWS\System32\wcncsvc.dll - ok
14:44:14.0112 2624 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\WINDOWS\System32\WcsPlugInService.dll
14:44:14.0112 2624 C:\WINDOWS\System32\WcsPlugInService.dll - ok
14:44:14.0128 2624 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\WINDOWS\System32\wdi.dll
14:44:14.0128 2624 C:\WINDOWS\System32\wdi.dll - ok
14:44:14.0128 2624 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\WINDOWS\System32\wecsvc.dll
14:44:14.0128 2624 C:\WINDOWS\System32\wecsvc.dll - ok
14:44:14.0143 2624 [ 670FF720071ED741206D69BD995EA453 ] C:\WINDOWS\System32\wercplsupport.dll
14:44:14.0143 2624 C:\WINDOWS\System32\wercplsupport.dll - ok
14:44:14.0143 2624 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\WINDOWS\System32\wersvc.dll
14:44:14.0143 2624 C:\WINDOWS\System32\wersvc.dll - ok
14:44:14.0159 2624 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll
14:44:14.0159 2624 C:\Program Files\Windows Defender\MsMpRes.dll - ok
14:44:14.0159 2624 [ C008405E4FEEB069E30DA1D823910234 ] C:\WINDOWS\System32\wlansvc.dll
14:44:14.0159 2624 C:\WINDOWS\System32\wlansvc.dll - ok
14:44:14.0174 2624 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
14:44:14.0174 2624 C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
14:44:14.0174 2624 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:44:14.0174 2624 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:44:14.0190 2624 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\WINDOWS\System32\wpcsvc.dll
14:44:14.0190 2624 C:\WINDOWS\System32\wpcsvc.dll - ok
14:44:14.0190 2624 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:44:14.0190 2624 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
14:44:14.0190 2624 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\WINDOWS\System32\wpdbusenum.dll
14:44:14.0190 2624 C:\WINDOWS\System32\wpdbusenum.dll - ok
14:44:14.0206 2624 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\WINDOWS\System32\wscsvc.dll
14:44:14.0206 2624 C:\WINDOWS\System32\wscsvc.dll - ok
14:44:14.0206 2624 [ 8FC182167381E9915651267044105EE1 ] C:\WINDOWS\System32\scecli.dll
14:44:14.0206 2624 C:\WINDOWS\System32\scecli.dll - ok
14:44:14.0221 2624 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\WINDOWS\System32\ntmarta.dll
14:44:14.0221 2624 C:\WINDOWS\System32\ntmarta.dll - ok
14:44:14.0221 2624 [ 3794B461C45882E06856F282EEF025AF ] C:\WINDOWS\System32\svchost.exe
14:44:14.0221 2624 C:\WINDOWS\System32\svchost.exe - ok
14:44:14.0237 2624 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\WINDOWS\System32\powrprof.dll
14:44:14.0237 2624 C:\WINDOWS\System32\powrprof.dll - ok
14:44:14.0237 2624 [ 8F5C7426567798E62A3B3614965D62CC ] C:\WINDOWS\System32\drivers\luafv.sys
14:44:14.0237 2624 C:\WINDOWS\System32\drivers\luafv.sys - ok
14:44:14.0252 2624 [ CF7769F13B3ECC5E2BF1B3D1C5831AE8 ] C:\WINDOWS\System32\nvvsvc.exe
14:44:14.0252 2624 C:\WINDOWS\System32\nvvsvc.exe - ok
14:44:14.0252 2624 [ F42483814FC39170B3982A184EC5AAA2 ] C:\WINDOWS\System32\wtsapi32.dll
14:44:14.0252 2624 C:\WINDOWS\System32\wtsapi32.dll - ok
14:44:14.0268 2624 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
14:44:14.0268 2624 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
14:44:14.0268 2624 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\WINDOWS\System32\rpcss.dll
14:44:14.0268 2624 C:\WINDOWS\System32\rpcss.dll - ok
14:44:14.0284 2624 [ 69827805A221C21450BA22F4326A2EE3 ] C:\WINDOWS\System32\version.dll
14:44:14.0284 2624 C:\WINDOWS\System32\version.dll - ok
14:44:14.0284 2624 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:44:14.0284 2624 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
14:44:14.0299 2624 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
14:44:14.0299 2624 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
14:44:14.0315 2624 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
14:44:14.0315 2624 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
14:44:14.0315 2624 [ 62D577288B48998FC6667BF22DC5B690 ] C:\WINDOWS\System32\LogonUI.exe
14:44:14.0315 2624 C:\WINDOWS\System32\LogonUI.exe - ok
14:44:14.0330 2624 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\WINDOWS\System32\wintrust.dll
14:44:14.0330 2624 C:\WINDOWS\System32\wintrust.dll - ok
14:44:14.0330 2624 [ 58C2521D87C494831A625202C80354AD ] C:\WINDOWS\System32\authui.dll
14:44:14.0330 2624 C:\WINDOWS\System32\authui.dll - ok
14:44:14.0346 2624 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
14:44:14.0346 2624 C:\Program Files\Windows Defender\MpSvc.dll - ok
14:44:14.0346 2624 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll
14:44:14.0346 2624 C:\Program Files\Windows Defender\MpClient.dll - ok
14:44:14.0362 2624 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\WINDOWS\System32\msimg32.dll
14:44:14.0362 2624 C:\WINDOWS\System32\msimg32.dll - ok
14:44:14.0362 2624 [ 999D69DEB576C2C424294DF025891CC6 ] C:\WINDOWS\System32\uxtheme.dll
14:44:14.0362 2624 C:\WINDOWS\System32\uxtheme.dll - ok
14:44:14.0377 2624 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
14:44:14.0377 2624 C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
14:44:14.0377 2624 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\WINDOWS\System32\duser.dll
14:44:14.0377 2624 C:\WINDOWS\System32\duser.dll - ok
14:44:14.0393 2624 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\WINDOWS\System32\xmllite.dll
14:44:14.0393 2624 C:\WINDOWS\System32\xmllite.dll - ok
14:44:14.0393 2624 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
14:44:14.0393 2624 C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
14:44:14.0408 2624 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\WINDOWS\System32\rasplap.dll
14:44:14.0408 2624 C:\WINDOWS\System32\rasplap.dll - ok
14:44:14.0408 2624 [ 3CB863B78642405371CB3A71C07E2382 ] C:\WINDOWS\System32\rasapi32.dll
14:44:14.0408 2624 C:\WINDOWS\System32\rasapi32.dll - ok
14:44:14.0424 2624 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\WINDOWS\System32\rasman.dll
14:44:14.0424 2624 C:\WINDOWS\System32\rasman.dll - ok
14:44:14.0424 2624 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\WINDOWS\System32\tapi32.dll
14:44:14.0424 2624 C:\WINDOWS\System32\tapi32.dll - ok
14:44:14.0440 2624 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\WINDOWS\System32\oleacc.dll
14:44:14.0440 2624 C:\WINDOWS\System32\oleacc.dll - ok
14:44:14.0440 2624 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\WINDOWS\System32\rtutils.dll
14:44:14.0440 2624 C:\WINDOWS\System32\rtutils.dll - ok
14:44:14.0440 2624 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\WINDOWS\System32\winmm.dll
14:44:14.0455 2624 C:\WINDOWS\System32\winmm.dll - ok
14:44:14.0455 2624 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\WINDOWS\System32\WinSCard.dll
14:44:14.0455 2624 C:\WINDOWS\System32\WinSCard.dll - ok
14:44:14.0455 2624 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
14:44:14.0455 2624 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
14:44:14.0471 2624 [ 4D7B30001787A7E36B899BE4693C8769 ] C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
14:44:14.0471 2624 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe - ok
14:44:14.0471 2624 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\WINDOWS\System32\shacct.dll
14:44:14.0471 2624 C:\WINDOWS\System32\shacct.dll - ok
14:44:14.0486 2624 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\WINDOWS\System32\shgina.dll
14:44:14.0486 2624 C:\WINDOWS\System32\shgina.dll - ok
14:44:14.0486 2624 [ DFCD80CA411BBFF7734F5EA6A5794C4A ] C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll
14:44:14.0486 2624 C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll - ok
14:44:14.0502 2624 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\WINDOWS\System32\propsys.dll
14:44:14.0502 2624 C:\WINDOWS\System32\propsys.dll - ok
14:44:14.0502 2624 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
14:44:14.0502 2624 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
14:44:14.0518 2624 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll
14:44:14.0518 2624 C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll - ok
14:44:14.0518 2624 [ 00A0231FCA55C815853B957767E34B02 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
14:44:14.0518 2624 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
14:44:14.0533 2624 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll
14:44:14.0533 2624 C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll - ok
14:44:14.0533 2624 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\WINDOWS\System32\fltLib.dll
14:44:14.0533 2624 C:\WINDOWS\System32\fltLib.dll - ok
14:44:14.0549 2624 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] C:\WINDOWS\System32\drivers\MpFilter.sys
14:44:14.0549 2624 C:\WINDOWS\System32\drivers\MpFilter.sys - ok
14:44:14.0549 2624 [ 2EF4E53ACB0DF0B34091335BB26C2BC2 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
14:44:14.0549 2624 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
14:44:14.0564 2624 [ E582816A4855914DEFFC212E12B3B744 ] C:\WINDOWS\System32\wsock32.dll
14:44:14.0564 2624 C:\WINDOWS\System32\wsock32.dll - ok
14:44:14.0564 2624 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43099E4D-B766-4CB8-8086-757F242F8E70}\mpengine.dll
14:44:14.0564 2624 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43099E4D-B766-4CB8-8086-757F242F8E70}\mpengine.dll - ok
14:44:14.0580 2624 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\WINDOWS\System32\msi.dll
14:44:14.0580 2624 C:\WINDOWS\System32\msi.dll - ok
14:44:14.0580 2624 [ 244C631BE2F7F36EAD9DDAEED95AA298 ] C:\WINDOWS\System32\ntkrnlpa.exe
14:44:14.0580 2624 C:\WINDOWS\System32\ntkrnlpa.exe - ok
14:44:14.0596 2624 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
14:44:14.0596 2624 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
14:44:14.0596 2624 [ A99871BA522CB2539AE275AC18CACC8F ] C:\WINDOWS\System32\cabinet.dll
14:44:14.0596 2624 C:\WINDOWS\System32\cabinet.dll - ok
14:44:14.0611 2624 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\WINDOWS\System32\wscapi.dll
14:44:14.0611 2624 C:\WINDOWS\System32\wscapi.dll - ok
14:44:14.0611 2624 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\WINDOWS\System32\p2pcollab.dll
14:44:14.0611 2624 C:\WINDOWS\System32\p2pcollab.dll - ok
14:44:14.0627 2624 [ 135246465AA37A463FE594660E3E485A ] C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll.data
14:44:14.0627 2624 C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll.data - ok
14:44:14.0642 2624 [ 4C089FA7CE5FF366E32BE3B3AEA71ED1 ] C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
14:44:14.0642 2624 C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll - ok
14:44:14.0642 2624 [ 84EDBC10F7BFBFC70BCC57CE8583742B ] C:\Program Files\Trusteer\Rapport\bin\rookscom.dll.data
14:44:14.0642 2624 C:\Program Files\Trusteer\Rapport\bin\rookscom.dll.data - ok
14:44:14.0658 2624 [ D2385216776BD1BE4E635BF36D40870C ] C:\Program Files\Trusteer\Rapport\bin\rookscom.dll
14:44:14.0658 2624 C:\Program Files\Trusteer\Rapport\bin\rookscom.dll - ok
14:44:14.0658 2624 [ CAB0E89E61F34A76F4C506B465CAA8DF ] C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll.data
14:44:14.0658 2624 C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll.data - ok
14:44:14.0674 2624 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
14:44:14.0674 2624 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
14:44:14.0674 2624 [ EE185EFA3A499B11FDC07BD41A5A57F1 ] C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll
14:44:14.0674 2624 C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll - ok
14:44:14.0689 2624 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\WINDOWS\System32\slwga.dll
14:44:14.0689 2624 C:\WINDOWS\System32\slwga.dll - ok
14:44:14.0689 2624 [ 5DB99BBD7A50F2A45A5118D9532064C4 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll
14:44:14.0689 2624 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll - ok
14:44:14.0705 2624 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll
14:44:14.0705 2624 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll - ok
14:44:14.0705 2624 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll
14:44:14.0705 2624 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll - ok
14:44:14.0720 2624 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll
14:44:14.0720 2624 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll - ok
14:44:14.0720 2624 [ 29820425D7B6407793C8C0ACB9622FF0 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll
14:44:14.0720 2624 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll - ok
14:44:14.0736 2624 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll
14:44:14.0736 2624 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll - ok
14:44:14.0736 2624 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll
14:44:14.0736 2624 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll - ok
14:44:14.0752 2624 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll
14:44:14.0752 2624 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll - ok
14:44:14.0752 2624 [ 378C296F78EBC17E57C6CF96CD024D59 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus.dll
14:44:14.0752 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus.dll - ok
14:44:14.0767 2624 [ 630593EFBD859E48C5E180AB23DC1065 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll
14:44:14.0767 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll - ok
14:44:14.0767 2624 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll
14:44:14.0767 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll - ok
14:44:14.0783 2624 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll
14:44:14.0783 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll - ok
14:44:14.0783 2624 [ 5BEB722294C6A21BBE79E816F4E933DA ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
14:44:14.0783 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll - ok
14:44:14.0798 2624 [ B7AB636643F405839CB3D1684145651C ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll
14:44:14.0798 2624 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll - ok
14:44:14.0798 2624 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll
14:44:14.0798 2624 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll - ok
14:44:14.0814 2624 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll
14:44:14.0814 2624 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll - ok
14:44:14.0830 2624 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll
14:44:14.0830 2624 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll - ok
14:44:14.0830 2624 [ 56B5914070B2C243DFB3D186070DA89D ] C:\WINDOWS\System32\MMDevAPI.dll
14:44:14.0830 2624 C:\WINDOWS\System32\MMDevAPI.dll - ok
14:44:14.0845 2624 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\WINDOWS\System32\avrt.dll
14:44:14.0845 2624 C:\WINDOWS\System32\avrt.dll - ok
14:44:14.0845 2624 [ 399BB52AD0668472717498E97CF28341 ] C:\WINDOWS\System32\WUDFPlatform.dll
14:44:14.0845 2624 C:\WINDOWS\System32\WUDFPlatform.dll - ok
14:44:14.0861 2624 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\WINDOWS\System32\adtschema.dll
14:44:14.0861 2624 C:\WINDOWS\System32\adtschema.dll - ok
14:44:14.0861 2624 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\WINDOWS\System32\drivers\fltMgr.sys
14:44:14.0861 2624 C:\WINDOWS\System32\drivers\fltMgr.sys - ok
14:44:14.0876 2624 [ 57418956DDAE128D1023C508E7D07071 ] C:\WINDOWS\System32\PSHED.DLL
14:44:14.0876 2624 C:\WINDOWS\System32\PSHED.DLL - ok
14:44:14.0876 2624 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\WINDOWS\System32\audiodg.exe
14:44:14.0876 2624 C:\WINDOWS\System32\audiodg.exe - ok
14:44:14.0892 2624 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\WINDOWS\System32\ksuser.dll
14:44:14.0892 2624 C:\WINDOWS\System32\ksuser.dll - ok
14:44:14.0892 2624 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\WINDOWS\System32\wdmaud.drv
14:44:14.0892 2624 C:\WINDOWS\System32\wdmaud.drv - ok
14:44:14.0908 2624 [ 7258434974EA735725FD2D4A65C5E821 ] C:\WINDOWS\System32\AudioSes.dll
14:44:14.0908 2624 C:\WINDOWS\System32\AudioSes.dll - ok
14:44:14.0908 2624 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\WINDOWS\System32\AudioEng.dll
14:44:14.0908 2624 C:\WINDOWS\System32\AudioEng.dll - ok
14:44:14.0923 2624 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\WINDOWS\System32\gpsvc.dll
14:44:14.0923 2624 C:\WINDOWS\System32\gpsvc.dll - ok
14:44:14.0923 2624 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\WINDOWS\System32\nlaapi.dll
14:44:14.0923 2624 C:\WINDOWS\System32\nlaapi.dll - ok
14:44:14.0939 2624 [ 409F36C8BD06FCE184631EB4142B009A ] C:\WINDOWS\System32\atl.dll
14:44:14.0939 2624 C:\WINDOWS\System32\atl.dll - ok
14:44:14.0939 2624 [ BDBB449425991154135E5ED1559927E6 ] C:\WINDOWS\System32\msacm32.dll
14:44:14.0939 2624 C:\WINDOWS\System32\msacm32.dll - ok
14:44:14.0954 2624 [ 166F004D73EA2CF4AC61800CA469458D ] C:\WINDOWS\System32\msacm32.drv
14:44:14.0954 2624 C:\WINDOWS\System32\msacm32.drv - ok
14:44:14.0954 2624 [ 83199EF88D691E730B80666E29F90D58 ] C:\WINDOWS\System32\midimap.dll
14:44:14.0954 2624 C:\WINDOWS\System32\midimap.dll - ok
14:44:14.0970 2624 [ 67058C46504BC12D821F38CF99B7B28F ] C:\WINDOWS\System32\es.dll
14:44:14.0970 2624 C:\WINDOWS\System32\es.dll - ok
14:44:14.0970 2624 [ 296937202E4D930AAE98085B99D744D8 ] C:\WINDOWS\System32\AUDIOKSE.dll
14:44:14.0970 2624 C:\WINDOWS\System32\AUDIOKSE.dll - ok
14:44:14.0986 2624 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\WINDOWS\System32\drivers\spsys.sys
14:44:14.0986 2624 C:\WINDOWS\System32\drivers\spsys.sys - ok
14:44:14.0986 2624 [ C8D8B847C46EFE3496311AF5EBFB9B62 ] C:\WINDOWS\System32\RtkAPO.dll
14:44:14.0986 2624 C:\WINDOWS\System32\RtkAPO.dll - ok
14:44:15.0001 2624 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\WINDOWS\System32\uxsms.dll
14:44:15.0001 2624 C:\WINDOWS\System32\uxsms.dll - ok
14:44:15.0001 2624 [ 4B555106290BD117334E9A08761C035A ] C:\WINDOWS\System32\rundll32.exe
14:44:15.0001 2624 C:\WINDOWS\System32\rundll32.exe - ok
14:44:15.0017 2624 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\WINDOWS\System32\WindowsCodecs.dll
14:44:15.0017 2624 C:\WINDOWS\System32\WindowsCodecs.dll - ok
14:44:15.0017 2624 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
14:44:15.0017 2624 C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
14:44:15.0032 2624 [ 575A4190D989F64732119E4114045A4F ] C:\WINDOWS\System32\WUDFSvc.dll
14:44:15.0032 2624 C:\WINDOWS\System32\WUDFSvc.dll - ok
14:44:15.0032 2624 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\WINDOWS\System32\mfplat.dll
14:44:15.0032 2624 C:\WINDOWS\System32\mfplat.dll - ok
14:44:15.0048 2624 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\WINDOWS\System32\shimeng.dll
14:44:15.0048 2624 C:\WINDOWS\System32\shimeng.dll - ok
14:44:15.0048 2624 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\WINDOWS\System32\drivers\lltdio.sys
14:44:15.0048 2624 C:\WINDOWS\System32\drivers\lltdio.sys - ok
14:44:15.0064 2624 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\WINDOWS\System32\drivers\rspndr.sys
14:44:15.0064 2624 C:\WINDOWS\System32\drivers\rspndr.sys - ok
14:44:15.0064 2624 [ D6804F089CBB6749E95124E7C4D80900 ] C:\WINDOWS\AppPatch\AcLayers.dll
14:44:15.0064 2624 C:\WINDOWS\AppPatch\AcLayers.dll - ok
14:44:15.0079 2624 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\WINDOWS\System32\hid.dll
14:44:15.0079 2624 C:\WINDOWS\System32\hid.dll - ok
14:44:15.0079 2624 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\WINDOWS\System32\winspool.drv
14:44:15.0079 2624 C:\WINDOWS\System32\winspool.drv - ok
14:44:15.0095 2624 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\WINDOWS\System32\dnsrslvr.dll
14:44:15.0095 2624 C:\WINDOWS\System32\dnsrslvr.dll - ok
14:44:15.0095 2624 [ 02A424E60C115B3F68A98083E551B3B4 ] C:\WINDOWS\System32\nvsvc.dll
14:44:15.0095 2624 C:\WINDOWS\System32\nvsvc.dll - ok
14:44:15.0110 2624 [ C0A2442BE61F72822A438DAF23BBA878 ] C:\WINDOWS\System32\nvapi.dll
14:44:15.0110 2624 C:\WINDOWS\System32\nvapi.dll - ok
14:44:15.0110 2624 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\WINDOWS\System32\dwmapi.dll
14:44:15.0110 2624 C:\WINDOWS\System32\dwmapi.dll - ok
14:44:15.0126 2624 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
14:44:15.0126 2624 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
14:44:15.0126 2624 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\WINDOWS\System32\ktmw32.dll
14:44:15.0126 2624 C:\WINDOWS\System32\ktmw32.dll - ok
14:44:15.0142 2624 [ FB15FE55C4B02089A31EA9C63A6C260A ] C:\WINDOWS\System32\nvcpl.dll
14:44:15.0142 2624 C:\WINDOWS\System32\nvcpl.dll - ok
14:44:15.0142 2624 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\WINDOWS\System32\taskcomp.dll
14:44:15.0142 2624 C:\WINDOWS\System32\taskcomp.dll - ok
14:44:15.0157 2624 [ F870AA3E254628EBEAFE754108D664DE ] C:\WINDOWS\System32\drivers\http.sys
14:44:15.0157 2624 C:\WINDOWS\System32\drivers\http.sys - ok
14:44:15.0157 2624 [ EC760B0B76A4353DE49D66520EB2141F ] C:\WINDOWS\System32\SensApi.dll
14:44:15.0157 2624 C:\WINDOWS\System32\SensApi.dll - ok
14:44:15.0173 2624 [ 65C15783C836BE91ECC88A74742D9E18 ] C:\WINDOWS\System32\nvd3dum.dll
14:44:15.0173 2624 C:\WINDOWS\System32\nvd3dum.dll - ok
14:44:15.0173 2624 [ E79FDA8D320147FDC347C504B3487F87 ] C:\WINDOWS\System32\spoolss.dll
14:44:15.0173 2624 C:\WINDOWS\System32\spoolss.dll - ok
14:44:15.0188 2624 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\WINDOWS\System32\drivers\srvnet.sys
14:44:15.0188 2624 C:\WINDOWS\System32\drivers\srvnet.sys - ok
14:44:15.0188 2624 [ C411C80F90D6732380352B98B37BBD53 ] C:\WINDOWS\System32\winrnr.dll
14:44:15.0188 2624 C:\WINDOWS\System32\winrnr.dll - ok
14:44:15.0204 2624 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\WINDOWS\System32\FWPUCLNT.DLL
14:44:15.0204 2624 C:\WINDOWS\System32\FWPUCLNT.DLL - ok
14:44:15.0204 2624 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\WINDOWS\System32\rasadhlp.dll
14:44:15.0204 2624 C:\WINDOWS\System32\rasadhlp.dll - ok
14:44:15.0220 2624 [ 35F376253F687BDE63976CCB3F2108CA ] C:\WINDOWS\System32\drivers\bowser.sys
14:44:15.0220 2624 C:\WINDOWS\System32\drivers\bowser.sys - ok
14:44:15.0220 2624 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\WINDOWS\System32\drivers\mpsdrv.sys
14:44:15.0220 2624 C:\WINDOWS\System32\drivers\mpsdrv.sys - ok
14:44:15.0235 2624 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\WINDOWS\System32\MPSSVC.dll
14:44:15.0235 2624 C:\WINDOWS\System32\MPSSVC.dll - ok
14:44:15.0235 2624 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\WINDOWS\System32\drivers\mrxsmb.sys
14:44:15.0235 2624 C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
14:44:15.0251 2624 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
14:44:15.0251 2624 C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
14:44:15.0251 2624 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
14:44:15.0251 2624 C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
14:44:15.0266 2624 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\WINDOWS\System32\drivers\srv2.sys
14:44:15.0266 2624 C:\WINDOWS\System32\drivers\srv2.sys - ok
14:44:15.0266 2624 [ E45051C374F845EDF3DB02A35BA13193 ] C:\WINDOWS\System32\umb.dll
14:44:15.0266 2624 C:\WINDOWS\System32\umb.dll - ok
14:44:15.0282 2624 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\WINDOWS\System32\localspl.dll
14:44:15.0282 2624 C:\WINDOWS\System32\localspl.dll - ok
14:44:15.0282 2624 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\WINDOWS\System32\sfc.dll
14:44:15.0282 2624 C:\WINDOWS\System32\sfc.dll - ok
14:44:15.0298 2624 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\WINDOWS\System32\drivers\srv.sys
14:44:15.0298 2624 C:\WINDOWS\System32\drivers\srv.sys - ok
14:44:15.0298 2624 [ 0745D6EAD386710110817FBEC03F5161 ] C:\WINDOWS\System32\wfapigp.dll
14:44:15.0298 2624 C:\WINDOWS\System32\wfapigp.dll - ok
14:44:15.0313 2624 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\WINDOWS\System32\wiarpc.dll
14:44:15.0313 2624 C:\WINDOWS\System32\wiarpc.dll - ok
14:44:15.0313 2624 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\WINDOWS\System32\snmptrap.exe
14:44:15.0313 2624 C:\WINDOWS\System32\snmptrap.exe - ok
14:44:15.0329 2624 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\WINDOWS\System32\mscms.dll
14:44:15.0329 2624 C:\WINDOWS\System32\mscms.dll - ok
14:44:15.0329 2624 [ E223D2851906B84F52E1B75EA16198F9 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
14:44:15.0329 2624 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
14:44:15.0344 2624 [ 0A0C8331E26F1EC7741CCE6A91E9167D ] C:\WINDOWS\System32\hpf3l082.dll
14:44:15.0344 2624 C:\WINDOWS\System32\hpf3l082.dll - ok
14:44:15.0344 2624 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\WINDOWS\System32\tcpmon.dll
14:44:15.0344 2624 C:\WINDOWS\System32\tcpmon.dll - ok
14:44:15.0360 2624 [ 1311171CF8F6D2954441EF2A42693035 ] C:\WINDOWS\System32\WsmRes.dll
14:44:15.0360 2624 C:\WINDOWS\System32\WsmRes.dll - ok
14:44:15.0360 2624 [ E230F3776F373F4C5E788794B53101E4 ] C:\WINDOWS\System32\plasrv.exe
14:44:15.0360 2624 C:\WINDOWS\System32\plasrv.exe - ok
14:44:15.0376 2624 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\WINDOWS\System32\snmpapi.dll
14:44:15.0376 2624 C:\WINDOWS\System32\snmpapi.dll - ok
14:44:15.0376 2624 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\WINDOWS\System32\wsnmp32.dll
14:44:15.0376 2624 C:\WINDOWS\System32\wsnmp32.dll - ok
14:44:15.0391 2624 [ 024528E25BBE8768536861EA09BE1672 ] C:\WINDOWS\System32\msxml6.dll
14:44:15.0391 2624 C:\WINDOWS\System32\msxml6.dll - ok
14:44:15.0391 2624 [ 5091452DC719281CF1DD69367E13B494 ] C:\WINDOWS\System32\tcpmib.dll
14:44:15.0391 2624 C:\WINDOWS\System32\tcpmib.dll - ok
14:44:15.0407 2624 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\WINDOWS\System32\mgmtapi.dll
14:44:15.0407 2624 C:\WINDOWS\System32\mgmtapi.dll - ok
14:44:15.0407 2624 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\WINDOWS\System32\usbmon.dll
14:44:15.0407 2624 C:\WINDOWS\System32\usbmon.dll - ok
14:44:15.0422 2624 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\WINDOWS\System32\WSDMon.dll
14:44:15.0422 2624 C:\WINDOWS\System32\WSDMon.dll - ok
14:44:15.0422 2624 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\WINDOWS\System32\WSDApi.dll
14:44:15.0422 2624 C:\WINDOWS\System32\WSDApi.dll - ok
14:44:15.0438 2624 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\WINDOWS\System32\httpapi.dll
14:44:15.0438 2624 C:\WINDOWS\System32\httpapi.dll - ok
14:44:15.0438 2624 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\WINDOWS\System32\winhttp.dll
14:44:15.0438 2624 C:\WINDOWS\System32\winhttp.dll - ok
14:44:15.0454 2624 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\WINDOWS\System32\cfgmgr32.dll
14:44:15.0454 2624 C:\WINDOWS\System32\cfgmgr32.dll - ok
14:44:15.0454 2624 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\WINDOWS\System32\fundisc.dll
14:44:15.0454 2624 C:\WINDOWS\System32\fundisc.dll - ok
14:44:15.0469 2624 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\WINDOWS\System32\msxml3.dll
14:44:15.0469 2624 C:\WINDOWS\System32\msxml3.dll - ok
14:44:15.0469 2624 [ 73347ECA7A6D327BA43C40CB56BCA659 ] C:\WINDOWS\System32\spool\prtprocs\w32x86\hpfpp082.dll
14:44:15.0469 2624 C:\WINDOWS\System32\spool\prtprocs\w32x86\hpfpp082.dll - ok
14:44:15.0485 2624 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\WINDOWS\System32\win32spl.dll
14:44:15.0485 2624 C:\WINDOWS\System32\win32spl.dll - ok
14:44:15.0485 2624 [ 4BF053944E973C073339BE841C9ECF28 ] C:\WINDOWS\System32\netrap.dll
14:44:15.0485 2624 C:\WINDOWS\System32\netrap.dll - ok
14:44:15.0500 2624 [ E340845C8E96D107C36420065D7A5733 ] C:\WINDOWS\System32\printcom.dll
14:44:15.0500 2624 C:\WINDOWS\System32\printcom.dll - ok
14:44:15.0500 2624 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\WINDOWS\System32\inetpp.dll
14:44:15.0500 2624 C:\WINDOWS\System32\inetpp.dll - ok
14:44:15.0516 2624 [ A324D72A06C110152E7607745F39BFA1 ] C:\WINDOWS\System32\netmsg.dll
14:44:15.0516 2624 C:\WINDOWS\System32\netmsg.dll - ok
14:44:15.0516 2624 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\WINDOWS\System32\clusapi.dll
14:44:15.0516 2624 C:\WINDOWS\System32\clusapi.dll - ok
14:44:15.0516 2624 [ 452341E471D2D961229DFE0842957272 ] C:\WINDOWS\System32\sscore.dll
14:44:15.0516 2624 C:\WINDOWS\System32\sscore.dll - ok
14:44:15.0532 2624 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\WINDOWS\System32\activeds.dll
14:44:15.0532 2624 C:\WINDOWS\System32\activeds.dll - ok
14:44:15.0532 2624 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\WINDOWS\System32\adsldpc.dll
14:44:15.0532 2624 C:\WINDOWS\System32\adsldpc.dll - ok
14:44:15.0547 2624 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\WINDOWS\System32\credui.dll
14:44:15.0547 2624 C:\WINDOWS\System32\credui.dll - ok
14:44:15.0547 2624 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\WINDOWS\System32\resutils.dll
14:44:15.0547 2624 C:\WINDOWS\System32\resutils.dll - ok
14:44:15.0563 2624 [ B1EA9681502EE57F87DB71D726288A5B ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:44:15.0563 2624 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
14:44:15.0578 2624 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:44:15.0578 2624 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:44:15.0578 2624 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\WINDOWS\System32\taskschd.dll
14:44:15.0578 2624 C:\WINDOWS\System32\taskschd.dll - ok
14:44:15.0594 2624 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\WINDOWS\System32\vssapi.dll
14:44:15.0594 2624 C:\WINDOWS\System32\vssapi.dll - ok
14:44:15.0594 2624 [ 9039717A906DA0AE38420918801D9AB3 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:44:15.0594 2624 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
14:44:15.0610 2624 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\WINDOWS\System32\wdscore.dll
14:44:15.0610 2624 C:\WINDOWS\System32\wdscore.dll - ok
14:44:15.0610 2624 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\WINDOWS\System32\vsstrace.dll
14:44:15.0610 2624 C:\WINDOWS\System32\vsstrace.dll - ok
14:44:15.0625 2624 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\WINDOWS\System32\cryptnet.dll
14:44:15.0625 2624 C:\WINDOWS\System32\cryptnet.dll - ok
14:44:15.0625 2624 [ 5533C95940E5B75FE89BD8CBB352189F ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
14:44:15.0625 2624 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
14:44:15.0641 2624 [ 832D44CA982AB483337CB6A3906E53EE ] C:\Program Files\Common Files\LightScribe\LSLog.dll
14:44:15.0641 2624 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
14:44:15.0641 2624 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
14:44:15.0641 2624 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
14:44:15.0656 2624 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
14:44:15.0656 2624 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
14:44:15.0656 2624 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\WINDOWS\System32\drivers\mdmxsdk.sys
14:44:15.0656 2624 C:\WINDOWS\System32\drivers\mdmxsdk.sys - ok
14:44:15.0672 2624 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] C:\WINDOWS\System32\drivers\NisDrvWFP.sys
14:44:15.0672 2624 C:\WINDOWS\System32\drivers\NisDrvWFP.sys - ok
14:44:15.0672 2624 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\WINDOWS\System32\ncsi.dll
14:44:15.0672 2624 C:\WINDOWS\System32\ncsi.dll - ok
14:44:15.0688 2624 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\WINDOWS\System32\drivers\PEAuth.sys
14:44:15.0688 2624 C:\WINDOWS\System32\drivers\PEAuth.sys - ok
14:44:15.0688 2624 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\System32\drivers\secdrv.sys
14:44:15.0688 2624 C:\WINDOWS\System32\drivers\secdrv.sys - ok
14:44:15.0703 2624 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] C:\WINDOWS\System32\drivers\tcpipreg.sys
14:44:15.0703 2624 C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
14:44:15.0703 2624 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\WINDOWS\System32\ssdpapi.dll
14:44:15.0703 2624 C:\WINDOWS\System32\ssdpapi.dll - ok
14:44:15.0719 2624 [ D0494460421A03CD5225CCA0059AA146 ] C:\WINDOWS\System32\IPSECSVC.DLL
14:44:15.0719 2624 C:\WINDOWS\System32\IPSECSVC.DLL - ok
14:44:15.0719 2624 [ 0C84B6AFFA7486422235584110D7176F ] C:\WINDOWS\System32\icaapi.dll
14:44:15.0719 2624 C:\WINDOWS\System32\icaapi.dll - ok
14:44:15.0734 2624 [ DAB33CFA9DD24251AAA389FF36B64D4B ] C:\WINDOWS\System32\drivers\XAudio.sys
14:44:15.0734 2624 C:\WINDOWS\System32\drivers\XAudio.sys - ok
14:44:15.0734 2624 [ CD5F291A1161F15896D1A4D63DAFF5DF ] C:\WINDOWS\System32\drivers\XAudio.exe
14:44:15.0734 2624 C:\WINDOWS\System32\drivers\XAudio.exe - ok
14:44:15.0750 2624 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\WINDOWS\System32\FwRemoteSvr.dll
14:44:15.0750 2624 C:\WINDOWS\System32\FwRemoteSvr.dll - ok
14:44:15.0750 2624 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\WINDOWS\System32\wbem\WMIsvc.dll
14:44:15.0750 2624 C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
14:44:15.0766 2624 [ 2205A220A264E8C8B86492BF3D112907 ] C:\WINDOWS\System32\PortableDeviceApi.dll
14:44:15.0766 2624 C:\WINDOWS\System32\PortableDeviceApi.dll - ok
14:44:15.0766 2624 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\WINDOWS\System32\wbemcomn.dll
14:44:15.0766 2624 C:\WINDOWS\System32\wbemcomn.dll - ok
14:44:15.0781 2624 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:44:15.0781 2624 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok
14:44:15.0781 2624 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
14:44:15.0781 2624 C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
14:44:15.0781 2624 [ FD647CA82ACF232DBE5F20345647B948 ] C:\WINDOWS\AppPatch\AcGenral.dll
14:44:15.0781 2624 C:\WINDOWS\AppPatch\AcGenral.dll - ok
14:44:15.0797 2624 [ B53BD9E63867CD9FD853F666CA172713 ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
14:44:15.0797 2624 C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
14:44:15.0797 2624 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\WINDOWS\System32\sfc_os.dll
14:44:15.0797 2624 C:\WINDOWS\System32\sfc_os.dll - ok
14:44:15.0812 2624 [ 13B5F255E90624A5BA0441D39CFB6BE2 ] C:\WINDOWS\System32\drivers\WUDFPf.sys
14:44:15.0812 2624 C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
14:44:15.0812 2624 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] C:\WINDOWS\System32\drivers\WUDFRd.sys
14:44:15.0812 2624 C:\WINDOWS\System32\drivers\WUDFRd.sys - ok
14:44:15.0828 2624 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\WINDOWS\System32\netprofm.dll
14:44:15.0828 2624 C:\WINDOWS\System32\netprofm.dll - ok
14:44:15.0828 2624 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\WINDOWS\System32\npmproxy.dll
14:44:15.0828 2624 C:\WINDOWS\System32\npmproxy.dll - ok
14:44:15.0844 2624 [ 3B846434055F80D9E89D0742F3ADAD34 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
14:44:15.0844 2624 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
14:44:15.0844 2624 [ 4C6CA0F172E264B432666A81E4B466AB ] C:\Program Files\Microsoft Security Client\NisLog.dll
14:44:15.0844 2624 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
14:44:15.0859 2624 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\WINDOWS\System32\diagperf.dll
14:44:15.0859 2624 C:\WINDOWS\System32\diagperf.dll - ok
14:44:15.0859 2624 [ 1D6B95871DC006190964B04E5657E35F ] C:\WINDOWS\System32\rastapi.dll
14:44:15.0859 2624 C:\WINDOWS\System32\rastapi.dll - ok
14:44:15.0875 2624 [ F0062778F50838145AC46B384FFB4FA3 ] C:\WINDOWS\System32\pcadm.dll
14:44:15.0875 2624 C:\WINDOWS\System32\pcadm.dll - ok
14:44:15.0875 2624 [ 21322832C99E8DE85BD047689A2A69DB ] C:\WINDOWS\System32\pnpts.dll
14:44:15.0875 2624 C:\WINDOWS\System32\pnpts.dll - ok
14:44:15.0890 2624 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\WINDOWS\System32\unimdm.tsp
14:44:15.0890 2624 C:\WINDOWS\System32\unimdm.tsp - ok
14:44:15.0890 2624 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\WINDOWS\System32\uniplat.dll
14:44:15.0890 2624 C:\WINDOWS\System32\uniplat.dll - ok
14:44:15.0906 2624 [ 09C7859269563C240AB2AAAB574483DD ] C:\WINDOWS\System32\WUDFHost.exe
14:44:15.0906 2624 C:\WINDOWS\System32\WUDFHost.exe - ok
14:44:15.0906 2624 [ 2E837F3D406224DF131C34BC8F71621E ] C:\WINDOWS\System32\modemui.dll
14:44:15.0906 2624 C:\WINDOWS\System32\modemui.dll - ok
14:44:15.0922 2624 [ 0B71899E60D1265229BF3D080EAB573D ] C:\WINDOWS\System32\unimdmat.dll
14:44:15.0922 2624 C:\WINDOWS\System32\unimdmat.dll - ok
14:44:15.0922 2624 [ 953193A9DEA40348C1086D171F6440AE ] C:\WINDOWS\System32\kmddsp.tsp
14:44:15.0922 2624 C:\WINDOWS\System32\kmddsp.tsp - ok
14:44:15.0937 2624 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\WINDOWS\System32\ndptsp.tsp
14:44:15.0937 2624 C:\WINDOWS\System32\ndptsp.tsp - ok
14:44:15.0937 2624 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\WINDOWS\System32\hidphone.tsp
14:44:15.0937 2624 C:\WINDOWS\System32\hidphone.tsp - ok
14:44:15.0953 2624 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\WINDOWS\System32\rasppp.dll
14:44:15.0953 2624 C:\WINDOWS\System32\rasppp.dll - ok
14:44:15.0953 2624 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\WINDOWS\System32\mprapi.dll
14:44:15.0953 2624 C:\WINDOWS\System32\mprapi.dll - ok
14:44:15.0968 2624 [ 769D027B977CED05658C85E698D3C5B1 ] C:\WINDOWS\System32\QUTIL.DLL
14:44:15.0968 2624 C:\WINDOWS\System32\QUTIL.DLL - ok
14:44:15.0968 2624 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\WINDOWS\System32\rasqec.dll
14:44:15.0968 2624 C:\WINDOWS\System32\rasqec.dll - ok
14:44:15.0984 2624 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\WINDOWS\System32\raschap.dll
14:44:15.0984 2624 C:\WINDOWS\System32\raschap.dll - ok
14:44:15.0984 2624 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\WINDOWS\System32\cryptui.dll
14:44:15.0984 2624 C:\WINDOWS\System32\cryptui.dll - ok
14:44:16.0000 2624 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\WINDOWS\System32\rastls.dll
14:44:16.0000 2624 C:\WINDOWS\System32\rastls.dll - ok
14:44:16.0000 2624 [ 053ACAAE0F10C22A00C26DD10EF394BA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC1BED74-63EB-4D67-9DBB-ABAACDE2D004}\gapaengine.dll
14:44:16.0000 2624 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC1BED74-63EB-4D67-9DBB-ABAACDE2D004}\gapaengine.dll - ok
14:44:16.0015 2624 [ 4B72B5B342ADA4DE8DEEA39CCE465B58 ] C:\WINDOWS\System32\WUDFx.dll
14:44:16.0015 2624 C:\WINDOWS\System32\WUDFx.dll - ok
14:44:16.0015 2624 [ 5527767F1ADD169320020321EEBA581E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC1BED74-63EB-4D67-9DBB-ABAACDE2D004}\nisfull.vdm
14:44:16.0015 2624 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC1BED74-63EB-4D67-9DBB-ABAACDE2D004}\nisfull.vdm - ok
14:44:16.0031 2624 [ 119A487B94FCB54D5154EBFBFA124755 ] C:\WINDOWS\System32\drivers\UMDF\WpdFs.dll
14:44:16.0031 2624 C:\WINDOWS\System32\drivers\UMDF\WpdFs.dll - ok
14:44:16.0031 2624 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\WINDOWS\System32\WMVCORE.DLL
14:44:16.0046 2624 C:\WINDOWS\System32\WMVCORE.DLL - ok
14:44:16.0046 2624 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\WINDOWS\System32\WMASF.DLL
14:44:16.0046 2624 C:\WINDOWS\System32\WMASF.DLL - ok
14:44:16.0062 2624 [ B2B117BD8D1EA80536CDD91797EF4A0A ] C:\WINDOWS\System32\PortableDeviceClassExtension.dll
14:44:16.0062 2624 C:\WINDOWS\System32\PortableDeviceClassExtension.dll - ok
14:44:16.0062 2624 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\WINDOWS\System32\PortableDeviceTypes.dll
14:44:16.0062 2624 C:\WINDOWS\System32\PortableDeviceTypes.dll - ok
14:44:16.0078 2624 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\WINDOWS\System32\taskeng.exe
14:44:16.0078 2624 C:\WINDOWS\System32\taskeng.exe - ok
14:44:16.0078 2624 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\WINDOWS\System32\TSChannel.dll
14:44:16.0078 2624 C:\WINDOWS\System32\TSChannel.dll - ok
14:44:16.0093 2624 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\WINDOWS\System32\dimsjob.dll
14:44:16.0093 2624 C:\WINDOWS\System32\dimsjob.dll - ok
14:44:16.0093 2624 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\WINDOWS\System32\certcli.dll
14:44:16.0093 2624 C:\WINDOWS\System32\certcli.dll - ok
14:44:16.0109 2624 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\WINDOWS\System32\pautoenr.dll
14:44:16.0109 2624 C:\WINDOWS\System32\pautoenr.dll - ok
14:44:16.0109 2624 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\WINDOWS\System32\CertEnroll.dll
14:44:16.0109 2624 C:\WINDOWS\System32\CertEnroll.dll - ok
14:44:16.0124 2624 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\WINDOWS\System32\dllhost.exe
14:44:16.0124 2624 C:\WINDOWS\System32\dllhost.exe - ok
14:44:16.0124 2624 [ 3CD1B69551236977918E60F9543C89A2 ] C:\WINDOWS\System32\AtBroker.exe
14:44:16.0124 2624 C:\WINDOWS\System32\AtBroker.exe - ok
14:44:16.0140 2624 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\WINDOWS\System32\userinit.exe
14:44:16.0140 2624 C:\WINDOWS\System32\userinit.exe - ok
14:44:16.0140 2624 [ D80C6539C00CB4F5D59066865479C308 ] C:\WINDOWS\System32\dwmredir.dll
14:44:16.0140 2624 C:\WINDOWS\System32\dwmredir.dll - ok
14:44:16.0156 2624 [ C99403A5B641520DAED0021DDA06F272 ] C:\WINDOWS\System32\milcore.dll
14:44:16.0156 2624 C:\WINDOWS\System32\milcore.dll - ok
14:44:16.0156 2624 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\WINDOWS\System32\d3d9.dll
14:44:16.0156 2624 C:\WINDOWS\System32\d3d9.dll - ok
14:44:16.0171 2624 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\WINDOWS\System32\d3d8thk.dll
14:44:16.0171 2624 C:\WINDOWS\System32\d3d8thk.dll - ok
14:44:16.0171 2624 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\WINDOWS\System32\uDWM.dll
14:44:16.0171 2624 C:\WINDOWS\System32\uDWM.dll - ok
14:44:16.0187 2624 [ D598DDFDF2D30A0C03F95DCEC236A76E ] C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
14:44:16.0187 2624 C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe - ok
14:44:16.0187 2624 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\WINDOWS\explorer.exe
14:44:16.0187 2624 C:\WINDOWS\explorer.exe - ok
14:44:16.0202 2624 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\WINDOWS\System32\shdocvw.dll
14:44:16.0202 2624 C:\WINDOWS\System32\shdocvw.dll - ok
14:44:16.0202 2624 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
14:44:16.0202 2624 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
14:44:16.0218 2624 [ 172B7ADD2014318A5294F2BBA355C322 ] C:\Program Files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe
14:44:16.0218 2624 C:\Program Files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe - ok
14:44:16.0218 2624 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\WINDOWS\System32\browseui.dll
14:44:16.0218 2624 C:\WINDOWS\System32\browseui.dll - ok
14:44:16.0234 2624 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\WINDOWS\System32\oledlg.dll
14:44:16.0234 2624 C:\WINDOWS\System32\oledlg.dll - ok
14:44:16.0234 2624 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
14:44:16.0234 2624 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
14:44:16.0249 2624 [ D922592AB65C5D9B88B30B4510A3464E ] C:\WINDOWS\System32\cscapi.dll
14:44:16.0249 2624 C:\WINDOWS\System32\cscapi.dll - ok
14:44:16.0249 2624 [ 4934241CD20AC87D78121352E3BA8318 ] C:\WINDOWS\System32\dbghelp.dll
14:44:16.0249 2624 C:\WINDOWS\System32\dbghelp.dll - ok
14:44:16.0265 2624 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\WINDOWS\System32\EhStorShell.dll
14:44:16.0265 2624 C:\WINDOWS\System32\EhStorShell.dll - ok
14:44:16.0265 2624 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\WINDOWS\System32\imageres.dll
14:44:16.0265 2624 C:\WINDOWS\System32\imageres.dll - ok
14:44:16.0280 2624 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
14:44:16.0280 2624 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
14:44:16.0280 2624 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\WINDOWS\System32\HotStartUserAgent.dll
14:44:16.0280 2624 C:\WINDOWS\System32\HotStartUserAgent.dll - ok
14:44:16.0296 2624 [ 27FDB976616E6F0363654AB16453289C ] C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
14:44:16.0296 2624 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe - ok
14:44:16.0296 2624 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\WINDOWS\System32\PlaySndSrv.dll
14:44:16.0296 2624 C:\WINDOWS\System32\PlaySndSrv.dll - ok
14:44:16.0312 2624 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\WINDOWS\System32\IconCodecService.dll
14:44:16.0312 2624 C:\WINDOWS\System32\IconCodecService.dll - ok
14:44:16.0312 2624 [ 43E1054C713C48D252A1826C5E14AACA ] C:\WINDOWS\System32\MsCtfMonitor.dll
14:44:16.0312 2624 C:\WINDOWS\System32\MsCtfMonitor.dll - ok
14:44:16.0327 2624 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\WINDOWS\System32\mstask.dll
14:44:16.0327 2624 C:\WINDOWS\System32\mstask.dll - ok
14:44:16.0327 2624 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\WINDOWS\System32\msutb.dll
14:44:16.0327 2624 C:\WINDOWS\System32\msutb.dll - ok
14:44:16.0343 2624 [ 893E0152D1EA2748E1B0772FBE8127D0 ] C:\Program Files\Trusteer\Rapport\bin\js32.dll
14:44:16.0343 2624 C:\Program Files\Trusteer\Rapport\bin\js32.dll - ok
14:44:16.0343 2624 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\WINDOWS\System32\runonce.exe
14:44:16.0343 2624 C:\WINDOWS\System32\runonce.exe - ok
14:44:16.0358 2624 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\WINDOWS\System32\cmd.exe
14:44:16.0358 2624 C:\WINDOWS\System32\cmd.exe - ok
14:44:16.0358 2624 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\WINDOWS\System32\TMM.dll
14:44:16.0358 2624 C:\WINDOWS\System32\TMM.dll - ok
14:44:16.0374 2624 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\WINDOWS\System32\ieframe.dll
14:44:16.0374 2624 C:\WINDOWS\System32\ieframe.dll - ok
14:44:16.0374 2624 [ 56DD8A42DBFF708D46163D65A02A38E8 ] C:\Program Files\Trusteer\Rapport\bin\RapportKoan.dll
14:44:16.0374 2624 C:\Program Files\Trusteer\Rapport\bin\RapportKoan.dll - ok
14:44:16.0390 2624 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\Program Files\Trusteer\Rapport\bin\atl80.dll
14:44:16.0390 2624 C:\Program Files\Trusteer\Rapport\bin\atl80.dll - ok
14:44:16.0390 2624 [ FF3579F13CC08B6ADDCD3CC9A0B15F3C ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan3.dll
14:44:16.0390 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan3.dll - ok
14:44:16.0405 2624 [ 6B851B6C3147D980B12649C85FF527FB ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan35.dll
14:44:16.0405 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan35.dll - ok
14:44:16.0405 2624 [ 8F20D05D5693E189DA7FCF2295667F27 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan36.dll
14:44:16.0405 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan36.dll - ok
14:44:16.0421 2624 [ 891B74518F9218D024D01C876E980234 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan9.dll
14:44:16.0421 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan9.dll - ok
14:44:16.0436 2624 [ 3323B1CC3AA914F8E93D8CBD983BDDB9 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan10.dll
14:44:16.0436 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan10.dll - ok
14:44:16.0436 2624 [ 5ECCBE6EB60F4A0CD45D98CEA135A6D8 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan11.dll
14:44:16.0436 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan11.dll - ok
14:44:16.0452 2624 [ 58DB8CCA800F10C0865942A5FACBBE66 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan12.dll
14:44:16.0452 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan12.dll - ok
14:44:16.0452 2624 [ F71CA66D1D36BF74856F6E52DA95455B ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan13.dll
14:44:16.0452 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan13.dll - ok
14:44:16.0468 2624 [ ABCCE8047215CEDCFDD9B2EDB2C086A1 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan14.dll
14:44:16.0468 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan14.dll - ok
14:44:16.0468 2624 [ 8F1BAF64D34E2BE564E336DDFAD96711 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan15.dll
14:44:16.0468 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan15.dll - ok
14:44:16.0483 2624 [ 988FCBD4D4C5E06861E2F95D72364806 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan16.dll
14:44:16.0483 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan16.dll - ok
14:44:16.0483 2624 [ D863521874B4CF738B20AEA18DE10692 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan17.dll
14:44:16.0483 2624 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan17.dll - ok
14:44:16.0499 2624 [ BADC3AB3D0B5DCDEDCEB4142DE613251 ] C:\Program Files\Trusteer\Rapport\bin\RapportNikko.dll
14:44:16.0499 2624 C:\Program Files\Trusteer\Rapport\bin\RapportNikko.dll - ok
14:44:16.0499 2624 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\WINDOWS\System32\QAGENT.DLL
14:44:16.0499 2624 C:\WINDOWS\System32\QAGENT.DLL - ok
14:44:16.0514 2624 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\djokrall\AppData\Local\Temp\B1B16E03-C16E-4D37-9F53-417F5CCC71E2.exe
14:44:16.0514 2624 C:\Users\djokrall\AppData\Local\Temp\B1B16E03-C16E-4D37-9F53-417F5CCC71E2.exe - ok
14:44:16.0514 2624 [ A7A6954E500715117B64B414AB81CB44 ] C:\Program Files\Java\jre7\bin\ssv.dll
14:44:16.0514 2624 C:\Program Files\Java\jre7\bin\ssv.dll - ok
14:44:16.0530 2624 [ EB47E405A9222CA595E5E763B4156529 ] C:\Program Files\Java\jre7\bin\jp2ssv.dll
14:44:16.0530 2624 C:\Program Files\Java\jre7\bin\jp2ssv.dll - ok
14:44:16.0530 2624 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\WINDOWS\System32\wbem\wbemprox.dll
14:44:16.0530 2624 C:\WINDOWS\System32\wbem\wbemprox.dll - ok
14:44:16.0546 2624 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\WINDOWS\System32\wbem\wbemcore.dll
14:44:16.0546 2624 C:\WINDOWS\System32\wbem\wbemcore.dll - ok
14:44:16.0561 2624 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\WINDOWS\System32\wbem\esscli.dll
14:44:16.0561 2624 C:\WINDOWS\System32\wbem\esscli.dll - ok
14:44:16.0561 2624 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\WINDOWS\System32\wbem\fastprox.dll
14:44:16.0561 2624 C:\WINDOWS\System32\wbem\fastprox.dll - ok
14:44:16.0577 2624 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\WINDOWS\System32\wbem\wbemsvc.dll
14:44:16.0577 2624 C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
14:44:16.0577 2624 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\WINDOWS\System32\wbem\repdrvfs.dll
14:44:16.0577 2624 C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
14:44:16.0577 2624 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\WINDOWS\System32\wbem\wmiutils.dll
14:44:16.0577 2624 C:\WINDOWS\System32\wbem\wmiutils.dll - ok
14:44:16.0592 2624 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
14:44:16.0592 2624 C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
14:44:16.0592 2624 [ A609A192E98934A8D352704C99AB8577 ] C:\WINDOWS\System32\wbem\wbemess.dll
14:44:16.0592 2624 C:\WINDOWS\System32\wbem\wbemess.dll - ok
14:44:16.0608 2624 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
14:44:16.0608 2624 C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
14:44:16.0608 2624 [ F723422A11CD6FA13036746272200993 ] C:\WINDOWS\System32\wbem\cimwin32.dll
14:44:16.0608 2624 C:\WINDOWS\System32\wbem\cimwin32.dll - ok
14:44:16.0624 2624 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\WINDOWS\System32\framedynos.dll
14:44:16.0624 2624 C:\WINDOWS\System32\framedynos.dll - ok
14:44:16.0624 2624 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\WINDOWS\System32\wmi.dll
14:44:16.0624 2624 C:\WINDOWS\System32\wmi.dll - ok
14:44:16.0639 2624 [ 7D1A10A1F3562CCA1FD38E9BADA8FEC0 ] C:\WINDOWS\System32\perfos.dll
14:44:16.0639 2624 C:\WINDOWS\System32\perfos.dll - ok
14:44:16.0639 2624 [ 43AEF7355D24090CA7C24C83846BD981 ] C:\WINDOWS\System32\spp.dll
14:44:16.0639 2624 C:\WINDOWS\System32\spp.dll - ok
14:44:16.0655 2624 [ BC8E5F6AAF447364A6F6A00D3F8FAF29 ] C:\WINDOWS\System32\srclient.dll
14:44:16.0655 2624 C:\WINDOWS\System32\srclient.dll - ok
14:44:16.0655 2624 [ CA21FA27DF770C209F272B74B9C2B4C4 ] C:\WINDOWS\System32\srwmi.dll
14:44:16.0655 2624 C:\WINDOWS\System32\srwmi.dll - ok
14:44:16.0670 2624 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\System32\wuapi.dll
14:44:16.0670 2624 C:\WINDOWS\System32\wuapi.dll - ok
14:44:16.0670 2624 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\System32\wups.dll
14:44:16.0670 2624 C:\WINDOWS\System32\wups.dll - ok
14:44:16.0686 2624 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\System32\wuaueng.dll
14:44:16.0686 2624 C:\WINDOWS\System32\wuaueng.dll - ok
14:44:16.0686 2624 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\WINDOWS\System32\esent.dll
14:44:16.0686 2624 C:\WINDOWS\System32\esent.dll - ok
14:44:16.0702 2624 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\WINDOWS\System32\mspatcha.dll
14:44:16.0702 2624 C:\WINDOWS\System32\mspatcha.dll - ok
14:44:16.0702 2624 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\System32\wups2.dll
14:44:16.0717 2624 C:\WINDOWS\System32\wups2.dll - ok
14:44:16.0717 2624 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\WINDOWS\System32\wer.dll
14:44:16.0717 2624 C:\WINDOWS\System32\wer.dll - ok
14:44:16.0733 2624 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\WINDOWS\System32\bitsperf.dll
14:44:16.0733 2624 C:\WINDOWS\System32\bitsperf.dll - ok
14:44:16.0733 2624 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\WINDOWS\System32\shfolder.dll
14:44:16.0733 2624 C:\WINDOWS\System32\shfolder.dll - ok
14:44:16.0748 2624 [ 632557F2495931D952161465AA177B3B ] C:\WINDOWS\System32\bitsigd.dll
14:44:16.0748 2624 C:\WINDOWS\System32\bitsigd.dll - ok
14:44:16.0748 2624 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\WINDOWS\System32\security.dll
14:44:16.0748 2624 C:\WINDOWS\System32\security.dll - ok
14:44:16.0764 2624 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\WINDOWS\System32\upnp.dll
14:44:16.0764 2624 C:\WINDOWS\System32\upnp.dll - ok
14:44:16.0764 2624 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\WINDOWS\System32\dssenh.dll
14:44:16.0764 2624 C:\WINDOWS\System32\dssenh.dll - ok
14:44:16.0780 2624 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\WINDOWS\System32\qmgrprxy.dll
14:44:16.0780 2624 C:\WINDOWS\System32\qmgrprxy.dll - ok
14:44:16.0780 2624 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\WINDOWS\System32\wbem\wmipcima.dll
14:44:16.0780 2624 C:\WINDOWS\System32\wbem\wmipcima.dll - ok
14:44:16.0795 2624 [ F9997A74B445A6EAB6B3E7758C1DC51C ] C:\WINDOWS\System32\bitsprx5.dll
14:44:16.0795 2624 C:\WINDOWS\System32\bitsprx5.dll - ok
14:44:16.0795 2624 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\WINDOWS\System32\drivers\cdfs.sys
14:44:16.0795 2624 C:\WINDOWS\System32\drivers\cdfs.sys - ok
14:44:16.0811 2624 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
14:44:16.0811 2624 C:\Program Files\Windows Calendar\WinCal.exe - ok
14:44:16.0811 2624 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\WINDOWS\System32\ie4uinit.exe
14:44:16.0811 2624 C:\WINDOWS\System32\ie4uinit.exe - ok
14:44:16.0826 2624 [ 4B19A9A4191353007E9819A832B81186 ] C:\WINDOWS\System32\timedate.cpl
14:44:16.0826 2624 C:\WINDOWS\System32\timedate.cpl - ok
14:44:16.0826 2624 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\WINDOWS\System32\actxprxy.dll
14:44:16.0826 2624 C:\WINDOWS\System32\actxprxy.dll - ok
14:44:16.0842 2624 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\WINDOWS\System32\msshsq.dll
14:44:16.0842 2624 C:\WINDOWS\System32\msshsq.dll - ok
14:44:16.0842 2624 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\WINDOWS\System32\NaturalLanguage6.dll
14:44:16.0842 2624 C:\WINDOWS\System32\NaturalLanguage6.dll - ok
14:44:16.0858 2624 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\WINDOWS\System32\NlsData0009.dll
14:44:16.0858 2624 C:\WINDOWS\System32\NlsData0009.dll - ok
14:44:16.0858 2624 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\System32\drivers\46134817.sys
14:44:16.0858 2624 C:\WINDOWS\System32\drivers\46134817.sys - ok
14:44:16.0873 2624 [ 8629B71343F61E1140243581C63BC0C7 ] C:\WINDOWS\System32\NlsLexicons0009.dll
14:44:16.0873 2624 C:\WINDOWS\System32\NlsLexicons0009.dll - ok
14:44:16.0873 2624 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\WINDOWS\System32\riched20.dll
14:44:16.0873 2624 C:\WINDOWS\System32\riched20.dll - ok
14:44:16.0889 2624 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys
14:44:16.0889 2624 C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys - ok
14:44:16.0889 2624 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\WINDOWS\System32\linkinfo.dll
14:44:16.0889 2624 C:\WINDOWS\System32\linkinfo.dll - ok
14:44:16.0904 2624 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
14:44:16.0904 2624 C:\Program Files\Microsoft Security Client\msseces.exe - ok
14:44:16.0904 2624 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\WINDOWS\System32\networkexplorer.dll
14:44:16.0904 2624 C:\WINDOWS\System32\networkexplorer.dll - ok
14:44:16.0920 2624 [ 5016B8FC59AD616F03813FBE63295081 ] C:\WINDOWS\System32\thumbcache.dll
14:44:16.0920 2624 C:\WINDOWS\System32\thumbcache.dll - ok
14:44:16.0920 2624 [ D93985F5D87DF1A119E939EADB5C4B9E ] C:\WINDOWS\RtHDVCpl.exe
14:44:16.0920 2624 C:\WINDOWS\RtHDVCpl.exe - ok
14:44:16.0936 2624 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\WINDOWS\System32\control.exe
14:44:16.0936 2624 C:\WINDOWS\System32\control.exe - ok
14:44:16.0936 2624 [ B1361669BDC6ED612C35B7C67ADA2240 ] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
14:44:16.0936 2624 C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe - ok
14:44:16.0951 2624 [ 009811BD21D0BD7BA5C7765565505764 ] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
14:44:16.0951 2624 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe - ok
14:44:16.0951 2624 [ CE9191729CD550E871494CBA6ADCA112 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
14:44:16.0951 2624 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
14:44:16.0967 2624 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\WINDOWS\System32\mlang.dll
14:44:16.0967 2624 C:\WINDOWS\System32\mlang.dll - ok
14:44:16.0967 2624 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\quickenfc\WizLink.exe
14:44:16.0967 2624 C:\Program Files\Online Services\quickenfc\WizLink.exe - ok
14:44:16.0982 2624 [ 9A4322EE420D6FACD4D4B1FF6CB856B1 ] C:\hp\support\hpsysdrv.exe
14:44:16.0982 2624 C:\hp\support\hpsysdrv.exe - ok
14:44:16.0982 2624 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
14:44:16.0982 2624 C:\Program Files\Windows Mail\wab.exe - ok
14:44:16.0998 2624 [ 625E173870538418A3C66C18338CE358 ] C:\WINDOWS\System32\nvmctray.dll
14:44:16.0998 2624 C:\WINDOWS\System32\nvmctray.dll - ok
14:44:16.0998 2624 [ FDD4F5F7C4BAD248AB16233A1639C078 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
14:44:16.0998 2624 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
14:44:17.0014 2624 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
14:44:17.0014 2624 C:\Program Files\Movie Maker\DVDMaker.exe - ok
14:44:17.0029 2624 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\WINDOWS\System32\ntshrui.dll
14:44:17.0029 2624 C:\WINDOWS\System32\ntshrui.dll - ok
14:44:17.0029 2624 [ FE821F6FA60E9DF9FDEE69A23488BBAB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:44:17.0029 2624 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
14:44:17.0045 2624 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\WINDOWS\System32\msiltcfg.dll
14:44:17.0045 2624 C:\WINDOWS\System32\msiltcfg.dll - ok
14:44:17.0045 2624 [ 61216539E55DDF2F78E421E7EF140650 ] C:\WINDOWS\System32\ExplorerFrame.dll
14:44:17.0045 2624 C:\WINDOWS\System32\ExplorerFrame.dll - ok
14:44:17.0060 2624 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:44:17.0060 2624 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
14:44:17.0060 2624 [ B7ED332A57FC78CA29E40D3619550225 ] C:\WINDOWS\ehome\ehshell.exe
14:44:17.0060 2624 C:\WINDOWS\ehome\ehshell.exe - ok
14:44:17.0076 2624 [ A6C9085DB29CEB92FA32D9EFBAB0471D ] C:\Program Files\AC3Filter\spdif_test.exe
14:44:17.0076 2624 C:\Program Files\AC3Filter\spdif_test.exe - ok
14:44:17.0076 2624 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
14:44:17.0076 2624 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
14:44:17.0092 2624 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\WINDOWS\System32\dsound.dll
14:44:17.0092 2624 C:\WINDOWS\System32\dsound.dll - ok
14:44:17.0092 2624 [ B5950DF243837D8217F4E597919B224A ] C:\WINDOWS\System32\stobject.dll
14:44:17.0092 2624 C:\WINDOWS\System32\stobject.dll - ok
14:44:17.0107 2624 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\WINDOWS\System32\msftedit.dll
14:44:17.0107 2624 C:\WINDOWS\System32\msftedit.dll - ok
14:44:17.0107 2624 [ EC69B16644C613F41A57169F8D068F1D ] C:\WINDOWS\System32\batmeter.dll
14:44:17.0107 2624 C:\WINDOWS\System32\batmeter.dll - ok
14:44:17.0107 2624 [ F2596401DB33C35E17D7F3FA7F38EF8B ] C:\Program Files\AWS\WeatherBug\Weather.exe
14:44:17.0107 2624 C:\Program Files\AWS\WeatherBug\Weather.exe - ok
14:44:17.0123 2624 [ 9ACA98B6051AB442A3B87D0DB601900C ] C:\Program Files\AWS\WeatherBug\wxdist.dll
14:44:17.0123 2624 C:\Program Files\AWS\WeatherBug\wxdist.dll - ok
14:44:17.0138 2624 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
14:44:17.0138 2624 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
14:44:17.0138 2624 [ BF08674925F151BD4537B89A493E3E0C ] C:\WINDOWS\ehome\ehtray.exe
14:44:17.0138 2624 C:\WINDOWS\ehome\ehtray.exe - ok
14:44:17.0154 2624 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
14:44:17.0154 2624 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
14:44:17.0154 2624 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:44:17.0154 2624 C:\Program Files\Windows Sidebar\sidebar.exe - ok
14:44:17.0170 2624 [ 30F02D9C55053367E26A11482F51E255 ] C:\WINDOWS\System32\SndVolSSO.dll
14:44:17.0170 2624 C:\WINDOWS\System32\SndVolSSO.dll - ok
14:44:17.0170 2624 [ 069385484EA57B663D688894C88975C5 ] C:\WINDOWS\System32\wuapp.exe
14:44:17.0170 2624 C:\WINDOWS\System32\wuapp.exe - ok
14:44:17.0185 2624 [ 013D640EE2BA28429AE422BF20A247D3 ] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
14:44:17.0185 2624 C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe - ok
14:44:17.0185 2624 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\WINDOWS\ehome\ehSSO.dll
14:44:17.0185 2624 C:\WINDOWS\ehome\ehSSO.dll - ok
14:44:17.0201 2624 [ E98E402067978DB38282158F9E8609CA ] C:\WINDOWS\System32\netshell.dll
14:44:17.0201 2624 C:\WINDOWS\System32\netshell.dll - ok
14:44:17.0201 2624 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\WINDOWS\System32\pnidui.dll
14:44:17.0201 2624 C:\WINDOWS\System32\pnidui.dll - ok
14:44:17.0216 2624 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\WINDOWS\System32\wlanutil.dll
14:44:17.0216 2624 C:\WINDOWS\System32\wlanutil.dll - ok
14:44:17.0216 2624 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\WINDOWS\System32\fdProxy.dll
14:44:17.0216 2624 C:\WINDOWS\System32\fdProxy.dll - ok
14:44:17.0232 2624 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\WINDOWS\System32\fdWSD.dll
14:44:17.0232 2624 C:\WINDOWS\System32\fdWSD.dll - ok
14:44:17.0232 2624 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\WINDOWS\System32\rasdlg.dll
14:44:17.0232 2624 C:\WINDOWS\System32\rasdlg.dll - ok
14:44:17.0248 2624 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\WINDOWS\System32\fdSSDP.dll
14:44:17.0248 2624 C:\WINDOWS\System32\fdSSDP.dll - ok
14:44:17.0248 2624 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
14:44:17.0248 2624 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
14:44:17.0263 2624 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\WINDOWS\System32\wlanapi.dll
14:44:17.0263 2624 C:\WINDOWS\System32\wlanapi.dll - ok
14:44:17.0263 2624 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\WINDOWS\System32\onex.dll
14:44:17.0263 2624 C:\WINDOWS\System32\onex.dll - ok
14:44:17.0279 2624 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
14:44:17.0279 2624 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
14:44:17.0279 2624 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\WINDOWS\System32\wbem\NCProv.dll
14:44:17.0279 2624 C:\WINDOWS\System32\wbem\NCProv.dll - ok
14:44:17.0294 2624 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\WINDOWS\System32\eappprxy.dll
14:44:17.0294 2624 C:\WINDOWS\System32\eappprxy.dll - ok
14:44:17.0294 2624 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\WINDOWS\System32\eappcfg.dll
14:44:17.0294 2624 C:\WINDOWS\System32\eappcfg.dll - ok
14:44:17.0310 2624 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\WINDOWS\System32\wbem\wbemcons.dll
14:44:17.0310 2624 C:\WINDOWS\System32\wbem\wbemcons.dll - ok
14:44:17.0310 2624 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\WINDOWS\System32\AltTab.dll
14:44:17.0310 2624 C:\WINDOWS\System32\AltTab.dll - ok
14:44:17.0326 2624 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\WINDOWS\System32\wmpmde.dll
14:44:17.0326 2624 C:\WINDOWS\System32\wmpmde.dll - ok
14:44:17.0326 2624 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\WINDOWS\System32\WPDShServiceObj.dll
14:44:17.0341 2624 C:\WINDOWS\System32\WPDShServiceObj.dll - ok
14:44:17.0341 2624 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\WINDOWS\System32\mf.dll
14:44:17.0341 2624 C:\WINDOWS\System32\mf.dll - ok
14:44:17.0357 2624 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\WINDOWS\System32\evr.dll
14:44:17.0357 2624 C:\WINDOWS\System32\evr.dll - ok
14:44:17.0357 2624 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\WINDOWS\System32\srchadmin.dll
14:44:17.0357 2624 C:\WINDOWS\System32\srchadmin.dll - ok
14:44:17.0372 2624 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\WINDOWS\System32\webcheck.dll
14:44:17.0372 2624 C:\WINDOWS\System32\webcheck.dll - ok
14:44:17.0372 2624 [ 4DF10CE50010D70152944B51E03588B0 ] C:\WINDOWS\System32\wmdrmsdk.dll
14:44:17.0372 2624 C:\WINDOWS\System32\wmdrmsdk.dll - ok
14:44:17.0372 2624 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\WINDOWS\System32\dxva2.dll
14:44:17.0372 2624 C:\WINDOWS\System32\dxva2.dll - ok
14:44:17.0388 2624 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\WINDOWS\System32\SyncCenter.dll
14:44:17.0388 2624 C:\WINDOWS\System32\SyncCenter.dll - ok
14:44:17.0388 2624 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\WINDOWS\System32\wscntfy.dll
14:44:17.0388 2624 C:\WINDOWS\System32\wscntfy.dll - ok
14:44:17.0404 2624 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\WINDOWS\System32\imapi2.dll
14:44:17.0404 2624 C:\WINDOWS\System32\imapi2.dll - ok
14:44:17.0404 2624 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\WINDOWS\System32\wmp.dll
14:44:17.0404 2624 C:\WINDOWS\System32\wmp.dll - ok
14:44:17.0419 2624 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\WINDOWS\System32\bthprops.cpl
14:44:17.0419 2624 C:\WINDOWS\System32\bthprops.cpl - ok
14:44:17.0419 2624 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\WINDOWS\System32\msvfw32.dll
14:44:17.0419 2624 C:\WINDOWS\System32\msvfw32.dll - ok
14:44:17.0435 2624 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\WINDOWS\System32\wmploc.DLL
14:44:17.0435 2624 C:\WINDOWS\System32\wmploc.DLL - ok
14:44:17.0450 2624 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\WINDOWS\System32\wmpps.dll
14:44:17.0450 2624 C:\WINDOWS\System32\wmpps.dll - ok
14:44:17.0450 2624 [ CA0C67BA7AEBA6AED5DDB852E6EEA811 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
14:44:17.0450 2624 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
14:44:17.0466 2624 [ 0F4195B9B348DE5CF9B822F81704B20E ] C:\WINDOWS\ehome\ehmsas.exe
14:44:17.0466 2624 C:\WINDOWS\ehome\ehmsas.exe - ok
14:44:17.0466 2624 [ E60E9D5F229CB8DA347D48ADD6E8DC47 ] C:\Program Files\Mozilla Firefox\firefox.exe
14:44:17.0466 2624 C:\Program Files\Mozilla Firefox\firefox.exe - ok
14:44:17.0482 2624 [ 4A938E44BEB41641B70175DACAB1BBB0 ] C:\WINDOWS\ehome\ehProxy.dll
14:44:17.0482 2624 C:\WINDOWS\ehome\ehProxy.dll - ok
14:44:17.0482 2624 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
14:44:17.0482 2624 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
14:44:17.0482 2624 ============================================================
14:44:17.0482 2624 Scan finished
14:44:17.0482 2624 ============================================================
14:44:17.0513 3144 Detected object count: 1
14:44:17.0513 3144 Actual detected object count: 1
14:44:38.0339 3144 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:44:38.0339 3144 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:45:52.0423 3420 Deinitialize success
OTL logfile created on: 11/24/2012 2:49:15 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\djokrall\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 48.64% Memory free
3.98 Gb Paging File | 3.05 Gb Available in Paging File | 76.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.48 Gb Total Space | 360.93 Gb Free Space | 79.07% Space Free | Partition Type: NTFS
Drive D: | 9.28 Gb Total Space | 1.28 Gb Free Space | 13.78% Space Free | Partition Type: NTFS
Computer Name: DJOKRALL-PC | User Name: djokrall | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/11/23 19:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\djokrall\Desktop\OTL.exe
PRC - [2012/11/07 16:29:32 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/11/07 16:29:30 | 001,673,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/10/11 11:49:14 | 001,179,648 | ---- | M] (W3i, LLC) -- C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2010/04/29 09:38:54 | 001,652,736 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2009/04/11 02:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/03 11:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 06:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
========== Modules (No Company Name) ========== MOD - [2012/08/21 17:18:44 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2012/07/17 03:11:22 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
========== Services (SafeList) ========== SRV - [2012/11/17 17:41:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/07 16:29:32 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/10/24 12:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/11/07 16:29:50 | 000,071,480 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/11/07 16:29:48 | 000,166,840 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/11/07 16:29:48 | 000,065,848 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2012/10/30 04:49:47 | 000,272,216 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys -- (RapportCerberus_43926)
DRV - [2012/08/30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/07/17 03:11:21 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys -- (RapportIaso)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/22 14:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/08 08:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 08:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 10:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/12 10:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...ario&pf=desktopIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" =
http://search.mywebs...r={searchTerms}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" =
http://dts.search-re...q={searchTerms}IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" =
http://dts.search-re...q={searchTerms}IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...&ctid=CT2976654IE - HKLM\..\SearchScopes\{CF446D0F-3D66-4EC7-ADA6-CB849752F032}: "URL" =
http://www.ask.com/w...}&l=dis&o=uscqd IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\SearchScopes\{14E57420-8F0A-4479-9831-19765F4BF88D}: "URL" =
http://www.flickr.co...q={searchTerms}IE - HKCU\..\SearchScopes\{20BD4B27-9490-47A9-8EF3-B07A4D634B4A}: "URL" =
http://delicious.com...p={searchTerms}IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
http://search.yahoo....0120625,0,0,0,0IE - HKCU\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" =
http://search.mywebs...r={searchTerms}IE - HKCU\..\SearchScopes\{5A6CF06D-7D23-4071-A02D-A50176EC5979}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" =
http://search.alot.c...ion=2.5.18000.3IE - HKCU\..\SearchScopes\{5E063DB8-80C1-4FAC-A81E-46A6EFD297BC}: "URL" =
http://search.yahoo....,18175,0,0,6484IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...&rlz=1I7RNRM_enIE - HKCU\..\SearchScopes\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}: "URL" =
http://www.bing.com/...eferrer:source}IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" =
http://search.coupon...q={searchTerms}IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" =
http://dts.search-re...q={searchTerms}IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" =
http://dts.search-re...q={searchTerms}IE - HKCU\..\SearchScopes\{A8B6F467-0D68-48AC-9D49-BCBC5229AE24}: "URL" =
http://search.yahoo....ing}&fr=hp-psdtIE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" =
http://www.ask.com/w...q={searchTerms}IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" =
http://www2.inbox.co...id=80291&lng=enIE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" =
http://mystart.incre...ox&a=DgW52S5Su3IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.yahoo.com/"FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.1.20121008104707
FF - prefs.js..keyword.URL: "
http://mystart.incre...2S5Su3&search="FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ei.iWon_5k.com/Plugin: C:\Program Files\iWon_5kEI\Installr\1.bin\NP5kEISB.dll (iWon)
FF - HKLM\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@MapsGalaxy_39.com/Plugin: C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\13\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: C:\Program Files\EpicPlay\npEpicHost.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\39ffxtbr@MapsGalaxy_39.com: C:\Program Files\MapsGalaxy_39\bar\1.bin [2012/10/07 15:08:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\WeatherBlink\bar\1.bin [2012/10/07 15:08:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/17 17:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/17 17:35:17 | 000,000,000 | ---D | M]
[2012/09/03 16:52:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Extensions
[2012/11/23 21:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\bhxmi1za.default-1349642571038\extensions
[2012/11/18 12:14:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\bhxmi1za.default-1349642571038\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/11/24 14:29:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions
[2011/11/05 18:22:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/05 18:25:03 | 000,000,000 | ---D | M] (Ad blocker) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}
[2012/06/26 05:57:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/07/19 09:44:05 | 000,000,000 | ---D | M] (ShopToWin8) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{fa3d1246-250b-4212-a2be-f1387ccca2e7}
[2012/09/23 17:10:24 | 000,000,000 | ---D | M] (MapsGalaxy) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\39ffxtbr@MapsGalaxy_39.com
[2012/08/13 14:51:57 | 000,000,000 | ---D | M] ("Game Discovery") -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected][2012/06/16 13:22:18 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected][2012/09/27 08:05:48 | 000,000,000 | ---D | M] (WeatherBlink) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected][2011/10/24 10:21:43 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\
[email protected][2012/07/19 09:44:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{fa3d1246-250b-4212-a2be-f1387ccca2e7}\chrome\content\dca\core\extensionManager
[2012/07/12 16:04:08 | 000,000,598 | ---- | M] () (No name found) -- C:\Users\djokrall\AppData\Roaming\Mozilla\Firefox\Profiles\jljb0gkm.default\extensions\{fa3d1246-250b-4212-a2be-f1387ccca2e7}\chrome\content\dca\core\voicebox\validators\VBExpiredValidator.js
[2012/11/17 17:38:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/29 17:02:42 | 000,000,000 | ---D | M] (GameTap) -- C:\Program Files\Mozilla Firefox\extensions\
[email protected][2012/10/24 12:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/24 12:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/03 14:42:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/10/24 12:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/16 10:15:49 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober20211941.xml
========== Chrome ========== CHR - Extension: No name found = C:\Users\djokrall\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifcondhjchebdnckhimgoancfmfggbe\1.15.132_0\
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3 - HKLM\..\Toolbar: (no name) - !{364ea597-e728-4ce4-bb4a-ed846ef47970} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{6F282B65-56BF-4BD1-A8B2-A4449A05863D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (MapsGalaxy) - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DW7] "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe" File not found
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809}
http://mywayphotos.r...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
http://l.yimg.com/jh...aploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38423836-BD19-40F9-9050-4DDC6EF47611}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/20 06:23:48 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012/11/24 14:35:10 | 000,000,000 | ---D | C] -- C:\Users\djokrall\Desktop\RK_Quarantine
[2012/11/24 14:00:12 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\djokrall\Desktop\tdsskiller.exe
[2012/11/24 13:59:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\djokrall\Desktop\OTL.exe
[2012/11/07 16:29:48 | 000,065,848 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2012/11/03 14:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\TelevisionFanaticEI
========== Files - Modified Within 30 Days ========== [2012/11/24 14:47:34 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/24 14:47:31 | 000,000,498 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2012/11/24 14:47:31 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2012/11/24 14:47:30 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2012/11/24 14:47:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 14:47:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 14:47:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/24 14:47:10 | 2010,267,648 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/24 14:46:14 | 000,640,554 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/24 14:46:14 | 000,118,806 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/24 14:01:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/24 13:56:21 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\djokrall\Desktop\tdsskiller.exe
[2012/11/24 13:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/24 13:54:46 | 000,752,128 | ---- | M] () -- C:\Users\djokrall\Desktop\RogueKiller.exe
[2012/11/24 11:05:42 | 000,480,125 | ---- | M] () -- C:\Users\djokrall\Desktop\adwcleaner.exe
[2012/11/23 19:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\djokrall\Desktop\OTL.exe
[2012/11/23 18:00:00 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/11/21 07:24:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2012/11/18 11:07:19 | 000,000,166 | ---- | M] () -- C:\Users\djokrall\Desktop\Yahoo!.url
[2012/11/17 17:38:34 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/11/17 17:35:17 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012/11/17 16:23:49 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/17 06:48:58 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/11/15 03:32:56 | 000,318,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/15 03:13:05 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2012/11/07 16:29:48 | 000,065,848 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2012/11/06 13:48:30 | 000,000,189 | ---- | M] () -- C:\Users\djokrall\Desktop\Express Scripts Members Start Home Delivery, Order Refills, Order Prescriptions.url
========== Files Created - No Company Name ========== [2012/11/24 14:00:12 | 000,752,128 | ---- | C] () -- C:\Users\djokrall\Desktop\RogueKiller.exe
[2012/11/24 14:00:12 | 000,480,125 | ---- | C] () -- C:\Users\djokrall\Desktop\adwcleaner.exe
[2012/11/17 17:35:17 | 000,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012/11/17 17:35:17 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012/11/06 13:48:30 | 000,000,189 | ---- | C] () -- C:\Users\djokrall\Desktop\Express Scripts Members Start Home Delivery, Order Refills, Order Prescriptions.url
[2012/08/19 18:22:42 | 000,172,448 | ---- | C] () -- C:\Program Files\5zres.dll
[2012/08/19 18:21:33 | 000,172,440 | ---- | C] () -- C:\Program Files\2pres.dll
[2012/08/19 18:20:33 | 000,172,448 | ---- | C] () -- C:\Program Files\1cres.dll
[2012/08/19 18:17:35 | 000,172,464 | ---- | C] () -- C:\Program Files\20res.dll
[2012/06/23 18:32:25 | 000,172,456 | ---- | C] () -- C:\Program Files\14res.dll
[2012/04/03 13:01:19 | 000,006,144 | ---- | C] () -- C:\Users\djokrall\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/26 16:28:41 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/06/02 10:03:42 | 000,011,948 | --S- | C] () -- C:\Users\djokrall\AppData\Local\p5b76gj2m278
[2011/06/02 10:03:42 | 000,011,948 | --S- | C] () -- C:\ProgramData\p5b76gj2m278
[2011/05/11 17:57:23 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/04/21 09:46:23 | 000,011,916 | --S- | C] () -- C:\Users\djokrall\AppData\Local\yqh10c338a560kpki4mc6jlbtvgn1175jip75674x6vpg3
[2011/04/21 09:46:23 | 000,011,916 | --S- | C] () -- C:\ProgramData\yqh10c338a560kpki4mc6jlbtvgn1175jip75674x6vpg3
[2011/02/19 23:22:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/02/19 23:21:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/02/19 22:20:01 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/02/19 19:07:05 | 000,103,720 | ---- | C] () -- C:\Users\djokrall\GoToAssistDownloadHelper.exe
[2011/02/19 16:26:21 | 000,000,680 | ---- | C] () -- C:\Users\djokrall\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ========== [2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2012/11/23 15:29:40 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Activeris
[2012/05/13 16:19:43 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Auslogics
[2012/04/28 06:22:49 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\DriverCure
[2012/08/25 15:05:58 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\FreeBurner
[2011/07/02 09:46:04 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\funkitron
[2012/06/03 17:56:57 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\GameCards
[2012/06/03 12:15:22 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\MusicNet
[2012/06/23 18:04:44 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Nuance
[2012/06/23 18:00:38 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Oberon Media
[2011/12/20 16:15:05 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\OpenOffice.org
[2012/05/27 10:00:02 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\ParetoLogic
[2012/06/01 06:15:44 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\PC Cleaners
[2012/06/01 06:15:46 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\PCPro
[2011/05/08 14:02:28 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Sammsoft
[2011/02/19 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Snapfish
[2012/06/26 06:12:34 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\SpeedMaxPc
[2012/04/28 06:22:49 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\SpeedyPC Software
[2012/10/27 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Systweak
[2011/04/18 14:45:00 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Tific
[2012/08/12 10:02:31 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Triplay
[2011/12/28 16:36:53 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\WeatherBug
[2012/06/03 18:01:04 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\WildTangent
[2011/02/27 17:27:04 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\WinBatch
[2012/05/17 13:01:03 | 000,000,000 | ---D | M] -- C:\Users\djokrall\AppData\Roaming\Zeon
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 656 bytes -> C:\Users\djokrall\Documents\justin romero.eml:OECustomProperty
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:ABE30DDB
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:7D6E8689
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:A64A7256
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:5095D8B1
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:4E85037E
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C46995DA
< End of report >