Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDS tool problem


  • This topic is locked This topic is locked
67 replies to this topic

#1 topresch

topresch

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 12 December 2012 - 01:50 PM

Hi

I have a problem with CouponDropDown which I thought I should solve by following your Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help, but as I download and run the DDS program provided, the whole process stops about 80 % done where the "please wait.." msg hovers indefinitely. It says it should not take longer than three minutes. I have downloaded and run it from the Desktop and think I followed the recipe to the letter.

Could any of you help me with this issue?

Sincerely,
topresch

Attached Files

  • Attached File  DDS.jpg   510.59KB   3 downloads


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:11 AM

Posted 12 December 2012 - 02:10 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

The next thing I would like you to do is run this for me - http://download.bleepingcomputer.com/grinler/unhide.exe after it is complete restart the computer and continue with these steps

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.




Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in

    %TEMP%\smtmp\*.* /s

  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.


information and logs:

  • In your next post I need the following

  • .logs from OTL
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 12 December 2012 - 02:37 PM

Hi Gringo and thanks!

How long time should that unhide.exe take to finish? It is processing, and the dots (...) are increasing, so something is happening for now. My computer has specs:

Intel Core i7 CPU 860 @ 2.80 GHz
RAM 4.0 Gb
System Type Win 7 32-bit.

Incidently, I have had some issues previously (unrelated - games etc) with my user having a non-English letter in it (ø) and thus sometimes tools could have problems overcoming this.

Sincerely,
topresch

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:11 AM

Posted 12 December 2012 - 03:21 PM

go ahead and stop that and run OTL
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 12 December 2012 - 03:57 PM

I stopped the unhide.exe and continued with OTL as you instructed. That went without problems as I could see. Both txt-files were automatically saved on my Desktop. Here is the OTL.txt content:

OTL logfile created on: 12.12.2012 21:25:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Torbjørn\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

3,49 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 59,97% Memory free
6,98 Gb Paging File | 4,84 Gb Available in Paging File | 69,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 423,71 Gb Free Space | 45,49% Space Free | Partition Type: NTFS

Computer Name: FANTOMAS | User Name: Torbjørn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Torbjørn\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - C:\Users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Evoluent\VMouse\EvoMouseExec.exe (Evoluent)
PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Windows\V0640Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)
PRC - C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


========== Modules (No Company Name) ==========

MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll ()
MOD - C:\Users\Torbjørn\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c57e9cc78527b9a7bbe4ab8dbf93cff2\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8bc0ec70b1af0f4450ce4cd5e88a26ad\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\bc9a67c8782211bc4282369952711a0b\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\23de8d00755205c37aa6795b0ce8a42d\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c22857dbcce7e0320350436e80ec8ab1\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\78a485faba9584cfb1a5052a4cbe71e8\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\df5142941549ff71737438c85e565ab3\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\53121a27f94f7335e585384377fc538a\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ccf3f783590b1747a3593b889bede2fb\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a7cdf1caedee630b8440fb8e8657aca1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\06db722a2ddebd960d907c2de6f1cfa7\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ed7768172bbf30462bc554dee3911540\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c15c94b675becb485d940f8f0068dc5d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\0bc033fa805a31e31dc462cfae365478\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\685f73e04393b5342bd1cebe701496ad\mscorlib.ni.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files\TortoiseSVN\bin\libsasl32.dll ()
MOD - C:\Users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()


========== Services (SafeList) ==========

SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (DAUpdaterSvc) -- c:\program files\steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (NitroDriverReadSpool) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)
SRV - (astcc) -- C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (mbr) -- C:\Users\TORBJR~1\AppData\Local\Temp\mbr.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (EvoMouseDriverFilterHidUsb) -- C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys (Evoluent)
DRV - (EvoMouseDriverMini) -- C:\Windows\System32\drivers\EvoMouseDriverMini.sys ()
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (e1kexpress) -- C:\Windows\System32\drivers\e1k6232.sys (Intel Corporation)
DRV - (V0640Vid) -- C:\Windows\System32\drivers\V0640Vid.sys (Creative Technology Ltd.)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (Sentinel) -- C:\Windows\System32\drivers\sentinel.sys (Rainbow Technologies, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{CB360146-B2EA-4EAB-B4E6-055885F79B4B}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=3626317d-4c46-11e1-bd13-b8ac6fa54d4e&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nrk.no/
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A B5 EB BD 72 D2 CB 01 [binary data]
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\..\SearchScopes,DefaultScope = {CB360146-B2EA-4EAB-B4E6-055885F79B4B}
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\..\SearchScopes\{AA6C897C-F089-4FAB-A0ED-FD36007FCB94}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\..\SearchScopes\{CB360146-B2EA-4EAB-B4E6-055885F79B4B}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=3626317d-4c46-11e1-bd13-b8ac6fa54d4e&q={searchTerms}
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=3626317d-4c46-11e1-bd13-b8ac6fa54d4e&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Torbjørn\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Torbjørn\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.12.11 09:35:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.25 19:09:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.25 19:09:06 | 000,000,000 | ---D | M]

[2010.09.30 15:10:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torbjørn\AppData\Roaming\Mozilla\Extensions
[2012.10.02 19:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\extensions
[2012.10.02 19:26:31 | 000,214,127 | ---- | M] () (No name found) -- C:\Users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\extensions\freehdsport@freehdsport.tv.xpi
[2012.01.31 21:00:44 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.31 21:00:35 | 000,000,792 | ---- | M] () -- C:\Users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\searchplugins\startsear.xml
[2012.10.28 19:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.06.23 13:11:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.08 09:25:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.10.28 19:12:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\TORBJøRN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1K0EV2LR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.22 16:56:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.10.02 19:17:43 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011.10.02 19:17:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.02 19:17:43 | 000,001,218 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bok-NO.xml
[2011.10.02 19:17:43 | 000,000,968 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qxl-NO.xml
[2011.10.02 19:17:43 | 000,001,203 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\telefonkatalogen-NO.xml
[2011.10.02 19:17:43 | 000,001,176 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-NO.xml
[2011.10.02 19:17:43 | 000,001,192 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-NO.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Torbj\u00F8rn\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Torbj\u00F8rn\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Torbj\u00F8rn\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Torbj\u00F8rn\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: FreeHDSport.TV = C:\Users\Torbjørn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok\1.1_0\
CHR - Extension: AdBlock = C:\Users\Torbjørn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.49_0\
CHR - Extension: Google Calendar (by Google) = C:\Users\Torbjørn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich\1.3.1_0\
CHR - Extension: avast! WebRep = C:\Users\Torbjørn\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Google Reader = C:\Users\Torbjørn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [C:\Windows\system32\V0640Ext.ax] C:\Windows\System32\V0640Ext.ax (Creative Technology Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [V0640Mon.exe] C:\Windows\V0640Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000..\Run: [OpAgent] "OpAgent.exe" /agent File not found
O4 - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000..\Run: [Spotify Web Helper] C:\Users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2279862012-2560545468-3962944918-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&ksporter til Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe ()
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54ADC325-0432-4847-BF5B-09BB682729CC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0781bbab-cd3f-11df-90b7-b8ac6fa54d4e}\Shell - "" = AutoRun
O33 - MountPoints2\{0781bbab-cd3f-11df-90b7-b8ac6fa54d4e}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.12 21:23:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Torbjørn\Desktop\OTL.exe
[2012.12.12 18:44:47 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Torbjørn\Desktop\dds.com
[2012.12.11 20:18:24 | 000,000,000 | ---D | C] -- C:\Users\Torbjørn\AppData\Local\Macromedia
[2012.12.11 17:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.12.11 17:18:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.12.11 17:18:34 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2012.12.11 17:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2012.12.11 17:17:41 | 000,000,000 | ---D | C] -- C:\Users\Torbjørn\AppData\Local\Programs
[2012.12.11 15:11:01 | 000,000,000 | ---D | C] -- C:\Users\Torbjørn\AppData\Roaming\SUPERAntiSpyware.com
[2012.12.11 15:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.12.11 15:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.12.11 15:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.12.11 15:09:25 | 000,000,000 | ---D | C] -- C:\Users\Torbjørn\AppData\Roaming\Malwarebytes
[2012.12.11 15:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.11 15:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.11 15:09:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.11 15:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.05 16:40:40 | 000,000,000 | ---D | C] -- C:\Book
[2012.12.05 00:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.05 00:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.05 00:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.05 00:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.11.25 19:09:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.25 19:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.11.25 19:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.11.23 20:27:26 | 000,000,000 | ---D | C] -- C:\Users\Torbjørn\AppData\Roaming\dvdcss
[2012.11.17 01:22:12 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.11.17 01:22:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.11.17 01:21:46 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.11.17 01:21:44 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.11.17 01:21:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.11.16 17:56:39 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012.11.16 17:56:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.11.16 17:56:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012.11.16 17:56:36 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.16 17:56:32 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.16 17:56:29 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012.11.16 17:56:29 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.12.12 21:26:32 | 000,616,032 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.12 21:26:32 | 000,106,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.12 21:23:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Torbjørn\Desktop\OTL.exe
[2012.12.12 21:23:15 | 000,856,731 | ---- | M] () -- C:\Users\Torbjørn\Desktop\SecurityCheck.exe
[2012.12.12 21:16:03 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-1000UA.job
[2012.12.12 21:09:21 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.12 21:02:10 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.12 20:42:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-500UA.job
[2012.12.12 20:39:10 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.12 20:39:10 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.12 20:30:54 | 000,004,139 | ---- | M] () -- C:\Users\Torbjørn\Desktop\post1.rtf
[2012.12.12 19:09:39 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 19:09:39 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.12 18:45:04 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Torbjørn\Desktop\dds.com
[2012.12.12 17:31:40 | 000,000,980 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.12 17:20:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.12 17:20:29 | 2811,039,744 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.11 09:35:27 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.12.06 01:42:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-500Core.job
[2012.12.06 00:16:04 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-1000Core.job
[2012.12.05 10:20:12 | 000,002,502 | ---- | M] () -- C:\Users\Torbjørn\Desktop\Google Chrome.lnk
[2012.12.05 00:08:30 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.17 11:49:26 | 003,749,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.12.12 21:23:00 | 000,856,731 | ---- | C] () -- C:\Users\Torbjørn\Desktop\SecurityCheck.exe
[2012.12.12 20:30:54 | 000,004,139 | ---- | C] () -- C:\Users\Torbjørn\Desktop\post1.rtf
[2012.12.11 17:18:40 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.12.05 00:08:30 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.17 01:22:16 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.17 01:21:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.09.28 14:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.05.23 16:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.02.15 03:28:34 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.02.15 03:28:32 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2011.11.25 17:55:16 | 000,000,054 | ---- | C] () -- C:\Windows\ArcView9x.INI
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.06.01 21:50:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.01 21:50:04 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.20 12:56:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.20 00:21:02 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.11.11 13:37:38 | 000,007,597 | ---- | C] () -- C:\Users\Torbjørn\AppData\Local\Resmon.ResmonCfg
[2010.10.14 20:04:56 | 000,627,706 | ---- | C] () -- C:\Users\Torbjørn\systemlog
[2010.09.30 20:22:17 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %TEMP%\smtmp\*.* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:9B013599

< End of report >

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:11 AM

Posted 12 December 2012 - 11:28 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 13 December 2012 - 03:37 AM

This went without any issues, although my Chrome toolbar disappeared (but my bookmarks are still available in the menu). Here is the AdwCleaner[S1].txt. I will continue with the Roguekiller:

# AdwCleaner v2.100 - Logfile created 12/13/2012 at 09:31:07
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Torbjørn - FANTOMAS
# Boot Mode : Normal
# Running from : C:\Users\Torbjørn\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\searchplugins\Startsear.xml
Folder Deleted : C:\Program Files\StartSearch plugin

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{222F31FB-A14E-4AF2-BB14-997F28294370}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{222F31FB-A14E-4AF2-BB14-997F28294370}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\Software\SweetIM

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v8.0.1 (nb-NO)

Profile name : default
File : C:\Users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://startsear.ch/?aff=1&src=sp&cf=3626317d-4c46-11e1-bd13-b8ac6fa54d4e&[...]

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ttz7yxn1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Torbjørn\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3444 octets] - [13/12/2012 09:31:07]

########## EOF - C:\AdwCleaner[S1].txt - [3504 octets] ##########

#8 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 13 December 2012 - 03:41 AM

Proceeded without issue, and now my toolbar in Chrome is back again. Here is the Roguekiller report:

RogueKiller V8.4.0 [Dec 12 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Torbjørn [Admin rights]
Mode : Remove -- Date : 12/13/2012 09:40:37

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ISUSPM.exe -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ISUSPM (C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD105SI ATA Device +++++
--- User ---
[MBR] e9bf20e98679a8ac235b1c16f7cc8803
[BSP] 28ca9871c561c428cff451b4463ddc0f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12132012_02d0940.txt >>
RKreport[1]_S_12132012_02d0939.txt ; RKreport[2]_D_12132012_02d0940.txt

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:11 AM

Posted 13 December 2012 - 08:21 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 13 December 2012 - 09:23 AM

Hi Gringo

The program executed without any issues, although before the blue DOS-like screen of ComboFix appeared I had to turn off an anti-malware program (SpyBot SD2) that I didn't register was running in the background. I turned off all programs as well as the Avast shield, and unplugged my broadband for safety's sake. ComboFix took about 10 min to finish, and the log is posted below.

However, the Coupondropdown problem is still present in both Twitter, forums and Newspaper articles.

------

ComboFix 12-12-12.01 - Torbjørn 13.12.2012 14:56:16.1.8 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1033.18.3574.2458 [GMT 1:00]
Kjører fra: c:\users\Torbj°rn\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\regobj.dll
.
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2012-11-13 til 2012-12-13 )))))))))))))))))))))))))))))))))
.
.
2012-12-13 14:09 . 2012-12-13 14:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-13 14:09 . 2012-12-13 14:09 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-12-13 09:56 . 2012-12-13 09:56 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\offreg.dll
2012-12-12 17:46 . 2012-12-12 17:46 -------- d-----w- c:\users\Torbj°rn
2012-12-11 19:18 . 2012-12-11 19:18 -------- d-----w- c:\users\Torbjørn\AppData\Local\Macromedia
2012-12-11 16:18 . 2012-12-11 16:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-11 16:18 . 2012-12-13 13:52 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-12-11 16:17 . 2012-12-11 16:17 -------- d-----w- c:\users\Torbjørn\AppData\Local\Programs
2012-12-11 14:11 . 2012-12-11 14:11 -------- d-----w- c:\users\Torbjørn\AppData\Roaming\SUPERAntiSpyware.com
2012-12-11 14:10 . 2012-12-11 14:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-12-11 14:10 . 2012-12-11 14:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-12-11 14:09 . 2012-12-11 14:09 -------- d-----w- c:\users\Torbjørn\AppData\Roaming\Malwarebytes
2012-12-11 14:09 . 2012-12-11 14:09 -------- d-----w- c:\programdata\Malwarebytes
2012-12-11 14:09 . 2012-12-11 14:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-11 14:09 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-11 10:14 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpengine.dll
2012-12-05 15:40 . 2012-12-05 15:41 -------- d-----w- C:\Book
2012-12-04 23:08 . 2012-12-04 23:08 -------- d-----w- c:\program files\iPod
2012-12-04 23:08 . 2012-12-04 23:08 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-04 23:08 . 2012-12-04 23:08 -------- d-----w- c:\program files\iTunes
2012-11-23 19:27 . 2012-11-23 21:25 -------- d-----w- c:\users\Torbjørn\AppData\Roaming\dvdcss
2012-11-17 00:22 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-17 00:22 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-17 00:22 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-17 00:21 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-17 00:21 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-17 00:21 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-17 00:21 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-17 00:21 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-17 00:21 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-17 00:21 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 16:56 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-16 16:56 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-16 16:56 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-16 16:56 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-16 16:56 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-16 16:56 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-16 16:56 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-16 16:56 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-16 16:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 16:56 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-16 16:56 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-16 16:56 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 18:09 . 2012-04-10 10:41 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 18:09 . 2011-05-18 20:08 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-30 22:51 . 2011-05-18 19:02 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2010-09-30 14:07 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2010-09-30 14:07 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2010-09-30 14:07 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2010-09-30 14:07 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2010-09-30 14:06 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2010-09-30 14:06 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-16 07:39 . 2012-11-28 14:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-04-23 08:49 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-28 13:36 . 2012-09-28 13:36 180224 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 13:36 . 2012-09-28 13:36 65536 ----a-w- c:\windows\system32\OpenVideo.dll
2012-09-28 13:36 . 2012-09-28 13:36 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-09-28 13:32 . 2012-09-28 13:32 27341824 ----a-w- c:\windows\system32\amdocl.dll
2012-09-28 09:32 . 2012-09-28 09:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-09-28 09:32 . 2012-09-28 09:32 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-09-28 02:22 . 2012-09-28 02:22 5557928 ----a-w- c:\windows\system32\atiumdag.dll
2012-09-28 02:20 . 2012-09-28 02:20 9107968 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 58880 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\system32\aticaldd.dll
2012-09-28 01:43 . 2010-11-11 12:52 935424 ----a-w- c:\windows\system32\aticfx32.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\system32\atioglxx.dll
2012-09-28 01:39 . 2009-11-24 14:12 6536192 ----a-w- c:\windows\system32\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:38 . 2012-09-28 01:38 473088 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-09-28 01:36 . 2012-09-28 01:36 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-09-28 01:22 . 2012-09-28 01:22 2691584 ----a-w- c:\windows\system32\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-09-28 01:12 . 2012-09-28 01:12 370176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:11 . 2012-02-15 02:12 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-09-28 01:10 . 2012-09-28 01:10 82944 ----a-w- c:\windows\system32\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-24 14:32 . 2012-06-23 12:11 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 14:32 . 2010-12-18 16:11 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-14 18:28 . 2012-10-10 19:08 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-22 15:56 . 2011-05-11 08:51 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-19 1193176]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 4763008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"c:\windows\system32\V0640Ext.ax"="c:\windows\system32\V0640Ext.ax" [X]
"V0640Mon.exe"="c:\windows\V0640Mon.exe" [2009-09-22 28672]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-12-09 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-11-28 151952]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Evoluent Mouse Manager.lnk - c:\windows\Installer\{A93D8BCB-5E78-4E43-AA04-4D2C159626E6}\_5D3F7A665AF4FEE7709022.exe [2011-1-18 4286]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-03-24 02:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-11-28 23:49 151952 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-08-25 22:13 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Prelaunch OmniPage]
2010-01-26 18:21 5592352 ----a-w- c:\program files\Nuance\OmniPage17\OmniPage17.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-09-09 12:28 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 V0640Vid;Creative Live! Cam Socialize (VF0640) Driver;c:\windows\system32\DRIVERS\V0640Vid.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [x]
S3 EvoMouseDriverFilterHidUsb;Evoluent Mouse Driver Filter;c:\windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys [x]
S3 EvoMouseDriverMini;EvoMouseDriverMini;c:\windows\system32\drivers\EvoMouseDriverMini.sys [x]
.
.
--- Andre tjenester/drivere lastet i minnet ---
.
*NewlyCreated* - TRUESIGHT
*Deregistered* - TrueSight
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2012-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 18:09]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-25 14:03]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-25 14:03]
.
2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 13:29]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 13:29]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://www.nrk.no/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - ExtSQL: 2012-10-28 19:12; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - TOMME PEKERE FJERNET - - - -
.
HKCU-Run-OpAgent - OpAgent.exe
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_USERS\S-1-5-21-2279862012-2560545468-3962944918-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0075321-0037-3D1D-EA5B-57BA9B8A5488}*]
"oahjfpikceingcifkfgbpepihdhckp"=hex:6a,61,6c,69,6b,69,64,6d,69,67,6f,70,6c,67,
63,6c,6f,62,69,63,00,00
"nanjfmdkefjcccacpmolfcbfmdlp"=hex:6a,61,6c,69,6a,68,65,6e,6a,69,66,6e,61,6d,
6b,6a,67,6e,63,61,00,00
"oalgdlkpmgklojpiddcojdpngmfjig"=hex:64,61,6c,69,65,6a,6b,6f,00,fc
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2012-12-13 15:12:59
ComboFix-quarantined-files.txt 2012-12-13 14:12
.
Pre-Run: 453 379 403 776 bytes free
Post-Run: 456 606 695 424 bytes free
.
- - End Of File - - A3E57D4517FE1811A01FF4C1D77015BE

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:11 AM

Posted 13 December 2012 - 02:13 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 13 December 2012 - 02:49 PM

Hi again

Here is the log from the TDSSKiller process. Three suspicious objects were found, and skipped by as instructed. Will continue with the next process:

Hi again

Here is the log from the TDSSKiller process. Three suspicious objects were found, and skipped by as instructed. Will continue with the next process:

20:39:40.0852 2136 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:39:41.0148 2136 ============================================================
20:39:41.0148 2136 Current date / time: 2012/12/13 20:39:41.0148
20:39:41.0148 2136 SystemInfo:
20:39:41.0148 2136
20:39:41.0148 2136 OS Version: 6.1.7601 ServicePack: 1.0
20:39:41.0148 2136 Product type: Workstation
20:39:41.0148 2136 ComputerName: FANTOMAS
20:39:41.0148 2136 UserName: Torbjørn
20:39:41.0148 2136 Windows directory: C:\Windows
20:39:41.0148 2136 System windows directory: C:\Windows
20:39:41.0148 2136 Processor architecture: Intel x86
20:39:41.0148 2136 Number of processors: 8
20:39:41.0148 2136 Page size: 0x1000
20:39:41.0148 2136 Boot type: Normal boot
20:39:41.0148 2136 ============================================================
20:40:02.0801 2136 BG loaded
20:40:08.0105 2136 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
20:40:08.0121 2136 ============================================================
20:40:08.0121 2136 \Device\Harddisk0\DR0:
20:40:08.0152 2136 MBR partitions:
20:40:08.0152 2136 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:40:08.0152 2136 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
20:40:08.0152 2136 ============================================================
20:40:08.0511 2136 C: <-> \Device\Harddisk0\DR0\Partition2
20:40:08.0511 2136 ============================================================
20:40:08.0511 2136 Initialize success
20:40:08.0511 2136 ============================================================
20:40:10.0211 4160 ============================================================
20:40:10.0211 4160 Scan started
20:40:10.0211 4160 Mode: Manual;
20:40:10.0211 4160 ============================================================
20:41:49.0162 1660 ============================================================
20:41:49.0162 1660 Scan started
20:41:49.0162 1660 Mode: Manual; SigCheck; TDLFS;
20:41:49.0162 1660 ============================================================
20:41:50.0332 1660 ================ Scan system memory ========================
20:41:50.0332 1660 System memory - ok
20:41:50.0332 1660 ================ Scan services =============================
20:41:50.0535 1660 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:41:50.0597 1660 !SASCORE - ok
20:41:51.0081 1660 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:41:51.0143 1660 1394ohci - ok
20:41:51.0268 1660 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:41:51.0299 1660 ACPI - ok
20:41:51.0346 1660 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:41:51.0409 1660 AcpiPmi - ok
20:41:51.0565 1660 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:41:51.0596 1660 AdobeFlashPlayerUpdateSvc - ok
20:41:51.0799 1660 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:41:51.0877 1660 adp94xx - ok
20:41:51.0955 1660 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:41:52.0001 1660 adpahci - ok
20:41:52.0048 1660 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:41:52.0079 1660 adpu320 - ok
20:41:52.0157 1660 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:41:52.0220 1660 AeLookupSvc - ok
20:41:52.0360 1660 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:41:52.0423 1660 AFD - ok
20:41:52.0454 1660 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:41:52.0469 1660 agp440 - ok
20:41:52.0579 1660 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:41:52.0610 1660 aic78xx - ok
20:41:52.0641 1660 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:41:52.0735 1660 ALG - ok
20:41:52.0766 1660 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:41:52.0781 1660 aliide - ok
20:41:52.0844 1660 [ E608D708EFE1F8AE7160DB7C0DE4D8E6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:41:52.0891 1660 AMD External Events Utility - ok
20:41:52.0953 1660 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:41:52.0984 1660 amdagp - ok
20:41:53.0015 1660 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:41:53.0047 1660 amdide - ok
20:41:53.0078 1660 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:41:53.0140 1660 AmdK8 - ok
20:41:54.0295 1660 [ F611C341A8B0926D6C2D6417464BD11E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:41:54.0388 1660 amdkmdag - ok
20:41:54.0451 1660 [ C08F6E9987D2AACFF9653ADB30C4DA3D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:41:54.0513 1660 amdkmdap - ok
20:41:54.0560 1660 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:41:54.0669 1660 AmdPPM - ok
20:41:54.0731 1660 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:41:54.0778 1660 amdsata - ok
20:41:54.0841 1660 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:41:54.0887 1660 amdsbs - ok
20:41:54.0919 1660 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:41:54.0997 1660 amdxata - ok
20:41:55.0075 1660 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:41:55.0137 1660 AppID - ok
20:41:55.0215 1660 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:41:55.0324 1660 AppIDSvc - ok
20:41:55.0418 1660 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:41:55.0511 1660 Appinfo - ok
20:41:55.0839 1660 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:41:55.0855 1660 Apple Mobile Device - ok
20:41:55.0979 1660 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:41:56.0026 1660 AppMgmt - ok
20:41:56.0057 1660 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:41:56.0073 1660 arc - ok
20:41:56.0089 1660 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:41:56.0104 1660 arcsas - ok
20:41:56.0182 1660 [ 2A7037F93AE6AB1305606DEE23C70F8C ] astcc C:\Windows\system32\ASTSRV.EXE
20:41:56.0198 1660 astcc - ok
20:41:56.0260 1660 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:41:56.0291 1660 aswFsBlk - ok
20:41:56.0323 1660 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:41:56.0354 1660 aswMonFlt - ok
20:41:56.0479 1660 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:41:56.0494 1660 aswRdr - ok
20:41:56.0619 1660 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:41:56.0650 1660 aswSnx - ok
20:41:56.0697 1660 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:41:56.0728 1660 aswSP - ok
20:41:56.0728 1660 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:41:56.0744 1660 aswTdi - ok
20:41:56.0759 1660 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:41:56.0822 1660 AsyncMac - ok
20:41:56.0869 1660 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:41:56.0884 1660 atapi - ok
20:41:57.0071 1660 [ 434192D027A6A11E32E1C74C7C43E1ED ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
20:41:57.0087 1660 AtiHDAudioService - ok
20:41:57.0134 1660 [ 5371FF39AB5C496AC609F9DAD755D778 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:41:57.0149 1660 AtiHdmiService - ok
20:41:57.0571 1660 [ F611C341A8B0926D6C2D6417464BD11E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:41:57.0664 1660 atikmdag - ok
20:41:57.0758 1660 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:41:57.0836 1660 AudioEndpointBuilder - ok
20:41:57.0851 1660 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:41:57.0883 1660 Audiosrv - ok
20:41:58.0132 1660 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:41:58.0163 1660 avast! Antivirus - ok
20:41:58.0257 1660 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:41:58.0351 1660 AxInstSV - ok
20:41:58.0491 1660 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:41:58.0569 1660 b06bdrv - ok
20:41:58.0694 1660 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:41:58.0803 1660 b57nd60x - ok
20:41:58.0850 1660 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:41:58.0959 1660 BDESVC - ok
20:41:58.0990 1660 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:41:59.0053 1660 Beep - ok
20:41:59.0131 1660 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:41:59.0177 1660 BFE - ok
20:41:59.0287 1660 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
20:41:59.0365 1660 BITS - ok
20:41:59.0380 1660 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:41:59.0427 1660 blbdrive - ok
20:41:59.0567 1660 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:41:59.0583 1660 Bonjour Service - ok
20:41:59.0645 1660 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:41:59.0661 1660 bowser - ok
20:41:59.0677 1660 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:41:59.0708 1660 BrFiltLo - ok
20:41:59.0723 1660 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:41:59.0801 1660 BrFiltUp - ok
20:41:59.0833 1660 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:41:59.0911 1660 BridgeMP - ok
20:41:59.0989 1660 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:42:00.0051 1660 Browser - ok
20:42:00.0098 1660 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:42:00.0145 1660 Brserid - ok
20:42:00.0160 1660 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:42:00.0207 1660 BrSerWdm - ok
20:42:00.0254 1660 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:42:00.0316 1660 BrUsbMdm - ok
20:42:00.0363 1660 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:42:00.0472 1660 BrUsbSer - ok
20:42:00.0472 1660 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:42:00.0503 1660 BTHMODEM - ok
20:42:00.0581 1660 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:42:00.0691 1660 bthserv - ok
20:42:00.0800 1660 catchme - ok
20:42:00.0831 1660 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:42:00.0925 1660 cdfs - ok
20:42:01.0003 1660 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:42:01.0049 1660 cdrom - ok
20:42:01.0096 1660 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:42:01.0174 1660 CertPropSvc - ok
20:42:01.0221 1660 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:42:01.0237 1660 circlass - ok
20:42:01.0283 1660 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:42:01.0315 1660 CLFS - ok
20:42:01.0517 1660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:42:01.0549 1660 clr_optimization_v2.0.50727_32 - ok
20:42:01.0689 1660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:42:01.0720 1660 clr_optimization_v4.0.30319_32 - ok
20:42:01.0751 1660 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:42:01.0783 1660 CmBatt - ok
20:42:01.0798 1660 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:42:01.0814 1660 cmdide - ok
20:42:01.0876 1660 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:42:01.0923 1660 CNG - ok
20:42:01.0939 1660 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:42:01.0985 1660 Compbatt - ok
20:42:02.0001 1660 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:42:02.0048 1660 CompositeBus - ok
20:42:02.0063 1660 COMSysApp - ok
20:42:02.0079 1660 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:42:02.0079 1660 crcdisk - ok
20:42:02.0141 1660 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:42:02.0188 1660 CryptSvc - ok
20:42:02.0235 1660 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:42:02.0282 1660 CSC - ok
20:42:02.0375 1660 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:42:02.0407 1660 CscService - ok
20:42:02.0516 1660 DAUpdaterSvc - ok
20:42:02.0656 1660 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:42:02.0719 1660 DcomLaunch - ok
20:42:02.0750 1660 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:42:02.0828 1660 defragsvc - ok
20:42:02.0859 1660 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:42:02.0890 1660 DfsC - ok
20:42:02.0999 1660 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:42:03.0031 1660 Dhcp - ok
20:42:03.0062 1660 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:42:03.0124 1660 discache - ok
20:42:03.0171 1660 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:42:03.0171 1660 Disk - ok
20:42:03.0218 1660 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:42:03.0265 1660 Dnscache - ok
20:42:03.0311 1660 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:42:03.0374 1660 dot3svc - ok
20:42:03.0405 1660 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:42:03.0436 1660 DPS - ok
20:42:03.0467 1660 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:42:03.0530 1660 drmkaud - ok
20:42:03.0623 1660 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:42:03.0655 1660 DXGKrnl - ok
20:42:03.0717 1660 [ 19E30C3C80D8CE29944B3F30FF9C8B76 ] e1kexpress C:\Windows\system32\DRIVERS\e1k6232.sys
20:42:03.0733 1660 e1kexpress - ok
20:42:03.0779 1660 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:42:03.0873 1660 EapHost - ok
20:42:04.0123 1660 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:42:04.0201 1660 ebdrv - ok
20:42:04.0232 1660 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:42:04.0310 1660 EFS - ok
20:42:04.0450 1660 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:42:04.0513 1660 ehRecvr - ok
20:42:04.0528 1660 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:42:04.0575 1660 ehSched - ok
20:42:04.0606 1660 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:42:04.0637 1660 elxstor - ok
20:42:04.0669 1660 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:42:04.0700 1660 ErrDev - ok
20:42:04.0747 1660 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:42:04.0778 1660 EventSystem - ok
20:42:04.0809 1660 [ 1A540AC703E0A3E5D9792758DF426F81 ] EvoMouseDriverFilterHidUsb C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys
20:42:04.0825 1660 EvoMouseDriverFilterHidUsb - ok
20:42:04.0856 1660 [ D7060D296061A1BD79A1F66D39EE0076 ] EvoMouseDriverMini C:\Windows\system32\drivers\EvoMouseDriverMini.sys
20:42:04.0887 1660 EvoMouseDriverMini - ok
20:42:04.0918 1660 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:42:04.0981 1660 exfat - ok
20:42:05.0027 1660 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:42:05.0090 1660 fastfat - ok
20:42:05.0121 1660 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:42:05.0183 1660 Fax - ok
20:42:05.0199 1660 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:42:05.0230 1660 fdc - ok
20:42:05.0261 1660 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:42:05.0324 1660 fdPHost - ok
20:42:05.0339 1660 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:42:05.0371 1660 FDResPub - ok
20:42:05.0386 1660 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:42:05.0402 1660 FileInfo - ok
20:42:05.0402 1660 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:42:05.0495 1660 Filetrace - ok
20:42:05.0511 1660 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:42:05.0558 1660 flpydisk - ok
20:42:05.0589 1660 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:42:05.0605 1660 FltMgr - ok
20:42:05.0683 1660 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:42:05.0745 1660 FontCache - ok
20:42:05.0807 1660 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:42:05.0839 1660 FontCache3.0.0.0 - ok
20:42:05.0885 1660 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:42:05.0917 1660 FsDepends - ok
20:42:05.0932 1660 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:42:05.0963 1660 Fs_Rec - ok
20:42:05.0995 1660 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:42:06.0010 1660 fvevol - ok
20:42:06.0119 1660 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:42:06.0151 1660 gagp30kx - ok
20:42:06.0244 1660 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:42:06.0260 1660 GEARAspiWDM - ok
20:42:06.0431 1660 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:42:06.0494 1660 gpsvc - ok
20:42:06.0603 1660 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:06.0619 1660 gupdate - ok
20:42:06.0665 1660 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:06.0681 1660 gupdatem - ok
20:42:06.0712 1660 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:42:06.0759 1660 hcw85cir - ok
20:42:06.0821 1660 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:42:06.0868 1660 HdAudAddService - ok
20:42:06.0931 1660 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:42:06.0977 1660 HDAudBus - ok
20:42:06.0993 1660 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:42:07.0040 1660 HidBatt - ok
20:42:07.0040 1660 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:42:07.0087 1660 HidBth - ok
20:42:07.0102 1660 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:42:07.0165 1660 HidIr - ok
20:42:07.0196 1660 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
20:42:07.0274 1660 hidserv - ok
20:42:07.0352 1660 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:42:07.0399 1660 HidUsb - ok
20:42:07.0477 1660 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:42:07.0570 1660 hkmsvc - ok
20:42:07.0648 1660 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:42:07.0757 1660 HomeGroupListener - ok
20:42:07.0836 1660 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:42:07.0914 1660 HomeGroupProvider - ok
20:42:07.0992 1660 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:42:08.0023 1660 HpSAMD - ok
20:42:08.0179 1660 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:42:08.0226 1660 HTTP - ok
20:42:08.0272 1660 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:42:08.0288 1660 hwpolicy - ok
20:42:08.0319 1660 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:42:08.0366 1660 i8042prt - ok
20:42:08.0506 1660 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:42:08.0538 1660 iaStorV - ok
20:42:08.0600 1660 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:42:08.0678 1660 idsvc - ok
20:42:08.0709 1660 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:42:08.0725 1660 iirsp - ok
20:42:08.0865 1660 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:42:08.0928 1660 IKEEXT - ok
20:42:08.0990 1660 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:42:09.0006 1660 intelide - ok
20:42:09.0037 1660 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:42:09.0099 1660 intelppm - ok
20:42:09.0146 1660 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:42:09.0255 1660 IPBusEnum - ok
20:42:09.0271 1660 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:42:09.0349 1660 IpFilterDriver - ok
20:42:09.0458 1660 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:42:09.0505 1660 iphlpsvc - ok
20:42:09.0520 1660 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:42:09.0583 1660 IPMIDRV - ok
20:42:09.0614 1660 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:42:09.0692 1660 IPNAT - ok
20:42:09.0926 1660 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:42:09.0957 1660 iPod Service - ok
20:42:09.0988 1660 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:42:10.0004 1660 IRENUM - ok
20:42:10.0082 1660 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:42:10.0113 1660 isapnp - ok
20:42:10.0144 1660 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:42:10.0160 1660 iScsiPrt - ok
20:42:10.0207 1660 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:42:10.0222 1660 kbdclass - ok
20:42:10.0254 1660 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:42:10.0285 1660 kbdhid - ok
20:42:10.0332 1660 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:42:10.0363 1660 KeyIso - ok
20:42:10.0394 1660 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:42:10.0410 1660 KSecDD - ok
20:42:10.0441 1660 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:42:10.0456 1660 KSecPkg - ok
20:42:10.0519 1660 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:42:10.0628 1660 KtmRm - ok
20:42:10.0737 1660 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
20:42:10.0784 1660 LanmanServer - ok
20:42:10.0800 1660 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:42:10.0831 1660 LanmanWorkstation - ok
20:42:10.0878 1660 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:42:10.0909 1660 lltdio - ok
20:42:11.0002 1660 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:42:11.0065 1660 lltdsvc - ok
20:42:11.0080 1660 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:42:11.0112 1660 lmhosts - ok
20:42:11.0174 1660 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:42:11.0221 1660 LSI_FC - ok
20:42:11.0236 1660 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:42:11.0283 1660 LSI_SAS - ok
20:42:11.0392 1660 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:42:11.0424 1660 LSI_SAS2 - ok
20:42:11.0470 1660 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:42:11.0502 1660 LSI_SCSI - ok
20:42:11.0533 1660 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:42:11.0580 1660 luafv - ok
20:42:11.0611 1660 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:42:11.0626 1660 Mcx2Svc - ok
20:42:11.0689 1660 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:42:11.0720 1660 megasas - ok
20:42:11.0751 1660 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:42:11.0782 1660 MegaSR - ok
20:42:12.0001 1660 Microsoft SharePoint Workspace Audit Service - ok
20:42:12.0016 1660 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:42:12.0094 1660 MMCSS - ok
20:42:12.0126 1660 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:42:12.0204 1660 Modem - ok
20:42:12.0235 1660 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:42:12.0282 1660 monitor - ok
20:42:12.0344 1660 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:42:12.0360 1660 mouclass - ok
20:42:12.0500 1660 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:42:12.0547 1660 mouhid - ok
20:42:12.0609 1660 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:42:12.0625 1660 mountmgr - ok
20:42:12.0656 1660 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:42:12.0703 1660 mpio - ok
20:42:12.0718 1660 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:42:12.0781 1660 mpsdrv - ok
20:42:12.0828 1660 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:42:12.0921 1660 MpsSvc - ok
20:42:12.0984 1660 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:42:13.0030 1660 MRxDAV - ok
20:42:13.0046 1660 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:42:13.0062 1660 mrxsmb - ok
20:42:13.0124 1660 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:42:13.0155 1660 mrxsmb10 - ok
20:42:13.0186 1660 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:42:13.0249 1660 mrxsmb20 - ok
20:42:13.0280 1660 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:42:13.0296 1660 msahci - ok
20:42:13.0342 1660 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:42:13.0374 1660 msdsm - ok
20:42:13.0389 1660 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:42:13.0452 1660 MSDTC - ok
20:42:13.0514 1660 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:42:13.0561 1660 Msfs - ok
20:42:13.0608 1660 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:42:13.0686 1660 mshidkmdf - ok
20:42:13.0717 1660 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:42:13.0748 1660 msisadrv - ok
20:42:13.0842 1660 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:42:13.0935 1660 MSiSCSI - ok
20:42:13.0935 1660 msiserver - ok
20:42:13.0998 1660 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:42:14.0076 1660 MSKSSRV - ok
20:42:14.0107 1660 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:42:14.0185 1660 MSPCLOCK - ok
20:42:14.0216 1660 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:42:14.0310 1660 MSPQM - ok
20:42:14.0372 1660 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:42:14.0403 1660 MsRPC - ok
20:42:14.0466 1660 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:42:14.0497 1660 mssmbios - ok
20:42:14.0528 1660 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:42:14.0575 1660 MSTEE - ok
20:42:14.0606 1660 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:42:14.0637 1660 MTConfig - ok
20:42:14.0653 1660 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:42:14.0715 1660 Mup - ok
20:42:14.0824 1660 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:42:14.0902 1660 napagent - ok
20:42:14.0980 1660 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:42:15.0027 1660 NativeWifiP - ok
20:42:15.0168 1660 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:42:15.0214 1660 NDIS - ok
20:42:15.0246 1660 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:42:15.0292 1660 NdisCap - ok
20:42:15.0324 1660 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:42:15.0402 1660 NdisTapi - ok
20:42:15.0448 1660 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:42:15.0511 1660 Ndisuio - ok
20:42:15.0542 1660 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:42:15.0620 1660 NdisWan - ok
20:42:15.0636 1660 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:42:15.0667 1660 NDProxy - ok
20:42:16.0088 1660 [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:42:16.0135 1660 Nero BackItUp Scheduler 4.0 - ok
20:42:16.0182 1660 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:42:16.0244 1660 NetBIOS - ok
20:42:16.0338 1660 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:42:16.0400 1660 NetBT - ok
20:42:16.0431 1660 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:42:16.0447 1660 Netlogon - ok
20:42:16.0572 1660 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:42:16.0618 1660 Netman - ok
20:42:16.0681 1660 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:42:16.0743 1660 netprofm - ok
20:42:16.0774 1660 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:42:16.0790 1660 NetTcpPortSharing - ok
20:42:16.0821 1660 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:42:16.0837 1660 nfrd960 - ok
20:42:16.0977 1660 [ 9C14E80FF4CCDFF8129DC716C112C517 ] NitroDriverReadSpool C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
20:42:16.0993 1660 NitroDriverReadSpool - ok
20:42:17.0040 1660 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:42:17.0086 1660 NlaSvc - ok
20:42:17.0118 1660 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:42:17.0196 1660 Npfs - ok
20:42:17.0211 1660 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:42:17.0227 1660 nsi - ok
20:42:17.0258 1660 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:42:17.0320 1660 nsiproxy - ok
20:42:17.0461 1660 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:42:17.0508 1660 Ntfs - ok
20:42:17.0523 1660 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:42:17.0586 1660 Null - ok
20:42:18.0054 1660 [ DAB5F963F150B002D7A2DB830B9DB9B8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:42:18.0241 1660 nvlddmkm - ok
20:42:18.0303 1660 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:42:18.0319 1660 nvraid - ok
20:42:18.0350 1660 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:42:18.0366 1660 nvstor - ok
20:42:18.0428 1660 [ 2554787AF6D018740D6C3F831AA7E52F ] nvsvc C:\Windows\system32\nvvsvc.exe
20:42:18.0459 1660 nvsvc - ok
20:42:18.0522 1660 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:42:18.0553 1660 nv_agp - ok
20:42:18.0568 1660 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:42:18.0631 1660 ohci1394 - ok
20:42:18.0693 1660 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:42:18.0724 1660 ose - ok
20:42:19.0364 1660 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:42:19.0426 1660 osppsvc - ok
20:42:19.0504 1660 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:42:19.0551 1660 p2pimsvc - ok
20:42:19.0582 1660 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:42:19.0614 1660 p2psvc - ok
20:42:19.0692 1660 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:42:19.0723 1660 Parport - ok
20:42:19.0770 1660 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:42:19.0801 1660 partmgr - ok
20:42:19.0863 1660 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:42:19.0941 1660 Parvdm - ok
20:42:19.0957 1660 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:42:20.0004 1660 PcaSvc - ok
20:42:20.0066 1660 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:42:20.0097 1660 pci - ok
20:42:20.0144 1660 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:42:20.0175 1660 pciide - ok
20:42:20.0269 1660 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:42:20.0300 1660 pcmcia - ok
20:42:20.0316 1660 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:42:20.0347 1660 pcw - ok
20:42:20.0378 1660 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:42:20.0394 1660 PEAUTH - ok
20:42:20.0503 1660 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:42:20.0581 1660 PeerDistSvc - ok
20:42:20.0955 1660 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:42:21.0033 1660 pla - ok
20:42:21.0189 1660 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:42:21.0252 1660 PlugPlay - ok
20:42:21.0267 1660 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:42:21.0361 1660 PNRPAutoReg - ok
20:42:21.0376 1660 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:42:21.0408 1660 PNRPsvc - ok
20:42:21.0532 1660 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:42:21.0595 1660 PolicyAgent - ok
20:42:21.0657 1660 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:42:21.0720 1660 Power - ok
20:42:21.0766 1660 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:42:21.0829 1660 PptpMiniport - ok
20:42:21.0860 1660 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:42:21.0907 1660 Processor - ok
20:42:22.0000 1660 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:42:22.0032 1660 ProfSvc - ok
20:42:22.0063 1660 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:42:22.0078 1660 ProtectedStorage - ok
20:42:22.0110 1660 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:42:22.0156 1660 Psched - ok
20:42:22.0234 1660 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:42:22.0281 1660 ql2300 - ok
20:42:22.0312 1660 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:42:22.0312 1660 ql40xx - ok
20:42:22.0359 1660 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:42:22.0437 1660 QWAVE - ok
20:42:22.0468 1660 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:42:22.0500 1660 QWAVEdrv - ok
20:42:22.0515 1660 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:42:22.0593 1660 RasAcd - ok
20:42:22.0640 1660 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:42:22.0671 1660 RasAgileVpn - ok
20:42:22.0702 1660 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:42:22.0718 1660 RasAuto - ok
20:42:22.0765 1660 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:42:22.0812 1660 Rasl2tp - ok
20:42:22.0952 1660 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:42:23.0030 1660 RasMan - ok
20:42:23.0061 1660 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:42:23.0092 1660 RasPppoe - ok
20:42:23.0124 1660 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:42:23.0186 1660 RasSstp - ok
20:42:23.0264 1660 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:42:23.0326 1660 rdbss - ok
20:42:23.0404 1660 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:42:23.0420 1660 rdpbus - ok
20:42:23.0482 1660 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:42:23.0545 1660 RDPCDD - ok
20:42:23.0576 1660 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:42:23.0592 1660 RDPDR - ok
20:42:23.0670 1660 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:42:23.0732 1660 RDPENCDD - ok
20:42:23.0748 1660 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:42:23.0794 1660 RDPREFMP - ok
20:42:23.0904 1660 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:42:23.0997 1660 RdpVideoMiniport - ok
20:42:24.0044 1660 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:42:24.0091 1660 RDPWD - ok
20:42:24.0169 1660 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:42:24.0216 1660 rdyboost - ok
20:42:24.0294 1660 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:42:24.0325 1660 RemoteAccess - ok
20:42:24.0356 1660 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:42:24.0450 1660 RemoteRegistry - ok
20:42:24.0496 1660 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:42:24.0559 1660 RpcEptMapper - ok
20:42:24.0590 1660 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:42:24.0637 1660 RpcLocator - ok
20:42:24.0668 1660 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\System32\rpcss.dll
20:42:24.0699 1660 RpcSs - ok
20:42:24.0808 1660 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:42:24.0886 1660 rspndr - ok
20:42:24.0964 1660 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:42:25.0027 1660 s3cap - ok
20:42:25.0074 1660 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:42:25.0089 1660 SamSs - ok
20:42:25.0245 1660 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:42:25.0261 1660 SASDIFSV - ok
20:42:25.0339 1660 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:42:25.0354 1660 SASKUTIL - ok
20:42:25.0432 1660 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:42:25.0479 1660 sbp2port - ok
20:42:25.0557 1660 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:42:25.0635 1660 SCardSvr - ok
20:42:25.0729 1660 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
20:42:25.0807 1660 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
20:42:25.0807 1660 SCDEmu - detected UnsignedFile.Multi.Generic (1)
20:42:25.0854 1660 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:42:25.0916 1660 scfilter - ok
20:42:26.0150 1660 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:42:26.0244 1660 Schedule - ok
20:42:26.0290 1660 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:42:26.0337 1660 SCPolicySvc - ok
20:42:26.0353 1660 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:42:26.0431 1660 SDRSVC - ok
20:42:26.0493 1660 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:42:26.0571 1660 secdrv - ok
20:42:26.0587 1660 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:42:26.0634 1660 seclogon - ok
20:42:26.0649 1660 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
20:42:26.0680 1660 SENS - ok
20:42:26.0743 1660 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:42:26.0790 1660 SensrSvc - ok
20:42:26.0992 1660 [ CD8F847A75A974D7AA723A23DFB7D004 ] Sentinel C:\Windows\System32\Drivers\SENTINEL.SYS
20:42:27.0039 1660 Sentinel ( UnsignedFile.Multi.Generic ) - warning
20:42:27.0039 1660 Sentinel - detected UnsignedFile.Multi.Generic (1)
20:42:27.0055 1660 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:42:27.0086 1660 Serenum - ok
20:42:27.0133 1660 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:42:27.0164 1660 Serial - ok
20:42:27.0211 1660 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:42:27.0273 1660 sermouse - ok
20:42:27.0320 1660 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:42:27.0382 1660 SessionEnv - ok
20:42:27.0398 1660 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:42:27.0445 1660 sffdisk - ok
20:42:27.0460 1660 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:42:27.0507 1660 sffp_mmc - ok
20:42:27.0538 1660 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:42:27.0601 1660 sffp_sd - ok
20:42:27.0616 1660 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:42:27.0663 1660 sfloppy - ok
20:42:27.0741 1660 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:42:27.0772 1660 SharedAccess - ok
20:42:27.0897 1660 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:42:27.0991 1660 ShellHWDetection - ok
20:42:28.0022 1660 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:42:28.0038 1660 sisagp - ok
20:42:28.0100 1660 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:42:28.0131 1660 SiSRaid2 - ok
20:42:28.0147 1660 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:42:28.0162 1660 SiSRaid4 - ok
20:42:28.0318 1660 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:42:28.0334 1660 SkypeUpdate - ok
20:42:28.0350 1660 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:42:28.0381 1660 Smb - ok
20:42:28.0428 1660 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:42:28.0459 1660 SNMPTRAP - ok
20:42:28.0474 1660 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:42:28.0506 1660 spldr - ok
20:42:28.0599 1660 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:42:28.0662 1660 Spooler - ok
20:42:29.0348 1660 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:42:29.0426 1660 sppsvc - ok
20:42:29.0504 1660 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:42:29.0598 1660 sppuinotify - ok
20:42:29.0722 1660 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:42:29.0754 1660 srv - ok
20:42:29.0894 1660 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:42:29.0925 1660 srv2 - ok
20:42:29.0988 1660 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:42:30.0034 1660 srvnet - ok
20:42:30.0097 1660 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:42:30.0144 1660 SSDPSRV - ok
20:42:30.0253 1660 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:42:30.0331 1660 SstpSvc - ok
20:42:30.0378 1660 Steam Client Service - ok
20:42:30.0487 1660 [ BA696186045E49A7276B2282AFE5E1C8 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:42:30.0518 1660 Stereo Service - ok
20:42:30.0612 1660 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:42:30.0674 1660 stexstor - ok
20:42:30.0939 1660 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:42:31.0002 1660 StiSvc - ok
20:42:31.0017 1660 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:42:31.0033 1660 storflt - ok
20:42:31.0251 1660 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:42:31.0282 1660 storvsc - ok
20:42:31.0454 1660 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:42:31.0470 1660 swenum - ok
20:42:32.0234 1660 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:42:32.0281 1660 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:42:32.0281 1660 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
20:42:32.0546 1660 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:42:32.0608 1660 swprv - ok
20:42:32.0749 1660 Synth3dVsc - ok
20:42:33.0170 1660 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:42:33.0201 1660 SysMain - ok
20:42:33.0357 1660 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:42:33.0435 1660 TabletInputService - ok
20:42:33.0622 1660 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:42:33.0716 1660 TapiSrv - ok
20:42:33.0856 1660 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:42:34.0106 1660 TBS - ok
20:42:34.0512 1660 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:42:34.0605 1660 Tcpip - ok
20:42:34.0636 1660 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:42:34.0668 1660 TCPIP6 - ok
20:42:34.0668 1660 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:42:34.0714 1660 tcpipreg - ok
20:42:34.0746 1660 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:42:34.0792 1660 TDPIPE - ok
20:42:34.0839 1660 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:42:34.0886 1660 TDTCP - ok
20:42:34.0933 1660 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:42:35.0026 1660 tdx - ok
20:42:35.0058 1660 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:42:35.0073 1660 TermDD - ok
20:42:35.0198 1660 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:42:35.0245 1660 TermService - ok
20:42:35.0292 1660 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:42:35.0323 1660 Themes - ok
20:42:35.0354 1660 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:42:35.0370 1660 THREADORDER - ok
20:42:35.0432 1660 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:42:35.0494 1660 TrkWks - ok
20:42:35.0604 1660 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:42:35.0650 1660 TrustedInstaller - ok
20:42:35.0682 1660 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:42:35.0697 1660 tssecsrv - ok
20:42:35.0744 1660 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:42:35.0744 1660 TsUsbFlt - ok
20:42:35.0760 1660 tsusbhub - ok
20:42:35.0806 1660 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:42:35.0869 1660 tunnel - ok
20:42:35.0900 1660 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:42:35.0947 1660 uagp35 - ok
20:42:36.0009 1660 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:42:36.0087 1660 udfs - ok
20:42:36.0118 1660 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:42:36.0150 1660 UI0Detect - ok
20:42:36.0196 1660 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:42:36.0228 1660 uliagpkx - ok
20:42:36.0259 1660 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
20:42:36.0306 1660 umbus - ok
20:42:36.0337 1660 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:42:36.0368 1660 UmPass - ok
20:42:36.0477 1660 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:42:36.0540 1660 UmRdpService - ok
20:42:36.0602 1660 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:42:36.0680 1660 upnphost - ok
20:42:36.0742 1660 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:42:36.0789 1660 USBAAPL - ok
20:42:36.0820 1660 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:42:36.0852 1660 usbaudio - ok
20:42:36.0883 1660 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:42:36.0883 1660 usbccgp - ok
20:42:36.0961 1660 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:42:36.0992 1660 usbcir - ok
20:42:37.0023 1660 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:42:37.0023 1660 usbehci - ok
20:42:37.0054 1660 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:42:37.0086 1660 usbhub - ok
20:42:37.0101 1660 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:42:37.0132 1660 usbohci - ok
20:42:37.0148 1660 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:42:37.0164 1660 usbprint - ok
20:42:37.0210 1660 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:42:37.0257 1660 usbscan - ok
20:42:37.0273 1660 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:42:37.0320 1660 USBSTOR - ok
20:42:37.0335 1660 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:42:37.0351 1660 usbuhci - ok
20:42:37.0366 1660 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:42:37.0413 1660 UxSms - ok
20:42:37.0538 1660 [ 3D079691C5E3BB2810E7B5EAD80D96F4 ] V0640Vid C:\Windows\system32\DRIVERS\V0640Vid.sys
20:42:37.0585 1660 V0640Vid - ok
20:42:37.0616 1660 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:42:37.0616 1660 VaultSvc - ok
20:42:37.0632 1660 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:42:37.0647 1660 vdrvroot - ok
20:42:37.0694 1660 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:42:37.0756 1660 vds - ok
20:42:37.0772 1660 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:42:37.0803 1660 vga - ok
20:42:37.0819 1660 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:42:37.0834 1660 VgaSave - ok
20:42:37.0850 1660 VGPU - ok
20:42:37.0866 1660 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:42:37.0881 1660 vhdmp - ok
20:42:37.0897 1660 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:42:37.0897 1660 viaagp - ok
20:42:37.0912 1660 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:42:37.0959 1660 ViaC7 - ok
20:42:37.0975 1660 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:42:37.0990 1660 viaide - ok
20:42:38.0006 1660 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:42:38.0022 1660 vmbus - ok
20:42:38.0037 1660 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:42:38.0084 1660 VMBusHID - ok
20:42:38.0115 1660 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:42:38.0162 1660 volmgr - ok
20:42:38.0178 1660 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:42:38.0209 1660 volmgrx - ok
20:42:38.0224 1660 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:42:38.0240 1660 volsnap - ok
20:42:38.0271 1660 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:42:38.0302 1660 vsmraid - ok
20:42:38.0349 1660 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:42:38.0412 1660 VSS - ok
20:42:38.0427 1660 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:42:38.0458 1660 vwifibus - ok
20:42:38.0505 1660 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:42:38.0521 1660 W32Time - ok
20:42:38.0536 1660 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:42:38.0552 1660 WacomPen - ok
20:42:38.0599 1660 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:42:38.0661 1660 WANARP - ok
20:42:38.0661 1660 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:42:38.0677 1660 Wanarpv6 - ok
20:42:38.0770 1660 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:42:38.0817 1660 WatAdminSvc - ok
20:42:39.0145 1660 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:42:39.0176 1660 wbengine - ok
20:42:39.0223 1660 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:42:39.0254 1660 WbioSrvc - ok
20:42:39.0301 1660 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:42:39.0332 1660 wcncsvc - ok
20:42:39.0363 1660 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:42:39.0394 1660 WcsPlugInService - ok
20:42:39.0410 1660 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:42:39.0410 1660 Wd - ok
20:42:39.0472 1660 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
20:42:39.0504 1660 WDC_SAM - ok
20:42:39.0613 1660 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:42:39.0628 1660 Wdf01000 - ok
20:42:39.0644 1660 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:42:39.0691 1660 WdiServiceHost - ok
20:42:39.0691 1660 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:42:39.0706 1660 WdiSystemHost - ok
20:42:39.0769 1660 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:42:39.0816 1660 WebClient - ok
20:42:39.0847 1660 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:42:39.0862 1660 Wecsvc - ok
20:42:39.0878 1660 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:42:39.0940 1660 wercplsupport - ok
20:42:39.0972 1660 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:42:40.0003 1660 WerSvc - ok
20:42:40.0034 1660 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:42:40.0096 1660 WfpLwf - ok
20:42:40.0112 1660 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:42:40.0112 1660 WIMMount - ok
20:42:40.0190 1660 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:42:40.0252 1660 WinDefend - ok
20:42:40.0268 1660 WinHttpAutoProxySvc - ok
20:42:40.0486 1660 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:42:40.0518 1660 Winmgmt - ok
20:42:40.0564 1660 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:42:40.0627 1660 WinRM - ok
20:42:40.0689 1660 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:42:40.0720 1660 WinUsb - ok
20:42:40.0767 1660 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:42:40.0830 1660 Wlansvc - ok
20:42:41.0329 1660 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:42:41.0376 1660 wlidsvc - ok
20:42:41.0407 1660 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:42:41.0422 1660 WmiAcpi - ok
20:42:41.0438 1660 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:42:41.0454 1660 wmiApSrv - ok
20:42:41.0610 1660 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:42:41.0656 1660 WMPNetworkSvc - ok
20:42:41.0688 1660 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:42:41.0703 1660 WPCSvc - ok
20:42:41.0750 1660 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:42:41.0797 1660 WPDBusEnum - ok
20:42:41.0812 1660 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:42:41.0844 1660 ws2ifsl - ok
20:42:41.0875 1660 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
20:42:41.0906 1660 wscsvc - ok
20:42:41.0906 1660 WSearch - ok
20:42:42.0156 1660 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:42:42.0187 1660 wuauserv - ok
20:42:42.0249 1660 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:42:42.0265 1660 WudfPf - ok
20:42:42.0312 1660 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:42:42.0327 1660 WUDFRd - ok
20:42:42.0327 1660 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:42:42.0343 1660 wudfsvc - ok
20:42:42.0358 1660 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:42:42.0374 1660 WwanSvc - ok
20:42:42.0374 1660 ================ Scan global ===============================
20:42:42.0405 1660 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:42:42.0452 1660 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:42:42.0452 1660 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:42:42.0499 1660 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:42:42.0592 1660 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:42:42.0608 1660 [Global] - ok
20:42:42.0608 1660 ================ Scan MBR ==================================
20:42:42.0624 1660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:42:43.0700 1660 \Device\Harddisk0\DR0 - ok
20:42:43.0700 1660 ================ Scan VBR ==================================
20:42:43.0716 1660 [ EF2F14CA92E048E8067C914A4FB30F1E ] \Device\Harddisk0\DR0\Partition1
20:42:43.0778 1660 \Device\Harddisk0\DR0\Partition1 - ok
20:42:43.0794 1660 [ 32375388FCC3793330D0455BCFAAF459 ] \Device\Harddisk0\DR0\Partition2
20:42:43.0825 1660 \Device\Harddisk0\DR0\Partition2 - ok
20:42:43.0825 1660 ================ Scan active images ========================
20:42:43.0825 1660 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
20:42:43.0825 1660 C:\Windows\System32\drivers\crashdmp.sys - ok
20:42:43.0825 1660 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
20:42:43.0825 1660 C:\Windows\System32\drivers\Dumpata.sys - ok
20:42:43.0825 1660 [ 012C5F4E9349E711E11E0F19A8589F0A ] C:\Windows\System32\drivers\msahci.sys
20:42:43.0825 1660 C:\Windows\System32\drivers\msahci.sys - ok
20:42:43.0840 1660 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
20:42:43.0840 1660 C:\Windows\System32\drivers\dumpfve.sys - ok
20:42:43.0840 1660 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
20:42:43.0840 1660 C:\Windows\System32\drivers\cdrom.sys - ok
20:42:43.0840 1660 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\Windows\System32\drivers\aswSnx.sys
20:42:43.0840 1660 C:\Windows\System32\drivers\aswSnx.sys - ok
20:42:43.0856 1660 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\null.sys - ok
20:42:43.0856 1660 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\beep.sys - ok
20:42:43.0856 1660 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\vga.sys - ok
20:42:43.0856 1660 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\videoprt.sys - ok
20:42:43.0856 1660 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\watchdog.sys - ok
20:42:43.0856 1660 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:42:43.0856 1660 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
20:42:43.0856 1660 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:42:43.0872 1660 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:42:43.0872 1660 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\msfs.sys - ok
20:42:43.0872 1660 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\npfs.sys - ok
20:42:43.0872 1660 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\Windows\System32\drivers\aswTdi.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\aswTdi.sys - ok
20:42:43.0872 1660 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\tdi.sys - ok
20:42:43.0872 1660 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\tdx.sys - ok
20:42:43.0872 1660 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
20:42:43.0872 1660 C:\Windows\System32\drivers\afd.sys - ok
20:42:43.0887 1660 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] C:\Windows\System32\drivers\aswRdr2.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\aswRdr2.sys - ok
20:42:43.0887 1660 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\netbt.sys - ok
20:42:43.0887 1660 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:42:43.0887 1660 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\netbios.sys - ok
20:42:43.0887 1660 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\pacer.sys - ok
20:42:43.0887 1660 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] C:\Windows\System32\drivers\serial.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\serial.sys - ok
20:42:43.0887 1660 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
20:42:43.0887 1660 C:\Windows\System32\drivers\wfplwf.sys - ok
20:42:43.0903 1660 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
20:42:43.0903 1660 C:\Windows\System32\drivers\wanarp.sys - ok
20:42:43.0903 1660 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] C:\Windows\System32\drivers\scdemu.sys
20:42:43.0903 1660 C:\Windows\System32\drivers\scdemu.sys - ok
20:42:43.0903 1660 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
20:42:43.0903 1660 C:\Windows\System32\drivers\termdd.sys - ok
20:42:43.0903 1660 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
20:42:43.0903 1660 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
20:42:43.0903 1660 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:42:43.0903 1660 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
20:42:43.0903 1660 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
20:42:43.0903 1660 C:\Windows\System32\drivers\rdbss.sys - ok
20:42:43.0903 1660 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\csc.sys - ok
20:42:43.0918 1660 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\discache.sys - ok
20:42:43.0918 1660 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\mssmbios.sys - ok
20:42:43.0918 1660 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:42:43.0918 1660 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\dfsc.sys - ok
20:42:43.0918 1660 [ 67B558895695545FB0568B7541F3BCA7 ] C:\Windows\System32\drivers\aswSP.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\aswSP.sys - ok
20:42:43.0918 1660 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\blbdrive.sys - ok
20:42:43.0918 1660 [ C08F6E9987D2AACFF9653ADB30C4DA3D ] C:\Windows\System32\drivers\atikmpag.sys
20:42:43.0918 1660 C:\Windows\System32\drivers\atikmpag.sys - ok
20:42:43.0934 1660 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
20:42:43.0934 1660 C:\Windows\System32\drivers\intelppm.sys - ok
20:42:43.0934 1660 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
20:42:43.0934 1660 C:\Windows\System32\drivers\tunnel.sys - ok
20:42:43.0934 1660 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
20:42:43.0934 1660 C:\Windows\System32\drivers\wmiacpi.sys - ok
20:42:43.0934 1660 [ F611C341A8B0926D6C2D6417464BD11E ] C:\Windows\System32\drivers\atikmdag.sys
20:42:43.0934 1660 C:\Windows\System32\drivers\atikmdag.sys - ok
20:42:43.0934 1660 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
20:42:43.0934 1660 C:\Windows\System32\ntdll.dll - ok
20:42:43.0934 1660 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
20:42:43.0934 1660 C:\Windows\System32\smss.exe - ok
20:42:43.0950 1660 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:42:43.0950 1660 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:42:43.0950 1660 [ 19E30C3C80D8CE29944B3F30FF9C8B76 ] C:\Windows\System32\drivers\e1k6232.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\e1k6232.sys - ok
20:42:43.0950 1660 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:42:43.0950 1660 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\agilevpn.sys - ok
20:42:43.0950 1660 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:42:43.0950 1660 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:42:43.0950 1660 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:42:43.0965 1660 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
20:42:43.0965 1660 C:\Windows\System32\drivers\ndistapi.sys - ok
20:42:43.0965 1660 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
20:42:43.0965 1660 C:\Windows\System32\drivers\ndiswan.sys - ok
20:42:43.0965 1660 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
20:42:43.0965 1660 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:42:43.0965 1660 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] C:\Windows\System32\drivers\serenum.sys
20:42:43.0965 1660 C:\Windows\System32\drivers\serenum.sys - ok
20:42:43.0965 1660 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
20:42:43.0965 1660 C:\Windows\System32\drivers\usbehci.sys - ok
20:42:43.0965 1660 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
20:42:43.0965 1660 C:\Windows\System32\drivers\usbport.sys - ok
20:42:43.0981 1660 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\kbdclass.sys - ok
20:42:43.0981 1660 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\mouclass.sys - ok
20:42:43.0981 1660 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\raspppoe.sys - ok
20:42:43.0981 1660 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\raspptp.sys - ok
20:42:43.0981 1660 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\rassstp.sys - ok
20:42:43.0981 1660 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\rdpbus.sys - ok
20:42:43.0981 1660 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
20:42:43.0981 1660 C:\Windows\System32\drivers\ks.sys - ok
20:42:43.0996 1660 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\swenum.sys - ok
20:42:43.0996 1660 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\umbus.sys - ok
20:42:43.0996 1660 [ D7060D296061A1BD79A1F66D39EE0076 ] C:\Windows\System32\drivers\EvoMouseDriverMini.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\EvoMouseDriverMini.sys - ok
20:42:43.0996 1660 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\usbhub.sys - ok
20:42:43.0996 1660 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\ndproxy.sys - ok
20:42:43.0996 1660 [ 434192D027A6A11E32E1C74C7C43E1ED ] C:\Windows\System32\drivers\AtihdW73.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\AtihdW73.sys - ok
20:42:43.0996 1660 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
20:42:43.0996 1660 C:\Windows\System32\drivers\drmk.sys - ok
20:42:44.0012 1660 [ A5EF29D5315111C80A5C1ABAD14C8972 ] C:\Windows\System32\drivers\HdAudio.sys
20:42:44.0012 1660 C:\Windows\System32\drivers\HdAudio.sys - ok
20:42:44.0012 1660 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
20:42:44.0012 1660 C:\Windows\System32\drivers\portcls.sys - ok
20:42:44.0012 1660 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
20:42:44.0012 1660 C:\Windows\System32\autochk.exe - ok
20:42:44.0012 1660 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
20:42:44.0012 1660 C:\Windows\System32\psapi.dll - ok
20:42:44.0012 1660 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
20:42:44.0012 1660 C:\Windows\System32\setupapi.dll - ok
20:42:44.0012 1660 [ C3674D5D85178762174E9137D3D04480 ] C:\Windows\System32\urlmon.dll
20:42:44.0012 1660 C:\Windows\System32\urlmon.dll - ok
20:42:44.0012 1660 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
20:42:44.0012 1660 C:\Windows\System32\gdi32.dll - ok
20:42:44.0028 1660 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
20:42:44.0028 1660 C:\Windows\System32\nsi.dll - ok
20:42:44.0028 1660 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
20:42:44.0028 1660 C:\Windows\System32\user32.dll - ok
20:42:44.0028 1660 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
20:42:44.0028 1660 C:\Windows\System32\usp10.dll - ok
20:42:44.0028 1660 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
20:42:44.0028 1660 C:\Windows\System32\advapi32.dll - ok
20:42:44.0028 1660 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
20:42:44.0028 1660 C:\Windows\System32\imm32.dll - ok
20:42:44.0028 1660 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
20:42:44.0028 1660 C:\Windows\System32\oleaut32.dll - ok
20:42:44.0028 1660 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
20:42:44.0028 1660 C:\Windows\System32\sechost.dll - ok
20:42:44.0043 1660 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
20:42:44.0043 1660 C:\Windows\System32\ole32.dll - ok
20:42:44.0043 1660 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
20:42:44.0043 1660 C:\Windows\System32\comdlg32.dll - ok
20:42:44.0043 1660 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
20:42:44.0043 1660 C:\Windows\System32\rpcrt4.dll - ok
20:42:44.0043 1660 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
20:42:44.0043 1660 C:\Windows\System32\ws2_32.dll - ok
20:42:44.0043 1660 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
20:42:44.0043 1660 C:\Windows\System32\drivers\usbccgp.sys - ok
20:42:44.0043 1660 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
20:42:44.0043 1660 C:\Windows\System32\drivers\usbd.sys - ok
20:42:44.0043 1660 [ B27EDA12BAA7255722F38718CB498951 ] C:\Windows\System32\iertutil.dll
20:42:44.0043 1660 C:\Windows\System32\iertutil.dll - ok
20:42:44.0059 1660 [ 4F4E2103C7F8A2AB6679071855549C93 ] C:\Windows\System32\wininet.dll
20:42:44.0059 1660 C:\Windows\System32\wininet.dll - ok
20:42:44.0059 1660 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
20:42:44.0059 1660 C:\Windows\System32\difxapi.dll - ok
20:42:44.0059 1660 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
20:42:44.0059 1660 C:\Windows\System32\clbcatq.dll - ok
20:42:44.0059 1660 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
20:42:44.0059 1660 C:\Windows\System32\shlwapi.dll - ok
20:42:44.0059 1660 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
20:42:44.0059 1660 C:\Windows\System32\msctf.dll - ok
20:42:44.0059 1660 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
20:42:44.0059 1660 C:\Windows\System32\shell32.dll - ok
20:42:44.0059 1660 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
20:42:44.0059 1660 C:\Windows\System32\lpk.dll - ok
20:42:44.0074 1660 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
20:42:44.0074 1660 C:\Windows\System32\Wldap32.dll - ok
20:42:44.0074 1660 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
20:42:44.0074 1660 C:\Windows\System32\imagehlp.dll - ok
20:42:44.0074 1660 [ 6F93A0F455963DC8A9A16BB682C8D589 ] C:\Windows\System32\kernel32.dll
20:42:44.0074 1660 C:\Windows\System32\kernel32.dll - ok
20:42:44.0074 1660 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
20:42:44.0074 1660 C:\Windows\System32\msvcrt.dll - ok
20:42:44.0074 1660 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
20:42:44.0074 1660 C:\Windows\System32\normaliz.dll - ok
20:42:44.0074 1660 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
20:42:44.0074 1660 C:\Windows\System32\crypt32.dll - ok
20:42:44.0074 1660 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
20:42:44.0074 1660 C:\Windows\System32\cfgmgr32.dll - ok
20:42:44.0090 1660 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
20:42:44.0090 1660 C:\Windows\System32\comctl32.dll - ok
20:42:44.0090 1660 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
20:42:44.0090 1660 C:\Windows\System32\devobj.dll - ok
20:42:44.0090 1660 [ CE90695129BD27591C47F7A4AB526789 ] C:\Windows\System32\KernelBase.dll
20:42:44.0090 1660 C:\Windows\System32\KernelBase.dll - ok
20:42:44.0090 1660 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
20:42:44.0090 1660 C:\Windows\System32\wintrust.dll - ok
20:42:44.0090 1660 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
20:42:44.0090 1660 C:\Windows\System32\msasn1.dll - ok
20:42:44.0090 1660 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
20:42:44.0090 1660 C:\Windows\System32\drivers\dxapi.sys - ok
20:42:44.0090 1660 [ 97A30C905E6080E72E23425D72A15957 ] C:\Windows\System32\win32k.sys
20:42:44.0090 1660 C:\Windows\System32\win32k.sys - ok
20:42:44.0106 1660 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
20:42:44.0106 1660 C:\Windows\System32\csrsrv.dll - ok
20:42:44.0106 1660 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
20:42:44.0106 1660 C:\Windows\System32\csrss.exe - ok
20:42:44.0106 1660 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
20:42:44.0106 1660 C:\Windows\System32\basesrv.dll - ok
20:42:44.0106 1660 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\System32\winsrv.dll
20:42:44.0106 1660 C:\Windows\System32\winsrv.dll - ok
20:42:44.0106 1660 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
20:42:44.0106 1660 C:\Windows\System32\drivers\hidclass.sys - ok
20:42:44.0106 1660 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
20:42:44.0106 1660 C:\Windows\System32\drivers\hidparse.sys - ok
20:42:44.0106 1660 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
20:42:44.0106 1660 C:\Windows\System32\drivers\hidusb.sys - ok
20:42:44.0121 1660 [ 9E3CED91863E6EE98C24794D05E27A71 ] C:\Windows\System32\drivers\kbdhid.sys
20:42:44.0121 1660 C:\Windows\System32\drivers\kbdhid.sys - ok
20:42:44.0121 1660 [ 1A540AC703E0A3E5D9792758DF426F81 ] C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys
20:42:44.0121 1660 C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys - ok
20:42:44.0121 1660 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
20:42:44.0121 1660 C:\Windows\System32\drivers\mouhid.sys - ok
20:42:44.0121 1660 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
20:42:44.0121 1660 C:\Windows\System32\drivers\monitor.sys - ok
20:42:44.0121 1660 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
20:42:44.0121 1660 C:\Windows\System32\profapi.dll - ok
20:42:44.0121 1660 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
20:42:44.0121 1660 C:\Windows\System32\sxssrv.dll - ok
20:42:44.0121 1660 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
20:42:44.0121 1660 C:\Windows\System32\tsddd.dll - ok
20:42:44.0137 1660 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
20:42:44.0137 1660 C:\Windows\System32\wininit.exe - ok
20:42:44.0137 1660 [ 4E725FE742206824BEB08DD0E9D452FA ] C:\Windows\System32\KBDNO.DLL
20:42:44.0137 1660 C:\Windows\System32\KBDNO.DLL - ok
20:42:44.0137 1660 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
20:42:44.0137 1660 C:\Windows\System32\RpcRtRemote.dll - ok
20:42:44.0137 1660 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
20:42:44.0137 1660 C:\Windows\System32\cdd.dll - ok
20:42:44.0137 1660 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
20:42:44.0137 1660 C:\Windows\System32\KBDUS.DLL - ok
20:42:44.0137 1660 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
20:42:44.0137 1660 C:\Windows\System32\cryptbase.dll - ok
20:42:44.0137 1660 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
20:42:44.0137 1660 C:\Windows\System32\sxs.dll - ok
20:42:44.0152 1660 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
20:42:44.0152 1660 C:\Windows\System32\WlS0WndH.dll - ok
20:42:44.0152 1660 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
20:42:44.0152 1660 C:\Windows\System32\apphelp.dll - ok
20:42:44.0152 1660 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
20:42:44.0152 1660 C:\Windows\System32\lsass.exe - ok
20:42:44.0152 1660 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
20:42:44.0152 1660 C:\Windows\System32\services.exe - ok
20:42:44.0152 1660 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
20:42:44.0152 1660 C:\Windows\System32\lsasrv.dll - ok
20:42:44.0152 1660 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
20:42:44.0152 1660 C:\Windows\System32\lsm.exe - ok
20:42:44.0168 1660 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
20:42:44.0168 1660 C:\Windows\System32\scesrv.dll - ok
20:42:44.0168 1660 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
20:42:44.0168 1660 C:\Windows\System32\scext.dll - ok
20:42:44.0168 1660 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
20:42:44.0168 1660 C:\Windows\System32\secur32.dll - ok
20:42:44.0168 1660 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
20:42:44.0168 1660 C:\Windows\System32\sspicli.dll - ok
20:42:44.0168 1660 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
20:42:44.0168 1660 C:\Windows\System32\sspisrv.dll - ok
20:42:44.0168 1660 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
20:42:44.0168 1660 C:\Windows\System32\sysntfy.dll - ok
20:42:44.0168 1660 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
20:42:44.0168 1660 C:\Windows\System32\wmsgapi.dll - ok
20:42:44.0184 1660 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
20:42:44.0184 1660 C:\Windows\System32\srvcli.dll - ok
20:42:44.0184 1660 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
20:42:44.0184 1660 C:\Windows\System32\authz.dll - ok
20:42:44.0184 1660 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
20:42:44.0184 1660 C:\Windows\System32\cngaudit.dll - ok
20:42:44.0184 1660 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
20:42:44.0184 1660 C:\Windows\System32\cryptdll.dll - ok
20:42:44.0184 1660 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll
20:42:44.0184 1660 C:\Windows\System32\ncrypt.dll - ok
20:42:44.0184 1660 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
20:42:44.0184 1660 C:\Windows\System32\samsrv.dll - ok
20:42:44.0184 1660 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
20:42:44.0184 1660 C:\Windows\System32\wevtapi.dll - ok
20:42:44.0199 1660 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
20:42:44.0199 1660 C:\Windows\System32\bcrypt.dll - ok
20:42:44.0199 1660 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
20:42:44.0199 1660 C:\Windows\System32\winlogon.exe - ok
20:42:44.0199 1660 [ ED4649A28AFE0B3DB93C3198BA48E34E ] C:\Windows\System32\atmfd.dll
20:42:44.0199 1660 C:\Windows\System32\atmfd.dll - ok
20:42:44.0199 1660 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
20:42:44.0199 1660 C:\Windows\System32\msprivs.dll - ok
20:42:44.0199 1660 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
20:42:44.0199 1660 C:\Windows\System32\netjoin.dll - ok
20:42:44.0199 1660 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
20:42:44.0199 1660 C:\Windows\System32\winsta.dll - ok
20:42:44.0199 1660 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
20:42:44.0199 1660 C:\Windows\System32\kerberos.dll - ok
20:42:44.0215 1660 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
20:42:44.0215 1660 C:\Windows\System32\negoexts.dll - ok
20:42:44.0215 1660 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
20:42:44.0215 1660 C:\Windows\System32\cryptsp.dll - ok
20:42:44.0215 1660 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
20:42:44.0215 1660 C:\Windows\System32\mswsock.dll - ok
20:42:44.0215 1660 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
20:42:44.0215 1660 C:\Windows\System32\wship6.dll - ok
20:42:44.0215 1660 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
20:42:44.0215 1660 C:\Windows\System32\dnsapi.dll - ok
20:42:44.0215 1660 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
20:42:44.0215 1660 C:\Windows\System32\logoncli.dll - ok
20:42:44.0215 1660 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
20:42:44.0215 1660 C:\Windows\System32\msv1_0.dll - ok
20:42:44.0230 1660 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
20:42:44.0230 1660 C:\Windows\System32\netlogon.dll - ok
20:42:44.0230 1660 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
20:42:44.0230 1660 C:\Windows\System32\rsaenh.dll - ok
20:42:44.0230 1660 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
20:42:44.0230 1660 C:\Windows\System32\schannel.dll - ok
20:42:44.0230 1660 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
20:42:44.0230 1660 C:\Windows\System32\wdigest.dll - ok
20:42:44.0230 1660 [ 9EDE13F62E7BE92DBA561218EDDC4E21 ] C:\Windows\System32\LIVESSP.DLL
20:42:44.0230 1660 C:\Windows\System32\LIVESSP.DLL - ok
20:42:44.0230 1660 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
20:42:44.0230 1660 C:\Windows\System32\pku2u.dll - ok
20:42:44.0230 1660 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
20:42:44.0230 1660 C:\Windows\System32\TSpkg.dll - ok
20:42:44.0246 1660 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
20:42:44.0246 1660 C:\Windows\System32\bcryptprimitives.dll - ok
20:42:44.0246 1660 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
20:42:44.0246 1660 C:\Windows\System32\credssp.dll - ok
20:42:44.0246 1660 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
20:42:44.0246 1660 C:\Windows\System32\efslsaext.dll - ok
20:42:44.0246 1660 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
20:42:44.0246 1660 C:\Windows\System32\scecli.dll - ok
20:42:44.0246 1660 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
20:42:44.0246 1660 C:\Windows\System32\svchost.exe - ok
20:42:44.0246 1660 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
20:42:44.0246 1660 C:\Windows\System32\ubpm.dll - ok
20:42:44.0246 1660 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
20:42:44.0246 1660 C:\Windows\System32\umpnpmgr.dll - ok
20:42:44.0262 1660 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
20:42:44.0262 1660 C:\Windows\System32\devrtl.dll - ok
20:42:44.0262 1660 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
20:42:44.0262 1660 C:\Windows\System32\SPInf.dll - ok
20:42:44.0262 1660 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
20:42:44.0262 1660 C:\Windows\System32\userenv.dll - ok
20:42:44.0262 1660 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
20:42:44.0262 1660 C:\Windows\System32\gpapi.dll - ok
20:42:44.0262 1660 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
20:42:44.0262 1660 C:\Windows\System32\umpo.dll - ok
20:42:44.0262 1660 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
20:42:44.0262 1660 C:\Windows\System32\pcwum.dll - ok
20:42:44.0262 1660 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
20:42:44.0262 1660 C:\Windows\System32\powrprof.dll - ok
20:42:44.0277 1660 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
20:42:44.0277 1660 C:\Windows\System32\drivers\luafv.sys - ok
20:42:44.0277 1660 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] C:\Windows\System32\drivers\aswMonFlt.sys
20:42:44.0277 1660 C:\Windows\System32\drivers\aswMonFlt.sys - ok
20:42:44.0277 1660 [ DE6ED95AEF259979B2830450072A627B ] C:\Windows\System32\drivers\aswFsBlk.sys
20:42:44.0277 1660 C:\Windows\System32\drivers\aswFsBlk.sys - ok
20:42:44.0277 1660 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
20:42:44.0277 1660 C:\Windows\System32\drivers\WUDFPf.sys - ok
20:42:44.0277 1660 [ 2554787AF6D018740D6C3F831AA7E52F ] C:\Windows\System32\nvvsvc.exe
20:42:44.0277 1660 C:\Windows\System32\nvvsvc.exe - ok
20:42:44.0277 1660 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
20:42:44.0277 1660 C:\Windows\System32\wtsapi32.dll - ok
20:42:44.0277 1660 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
20:42:44.0277 1660 C:\Windows\System32\rpcss.dll - ok
20:42:44.0293 1660 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
20:42:44.0293 1660 C:\Windows\System32\RpcEpMap.dll - ok
20:42:44.0293 1660 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
20:42:44.0293 1660 C:\Windows\System32\wshqos.dll - ok
20:42:44.0293 1660 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
20:42:44.0293 1660 C:\Windows\System32\WSHTCPIP.DLL - ok
20:42:44.0293 1660 [ E608D708EFE1F8AE7160DB7C0DE4D8E6 ] C:\Windows\System32\atiesrxx.exe
20:42:44.0293 1660 C:\Windows\System32\atiesrxx.exe - ok
20:42:44.0293 1660 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
20:42:44.0293 1660 C:\Windows\System32\FirewallAPI.dll - ok
20:42:44.0293 1660 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
20:42:44.0293 1660 C:\Windows\System32\version.dll - ok
20:42:44.0293 1660 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
20:42:44.0293 1660 C:\Windows\System32\LogonUI.exe - ok
20:42:44.0308 1660 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
20:42:44.0308 1660 C:\Windows\System32\wevtsvc.dll - ok
20:42:44.0308 1660 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
20:42:44.0308 1660 C:\Windows\System32\authui.dll - ok
20:42:44.0308 1660 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
20:42:44.0308 1660 C:\Windows\System32\mmcss.dll - ok
20:42:44.0308 1660 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
20:42:44.0308 1660 C:\Windows\System32\avrt.dll - ok
20:42:44.0308 1660 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
20:42:44.0308 1660 C:\Windows\System32\audiosrv.dll - ok
20:42:44.0308 1660 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
20:42:44.0308 1660 C:\Windows\System32\ntmarta.dll - ok
20:42:44.0308 1660 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
20:42:44.0308 1660 C:\Windows\System32\MMDevAPI.dll - ok
20:42:44.0324 1660 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
20:42:44.0324 1660 C:\Windows\System32\propsys.dll - ok
20:42:44.0324 1660 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
20:42:44.0324 1660 C:\Windows\System32\audiodg.exe - ok
20:42:44.0324 1660 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
20:42:44.0324 1660 C:\Windows\System32\netprofm.dll - ok
20:42:44.0324 1660 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
20:42:44.0324 1660 C:\Windows\System32\cryptui.dll - ok
20:42:44.0324 1660 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:42:44.0324 1660 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:42:44.0324 1660 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
20:42:44.0324 1660 C:\Windows\System32\shacct.dll - ok
20:42:44.0324 1660 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
20:42:44.0324 1660 C:\Windows\System32\samlib.dll - ok
20:42:44.0340 1660 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
20:42:44.0340 1660 C:\Windows\System32\uxtheme.dll - ok
20:42:44.0340 1660 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
20:42:44.0340 1660 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
20:42:44.0340 1660 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
20:42:44.0340 1660 C:\Windows\System32\dui70.dll - ok
20:42:44.0340 1660 [ 15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll
20:42:44.0340 1660 C:\Windows\System32\cscsvc.dll - ok
20:42:44.0340 1660 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
20:42:44.0340 1660 C:\Windows\System32\gpsvc.dll - ok
20:42:44.0340 1660 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
20:42:44.0340 1660 C:\Windows\System32\nlaapi.dll - ok
20:42:44.0355 1660 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
20:42:44.0355 1660 C:\Windows\System32\profsvc.dll - ok
20:42:44.0355 1660 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
20:42:44.0355 1660 C:\Windows\System32\themeservice.dll - ok
20:42:44.0355 1660 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
20:42:44.0355 1660 C:\Windows\System32\atl.dll - ok
20:42:44.0355 1660 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
20:42:44.0355 1660 C:\Windows\System32\dsrole.dll - ok
20:42:44.0355 1660 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
20:42:44.0355 1660 C:\Windows\System32\slc.dll - ok
20:42:44.0355 1660 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll
20:42:44.0355 1660 C:\Windows\System32\PeerDist.dll - ok
20:42:44.0355 1660 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
20:42:44.0355 1660 C:\Windows\System32\es.dll - ok
20:42:44.0371 1660 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
20:42:44.0371 1660 C:\Windows\System32\Sens.dll - ok
20:42:44.0371 1660 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
20:42:44.0371 1660 C:\Windows\System32\winmm.dll - ok
20:42:44.0371 1660 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
20:42:44.0371 1660 C:\Windows\System32\duser.dll - ok
20:42:44.0371 1660 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
20:42:44.0371 1660 C:\Windows\System32\ksuser.dll - ok
20:42:44.0371 1660 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
20:42:44.0371 1660 C:\Windows\System32\wdmaud.drv - ok
20:42:44.0371 1660 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
20:42:44.0371 1660 C:\Windows\System32\SndVolSSO.dll - ok
20:42:44.0371 1660 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
20:42:44.0371 1660 C:\Windows\System32\dwmapi.dll - ok
20:42:44.0386 1660 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
20:42:44.0386 1660 C:\Windows\System32\hid.dll - ok
20:42:44.0386 1660 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
20:42:44.0386 1660 C:\Windows\System32\xmllite.dll - ok
20:42:44.0386 1660 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
20:42:44.0386 1660 C:\Windows\System32\WindowsCodecs.dll - ok
20:42:44.0386 1660 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
20:42:44.0386 1660 C:\Windows\System32\taskschd.dll - ok
20:42:44.0386 1660 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
20:42:44.0386 1660 C:\Windows\System32\mstask.dll - ok
20:42:44.0386 1660 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
20:42:44.0386 1660 C:\Windows\System32\uxsms.dll - ok
20:42:44.0386 1660 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
20:42:44.0386 1660 C:\Windows\System32\winbrand.dll - ok
20:42:44.0386 1660 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
20:42:44.0386 1660 C:\Windows\System32\WUDFSvc.dll - ok
20:42:44.0402 1660 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
20:42:44.0402 1660 C:\Windows\System32\comres.dll - ok
20:42:44.0402 1660 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
20:42:44.0402 1660 C:\Windows\System32\adtschema.dll - ok
20:42:44.0402 1660 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:42:44.0402 1660 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:42:44.0402 1660 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
20:42:44.0402 1660 C:\Windows\System32\VaultCredProvider.dll - ok
20:42:44.0402 1660 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
20:42:44.0402 1660 C:\Windows\System32\BioCredProv.dll - ok
20:42:44.0402 1660 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
20:42:44.0402 1660 C:\Windows\System32\credui.dll - ok
20:42:44.0418 1660 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
20:42:44.0418 1660 C:\Windows\System32\winbio.dll - ok
20:42:44.0418 1660 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
20:42:44.0418 1660 C:\Windows\System32\vaultcli.dll - ok
20:42:44.0418 1660 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
20:42:44.0418 1660 C:\Windows\System32\netapi32.dll - ok
20:42:44.0418 1660 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
20:42:44.0418 1660 C:\Windows\System32\netutils.dll - ok
20:42:44.0418 1660 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
20:42:44.0418 1660 C:\Windows\System32\samcli.dll - ok
20:42:44.0418 1660 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
20:42:44.0418 1660 C:\Windows\System32\wkscli.dll - ok
20:42:44.0418 1660 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
20:42:44.0418 1660 C:\Windows\System32\WUDFPlatform.dll - ok
20:42:44.0418 1660 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
20:42:44.0418 1660 C:\Windows\System32\certCredProvider.dll - ok
20:42:44.0433 1660 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
20:42:44.0433 1660 C:\Windows\System32\drivers\lltdio.sys - ok
20:42:44.0433 1660 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
20:42:44.0433 1660 C:\Windows\System32\drivers\rspndr.sys - ok
20:42:44.0433 1660 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
20:42:44.0433 1660 C:\Windows\System32\lmhsvc.dll - ok
20:42:44.0433 1660 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
20:42:44.0433 1660 C:\Windows\System32\nsisvc.dll - ok
20:42:44.0433 1660 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
20:42:44.0433 1660 C:\Windows\System32\dnsrslvr.dll - ok
20:42:44.0433 1660 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
20:42:44.0433 1660 C:\Windows\System32\FWPUCLNT.DLL - ok
20:42:44.0433 1660 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
20:42:44.0433 1660 C:\Windows\System32\winnsi.dll - ok
20:42:44.0449 1660 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
20:42:44.0449 1660 C:\Windows\System32\dnsext.dll - ok
20:42:44.0449 1660 [ B230D1B54017C2B56DAFE311DFEB0102 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
20:42:44.0449 1660 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
20:42:44.0449 1660 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
20:42:44.0449 1660 C:\Windows\System32\IPHLPAPI.DLL - ok
20:42:44.0449 1660 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
20:42:44.0449 1660 C:\Windows\System32\nrpsrv.dll - ok
20:42:44.0449 1660 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
20:42:44.0449 1660 C:\Windows\System32\dhcpcore.dll - ok
20:42:44.0449 1660 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
20:42:44.0449 1660 C:\Windows\System32\rasplap.dll - ok
20:42:44.0449 1660 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
20:42:44.0449 1660 C:\Windows\System32\dhcpcore6.dll - ok
20:42:44.0464 1660 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
20:42:44.0464 1660 C:\Windows\System32\rasapi32.dll - ok
20:42:44.0464 1660 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
20:42:44.0464 1660 C:\Windows\System32\rasman.dll - ok
20:42:44.0464 1660 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
20:42:44.0464 1660 C:\Windows\System32\rtutils.dll - ok
20:42:44.0464 1660 [ BDEDE71F3B9A9CDB621A1400B10F830A ] C:\Windows\System32\atieclxx.exe
20:42:44.0464 1660 C:\Windows\System32\atieclxx.exe - ok
20:42:44.0464 1660 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
20:42:44.0464 1660 C:\Windows\System32\UXInit.dll - ok
20:42:44.0464 1660 [ E5CC42D5D8AB979BEFE132A9741E8F59 ] C:\Windows\System32\atiadlxx.dll
20:42:44.0464 1660 C:\Windows\System32\atiadlxx.dll - ok
20:42:44.0464 1660 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
20:42:44.0464 1660 C:\Windows\System32\wsock32.dll - ok
20:42:44.0480 1660 [ A5167A099AD58B26EC8333747CF5F0CF ] C:\Windows\System32\nvsvc.dll
20:42:44.0480 1660 C:\Windows\System32\nvsvc.dll - ok
20:42:44.0480 1660 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
20:42:44.0480 1660 C:\Windows\System32\dhcpcsvc.dll - ok
20:42:44.0480 1660 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
20:42:44.0480 1660 C:\Windows\System32\dhcpcsvc6.dll - ok
20:42:44.0480 1660 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
20:42:44.0480 1660 C:\Windows\System32\oleacc.dll - ok
20:42:44.0480 1660 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
20:42:44.0480 1660 C:\Windows\System32\UIAutomationCore.dll - ok
20:42:44.0480 1660 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:42:44.0480 1660 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok
20:42:44.0480 1660 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
20:42:44.0480 1660 C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok
20:42:44.0496 1660 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
20:42:44.0496 1660 C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok
20:42:44.0496 1660 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
20:42:44.0496 1660 C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok
20:42:44.0496 1660 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
20:42:44.0496 1660 C:\Windows\System32\msimg32.dll - ok
20:42:44.0496 1660 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
20:42:44.0496 1660 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
20:42:44.0496 1660 [ 1F882670D094E96772893ADC6D026F9B ] C:\Windows\System32\nvapi.dll
20:42:44.0496 1660 C:\Windows\System32\nvapi.dll - ok
20:42:44.0496 1660 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
20:42:44.0496 1660 C:\Windows\System32\AudioSes.dll - ok
20:42:44.0511 1660 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
20:42:44.0511 1660 C:\Windows\System32\midimap.dll - ok
20:42:44.0511 1660 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
20:42:44.0511 1660 C:\Windows\System32\msacm32.dll - ok
20:42:44.0511 1660 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
20:42:44.0511 1660 C:\Windows\System32\msacm32.drv - ok
20:42:44.0511 1660 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
20:42:44.0511 1660 C:\Windows\System32\AudioEng.dll - ok
20:42:44.0511 1660 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
20:42:44.0511 1660 C:\Windows\System32\AUDIOKSE.dll - ok
20:42:44.0511 1660 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
20:42:44.0511 1660 C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:42:44.0511 1660 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
20:42:44.0511 1660 C:\Windows\System32\mfplat.dll - ok
20:42:44.0527 1660 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
20:42:44.0527 1660 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
20:42:44.0527 1660 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\Alwil Software\Avast5\ashBase.dll
20:42:44.0527 1660 C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok
20:42:44.0527 1660 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
20:42:44.0527 1660 C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok
20:42:44.0527 1660 [ 5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll
20:42:44.0527 1660 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
20:42:44.0527 1660 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
20:42:44.0527 1660 C:\Windows\System32\dbghelp.dll - ok
20:42:44.0527 1660 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
20:42:44.0527 1660 C:\Windows\System32\MPSSVC.dll - ok
20:42:44.0542 1660 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:42:44.0542 1660 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:42:44.0542 1660 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
20:42:44.0542 1660 C:\Windows\System32\drivers\fltMgr.sys - ok
20:42:44.0542 1660 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
20:42:44.0542 1660 C:\Windows\System32\provsvc.dll - ok
20:42:44.0542 1660 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
20:42:44.0542 1660 C:\Windows\System32\PSHED.DLL - ok
20:42:44.0542 1660 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
20:42:44.0542 1660 C:\Windows\System32\imageres.dll - ok
20:42:44.0542 1660 [ 1319CD4619E96B156911CA3897563EBC ] C:\Windows\System32\ci.dll
20:42:44.0542 1660 C:\Windows\System32\ci.dll - ok
20:42:44.0542 1660 [ F800F4A9C301BDF9DB558C70822BDF38 ] C:\Program Files\Alwil Software\Avast5\1044\Base.dll
20:42:44.0542 1660 C:\Program Files\Alwil Software\Avast5\1044\Base.dll - ok
20:42:44.0558 1660 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
20:42:44.0558 1660 C:\Windows\System32\cscapi.dll - ok
20:42:44.0558 1660 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\Alwil Software\Avast5\ashServ.dll
20:42:44.0558 1660 C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok
20:42:44.0558 1660 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\Alwil Software\Avast5\aswAux.dll
20:42:44.0558 1660 C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok
20:42:44.0558 1660 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:42:44.0558 1660 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:42:44.0558 1660 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
20:42:44.0558 1660 C:\Windows\System32\shsvcs.dll - ok
20:42:44.0558 1660 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
20:42:44.0558 1660 C:\Windows\System32\fveapi.dll - ok
20:42:44.0574 1660 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
20:42:44.0574 1660 C:\Windows\System32\fvecerts.dll - ok
20:42:44.0574 1660 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
20:42:44.0574 1660 C:\Windows\System32\tbs.dll - ok
20:42:44.0574 1660 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
20:42:44.0574 1660 C:\Windows\System32\wiarpc.dll - ok
20:42:44.0574 1660 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll
20:42:44.0574 1660 C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok
20:42:44.0574 1660 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
20:42:44.0574 1660 C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok
20:42:44.0574 1660 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll
20:42:44.0574 1660 C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok
20:42:44.0574 1660 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
20:42:44.0574 1660 C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok
20:42:44.0589 1660 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
20:42:44.0589 1660 C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok
20:42:44.0589 1660 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
20:42:44.0589 1660 C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok
20:42:44.0589 1660 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
20:42:44.0589 1660 C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok
20:42:44.0589 1660 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll
20:42:44.0589 1660 C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok
20:42:44.0589 1660 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
20:42:44.0589 1660 C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok
20:42:44.0589 1660 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\Alwil Software\Avast5\aswStrm.dll
20:42:44.0589 1660 C:\Program Files\Alwil Software\Avast5\aswStrm.dll - ok
20:42:44.0605 1660 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
20:42:44.0605 1660 C:\Windows\System32\wscapi.dll - ok
20:42:44.0605 1660 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
20:42:44.0605 1660 C:\Windows\System32\wscisvif.dll - ok
20:42:44.0605 1660 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswEngin.dll
20:42:44.0605 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswEngin.dll - ok
20:42:44.0605 1660 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswCmnOS.dll
20:42:44.0605 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswCmnOS.dll - ok
20:42:44.0605 1660 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswCmnIS.dll
20:42:44.0605 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswCmnIS.dll - ok
20:42:44.0605 1660 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswCmnBS.dll
20:42:44.0605 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswCmnBS.dll - ok
20:42:44.0605 1660 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswScan.dll
20:42:44.0605 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswScan.dll - ok
20:42:44.0620 1660 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswRep.dll
20:42:44.0620 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswRep.dll - ok
20:42:44.0620 1660 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswFiDb.dll
20:42:44.0620 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswFiDb.dll - ok
20:42:44.0620 1660 [ EA0D0017CF061990B9D90FEBBA2C948F ] C:\Program Files\Alwil Software\Avast5\defs\12121301\algo.dll
20:42:44.0620 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\algo.dll - ok
20:42:44.0620 1660 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
20:42:44.0620 1660 C:\Windows\System32\schedsvc.dll - ok
20:42:44.0620 1660 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
20:42:44.0620 1660 C:\Windows\System32\ktmw32.dll - ok
20:42:44.0620 1660 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
20:42:44.0620 1660 C:\Windows\System32\taskcomp.dll - ok
20:42:44.0636 1660 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
20:42:44.0636 1660 C:\Windows\System32\drivers\http.sys - ok
20:42:44.0636 1660 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
20:42:44.0636 1660 C:\Windows\System32\spoolsv.exe - ok
20:42:44.0636 1660 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
20:42:44.0636 1660 C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok
20:42:44.0636 1660 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
20:42:44.0636 1660 C:\Windows\System32\BFE.DLL - ok
20:42:44.0636 1660 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
20:42:44.0636 1660 C:\Windows\System32\drivers\bowser.sys - ok
20:42:44.0636 1660 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
20:42:44.0636 1660 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:42:44.0652 1660 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
20:42:44.0652 1660 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:42:44.0652 1660 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
20:42:44.0652 1660 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:42:44.0652 1660 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
20:42:44.0652 1660 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:42:44.0652 1660 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
20:42:44.0652 1660 C:\Windows\System32\wkssvc.dll - ok
20:42:44.0652 1660 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
20:42:44.0652 1660 C:\Windows\System32\drivers\parport.sys - ok
20:42:44.0652 1660 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
20:42:44.0652 1660 C:\Windows\System32\wfapigp.dll - ok
20:42:44.0652 1660 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
20:42:44.0652 1660 C:\Windows\System32\mscms.dll - ok
20:42:44.0652 1660 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
20:42:44.0652 1660 C:\Windows\System32\pcasvc.dll - ok
20:42:44.0667 1660 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
20:42:44.0667 1660 C:\Windows\System32\snmptrap.exe - ok
20:42:44.0667 1660 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
20:42:44.0667 1660 C:\Windows\System32\iphlpsvc.dll - ok
20:42:44.0667 1660 [ CD8F847A75A974D7AA723A23DFB7D004 ] C:\Windows\System32\drivers\sentinel.sys
20:42:44.0667 1660 C:\Windows\System32\drivers\sentinel.sys - ok
20:42:44.0667 1660 [ A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll
20:42:44.0667 1660 C:\Windows\System32\PeerDistSh.dll - ok
20:42:44.0667 1660 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
20:42:44.0667 1660 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
20:42:44.0667 1660 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
20:42:44.0667 1660 C:\Windows\System32\sstpsvc.dll - ok
20:42:44.0683 1660 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:42:44.0683 1660 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:42:44.0683 1660 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:42:44.0683 1660 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:42:44.0683 1660 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:42:44.0683 1660 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:42:44.0683 1660 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:42:44.0683 1660 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:42:44.0683 1660 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\System32\fltLib.dll
20:42:44.0683 1660 C:\Windows\System32\fltLib.dll - ok
20:42:44.0683 1660 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
20:42:44.0683 1660 C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok
20:42:44.0698 1660 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll
20:42:44.0698 1660 C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok
20:42:44.0698 1660 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
20:42:44.0698 1660 C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok
20:42:44.0698 1660 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\Alwil Software\Avast5\AhResMes.dll
20:42:44.0698 1660 C:\Program Files\Alwil Software\Avast5\AhResMes.dll - ok
20:42:44.0698 1660 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
20:42:44.0698 1660 C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok
20:42:44.0698 1660 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\Alwil Software\Avast5\AhResP2P.dll
20:42:44.0698 1660 C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - ok
20:42:44.0698 1660 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
20:42:44.0698 1660 C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok
20:42:44.0714 1660 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
20:42:44.0714 1660 C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok
20:42:44.0714 1660 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\Alwil Software\Avast5\defs\12121301\ArPot.dll
20:42:44.0714 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\ArPot.dll - ok
20:42:44.0714 1660 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
20:42:44.0714 1660 C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok
20:42:44.0714 1660 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
20:42:44.0714 1660 C:\Windows\System32\NapiNSP.dll - ok


---post too long, log file continuing in next post----

----continuation of above log file post-----

20:42:44.0714 1660 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
20:42:44.0714 1660 C:\Windows\System32\pnrpnsp.dll - ok
20:42:44.0714 1660 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
20:42:44.0714 1660 C:\Windows\System32\winrnr.dll - ok
20:42:44.0730 1660 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
20:42:44.0730 1660 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:42:44.0730 1660 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:42:44.0730 1660 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:42:44.0730 1660 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\Alwil Software\Avast5\defs\12121301\exts.dll
20:42:44.0730 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\exts.dll - ok
20:42:44.0730 1660 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
20:42:44.0730 1660 C:\Windows\System32\rasadhlp.dll - ok
20:42:44.0730 1660 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:42:44.0730 1660 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:42:44.0730 1660 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
20:42:44.0730 1660 C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok
20:42:44.0745 1660 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
20:42:44.0745 1660 C:\Windows\System32\security.dll - ok
20:42:44.0745 1660 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
20:42:44.0745 1660 C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok
20:42:44.0745 1660 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswAR.dll
20:42:44.0745 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswAR.dll - ok
20:42:44.0745 1660 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\Alwil Software\Avast5\defs\12121301\aswRawFS.dll
20:42:44.0745 1660 C:\Program Files\Alwil Software\Avast5\defs\12121301\aswRawFS.dll - ok
20:42:44.0745 1660 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
20:42:44.0745 1660 C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok
20:42:44.0745 1660 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
20:42:44.0745 1660 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
20:42:44.0745 1660 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
20:42:44.0745 1660 C:\Windows\System32\winspool.drv - ok
20:42:44.0761 1660 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
20:42:44.0761 1660 C:\Windows\System32\oledlg.dll - ok
20:42:44.0761 1660 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
20:42:44.0761 1660 C:\Windows\System32\webio.dll - ok
20:42:44.0761 1660 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
20:42:44.0761 1660 C:\Windows\System32\winhttp.dll - ok
20:42:44.0761 1660 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
20:42:44.0761 1660 C:\Windows\AppPatch\AcGenral.dll - ok
20:42:44.0761 1660 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
20:42:44.0761 1660 C:\Windows\System32\mpr.dll - ok
20:42:44.0761 1660 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
20:42:44.0761 1660 C:\Windows\System32\sfc.dll - ok
20:42:44.0776 1660 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
20:42:44.0776 1660 C:\Windows\System32\sfc_os.dll - ok
20:42:44.0776 1660 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:42:44.0776 1660 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:42:44.0776 1660 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
20:42:44.0776 1660 C:\Windows\System32\SensApi.dll - ok
20:42:44.0776 1660 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\Alwil Software\Avast5\snxhk.dll
20:42:44.0776 1660 C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok
20:42:44.0776 1660 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
20:42:44.0776 1660 C:\Windows\System32\dllhost.exe - ok
20:42:44.0776 1660 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
20:42:44.0776 1660 C:\Windows\System32\IDStore.dll - ok
20:42:44.0776 1660 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe
20:42:44.0776 1660 C:\Windows\System32\taskhost.exe - ok
20:42:44.0792 1660 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
20:42:44.0792 1660 C:\Windows\System32\AtBroker.exe - ok
20:42:44.0792 1660 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
20:42:44.0792 1660 C:\Windows\System32\umb.dll - ok
20:42:44.0792 1660 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
20:42:44.0792 1660 C:\Windows\System32\userinit.exe - ok
20:42:44.0792 1660 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
20:42:44.0792 1660 C:\Windows\System32\dwm.exe - ok
20:42:44.0792 1660 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
20:42:44.0792 1660 C:\Windows\System32\dwmredir.dll - ok
20:42:44.0792 1660 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
20:42:44.0792 1660 C:\Windows\System32\dwmcore.dll - ok
20:42:44.0792 1660 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
20:42:44.0792 1660 C:\Windows\System32\taskeng.exe - ok
20:42:44.0808 1660 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:42:44.0808 1660 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:42:44.0808 1660 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
20:42:44.0808 1660 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
20:42:44.0808 1660 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
20:42:44.0808 1660 C:\Windows\explorer.exe - ok
20:42:44.0808 1660 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
20:42:44.0808 1660 C:\Windows\System32\localspl.dll - ok
20:42:44.0808 1660 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
20:42:44.0808 1660 C:\Windows\System32\spoolss.dll - ok
20:42:44.0808 1660 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
20:42:44.0808 1660 C:\Windows\System32\TSChannel.dll - ok
20:42:44.0808 1660 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
20:42:44.0808 1660 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:42:44.0823 1660 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
20:42:44.0823 1660 C:\Windows\System32\d3d10_1.dll - ok
20:42:44.0823 1660 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
20:42:44.0823 1660 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:42:44.0823 1660 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
20:42:44.0823 1660 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:42:44.0823 1660 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
20:42:44.0823 1660 C:\Windows\System32\HotStartUserAgent.dll - ok
20:42:44.0823 1660 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
20:42:44.0823 1660 C:\Windows\System32\d3d10_1core.dll - ok
20:42:44.0823 1660 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
20:42:44.0823 1660 C:\Windows\System32\dxgi.dll - ok
20:42:44.0839 1660 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
20:42:44.0839 1660 C:\Windows\System32\PlaySndSrv.dll - ok
20:42:44.0839 1660 [ 0264E74C080A52D0DF1272FEFC44A92C ] C:\Windows\System32\CNMLM9Z.DLL
20:42:44.0839 1660 C:\Windows\System32\CNMLM9Z.DLL - ok
20:42:44.0839 1660 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
20:42:44.0839 1660 C:\Windows\System32\MsCtfMonitor.dll - ok
20:42:44.0839 1660 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
20:42:44.0839 1660 C:\Windows\System32\msutb.dll - ok
20:42:44.0839 1660 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:44.0839 1660 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
20:42:44.0839 1660 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
20:42:44.0839 1660 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
20:42:44.0839 1660 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
20:42:44.0839 1660 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:42:44.0854 1660 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
20:42:44.0854 1660 C:\Windows\System32\FXSMON.dll - ok
20:42:44.0854 1660 [ 7F8BB5F228CF551C44A5C001712C1A39 ] C:\Windows\System32\aticfx32.dll
20:42:44.0854 1660 C:\Windows\System32\aticfx32.dll - ok
20:42:44.0854 1660 [ 12AE7F920CCD4E272CD7877A466D79C8 ] C:\Windows\System32\nitrolocalmon.dll
20:42:44.0854 1660 C:\Windows\System32\nitrolocalmon.dll - ok
20:42:44.0854 1660 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
20:42:44.0854 1660 C:\Windows\System32\tcpmon.dll - ok
20:42:44.0854 1660 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll
20:42:44.0854 1660 C:\Windows\System32\msxml6.dll - ok
20:42:44.0854 1660 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
20:42:44.0854 1660 C:\Windows\System32\snmpapi.dll - ok
20:42:44.0854 1660 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
20:42:44.0854 1660 C:\Windows\System32\wsnmp32.dll - ok
20:42:44.0870 1660 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
20:42:44.0870 1660 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
20:42:44.0870 1660 [ 2311AD5F5D602953718AC1DC6EAC0AFA ] C:\Windows\System32\atiuxpag.dll
20:42:44.0870 1660 C:\Windows\System32\atiuxpag.dll - ok
20:42:44.0870 1660 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
20:42:44.0870 1660 C:\Windows\System32\msi.dll - ok
20:42:44.0870 1660 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
20:42:44.0870 1660 C:\Windows\System32\usbmon.dll - ok
20:42:44.0870 1660 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
20:42:44.0870 1660 C:\Windows\System32\WSDMon.dll - ok
20:42:44.0870 1660 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
20:42:44.0870 1660 C:\Windows\System32\WSDApi.dll - ok
20:42:44.0870 1660 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
20:42:44.0870 1660 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
20:42:44.0886 1660 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
20:42:44.0886 1660 C:\Windows\System32\webservices.dll - ok
20:42:44.0886 1660 [ 5AEFEC9D9E351F576EC359EE377441EA ] C:\Windows\System32\atidxx32.dll
20:42:44.0886 1660 C:\Windows\System32\atidxx32.dll - ok
20:42:44.0886 1660 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
20:42:44.0886 1660 C:\Windows\System32\uDWM.dll - ok
20:42:44.0886 1660 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
20:42:44.0886 1660 C:\Windows\System32\fundisc.dll - ok
20:42:44.0886 1660 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
20:42:44.0886 1660 C:\Windows\System32\fdPnp.dll - ok
20:42:44.0886 1660 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
20:42:44.0886 1660 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
20:42:44.0886 1660 [ F4BF27A9DBB69FDC3D19C2BEC1A7FA9C ] C:\Windows\System32\spool\prtprocs\w32x86\CNMPD9Z.DLL
20:42:44.0886 1660 C:\Windows\System32\spool\prtprocs\w32x86\CNMPD9Z.DLL - ok
20:42:44.0901 1660 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
20:42:44.0901 1660 C:\Windows\System32\inetpp.dll - ok
20:42:44.0901 1660 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll
20:42:44.0901 1660 C:\Windows\System32\win32spl.dll - ok
20:42:44.0901 1660 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
20:42:44.0901 1660 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:42:44.0901 1660 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:42:44.0901 1660 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:42:44.0901 1660 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
20:42:44.0901 1660 C:\Windows\System32\dnssd.dll - ok
20:42:44.0901 1660 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:42:44.0901 1660 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:42:44.0917 1660 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
20:42:44.0917 1660 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:42:44.0917 1660 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:42:44.0917 1660 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:42:44.0917 1660 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
20:42:44.0917 1660 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:42:44.0917 1660 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
20:42:44.0917 1660 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:42:44.0917 1660 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
20:42:44.0917 1660 C:\Windows\System32\ExplorerFrame.dll - ok
20:42:44.0917 1660 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\Alwil Software\Avast5\ashShell.dll
20:42:44.0917 1660 C:\Program Files\Alwil Software\Avast5\ashShell.dll - ok
20:42:44.0932 1660 [ 3C4C6BE926A2EF0293315BBC014E477F ] C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
20:42:44.0932 1660 C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll - ok
20:42:44.0932 1660 [ 2A7037F93AE6AB1305606DEE23C70F8C ] C:\Windows\System32\ASTSRV.EXE
20:42:44.0932 1660 C:\Windows\System32\ASTSRV.EXE - ok
20:42:44.0932 1660 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
20:42:44.0932 1660 C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:42:44.0932 1660 [ 0699B9786AAC84820DA79C5F49B0582C ] C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
20:42:44.0932 1660 C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll - ok
20:42:44.0932 1660 [ 1B0FD5A3BF489EDA37BE82E4B7DF7FED ] C:\Program Files\TortoiseSVN\bin\TortoiseSVN32.dll
20:42:44.0932 1660 C:\Program Files\TortoiseSVN\bin\TortoiseSVN32.dll - ok
20:42:44.0932 1660 [ C5CD5B47F321FE878FF6EA6389A02E71 ] C:\Program Files\TortoiseSVN\bin\libsvn_tsvn32.dll
20:42:44.0932 1660 C:\Program Files\TortoiseSVN\bin\libsvn_tsvn32.dll - ok
20:42:44.0932 1660 [ 40CB9CFC65757180F8C032EA56251F16 ] C:\Program Files\TortoiseSVN\bin\libapr_tsvn32.dll
20:42:44.0932 1660 C:\Program Files\TortoiseSVN\bin\libapr_tsvn32.dll - ok
20:42:44.0948 1660 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\System32\msvcr100.dll
20:42:44.0948 1660 C:\Windows\System32\msvcr100.dll - ok
20:42:44.0948 1660 [ 96D7195EBBE2003AE1ED32F8416D9BFF ] C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn32.dll
20:42:44.0948 1660 C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn32.dll - ok
20:42:44.0948 1660 [ 425961DD71967B52B6E01ABB6103C7E6 ] C:\Program Files\TortoiseSVN\bin\intl3_tsvn32.dll
20:42:44.0948 1660 C:\Program Files\TortoiseSVN\bin\intl3_tsvn32.dll - ok
20:42:44.0948 1660 [ BD9A8CD2514D71C7B60FAF14C0B59A7B ] C:\Program Files\TortoiseSVN\bin\libsasl32.dll
20:42:44.0948 1660 C:\Program Files\TortoiseSVN\bin\libsasl32.dll - ok
20:42:44.0948 1660 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\System32\msvcp100.dll
20:42:44.0948 1660 C:\Windows\System32\msvcp100.dll - ok
20:42:44.0948 1660 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
20:42:44.0948 1660 C:\Windows\System32\EhStorShell.dll - ok
20:42:44.0964 1660 [ 660C8E78B94F483E44B0243A774A4746 ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
20:42:44.0964 1660 C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok
20:42:44.0964 1660 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
20:42:44.0964 1660 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
20:42:44.0964 1660 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
20:42:44.0964 1660 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
20:42:44.0964 1660 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
20:42:44.0964 1660 C:\Windows\System32\dps.dll - ok
20:42:44.0964 1660 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
20:42:44.0964 1660 C:\Windows\System32\IKEEXT.DLL - ok
20:42:44.0964 1660 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
20:42:44.0964 1660 C:\Windows\System32\vpnikeapi.dll - ok
20:42:44.0964 1660 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
20:42:44.0964 1660 C:\Windows\System32\cryptsvc.dll - ok
20:42:44.0979 1660 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
20:42:44.0979 1660 C:\Windows\System32\cryptnet.dll - ok
20:42:44.0979 1660 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
20:42:44.0979 1660 C:\Windows\System32\vssapi.dll - ok
20:42:44.0979 1660 [ C7F5C284B6F46FCAF6910EA4E644700B ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:42:44.0979 1660 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - ok
20:42:44.0979 1660 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
20:42:44.0979 1660 C:\Windows\System32\vsstrace.dll - ok
20:42:44.0979 1660 [ A2FF2A9A3099C1C2F0392746AA55E933 ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NB.dll
20:42:44.0979 1660 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NB.dll - ok
20:42:44.0979 1660 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\System32\Faultrep.dll
20:42:44.0979 1660 C:\Windows\System32\Faultrep.dll - ok
20:42:44.0979 1660 [ 82E139A863734C238AF57A20359F980C ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\LBFC.dll
20:42:44.0979 1660 C:\Program Files\Common Files\Nero\Nero BackItUp 4\LBFC.dll - ok
20:42:44.0995 1660 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
20:42:44.0995 1660 C:\Windows\System32\netman.dll - ok
20:42:44.0995 1660 [ 91A7FAA41AA84E36642B29228B2B938E ] C:\PROGRA~1\MICROS~3\Office14\1044\GrooveIntlResource.dll
20:42:44.0995 1660 C:\PROGRA~1\MICROS~3\Office14\1044\GrooveIntlResource.dll - ok
20:42:44.0995 1660 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
20:42:44.0995 1660 C:\Windows\System32\IconCodecService.dll - ok
20:42:44.0995 1660 [ 9C14E80FF4CCDFF8129DC716C112C517 ] C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
20:42:44.0995 1660 C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe - ok
20:42:44.0995 1660 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
20:42:44.0995 1660 C:\Windows\System32\nlasvc.dll - ok
20:42:44.0995 1660 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
20:42:44.0995 1660 C:\Windows\System32\ncsi.dll - ok
20:42:44.0995 1660 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
20:42:44.0995 1660 C:\Windows\System32\ssdpapi.dll - ok
20:42:45.0010 1660 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
20:42:45.0010 1660 C:\Windows\System32\drivers\PEAuth.sys - ok
20:42:45.0010 1660 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
20:42:45.0010 1660 C:\Windows\System32\drivers\secdrv.sys - ok
20:42:45.0010 1660 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
20:42:45.0010 1660 C:\Windows\System32\seclogon.dll - ok
20:42:45.0010 1660 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
20:42:45.0010 1660 C:\Program Files\Skype\Updater\Updater.exe - ok
20:42:45.0010 1660 [ 6DB2004232DD9F21C6BED8AD2AFDC48A ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBBurn.dll
20:42:45.0010 1660 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBBurn.dll - ok
20:42:45.0010 1660 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
20:42:45.0010 1660 C:\Windows\System32\drivers\srvnet.sys - ok
20:42:45.0026 1660 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
20:42:45.0026 1660 C:\Windows\System32\httpapi.dll - ok
20:42:45.0026 1660 [ 8BC19EF0C11DE279DD93D809B6404BF8 ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll
20:42:45.0026 1660 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll - ok
20:42:45.0026 1660 [ BA696186045E49A7276B2282AFE5E1C8 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:42:45.0026 1660 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
20:42:45.0026 1660 [ 7CB7764C4FD93C8055750A85A09EA128 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll
20:42:45.0026 1660 C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll - ok
20:42:45.0026 1660 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
20:42:45.0026 1660 C:\Windows\System32\sysmain.dll - ok
20:42:45.0026 1660 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
20:42:45.0026 1660 C:\Windows\System32\tapisrv.dll - ok
20:42:45.0026 1660 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
20:42:45.0026 1660 C:\Windows\System32\wiaservc.dll - ok
20:42:45.0042 1660 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
20:42:45.0042 1660 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:42:45.0042 1660 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
20:42:45.0042 1660 C:\Windows\System32\wiatrace.dll - ok
20:42:45.0042 1660 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
20:42:45.0042 1660 C:\Windows\System32\trkwks.dll - ok
20:42:45.0042 1660 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
20:42:45.0042 1660 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:42:45.0042 1660 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll
20:42:45.0042 1660 C:\Program Files\Windows Defender\MpSvc.dll - ok
20:42:45.0042 1660 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
20:42:45.0042 1660 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
20:42:45.0042 1660 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
20:42:45.0042 1660 C:\Windows\System32\wbemcomn.dll - ok
20:42:45.0057 1660 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
20:42:45.0057 1660 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:42:45.0057 1660 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:42:45.0057 1660 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:42:45.0057 1660 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll
20:42:45.0057 1660 C:\Program Files\Windows Defender\MpClient.dll - ok
20:42:45.0057 1660 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
20:42:45.0057 1660 C:\Windows\System32\wbem\fastprox.dll - ok
20:42:45.0057 1660 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
20:42:45.0057 1660 C:\Windows\System32\ntdsapi.dll - ok
20:42:45.0057 1660 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
20:42:45.0057 1660 C:\Windows\System32\wbem\wbemprox.dll - ok
20:42:45.0057 1660 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
20:42:45.0057 1660 C:\Windows\System32\wbem\wbemcore.dll - ok
20:42:45.0073 1660 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
20:42:45.0073 1660 C:\Windows\System32\wbem\esscli.dll - ok
20:42:45.0073 1660 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
20:42:45.0073 1660 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:42:45.0073 1660 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
20:42:45.0073 1660 C:\Windows\System32\wbem\wmiutils.dll - ok
20:42:45.0073 1660 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
20:42:45.0073 1660 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:42:45.0073 1660 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
20:42:45.0073 1660 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
20:42:45.0073 1660 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
20:42:45.0073 1660 C:\Windows\System32\wer.dll - ok
20:42:45.0073 1660 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
20:42:45.0073 1660 C:\Windows\System32\WinSCard.dll - ok
20:42:45.0088 1660 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
20:42:45.0088 1660 C:\Windows\System32\msxml3.dll - ok
20:42:45.0088 1660 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
20:42:45.0088 1660 C:\Windows\System32\sqmapi.dll - ok
20:42:45.0088 1660 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
20:42:45.0088 1660 C:\Windows\System32\drivers\srv2.sys - ok
20:42:45.0088 1660 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
20:42:45.0088 1660 C:\Windows\System32\wdscore.dll - ok
20:42:45.0088 1660 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
20:42:45.0088 1660 C:\Windows\System32\rasmans.dll - ok
20:42:45.0088 1660 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
20:42:45.0088 1660 C:\Windows\System32\drivers\srv.sys - ok
20:42:45.0088 1660 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
20:42:45.0088 1660 C:\Windows\System32\eappprxy.dll - ok
20:42:45.0104 1660 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
20:42:45.0104 1660 C:\Windows\System32\rastapi.dll - ok
20:42:45.0104 1660 [ C649F293B8B047A2694F3C615D09BF17 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
20:42:45.0104 1660 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
20:42:45.0104 1660 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
20:42:45.0104 1660 C:\Windows\System32\tapi32.dll - ok
20:42:45.0104 1660 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
20:42:45.0104 1660 C:\Windows\System32\srvsvc.dll - ok
20:42:45.0104 1660 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
20:42:45.0104 1660 C:\Windows\System32\browser.dll - ok
20:42:45.0104 1660 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
20:42:45.0104 1660 C:\Windows\System32\netcfgx.dll - ok
20:42:45.0104 1660 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
20:42:45.0104 1660 C:\Windows\System32\hnetcfg.dll - ok
20:42:45.0120 1660 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
20:42:45.0120 1660 C:\Windows\System32\netmsg.dll - ok
20:42:45.0120 1660 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
20:42:45.0120 1660 C:\Windows\System32\nci.dll - ok
20:42:45.0120 1660 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
20:42:45.0120 1660 C:\Windows\System32\sscore.dll - ok
20:42:45.0120 1660 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
20:42:45.0120 1660 C:\Windows\System32\clusapi.dll - ok
20:42:45.0120 1660 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
20:42:45.0120 1660 C:\Windows\System32\resutils.dll - ok
20:42:45.0120 1660 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
20:42:45.0120 1660 C:\Windows\System32\dssenh.dll - ok
20:42:45.0135 1660 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
20:42:45.0135 1660 C:\Windows\System32\unimdm.tsp - ok
20:42:45.0135 1660 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
20:42:45.0135 1660 C:\Windows\System32\uniplat.dll - ok
20:42:45.0135 1660 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
20:42:45.0135 1660 C:\Windows\System32\kmddsp.tsp - ok
20:42:45.0135 1660 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
20:42:45.0135 1660 C:\Windows\System32\ndptsp.tsp - ok
20:42:45.0135 1660 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
20:42:45.0135 1660 C:\Windows\System32\hidphone.tsp - ok
20:42:45.0135 1660 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
20:42:45.0135 1660 C:\Windows\System32\eappcfg.dll - ok
20:42:45.0135 1660 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
20:42:45.0135 1660 C:\Windows\System32\rasppp.dll - ok
20:42:45.0151 1660 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
20:42:45.0151 1660 C:\Windows\System32\vpnike.dll - ok
20:42:45.0151 1660 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
20:42:45.0151 1660 C:\Windows\System32\raschap.dll - ok
20:42:45.0151 1660 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
20:42:45.0151 1660 C:\Windows\System32\ipnathlp.dll - ok
20:42:45.0151 1660 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
20:42:45.0151 1660 C:\Windows\System32\mprapi.dll - ok
20:42:45.0151 1660 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
20:42:45.0151 1660 C:\Windows\System32\netshell.dll - ok
20:42:45.0151 1660 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
20:42:45.0151 1660 C:\Windows\System32\esent.dll - ok
20:42:45.0151 1660 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:42:45.0151 1660 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:42:45.0166 1660 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
20:42:45.0166 1660 C:\Windows\System32\ncobjapi.dll - ok
20:42:45.0166 1660 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
20:42:45.0166 1660 C:\Windows\System32\wbem\wbemess.dll - ok
20:42:45.0166 1660 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\System32\hidserv.dll
20:42:45.0166 1660 C:\Windows\System32\hidserv.dll - ok
20:42:45.0166 1660 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
20:42:45.0166 1660 C:\Windows\System32\wpdbusenum.dll - ok
20:42:45.0166 1660 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
20:42:45.0166 1660 C:\Windows\System32\appinfo.dll - ok
20:42:45.0166 1660 [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL
20:42:45.0166 1660 C:\Windows\System32\IPSECSVC.DLL - ok
20:42:45.0166 1660 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
20:42:45.0166 1660 C:\Windows\System32\wdi.dll - ok
20:42:45.0182 1660 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
20:42:45.0182 1660 C:\Windows\System32\dimsjob.dll - ok
20:42:45.0182 1660 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
20:42:45.0182 1660 C:\Windows\System32\diagperf.dll - ok
20:42:45.0182 1660 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
20:42:45.0182 1660 C:\Windows\System32\PortableDeviceApi.dll - ok
20:42:45.0182 1660 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll
20:42:45.0182 1660 C:\Windows\System32\FwRemoteSvr.dll - ok
20:42:45.0182 1660 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
20:42:45.0182 1660 C:\Windows\System32\npmproxy.dll - ok
20:42:45.0182 1660 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
20:42:45.0182 1660 C:\Windows\System32\pnpts.dll - ok
20:42:45.0182 1660 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
20:42:45.0182 1660 C:\Windows\System32\radardt.dll - ok
20:42:45.0182 1660 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
20:42:45.0182 1660 C:\Windows\System32\Apphlpdm.dll - ok
20:42:45.0198 1660 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:42:45.0198 1660 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:42:45.0198 1660 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
20:42:45.0198 1660 C:\Windows\System32\wdiasqmmodule.dll - ok
20:42:45.0198 1660 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
20:42:45.0198 1660 C:\Windows\System32\perftrack.dll - ok
20:42:45.0198 1660 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
20:42:45.0198 1660 C:\Windows\System32\aepic.dll - ok
20:42:45.0198 1660 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
20:42:45.0198 1660 C:\Windows\System32\runonce.exe - ok
20:42:45.0198 1660 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
20:42:45.0198 1660 C:\Windows\System32\cmd.exe - ok
20:42:45.0198 1660 [ 47005361FF2A479A0554F352266BAED3 ] C:\Windows\System32\conhost.exe
20:42:45.0213 1660 C:\Windows\System32\conhost.exe - ok
20:42:45.0213 1660 [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll
20:42:45.0213 1660 C:\Program Files\Windows Defender\MpRTP.dll - ok
20:42:45.0213 1660 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll
20:42:45.0213 1660 C:\Windows\System32\tdh.dll - ok
20:42:45.0213 1660 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpengine.dll
20:42:45.0213 1660 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpengine.dll - ok
20:42:45.0213 1660 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpasbase.vdm
20:42:45.0213 1660 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpasbase.vdm - ok
20:42:45.0213 1660 [ 9CA7760800FF97448511618EAFDF2B36 ] C:\Windows\System32\ieframe.dll
20:42:45.0213 1660 C:\Windows\System32\ieframe.dll - ok
20:42:45.0213 1660 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
20:42:45.0213 1660 C:\Windows\System32\shdocvw.dll - ok
20:42:45.0229 1660 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Torbjørn\AppData\Local\Temp\40FB5DC0-D248-4529-8C59-A1634343348F.exe
20:42:45.0229 1660 C:\Users\Torbjørn\AppData\Local\Temp\40FB5DC0-D248-4529-8C59-A1634343348F.exe - ok
20:42:45.0229 1660 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll
20:42:45.0229 1660 C:\Windows\System32\aelupsvc.dll - ok
20:42:45.0229 1660 [ E1BD3BF5BEE672EC61B1B6D61A27F804 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpasdlta.vdm
20:42:45.0229 1660 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3203E6-0CFE-4750-9A7D-A36093E4B04C}\mpasdlta.vdm - ok
20:42:45.0229 1660 [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll
20:42:45.0229 1660 C:\Program Files\Windows Defender\MsMpLics.dll - ok
20:42:45.0229 1660 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
20:42:45.0229 1660 C:\Windows\System32\wscproxystub.dll - ok
20:42:45.0229 1660 [ 0E4A28030C7C6B8A57A60BAF494B114D ] C:\Windows\System32\iedkcs32.dll
20:42:45.0229 1660 C:\Windows\System32\iedkcs32.dll - ok
20:42:45.0229 1660 [ 0EE3BD34729C40BD0853825753ACB319 ] C:\Windows\System32\ie4uinit.exe
20:42:45.0229 1660 C:\Windows\System32\ie4uinit.exe - ok
20:42:45.0244 1660 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
20:42:45.0244 1660 C:\Windows\System32\timedate.cpl - ok
20:42:45.0244 1660 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
20:42:45.0244 1660 C:\Windows\System32\actxprxy.dll - ok
20:42:45.0244 1660 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
20:42:45.0244 1660 C:\Windows\System32\linkinfo.dll - ok
20:42:45.0244 1660 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll
20:42:45.0244 1660 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok
20:42:45.0244 1660 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
20:42:45.0244 1660 C:\Windows\System32\msftedit.dll - ok
20:42:45.0244 1660 [ 26025A46FB3FDB40FF06BBF1834093B5 ] C:\Windows\System32\msls31.dll
20:42:45.0244 1660 C:\Windows\System32\msls31.dll - ok
20:42:45.0244 1660 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
20:42:45.0244 1660 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
20:42:45.0260 1660 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
20:42:45.0260 1660 C:\Windows\System32\gameux.dll - ok
20:42:45.0260 1660 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
20:42:45.0260 1660 C:\Windows\System32\DeviceCenter.dll - ok
20:42:45.0260 1660 [ 4791A9FFA41B6744B4B5C9C6572E4EBB ] C:\Windows\V0640Mon.exe
20:42:45.0260 1660 C:\Windows\V0640Mon.exe - ok
20:42:45.0260 1660 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\System32\ksproxy.ax
20:42:45.0260 1660 C:\Windows\System32\ksproxy.ax - ok
20:42:45.0260 1660 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\System32\regsvr32.exe
20:42:45.0260 1660 C:\Windows\System32\regsvr32.exe - ok
20:42:45.0260 1660 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
20:42:45.0260 1660 C:\Program Files\Microsoft Office\Office14\BCSSync.exe - ok
20:42:45.0260 1660 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
20:42:45.0260 1660 C:\Windows\System32\msiltcfg.dll - ok
20:42:45.0276 1660 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
20:42:45.0276 1660 C:\Windows\System32\mscoree.dll - ok
20:42:45.0276 1660 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
20:42:45.0276 1660 C:\Windows\System32\d3d9.dll - ok
20:42:45.0276 1660 [ AC9160F40B2E92DB73F3062575BD7D7E ] C:\Windows\System32\V0640Ext.ax
20:42:45.0276 1660 C:\Windows\System32\V0640Ext.ax - ok
20:42:45.0276 1660 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:42:45.0276 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:42:45.0276 1660 [ BF91B68606862A32CAB13C24A24DD9A9 ] C:\Program Files\PowerISO\PWRISOVM.EXE
20:42:45.0276 1660 C:\Program Files\PowerISO\PWRISOVM.EXE - ok
20:42:45.0276 1660 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:42:45.0276 1660 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
20:42:45.0291 1660 [ 5447AF432CDA61159ADDE218C468FFD9 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
20:42:45.0291 1660 C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
20:42:45.0291 1660 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
20:42:45.0291 1660 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
20:42:45.0291 1660 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll
20:42:45.0291 1660 C:\Windows\System32\SearchFolder.dll - ok
20:42:45.0291 1660 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:42:45.0291 1660 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
20:42:45.0291 1660 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
20:42:45.0291 1660 C:\Windows\System32\aeevts.dll - ok
20:42:45.0291 1660 [ D5B783DACE1BBDD382A63C894BAB8E1E ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
20:42:45.0291 1660 C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
20:42:45.0307 1660 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
20:42:45.0307 1660 C:\Windows\System32\thumbcache.dll - ok
20:42:45.0307 1660 [ 0600CB2613BEA0C6C0987B58D56D77B9 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
20:42:45.0307 1660 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
20:42:45.0307 1660 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
20:42:45.0307 1660 C:\Windows\System32\networkexplorer.dll - ok
20:42:45.0307 1660 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
20:42:45.0307 1660 C:\Windows\System32\d3d8thk.dll - ok
20:42:45.0307 1660 [ 12038FA3A68098FA09870C472078A134 ] C:\Windows\System32\V0640Ext.crl
20:42:45.0307 1660 C:\Windows\System32\V0640Ext.crl - ok
20:42:45.0307 1660 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\libcurl.dll
20:42:45.0307 1660 C:\Program Files\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
20:42:45.0307 1660 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\libeay32.dll
20:42:45.0307 1660 C:\Program Files\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
20:42:45.0322 1660 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
20:42:45.0322 1660 C:\Program Files\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
20:42:45.0322 1660 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\zlib1.dll
20:42:45.0322 1660 C:\Program Files\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
20:42:45.0322 1660 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:42:45.0322 1660 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:42:45.0322 1660 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
20:42:45.0322 1660 C:\Windows\System32\ntshrui.dll - ok
20:42:45.0322 1660 [ 7E88404F838D7E99727C2741D3990A46 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:42:45.0322 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
20:42:45.0322 1660 [ 3190950E9272C19290FFFECD302A4715 ] C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
20:42:45.0322 1660 C:\Program Files\TortoiseSVN\bin\TSVNCache.exe - ok
20:42:45.0338 1660 [ B77081F8221968C7DAB794B0BA55C43E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
20:42:45.0338 1660 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
20:42:45.0338 1660 [ 0B81540A7A179F2C3A4ABF904E0B5B21 ] C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
20:42:45.0338 1660 C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
20:42:45.0338 1660 [ 1E09DFA4048196C9D3CC40C485A39422 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
20:42:45.0338 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
20:42:45.0338 1660 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
20:42:45.0338 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
20:42:45.0338 1660 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
20:42:45.0338 1660 C:\Windows\System32\msvcr100_clr0400.dll - ok
20:42:45.0338 1660 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
20:42:45.0338 1660 C:\Windows\System32\imapi2.dll - ok
20:42:45.0354 1660 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files\QuickTime\QTTask.exe
20:42:45.0354 1660 C:\Program Files\QuickTime\QTTask.exe - ok
20:42:45.0354 1660 [ D7936ED15F4AEF0FC33F329D0F21ED46 ] C:\Program Files\iTunes\iTunesHelper.exe
20:42:45.0354 1660 C:\Program Files\iTunes\iTunesHelper.exe - ok
20:42:45.0354 1660 [ C821D56E56CAB2AA11E494270464030C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\685f73e04393b5342bd1cebe701496ad\mscorlib.ni.dll
20:42:45.0354 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\685f73e04393b5342bd1cebe701496ad\mscorlib.ni.dll - ok
20:42:45.0354 1660 [ 0AD0E192051C0822449BB1AB4E5BAF0F ] C:\Users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
20:42:45.0354 1660 C:\Users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe - ok
20:42:45.0354 1660 [ E5BC8D93CDCB957146D971647849A154 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
20:42:45.0354 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
20:42:45.0354 1660 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
20:42:45.0354 1660 C:\Windows\System32\prnfldr.dll - ok
20:42:45.0354 1660 [ 781BF72F57CC9E5F85CB109C24D00FDC ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
20:42:45.0354 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
20:42:45.0369 1660 [ E375386B937B7FF3A10F71D1A09AD360 ] C:\Program Files\iTunes\iTunesHelper.dll
20:42:45.0369 1660 C:\Program Files\iTunes\iTunesHelper.dll - ok
20:42:45.0369 1660 [ 91062AC5D12F74DBFCCAEEAD86372CBD ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
20:42:45.0369 1660 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
20:42:45.0369 1660 [ 0D0E1AAE8F4D51F3B2DEAA79C5447B5D ] C:\Program Files\iTunes\iTunesHelper.Resources\nb.lproj\iTunesHelperLocalized.dll
20:42:45.0369 1660 C:\Program Files\iTunes\iTunesHelper.Resources\nb.lproj\iTunesHelperLocalized.dll - ok
20:42:45.0369 1660 [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll
20:42:45.0369 1660 C:\Windows\System32\qmgr.dll - ok
20:42:45.0369 1660 [ B667F771DBB81845A364C7CB83754FBB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\0bc033fa805a31e31dc462cfae365478\System.ni.dll
20:42:45.0369 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\0bc033fa805a31e31dc462cfae365478\System.ni.dll - ok
20:42:45.0369 1660 [ 751184DF487A1B3C95CB29B0D0069C28 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
20:42:45.0369 1660 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
20:42:45.0385 1660 [ 3E5AADD5F9242717B6B23EB586FD949D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ed7768172bbf30462bc554dee3911540\System.Drawing.ni.dll
20:42:45.0385 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ed7768172bbf30462bc554dee3911540\System.Drawing.ni.dll - ok
20:42:45.0385 1660 [ 477E08FE0114AFEA114FC954C983D4DB ] C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
20:42:45.0385 1660 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - ok
20:42:45.0385 1660 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
20:42:45.0385 1660 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
20:42:45.0385 1660 [ 9E0B54B88B207CE0063CCD372A36D4AC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ccf3f783590b1747a3593b889bede2fb\System.Windows.Forms.ni.dll
20:42:45.0385 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ccf3f783590b1747a3593b889bede2fb\System.Windows.Forms.ni.dll - ok
20:42:45.0385 1660 [ F00932B0CB0D4D63396708C25A0F1E09 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
20:42:45.0385 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll - ok
20:42:45.0385 1660 [ 8E0D4A83E88F790BED923A65CC09BEC8 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
20:42:45.0385 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll - ok
20:42:45.0400 1660 [ DC56FEE830650589E66323C3D440D762 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
20:42:45.0400 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll - ok
20:42:45.0400 1660 [ F05D8E9B1DD07C86588DECE5626C2AB0 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
20:42:45.0400 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll - ok
20:42:45.0400 1660 [ 0C2A31D9302F24271F04BAD65CC20ED0 ] C:\Program Files\Evoluent\VMouse\EvoMouseExec.exe
20:42:45.0400 1660 C:\Program Files\Evoluent\VMouse\EvoMouseExec.exe - ok
20:42:45.0400 1660 [ 6B447F5802D67E20220BE91917F76033 ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
20:42:45.0400 1660 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
20:42:45.0400 1660 [ 3B8F863D3CEEDE0BA3349238ED2B397F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
20:42:45.0400 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll - ok
20:42:45.0400 1660 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\System32\hhctrl.ocx
20:42:45.0400 1660 C:\Windows\System32\hhctrl.ocx - ok
20:42:45.0416 1660 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\System32\bitsperf.dll
20:42:45.0416 1660 C:\Windows\System32\bitsperf.dll - ok
20:42:45.0416 1660 [ 4E05A02391384AB425930FB4B3DCF71F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
20:42:45.0416 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll - ok
20:42:45.0416 1660 [ F45ED8C4F9AF862CD9992849B5203C11 ] C:\Windows\System32\bitsigd.dll
20:42:45.0416 1660 C:\Windows\System32\bitsigd.dll - ok
20:42:45.0416 1660 [ CCA7974281624BABF54F75783F4048C9 ] C:\Program Files\Evoluent\VMouse\EvoMouseHook.dll
20:42:45.0416 1660 C:\Program Files\Evoluent\VMouse\EvoMouseHook.dll - ok
20:42:45.0416 1660 [ EEAC89CEE9FBB2562EEFE2A3A22691AC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8bc0ec70b1af0f4450ce4cd5e88a26ad\System.Runtime.Remoting.ni.dll
20:42:45.0416 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8bc0ec70b1af0f4450ce4cd5e88a26ad\System.Runtime.Remoting.ni.dll - ok
20:42:45.0416 1660 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
20:42:45.0416 1660 C:\Windows\System32\shfolder.dll - ok
20:42:45.0416 1660 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
20:42:45.0416 1660 C:\Windows\System32\upnp.dll - ok
20:42:45.0432 1660 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
20:42:45.0432 1660 C:\Windows\System32\ssdpsrv.dll - ok
20:42:45.0432 1660 [ E8A1EB3A24E4D78FDD36D800CF91B1CF ] C:\Program Files\Evoluent\VMouse\System\EvoSetupCustomAction.exe
20:42:45.0432 1660 C:\Program Files\Evoluent\VMouse\System\EvoSetupCustomAction.exe - ok
20:42:45.0432 1660 [ 74CDE657245C114B98816E89B8D4CCD1 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
20:42:45.0432 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
20:42:45.0432 1660 [ 0A4A16C7C211875F9F5650520B1AED3B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
20:42:45.0432 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll - ok
20:42:45.0432 1660 [ 092B0D2C767863009F94AEDBD7C17197 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
20:42:45.0432 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll - ok
20:42:45.0432 1660 [ C1D3783F474DD4BAB06375A8E408C3EF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
20:42:45.0432 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll - ok
20:42:45.0447 1660 [ 30DDADF8B2F861F4AD7FE949FFFEA633 ] C:\Program Files\Internet Explorer\ieproxy.dll
20:42:45.0447 1660 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:42:45.0447 1660 [ 55DAD0681C248111853051608B9B56E7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\06db722a2ddebd960d907c2de6f1cfa7\System.Xml.ni.dll
20:42:45.0447 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\06db722a2ddebd960d907c2de6f1cfa7\System.Xml.ni.dll - ok
20:42:45.0447 1660 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
20:42:45.0447 1660 C:\Windows\System32\stobject.dll - ok
20:42:45.0447 1660 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
20:42:45.0447 1660 C:\Windows\System32\batmeter.dll - ok
20:42:45.0447 1660 [ B757A119D41E405497B7F987AE1F67DA ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
20:42:45.0447 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll - ok
20:42:45.0447 1660 [ 80201E83DE153E6FA8BF3D6C69CAE641 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
20:42:45.0447 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll - ok
20:42:45.0463 1660 [ EC62D5CE41F7DF3887031D3F2B1AF621 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
20:42:45.0463 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll - ok
20:42:45.0463 1660 [ F2E61C5D993D9A5F6FD264CE5C6A98AE ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
20:42:45.0463 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll - ok
20:42:45.0463 1660 [ AD884D17ABE902610F07383D3C74564A ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
20:42:45.0463 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll - ok
20:42:45.0463 1660 [ E2F0C5D8A74B485518758589FF88B6AF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
20:42:45.0463 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll - ok
20:42:45.0463 1660 [ 80978D3D3CEADCFAE1DEABF52864F746 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
20:42:45.0463 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll - ok
20:42:45.0463 1660 [ 0C2335684A987D883E5530B986AB720B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
20:42:45.0463 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll - ok
20:42:45.0478 1660 [ 4A5B921CD090EAFC66AC182D854A1550 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
20:42:45.0478 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll - ok
20:42:45.0478 1660 [ E0D8BDA153AFEB1A809FAA04D170B4B7 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
20:42:45.0478 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll - ok
20:42:45.0478 1660 [ AA246A83A38407AFE101855685FBD53F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
20:42:45.0478 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll - ok
20:42:45.0478 1660 [ CB2EDF754A6103B3793D584235EB7766 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
20:42:45.0478 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll - ok
20:42:45.0478 1660 [ 298CFC498D8B1C3346CE55A1B7DF285D ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
20:42:45.0478 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll - ok
20:42:45.0478 1660 [ 8A1BBF3D41038AAFBDDA3F000B886ED9 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
20:42:45.0478 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll - ok
20:42:45.0494 1660 [ 33F59B29B131D22D515483E4E879549D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a7cdf1caedee630b8440fb8e8657aca1\System.Core.ni.dll
20:42:45.0494 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a7cdf1caedee630b8440fb8e8657aca1\System.Core.ni.dll - ok
20:42:45.0494 1660 [ 33D3FE496FBB1A2C2E636F68847B23C7 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
20:42:45.0494 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll - ok
20:42:45.0494 1660 [ 6619452954364022941F1EA3F45610C5 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
20:42:45.0494 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll - ok
20:42:45.0494 1660 [ 7D9D8B08990AB87729969E8714906624 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
20:42:45.0494 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll - ok
20:42:45.0494 1660 [ CF37E04AE23D06BFAB80616D2D4BDC97 ] C:\Windows\System32\atidemgy.dll
20:42:45.0494 1660 C:\Windows\System32\atidemgy.dll - ok
20:42:45.0494 1660 [ 8E244DBEA835590B49DBA3F7D23A9EE7 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
20:42:45.0494 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll - ok
20:42:45.0510 1660 [ 3F740FFBE3414A2DD415DF552C0B27F8 ] C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
20:42:45.0510 1660 C:\Program Files\Microsoft Office\Office14\WINWORD.EXE - ok
20:42:45.0510 1660 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
20:42:45.0510 1660 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
20:42:45.0510 1660 [ 71B943291DC58214A59E1143E46DB239 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c15c94b675becb485d940f8f0068dc5d\System.Configuration.ni.dll
20:42:45.0510 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c15c94b675becb485d940f8f0068dc5d\System.Configuration.ni.dll - ok
20:42:45.0510 1660 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\System32\qmgrprxy.dll
20:42:45.0510 1660 C:\Windows\System32\qmgrprxy.dll - ok
20:42:45.0510 1660 [ 19304E49C61977959B9D611D7755AF4C ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
20:42:45.0510 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll - ok
20:42:45.0510 1660 [ AA3A1E1303BCDCE2F5FE0BAC44181C0D ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
20:42:45.0510 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll - ok
20:42:45.0525 1660 [ D5AABC6795B1B78B9FD7BDAB603970D8 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
20:42:45.0525 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll - ok
20:42:45.0525 1660 [ 6A3E58980DEE9AF37C880A726803D0B0 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
20:42:45.0525 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll - ok
20:42:45.0525 1660 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
20:42:45.0525 1660 C:\Windows\System32\DXP.dll - ok
20:42:45.0525 1660 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
20:42:45.0525 1660 C:\Windows\System32\Syncreg.dll - ok
20:42:45.0525 1660 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
20:42:45.0525 1660 C:\Windows\ehome\ehSSO.dll - ok
20:42:45.0525 1660 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
20:42:45.0525 1660 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:42:45.0525 1660 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
20:42:45.0525 1660 C:\Windows\System32\WPDShServiceObj.dll - ok
20:42:45.0541 1660 [ C6958AD2091238B71237D73358CEC2AB ] C:\Program Files\SUPERAntiSpyware\SSUpdate.exe
20:42:45.0541 1660 C:\Program Files\SUPERAntiSpyware\SSUpdate.exe - ok
20:42:45.0541 1660 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll
20:42:45.0541 1660 C:\Windows\System32\cscui.dll - ok
20:42:45.0541 1660 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll
20:42:45.0541 1660 C:\Windows\System32\cscdll.dll - ok
20:42:45.0541 1660 [ BAFA97DE16FCA695ED1923E8BA700C4E ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSO.DLL
20:42:45.0541 1660 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSO.DLL - ok
20:42:45.0541 1660 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
20:42:45.0541 1660 C:\Windows\System32\ActionCenter.dll - ok
20:42:45.0541 1660 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
20:42:45.0541 1660 C:\Windows\System32\FXSST.dll - ok
20:42:45.0556 1660 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
20:42:45.0556 1660 C:\Windows\System32\FXSAPI.dll - ok
20:42:45.0556 1660 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
20:42:45.0556 1660 C:\Windows\System32\FXSRESM.dll - ok
20:42:45.0556 1660 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
20:42:45.0556 1660 C:\Windows\System32\SearchIndexer.exe - ok
20:42:45.0556 1660 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
20:42:45.0556 1660 C:\Windows\System32\tquery.dll - ok
20:42:45.0556 1660 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll
20:42:45.0556 1660 C:\Windows\System32\wersvc.dll - ok
20:42:45.0556 1660 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
20:42:45.0556 1660 C:\Windows\System32\AltTab.dll - ok
20:42:45.0556 1660 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll
20:42:45.0556 1660 C:\Windows\System32\cscobj.dll - ok
20:42:45.0572 1660 [ F8EAB2C81C0D6C6430F2D5995C4D4B6E ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
20:42:45.0572 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll - ok
20:42:45.0572 1660 [ DA9AB1B73A571D85D0F40B3D4740F0D6 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
20:42:45.0572 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll - ok
20:42:45.0572 1660 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
20:42:45.0572 1660 C:\Windows\System32\FXSSVC.exe - ok
20:42:45.0572 1660 [ 6132BF96006A09CA75B7E8B949A39EFF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
20:42:45.0572 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll - ok
20:42:45.0572 1660 [ 914B21DE81294E650020D6F216E4C62A ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
20:42:45.0572 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
20:42:45.0572 1660 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
20:42:45.0572 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
20:42:45.0588 1660 [ EC9CC5EC9E5B040FDAC828B174310857 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\df5142941549ff71737438c85e565ab3\WindowsBase.ni.dll
20:42:45.0588 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\df5142941549ff71737438c85e565ab3\WindowsBase.ni.dll - ok
20:42:45.0588 1660 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
20:42:45.0588 1660 C:\Windows\System32\pnidui.dll - ok
20:42:45.0588 1660 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\29993970.sys
20:42:45.0588 1660 C:\Windows\System32\drivers\29993970.sys - ok
20:42:45.0588 1660 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
20:42:45.0588 1660 C:\Windows\System32\mssrch.dll - ok
20:42:45.0588 1660 [ 9B4DD5C7508F8F75803DDF3BAA4C5139 ] C:\Program Files\SUPERAntiSpyware\SASTask.exe
20:42:45.0588 1660 C:\Program Files\SUPERAntiSpyware\SASTask.exe - ok
20:42:45.0588 1660 [ 48044CE5D04D7B7815A9F398398EAD35 ] C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
20:42:45.0588 1660 C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE - ok
20:42:45.0588 1660 [ CF3D048A7975936877D6717D7513553D ] C:\Program Files\SUPERAntiSpyware\Uninstall.exe
20:42:45.0588 1660 C:\Program Files\SUPERAntiSpyware\Uninstall.exe - ok
20:42:45.0603 1660 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
20:42:45.0603 1660 C:\Windows\System32\msidle.dll - ok
20:42:45.0603 1660 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
20:42:45.0603 1660 C:\Windows\System32\QUTIL.DLL - ok
20:42:45.0603 1660 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
20:42:45.0603 1660 C:\Windows\System32\wlanapi.dll - ok
20:42:45.0603 1660 [ EF1C51222117B37AFBFF8F4642EA8C62 ] C:\Program Files\iPod\bin\iPodService.exe
20:42:45.0603 1660 C:\Program Files\iPod\bin\iPodService.exe - ok
20:42:45.0603 1660 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
20:42:45.0603 1660 C:\Windows\System32\srchadmin.dll - ok
20:42:45.0603 1660 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
20:42:45.0603 1660 C:\Windows\System32\wlanutil.dll - ok
20:42:45.0603 1660 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\System32\quartz.dll
20:42:45.0603 1660 C:\Windows\System32\quartz.dll - ok
20:42:45.0619 1660 [ 6DEDF9794A8D799B5C23DBA8BE857F4B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Runtime.dll
20:42:45.0619 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Runtime.dll - ok
20:42:45.0619 1660 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
20:42:45.0619 1660 C:\Windows\System32\mssprxy.dll - ok
20:42:45.0619 1660 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
20:42:45.0619 1660 C:\Windows\System32\bthprops.cpl - ok
20:42:45.0619 1660 [ 806F72E7804EAD55973DE0FFBB88D427 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
20:42:45.0619 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll - ok
20:42:45.0619 1660 [ 96B733CA99BD1C9D6716953BE0497FAB ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Shared.dll
20:42:45.0619 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Shared.dll - ok
20:42:45.0619 1660 [ EEAD2D2FAEC389EB717C1B9562F835FE ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
20:42:45.0619 1660 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
20:42:45.0634 1660 [ C472B67E56DC352DD81658F0C4D14350 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
20:42:45.0634 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll - ok
20:42:45.0634 1660 [ A88AA5F6759908D4FC56C792F071FF59 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
20:42:45.0634 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll - ok
20:42:45.0634 1660 [ 4881130AE1891499736FADE6EF38504B ] C:\Program Files\iPod\bin\iPodService.Resources\nb.lproj\iPodServiceLocalized.dll
20:42:45.0634 1660 C:\Program Files\iPod\bin\iPodService.Resources\nb.lproj\iPodServiceLocalized.dll - ok
20:42:45.0634 1660 [ C7A02EB2D22A292EE738DA43146B9D72 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
20:42:45.0634 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll - ok
20:42:45.0634 1660 [ E831FFDED975CD175C0070FE55F4F900 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
20:42:45.0634 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll - ok
20:42:45.0634 1660 [ C3937A9DD935586E2A30D7537BB45B6C ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
20:42:45.0634 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll - ok
20:42:45.0650 1660 [ 801E111EF6B32B9BECCB61B38BB73349 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
20:42:45.0650 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll - ok
20:42:45.0650 1660 [ E30B017ECA457245ED3D54F90BC85E8B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
20:42:45.0650 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll - ok
20:42:45.0650 1660 [ BB7DB41A1CD765297F68F1D47AC95FAC ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
20:42:45.0650 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll - ok
20:42:45.0650 1660 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
20:42:45.0650 1660 C:\Windows\System32\rasdlg.dll - ok
20:42:45.0650 1660 [ 6C790F1619031AE8D5DBC89662C57013 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
20:42:45.0650 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll - ok
20:42:45.0650 1660 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
20:42:45.0650 1660 C:\Windows\System32\riched20.dll - ok
20:42:45.0666 1660 [ EE8B04054838FCA0703F3C321AF727CA ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
20:42:45.0666 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll - ok
20:42:45.0666 1660 [ 855069AD09B231946D961D28E81BE953 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
20:42:45.0666 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll - ok
20:42:45.0666 1660 [ 2784723E4E1B6ED59747B664856D39D1 ] C:\Program Files\Microsoft Office\Office14\WWLIB.DLL
20:42:45.0666 1660 C:\Program Files\Microsoft Office\Office14\WWLIB.DLL - ok
20:42:45.0666 1660 [ EBBB92F02CDDBD8AAE4F6A8C719DD92C ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
20:42:45.0666 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll - ok
20:42:45.0666 1660 [ 1DCB3FCBFD8F0FBA00D89098781081A4 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
20:42:45.0666 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll - ok
20:42:45.0666 1660 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
20:42:45.0666 1660 C:\Windows\System32\dot3api.dll - ok
20:42:45.0681 1660 [ 48372860EB5D9D9D65EA555485766985 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
20:42:45.0681 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll - ok
20:42:45.0681 1660 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
20:42:45.0681 1660 C:\Windows\System32\UIAnimation.dll - ok
20:42:45.0681 1660 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
20:42:45.0681 1660 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:42:45.0681 1660 [ FD21A5F39C75C399DB2CFC6006DF94CC ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
20:42:45.0681 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll - ok
20:42:45.0681 1660 [ C9ACBB07DF6C3838F18237C5A7652450 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
20:42:45.0681 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll - ok
20:42:45.0681 1660 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
20:42:45.0681 1660 C:\Windows\System32\wlanhlp.dll - ok
20:42:45.0681 1660 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
20:42:45.0681 1660 C:\Windows\System32\onex.dll - ok
20:42:45.0697 1660 [ 9F947B32121625DF981E4B1A78A5B7D3 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
20:42:45.0697 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll - ok
20:42:45.0697 1660 [ C803E3E30909A748F779318EFD256E3D ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
20:42:45.0697 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll - ok
20:42:45.0697 1660 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:42:45.0697 1660 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:42:45.0697 1660 [ AE4830E29857AD056488507B72C89C7E ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
20:42:45.0697 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll - ok
20:42:45.0697 1660 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
20:42:45.0697 1660 C:\Windows\System32\WWanAPI.dll - ok
20:42:45.0697 1660 [ 6F2CD9A8DBA42C63A2FD1AA4BF210299 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
20:42:45.0697 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll - ok
20:42:45.0712 1660 [ AE966960377A147C277BDBD86E77C714 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
20:42:45.0712 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll - ok
20:42:45.0712 1660 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
20:42:45.0712 1660 C:\Windows\System32\wwapi.dll - ok
20:42:45.0712 1660 [ E6533FAE51AFB7830C4293E09038846A ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
20:42:45.0712 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll - ok
20:42:45.0712 1660 [ 0BBF4E5BC4CFC36489708F5DC2813213 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
20:42:45.0712 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll - ok
20:42:45.0712 1660 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
20:42:45.0712 1660 C:\Windows\System32\QAGENT.DLL - ok
20:42:45.0712 1660 [ 8BF68C7FB89FDFD9FF09D31CB06EA568 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
20:42:45.0712 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll - ok
20:42:45.0728 1660 [ 2B80FAEB2C1A1E86594851FC3BF65234 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
20:42:45.0728 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll - ok
20:42:45.0728 1660 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:42:45.0728 1660 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:42:45.0728 1660 [ AE02B846B7154454941B893B23E34995 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Shared.dll
20:42:45.0728 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Shared.dll - ok
20:42:45.0728 1660 [ AF068AFCDD5C6AA01C2818646D5EEFD3 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
20:42:45.0728 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll - ok
20:42:45.0728 1660 [ ED3F1EF6D777FE8028A5A5617A1B256D ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Shared.dll
20:42:45.0728 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Shared.dll - ok
20:42:45.0728 1660 [ C54B755F42FAFF4931CAD001AB71F154 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
20:42:45.0728 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll - ok
20:42:45.0744 1660 [ 140CCE53806F79C2E45BD198E76DC79E ] C:\Program Files\Microsoft Office\Office14\GFX.DLL
20:42:45.0744 1660 C:\Program Files\Microsoft Office\Office14\GFX.DLL - ok
20:42:45.0744 1660 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:42:45.0744 1660 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:42:45.0744 1660 [ 93C27F2ADFC66A2F81DE65DF6DEBB405 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
20:42:45.0744 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll - ok
20:42:45.0744 1660 [ 2C797BBDEF1D80953DBA23059A25F36E ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
20:42:45.0744 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll - ok
20:42:45.0744 1660 [ DDAF71FC407A5D6AEB8F3E20FC9EB008 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
20:42:45.0744 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll - ok
20:42:45.0744 1660 [ 93847AF72BDAA5C04D0C7154770DEB74 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
20:42:45.0744 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll - ok
20:42:45.0759 1660 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
20:42:45.0759 1660 C:\Windows\System32\wmdrmdev.dll - ok
20:42:45.0759 1660 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
20:42:45.0759 1660 C:\Windows\System32\drmv2clt.dll - ok
20:42:45.0759 1660 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
20:42:45.0759 1660 C:\Windows\System32\mlang.dll - ok
20:42:45.0759 1660 [ 07A1402E216CBB4B74CA115C2A09D607 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\78a485faba9584cfb1a5052a4cbe71e8\PresentationCore.ni.dll
20:42:45.0759 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\78a485faba9584cfb1a5052a4cbe71e8\PresentationCore.ni.dll - ok
20:42:45.0759 1660 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
20:42:45.0759 1660 C:\Windows\System32\wbem\NCProv.dll - ok
20:42:45.0759 1660 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
20:42:45.0759 1660 C:\Windows\System32\wmploc.DLL - ok
20:42:45.0759 1660 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\System32\blackbox.dll
20:42:45.0759 1660 C:\Windows\System32\blackbox.dll - ok
20:42:45.0775 1660 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
20:42:45.0775 1660 C:\Windows\System32\wmp.dll - ok
20:42:45.0775 1660 [ A0AE3739A2B9A256DF984244C763577C ] C:\Program Files\Microsoft Office\Office14\OART.DLL
20:42:45.0775 1660 C:\Program Files\Microsoft Office\Office14\OART.DLL - ok
20:42:45.0775 1660 [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0 ] C:\Windows\System32\twext.dll
20:42:45.0775 1660 C:\Windows\System32\twext.dll - ok
20:42:45.0775 1660 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\System32\msisip.dll
20:42:45.0775 1660 C:\Windows\System32\msisip.dll - ok
20:42:45.0775 1660 [ E0AE8FDDFB86BA5DB783DB8EF70A79CA ] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
20:42:45.0775 1660 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll - ok
20:42:45.0775 1660 [ 34E81B725E25D9184657667654D421A5 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSO.DLL
20:42:45.0775 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSO.DLL - ok
20:42:45.0775 1660 [ A070B8C38CEB3A30CC18D1B7C433144C ] C:\Program Files\WinRAR\RarExt.dll
20:42:45.0775 1660 C:\Program Files\WinRAR\RarExt.dll - ok
20:42:45.0790 1660 [ 5035FE520A2DC089E64CA255F9AE64DE ] C:\Program Files\PowerISO\PWRISOSH.DLL
20:42:45.0790 1660 C:\Program Files\PowerISO\PWRISOSH.DLL - ok
20:42:45.0790 1660 [ 68D1CA4DB21F0E1EE9BE620906015AF2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c22857dbcce7e0320350436e80ec8ab1\PresentationFramework.ni.dll
20:42:45.0790 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c22857dbcce7e0320350436e80ec8ab1\PresentationFramework.ni.dll - ok
20:42:45.0790 1660 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\System32\wshext.dll
20:42:45.0790 1660 C:\Windows\System32\wshext.dll - ok
20:42:45.0790 1660 [ 7F4D65B109D9E4C198D268878906E40A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\23de8d00755205c37aa6795b0ce8a42d\System.Xaml.ni.dll
20:42:45.0790 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\23de8d00755205c37aa6795b0ce8a42d\System.Xaml.ni.dll - ok
20:42:45.0790 1660 [ 2875B386B45B8A77E2343C5E129AE50C ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
20:42:45.0790 1660 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
20:42:45.0790 1660 [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
20:42:45.0790 1660 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
20:42:45.0806 1660 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
20:42:45.0806 1660 C:\Windows\System32\DWrite.dll - ok
20:42:45.0806 1660 [ 5C0A02A7121D006F3333B15163785FE5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
20:42:45.0806 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
20:42:45.0806 1660 [ 41F3C19E45522DE4B33E2CE85C49E878 ] C:\PROGRA~1\NITROP~1\PROFES~1\NPShellExtension.dll
20:42:45.0806 1660 C:\PROGRA~1\NITROP~1\PROFES~1\NPShellExtension.dll - ok
20:42:45.0806 1660 [ 9773310152596C693B6AEC905B59AE82 ] C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
20:42:45.0806 1660 C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll - ok
20:42:45.0806 1660 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
20:42:45.0806 1660 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
20:42:45.0806 1660 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
20:42:45.0806 1660 C:\Windows\System32\msvfw32.dll - ok
20:42:45.0822 1660 [ 9383D302F0D95DB0802308CF250727F3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
20:42:45.0822 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
20:42:45.0822 1660 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
20:42:45.0822 1660 C:\Windows\System32\wmpps.dll - ok
20:42:45.0822 1660 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll
20:42:45.0822 1660 C:\Windows\System32\wmpmde.dll - ok
20:42:45.0822 1660 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
20:42:45.0822 1660 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
20:42:45.0822 1660 [ B5506B451BFE7148ECA7056BDA2970BD ] C:\Windows\System32\riched32.dll
20:42:45.0822 1660 C:\Windows\System32\riched32.dll - ok
20:42:45.0822 1660 [ 20A20A911CD79A6F6839167149A05668 ] C:\Windows\System32\syncui.dll
20:42:45.0822 1660 C:\Windows\System32\syncui.dll - ok
20:42:45.0822 1660 [ D23E615E0969AECC1134E372B0B295D1 ] C:\Windows\System32\synceng.dll
20:42:45.0822 1660 C:\Windows\System32\synceng.dll - ok
20:42:45.0837 1660 [ AD73D78B4E5DC0B9B51E0584A21171A2 ] C:\Program Files\Microsoft Office\Office14\1044\WWINTL.DLL
20:42:45.0837 1660 C:\Program Files\Microsoft Office\Office14\1044\WWINTL.DLL - ok
20:42:45.0837 1660 [ 9E58E7FB13025E36B7DED8D65B682137 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
20:42:45.0837 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll - ok
20:42:45.0837 1660 [ F4D11E1DBB80E95D466DFC58CA5F7491 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
20:42:45.0837 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll - ok
20:42:45.0837 1660 [ 7E3353FC81C658803F2CAC7BC195DE18 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
20:42:45.0837 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll - ok
20:42:45.0837 1660 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
20:42:45.0837 1660 C:\Windows\System32\WinSATAPI.dll - ok
20:42:45.0837 1660 [ E311188D082D9B0CBB4BED0A0F9646AB ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
20:42:45.0837 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll - ok
20:42:45.0853 1660 [ 90E495763D16D1615BF501906D4606AB ] C:\Program Files\TortoiseSVN\bin\crshhndl.dll
20:42:45.0853 1660 C:\Program Files\TortoiseSVN\bin\crshhndl.dll - ok
20:42:45.0853 1660 [ 17C28A02547F4565C85FC95D033C34EB ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
20:42:45.0853 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll - ok
20:42:45.0853 1660 [ 22F7CF4184D7DF73288C0F0DDD249774 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
20:42:45.0853 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll - ok
20:42:45.0853 1660 [ 793E8BB9AE1D5E621657CE48AF183F5E ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
20:42:45.0853 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll - ok
20:42:45.0853 1660 [ 6EC176817A1CE9C3BA14750D28913E31 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
20:42:45.0853 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll - ok
20:42:45.0853 1660 [ 1C1A400BD0C07ED98EDC6C8F28E0F653 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
20:42:45.0853 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll - ok
20:42:45.0868 1660 [ C4F7E65FEE7CC39969056686C8E30045 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\1044\MSOINTL.DLL
20:42:45.0868 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\1044\MSOINTL.DLL - ok
20:42:45.0868 1660 [ 2A3EDF043AD31783024D292E4FC4AE47 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
20:42:45.0868 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll - ok
20:42:45.0868 1660 [ 8A09E68164F10BA2D02FC597F3BEF3D2 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
20:42:45.0868 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll - ok
20:42:45.0868 1660 [ 99507C89B164B153325336462377553E ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
20:42:45.0868 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll - ok
20:42:45.0868 1660 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
20:42:45.0868 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
20:42:45.0884 1660 [ 98BCA00752AAEC5FB01491D32DD23BB7 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
20:42:45.0884 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll - ok
20:42:45.0884 1660 [ 046B10778FA98CD8731AC8B2A537444B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
20:42:45.0884 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll - ok
20:42:45.0884 1660 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL
20:42:45.0884 1660 C:\Windows\System32\MSMPEG2ENC.DLL - ok
20:42:45.0884 1660 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
20:42:45.0884 1660 C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe - ok
20:42:45.0884 1660 [ E89698D6EBF38EEFF3E09C5D4132DFCF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
20:42:45.0884 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll - ok
20:42:45.0884 1660 [ D3C294A8C671F1E9BBDCDA8E0A07B143 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
20:42:45.0884 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll - ok
20:42:45.0884 1660 [ 5396DF700BBA8EFC723C1C4F8FB9E970 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
20:42:45.0884 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll - ok
20:42:45.0900 1660 [ 8BBC6874B7623A9D3D81D17F70A59760 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
20:42:45.0900 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll - ok
20:42:45.0900 1660 [ 80128207A57A471E7B0FDD1D7CE030B6 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
20:42:45.0900 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll - ok
20:42:45.0900 1660 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
20:42:45.0900 1660 C:\Windows\System32\devenum.dll - ok
20:42:45.0900 1660 [ 99F3D945CF11A3C603C04A4609382951 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
20:42:45.0900 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll - ok
20:42:45.0900 1660 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
20:42:45.0900 1660 C:\Windows\System32\msdmo.dll - ok
20:42:45.0900 1660 [ 00000000000000000000000000000000 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSORES.DLL
20:42:45.0900 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSORES.DLL - ok
20:42:45.0915 1660 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
20:42:45.0915 1660 C:\Windows\System32\upnphost.dll - ok
20:42:45.0915 1660 [ A1CFDEF143B1B4047E0FD3510F85DE97 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL
20:42:45.0915 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL - ok
20:42:45.0915 1660 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:42:45.0915 1660 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:42:45.0915 1660 [ 840C95965E69A8822A2C418C0EE54D43 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
20:42:45.0915 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll - ok
20:42:45.0915 1660 [ 4C0DA2B69F8DE16E97FCEC0E19312923 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\RICHED20.DLL
20:42:45.0915 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\RICHED20.DLL - ok
20:42:45.0915 1660 [ 1FA14DD3668EE4127260FFF495D85551 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
20:42:45.0915 1660 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
20:42:45.0931 1660 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
20:42:45.0931 1660 C:\Windows\System32\wbem\wmiprov.dll - ok
20:42:45.0931 1660 [ 1D9C3D7A1F8838E6280FA3F7D1FE4ED8 ] C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
20:42:45.0931 1660 C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL - ok
20:42:45.0931 1660 [ C3781230CFDCE3310CE0B18C00E8D8E6 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
20:42:45.0931 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll - ok
20:42:45.0931 1660 [ 866A35ABEF8A06BCC169898AC87C2B97 ] C:\Program Files\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
20:42:45.0931 1660 C:\Program Files\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll - ok
20:42:45.0931 1660 [ 359910F80E6984F5D61CAF6A34EBC3C3 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
20:42:45.0931 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll - ok
20:42:45.0931 1660 [ 40142D1A4DD052340ABF6FDC82A39158 ] C:\Program Files\Nitro PDF\Professional\mswordaddin.dll
20:42:45.0931 1660 C:\Program Files\Nitro PDF\Professional\mswordaddin.dll - ok
20:42:45.0946 1660 [ 735A984E44BCB70AB07CD317DA0C03A6 ] C:\Program Files\Nitro PDF\Professional\Framework.dll
20:42:45.0946 1660 C:\Program Files\Nitro PDF\Professional\Framework.dll - ok
20:42:45.0946 1660 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll
20:42:45.0946 1660 C:\Windows\System32\udhisapi.dll - ok
20:42:45.0946 1660 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
20:42:45.0946 1660 C:\Windows\System32\drprov.dll - ok
20:42:45.0946 1660 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
20:42:45.0946 1660 C:\Windows\System32\ntlanman.dll - ok
20:42:45.0946 1660 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
20:42:45.0946 1660 C:\Windows\System32\davclnt.dll - ok
20:42:45.0946 1660 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
20:42:45.0946 1660 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
20:42:45.0946 1660 [ 21C3E53E6C53D3EE63C66849E4AC9CAC ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
20:42:45.0946 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll - ok
20:42:45.0962 1660 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
20:42:45.0962 1660 C:\Windows\System32\davhlpr.dll - ok
20:42:45.0962 1660 [ 1C682A537049B0C0D2D8879139BD31A4 ] C:\Program Files\Nitro PDF\Professional\SecurePdfSDK.dll
20:42:45.0962 1660 C:\Program Files\Nitro PDF\Professional\SecurePdfSDK.dll - ok
20:42:45.0962 1660 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:42:45.0962 1660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:42:45.0962 1660 [ 6972A0CE71545871F750440DC4ECF8C7 ] C:\Program Files\Nitro PDF\Professional\PDFLibTool.dll
20:42:45.0962 1660 C:\Program Files\Nitro PDF\Professional\PDFLibTool.dll - ok
20:42:45.0962 1660 [ A13CACF656998D44A0389659F2C9D571 ] C:\Program Files\Nitro PDF\Professional\ImageTool.dll
20:42:45.0962 1660 C:\Program Files\Nitro PDF\Professional\ImageTool.dll - ok
20:42:45.0962 1660 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
20:42:45.0962 1660 C:\Windows\System32\FntCache.dll - ok
20:42:45.0962 1660 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\System32\glu32.dll
20:42:45.0962 1660 C:\Windows\System32\glu32.dll - ok
20:42:45.0978 1660 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\System32\opengl32.dll
20:42:45.0978 1660 C:\Windows\System32\opengl32.dll - ok
20:42:45.0978 1660 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
20:42:45.0978 1660 C:\Windows\System32\ddraw.dll - ok
20:42:45.0978 1660 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
20:42:45.0978 1660 C:\Windows\System32\dciman32.dll - ok
20:42:45.0978 1660 [ 74804509C1B8E43B06A47F28E1B20AFD ] C:\Program Files\Nitro PDF\Professional\wxbase28u_vc_custom.dll
20:42:45.0978 1660 C:\Program Files\Nitro PDF\Professional\wxbase28u_vc_custom.dll - ok
20:42:45.0978 1660 [ CCD9971EEC06955F1B9B3923524AD64F ] C:\Program Files\Nitro PDF\Professional\wxmsw28u_core_vc_custom.dll
20:42:45.0978 1660 C:\Program Files\Nitro PDF\Professional\wxmsw28u_core_vc_custom.dll - ok
20:42:45.0978 1660 [ 09F52D7F5BD4B0D074F0987255EE7524 ] C:\Program Files\Nitro PDF\Professional\wxmsw28u_xrc_vc_custom.dll
20:42:45.0978 1660 C:\Program Files\Nitro PDF\Professional\wxmsw28u_xrc_vc_custom.dll - ok
20:42:45.0993 1660 [ 5915068E760AD54E78C1B1C236360A23 ] C:\Program Files\Nitro PDF\Professional\wxmsw28u_html_vc_custom.dll
20:42:45.0993 1660 C:\Program Files\Nitro PDF\Professional\wxmsw28u_html_vc_custom.dll - ok
20:42:45.0993 1660 [ 26C36EAA6FF43E7885BD1E1D4749F4D8 ] C:\Program Files\Nitro PDF\Professional\wxmsw28u_adv_vc_custom.dll
20:42:45.0993 1660 C:\Program Files\Nitro PDF\Professional\wxmsw28u_adv_vc_custom.dll - ok
20:42:45.0993 1660 [ 5062877CBDCFE049A1767A2E72729A5E ] C:\Program Files\Nitro PDF\Professional\wxbase28u_xml_vc_custom.dll
20:42:45.0993 1660 C:\Program Files\Nitro PDF\Professional\wxbase28u_xml_vc_custom.dll - ok
20:42:45.0993 1660 [ A4EE3D80E31D5A3CA8EBE6A67A06CEC0 ] C:\Windows\System32\webcheck.dll
20:42:45.0993 1660 C:\Windows\System32\webcheck.dll - ok
20:42:45.0993 1660 [ D202C9BFBC7D23F3B30556FE2D888897 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_no.dll
20:42:45.0993 1660 C:\Program Files\Google\Update\1.3.21.123\goopdateres_no.dll - ok
20:42:45.0993 1660 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
20:42:45.0993 1660 C:\Windows\System32\SyncCenter.dll - ok
20:42:45.0993 1660 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
20:42:45.0993 1660 C:\Windows\System32\SearchProtocolHost.exe - ok
20:42:46.0009 1660 [ 6DF2076A4AC5E3655529142917B579A4 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\USP10.DLL
20:42:46.0009 1660 C:\Program Files\Common Files\microsoft shared\OFFICE14\USP10.DLL - ok
20:42:46.0009 1660 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
20:42:46.0009 1660 C:\Windows\System32\sppsvc.exe - ok
20:42:46.0009 1660 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
20:42:46.0009 1660 C:\Windows\System32\msshooks.dll - ok
20:42:46.0009 1660 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
20:42:46.0009 1660 C:\Windows\System32\SearchFilterHost.exe - ok
20:42:46.0009 1660 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll
20:42:46.0009 1660 C:\Windows\System32\mssph.dll - ok
20:42:46.0009 1660 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
20:42:46.0009 1660 C:\Windows\System32\mapi32.dll - ok
20:42:46.0024 1660 [ 47FC5A4A45E883A36AFF884B3E6073B1 ] C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL
20:42:46.0024 1660 C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL - ok
20:42:46.0024 1660 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
20:42:46.0024 1660 C:\Windows\System32\hgcpl.dll - ok
20:42:46.0024 1660 [ 7A48223093A2B6FECB00E4360C71DCC2 ] C:\Program Files\Microsoft Office\Office14\msproof7.dll
20:42:46.0024 1660 C:\Program Files\Microsoft Office\Office14\msproof7.dll - ok
20:42:46.0024 1660 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:42:46.0024 1660 C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - ok
20:42:46.0024 1660 [ 66BF84963B99A20A47047ED7A9D8A1E1 ] C:\Program Files\Common Files\microsoft shared\PROOF\MSLID.DLL
20:42:46.0024 1660 C:\Program Files\Common Files\microsoft shared\PROOF\MSLID.DLL - ok
20:42:46.0024 1660 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys
20:42:46.0024 1660 C:\Windows\System32\drivers\spsys.sys - ok
20:42:46.0024 1660 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
20:42:46.0024 1660 C:\Windows\System32\fdPHost.dll - ok
20:42:46.0040 1660 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
20:42:46.0040 1660 C:\Windows\System32\FDResPub.dll - ok
20:42:46.0040 1660 [ F4A06325CB32790A79E1DFB7409EA8CC ] C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
20:42:46.0040 1660 C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL - ok
20:42:46.0040 1660 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll
20:42:46.0040 1660 C:\Windows\System32\fdWSD.dll - ok
20:42:46.0040 1660 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll
20:42:46.0040 1660 C:\Windows\System32\fdSSDP.dll - ok
20:42:46.0040 1660 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
20:42:46.0040 1660 C:\Windows\System32\wscsvc.dll - ok
20:42:46.0040 1660 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
20:42:46.0040 1660 C:\Windows\System32\fdProxy.dll - ok
20:42:46.0040 1660 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] C:\Windows\System32\drivers\asyncmac.sys
20:42:46.0040 1660 C:\Windows\System32\drivers\asyncmac.sys - ok
20:42:46.0056 1660 [ 9B55E7CD2218D07D3DF4A0AB4DDD1505 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
20:42:46.0056 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll - ok
20:42:46.0056 1660 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\System32\P2P.dll
20:42:46.0056 1660 C:\Windows\System32\P2P.dll - ok
20:42:46.0056 1660 [ F7AD9137581755B2DF024A165B00C78B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
20:42:46.0056 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll - ok
20:42:46.0056 1660 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
20:42:46.0056 1660 C:\Windows\System32\ListSvc.dll - ok
20:42:46.0056 1660 [ 9DC23ACF360AEA7DF55AD7A8D3FBF4E6 ] C:\Windows\System32\IdListen.dll
20:42:46.0056 1660 C:\Windows\System32\IdListen.dll - ok
20:42:46.0056 1660 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
20:42:46.0056 1660 C:\Windows\System32\p2pcollab.dll - ok
20:42:46.0071 1660 [ 65AADD5B679C3DAC408802A75E6B0280 ] C:\Windows\System32\rtffilt.dll
20:42:46.0071 1660 C:\Windows\System32\rtffilt.dll - ok
20:42:46.0071 1660 [ F059EB4C9C256F62F196EAA439E28F74 ] C:\Windows\System32\hgprint.dll
20:42:46.0071 1660 C:\Windows\System32\hgprint.dll - ok
20:42:46.0071 1660 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
20:42:46.0071 1660 C:\Windows\System32\pnrpsvc.dll - ok
20:42:46.0071 1660 [ 1E6D4EACC560A056A1226A73431943C9 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
20:42:46.0071 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll - ok
20:42:46.0071 1660 [ 87D8E1E7BBD7DE7A14FB8162C3418EF5 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
20:42:46.0071 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll - ok
20:42:46.0071 1660 [ C80F38B3BC9252E960C6DACCA88E8A58 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
20:42:46.0071 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll - ok
20:42:46.0071 1660 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
20:42:46.0071 1660 C:\Windows\System32\QAGENTRT.DLL - ok
20:42:46.0087 1660 [ 05AF01ADC157FAA1B663BF61D88AA498 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
20:42:46.0087 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll - ok
20:42:46.0087 1660 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
20:42:46.0087 1660 C:\Windows\System32\fveui.dll - ok
20:42:46.0087 1660 [ E580E0AFB326115B02E180511243AE94 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
20:42:46.0087 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll - ok
20:42:46.0087 1660 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
20:42:46.0087 1660 C:\Windows\System32\p2psvc.dll - ok
20:42:46.0087 1660 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\System32\P2PGraph.dll
20:42:46.0087 1660 C:\Windows\System32\P2PGraph.dll - ok
20:42:46.0087 1660 [ 8007C8E92EF6F27F3974DC2CB577FC4F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
20:42:46.0087 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll - ok
20:42:46.0102 1660 [ 8D6B8ED37745FFBE2C40D5B4BF9BEC02 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
20:42:46.0102 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll - ok
20:42:46.0102 1660 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
20:42:46.0102 1660 C:\Windows\System32\wuaueng.dll - ok
20:42:46.0102 1660 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
20:42:46.0102 1660 C:\Windows\System32\cabinet.dll - ok
20:42:46.0102 1660 [ 426C6D1E13441B517B0A233BDE8BE79F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
20:42:46.0102 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll - ok
20:42:46.0102 1660 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll
20:42:46.0102 1660 C:\Windows\System32\mspatcha.dll - ok
20:42:46.0102 1660 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
20:42:46.0102 1660 C:\Windows\System32\wuapi.dll - ok
20:42:46.0118 1660 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
20:42:46.0118 1660 C:\Windows\System32\wups.dll - ok
20:42:46.0118 1660 [ 545018C88A1C420573E646125C690AD8 ] C:\Windows\System32\spool\drivers\w32x86\3\CNMDR9Z.DLL
20:42:46.0118 1660 C:\Windows\System32\spool\drivers\w32x86\3\CNMDR9Z.DLL - ok
20:42:46.0118 1660 [ 8A639A8A43B031B0BCDD1C164C681315 ] C:\Windows\System32\spool\drivers\w32x86\3\CNMUI9Z.DLL
20:42:46.0118 1660 C:\Windows\System32\spool\drivers\w32x86\3\CNMUI9Z.DLL - ok
20:42:46.0118 1660 [ 41F25D5ECDC4E65F8F11F68804181954 ] C:\Windows\System32\spool\drivers\w32x86\3\CNMCP9Z.DLL
20:42:46.0118 1660 C:\Windows\System32\spool\drivers\w32x86\3\CNMCP9Z.DLL - ok
20:42:46.0118 1660 [ 3E9E2CC4DEB3DF609FE40C563B6E2F4F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
20:42:46.0118 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll - ok
20:42:46.0118 1660 [ 640A476C8867AEAAD8FF9F59A61AFE2F ] C:\Windows\System32\PrintIsolationHost.exe
20:42:46.0118 1660 C:\Windows\System32\PrintIsolationHost.exe - ok
20:42:46.0118 1660 [ 1D1178AD1BC0FD571A7A0EA721754D1D ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
20:42:46.0118 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll - ok
20:42:46.0134 1660 [ 3993295B3B1A9EBD8838ED98149FA86C ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
20:42:46.0134 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll - ok
20:42:46.0134 1660 [ A76D32C537C9016564F449F2891DDD45 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
20:42:46.0134 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll - ok
20:42:46.0134 1660 [ 072350D76C2DA335EA2F37F209849D98 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
20:42:46.0134 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll - ok
20:42:46.0134 1660 [ 01AFEDE8152F1929CDD4E73EDC6A6F67 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
20:42:46.0134 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll - ok
20:42:46.0134 1660 [ 3872A7525E53C02DE72AF3D602575A6A ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
20:42:46.0134 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll - ok
20:42:46.0149 1660 [ CD283CD7A654B441E913CB03ACCDDF86 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
20:42:46.0149 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll - ok
20:42:46.0149 1660 [ 23BB191FA0C31A6B2BFD6FA76A28504F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
20:42:46.0149 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll - ok
20:42:46.0149 1660 [ 9B742F7004C8D88C21B05BAC3DC1A9F9 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
20:42:46.0149 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll - ok
20:42:46.0149 1660 [ 75A9BA2E84C0C9F661ACA17EA4E1F233 ] C:\Windows\System32\atiu9pag.dll
20:42:46.0149 1660 C:\Windows\System32\atiu9pag.dll - ok
20:42:46.0149 1660 [ C58FDF4BEB40FC98E35A68A3BA56A07F ] C:\Windows\System32\atiumdag.dll
20:42:46.0149 1660 C:\Windows\System32\atiumdag.dll - ok
20:42:46.0149 1660 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll
20:42:46.0149 1660 C:\Windows\System32\sppwinob.dll - ok
20:42:46.0165 1660 [ A1156481B844AAF74560D3FB970559D1 ] C:\Windows\System32\atiumdva.dll
20:42:46.0165 1660 C:\Windows\System32\atiumdva.dll - ok
20:42:46.0165 1660 [ EE01D5807F28AB6965D4A60000027AF9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\53121a27f94f7335e585384377fc538a\PresentationFramework.Aero.ni.dll
20:42:46.0165 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\53121a27f94f7335e585384377fc538a\PresentationFramework.Aero.ni.dll - ok
20:42:46.0165 1660 [ B7FB141EE3F48E152E0FD8DA68C04162 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
20:42:46.0165 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll - ok
20:42:46.0165 1660 [ 9E8405F1738B60B9B2F1C4CAF198E6B7 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
20:42:46.0165 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll - ok
20:42:46.0165 1660 [ 3856D8DBCDC5EFF43A14A149BE4D1B51 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.Shell.dll
20:42:46.0165 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.Shell.dll - ok
20:42:46.0165 1660 [ 172CFDF8F3A17A7FDE163A00F3218313 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.dll
20:42:46.0165 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.dll - ok
20:42:46.0180 1660 [ 0ABC347B13855F4B00F4B7ABD30449E2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c57e9cc78527b9a7bbe4ab8dbf93cff2\WindowsFormsIntegration.ni.dll
20:42:46.0180 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c57e9cc78527b9a7bbe4ab8dbf93cff2\WindowsFormsIntegration.ni.dll - ok
20:42:46.0180 1660 [ A0F4562078B59503B48DB4C37EAF7BA0 ] C:\Windows\System32\mshtml.dll
20:42:46.0180 1660 C:\Windows\System32\mshtml.dll - ok
20:42:46.0180 1660 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\System32\drttransport.dll
20:42:46.0180 1660 C:\Windows\System32\drttransport.dll - ok
20:42:46.0180 1660 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\System32\drt.dll
20:42:46.0180 1660 C:\Windows\System32\drt.dll - ok
20:42:46.0180 1660 [ 5F5D020B2D6D73C836D12EE330D0ACC3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\bc9a67c8782211bc4282369952711a0b\UIAutomationProvider.ni.dll
20:42:46.0180 1660 C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\bc9a67c8782211bc4282369952711a0b\UIAutomationProvider.ni.dll - ok
20:42:46.0180 1660 [ 6FE5823B23A8B2C8269BBD7C450F7B10 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
20:42:46.0180 1660 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll - ok
20:42:46.0180 1660 ============================================================
20:42:46.0180 1660 Scan finished
20:42:46.0180 1660 ============================================================
20:42:46.0196 4360 Detected object count: 3
20:42:46.0196 4360 Actual detected object count: 3
20:43:57.0847 4360 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
20:43:57.0847 4360 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:43:57.0862 4360 Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
20:43:57.0862 4360 Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:43:57.0862 4360 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
20:43:57.0862 4360 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:44:24.0507 3852 Deinitialize success

#13 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 13 December 2012 - 03:02 PM

I started the aswMBR process, but it did not ask for permission to download extra definitions.. After waiting a bit for this, I just pressed "Scan".

After some time, a warning box emerged saying "avast! Antirootkit has stopped working - etc on Windows closing the program etc". Then the program closed.. I reran the aswMBR, but the same error occurred.

topresch

edit: Btw. it did detect infection, lighting up in red in one line, before the error popped up.

Edited by topresch, 13 December 2012 - 03:23 PM.


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:11 AM

Posted 13 December 2012 - 08:48 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 topresch

topresch
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 14 December 2012 - 03:21 AM

Hi

As I started the ComboFix it asked me if I wanted to upgrade to the newest version of ComboFix. The first time, I did this, but then I realized that you hadn't told me to do so, and that I perhaps should follow your instructions to the letter, so the second time it asked, i.e. after I reran ComboFix, I chose "No" on the question. Then I had to disable the avast-shield to run the program (which it told me to), and I unplugged the broadband.

After ComboFix had finished, I could not actually run any programs (Chrome, Win explorer, Firefox, Internet explorer), as any attempt gave the error box that you mentioned, and after a restart, everything worked.

However, CouponDropDown is still in play here (e.g. on the word "button" and "save" in your initial post in the thread).

Here's the log from ComboFix:

ComboFix 12-12-12.01 - Torbjørn 14.12.2012 8:45.2.8 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1033.18.3574.2490 [GMT 1:00]
Kjører fra: c:\users\Torbj°rn\Desktop\ComboFix.exe
Command switches brukt :: c:\users\Torbj°rn\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2012-11-14 til 2012-12-14 )))))))))))))))))))))))))))))))))
.
.
2012-12-14 07:57 . 2012-12-14 07:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-14 07:57 . 2012-12-14 07:57 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-12-14 07:30 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA8F12B8-D5AE-4DCA-B5EB-9A6994CFCBDA}\mpengine.dll
2012-12-12 17:46 . 2012-12-12 17:46 -------- d-----w- c:\users\Torbj°rn
2012-12-11 19:18 . 2012-12-11 19:18 -------- d-----w- c:\users\Torbjørn\AppData\Local\Macromedia
2012-12-11 16:18 . 2012-12-11 16:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-11 16:17 . 2012-12-11 16:17 -------- d-----w- c:\users\Torbjørn\AppData\Local\Programs
2012-12-11 14:10 . 2012-12-11 14:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-12-11 14:09 . 2012-12-11 14:09 -------- d-----w- c:\users\Torbjørn\AppData\Roaming\Malwarebytes
2012-12-11 14:09 . 2012-12-11 14:09 -------- d-----w- c:\programdata\Malwarebytes
2012-12-05 15:40 . 2012-12-05 15:41 -------- d-----w- C:\Book
2012-12-04 23:08 . 2012-12-04 23:08 -------- d-----w- c:\program files\iPod
2012-12-04 23:08 . 2012-12-04 23:08 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-04 23:08 . 2012-12-04 23:08 -------- d-----w- c:\program files\iTunes
2012-11-23 19:27 . 2012-11-23 21:25 -------- d-----w- c:\users\Torbjørn\AppData\Roaming\dvdcss
2012-11-17 00:22 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-17 00:22 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-17 00:22 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-17 00:21 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-17 00:21 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-17 00:21 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-17 00:21 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-17 00:21 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-17 00:21 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-17 00:21 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 16:56 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-16 16:56 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-16 16:56 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-16 16:56 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-16 16:56 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-16 16:56 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-16 16:56 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-16 16:56 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-16 16:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 16:56 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-16 16:56 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 18:09 . 2012-04-10 10:41 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 18:09 . 2011-05-18 20:08 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-30 22:51 . 2011-05-18 19:02 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2010-09-30 14:07 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2010-09-30 14:07 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2010-09-30 14:07 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2010-09-30 14:07 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2010-09-30 14:06 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2010-09-30 14:06 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-16 07:39 . 2012-11-28 14:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-04-23 08:49 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-28 13:36 . 2012-09-28 13:36 180224 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 13:36 . 2012-09-28 13:36 65536 ----a-w- c:\windows\system32\OpenVideo.dll
2012-09-28 13:36 . 2012-09-28 13:36 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-09-28 13:32 . 2012-09-28 13:32 27341824 ----a-w- c:\windows\system32\amdocl.dll
2012-09-28 09:32 . 2012-09-28 09:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-09-28 09:32 . 2012-09-28 09:32 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-09-28 02:22 . 2012-09-28 02:22 5557928 ----a-w- c:\windows\system32\atiumdag.dll
2012-09-28 02:20 . 2012-09-28 02:20 9107968 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 58880 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\system32\aticaldd.dll
2012-09-28 01:43 . 2010-11-11 12:52 935424 ----a-w- c:\windows\system32\aticfx32.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\system32\atioglxx.dll
2012-09-28 01:39 . 2009-11-24 14:12 6536192 ----a-w- c:\windows\system32\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:38 . 2012-09-28 01:38 473088 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-09-28 01:36 . 2012-09-28 01:36 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-09-28 01:22 . 2012-09-28 01:22 2691584 ----a-w- c:\windows\system32\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-09-28 01:12 . 2012-09-28 01:12 370176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:11 . 2012-02-15 02:12 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-09-28 01:10 . 2012-09-28 01:10 82944 ----a-w- c:\windows\system32\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-24 14:32 . 2012-06-23 12:11 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 14:32 . 2010-12-18 16:11 473072 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-22 15:56 . 2011-05-11 08:51 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Torbjørn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-19 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"c:\windows\system32\V0640Ext.ax"="c:\windows\system32\V0640Ext.ax" [X]
"V0640Mon.exe"="c:\windows\V0640Mon.exe" [2009-09-22 28672]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-12-09 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-11-28 151952]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Evoluent Mouse Manager.lnk - c:\windows\Installer\{A93D8BCB-5E78-4E43-AA04-4D2C159626E6}\_5D3F7A665AF4FEE7709022.exe [2011-1-18 4286]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-03-24 02:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-11-28 23:49 151952 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-08-25 22:13 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Prelaunch OmniPage]
2010-01-26 18:21 5592352 ----a-w- c:\program files\Nuance\OmniPage17\OmniPage17.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-09-09 12:28 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
S0 SASKUTIL;SASKUTIL; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [x]
S3 EvoMouseDriverFilterHidUsb;Evoluent Mouse Driver Filter;c:\windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys [x]
S3 EvoMouseDriverMini;EvoMouseDriverMini;c:\windows\system32\drivers\EvoMouseDriverMini.sys [x]
.
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2012-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 18:09]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-25 14:03]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-25 14:03]
.
2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 13:29]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279862012-2560545468-3962944918-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 13:29]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://www.nrk.no/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Torbjørn\AppData\Roaming\Mozilla\Firefox\Profiles\1k0ev2lr.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - ExtSQL: 2012-10-28 19:12; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - TOMME PEKERE FJERNET - - - -
.
SafeBoot-28022482.sys
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_USERS\S-1-5-21-2279862012-2560545468-3962944918-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0075321-0037-3D1D-EA5B-57BA9B8A5488}*]
"oahjfpikceingcifkfgbpepihdhckp"=hex:6a,61,6c,69,6b,69,64,6d,69,67,6f,70,6c,67,
63,6c,6f,62,69,63,00,00
"nanjfmdkefjcccacpmolfcbfmdlp"=hex:6a,61,6c,69,6a,68,65,6e,6a,69,66,6e,61,6d,
6b,6a,67,6e,63,61,00,00
"oalgdlkpmgklojpiddcojdpngmfjig"=hex:64,61,6c,69,65,6a,6b,6f,00,fc
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2012-12-14 08:59:54
ComboFix-quarantined-files.txt 2012-12-14 07:59
ComboFix2.txt 2012-12-13 14:12
.
Pre-Run: 452 962 037 760 bytes free
Post-Run: 452 902 326 272 bytes free
.
- - End Of File - - F2D1B0C3B4D0B93366B7E0B54578A76A

Edited by topresch, 14 December 2012 - 03:43 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users