Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help with iexplore.exe


  • Please log in to reply
22 replies to this topic

#1 SaraLouise12

SaraLouise12

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 02 March 2013 - 07:12 PM

Hey there I hope someone can help!

 

I'm on windows 7 and I have multiple iexplore.exe *32 processes running in my task manager despite the fact I never use internet explorer!! 

 

I managed to disable the "invisible windows" and advert sounds it was making but the processes are still running and I'm worried. I'm hoping one of you geniuses will be able to help, I'm in need! :(



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 PM

Posted 02 March 2013 - 07:16 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 02 March 2013 - 07:41 PM

Thank you so much, I am following your instructions step by step! The final scan may take hours like you said and it is very late here so I will continue in the morning. 

 

When I tried to open my Spybot as an administrator it won't open :/ I don't know if that is significant?

 

Thank you once again, I will continue with your instructions! :)



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 PM

Posted 02 March 2013 - 07:45 PM

Lets look into spybot later. :thumbup2:



#5 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 02 March 2013 - 07:48 PM

OK no problem! I'm running all the scans now so when they are complete I will paste the logs! :)



#6 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 04:40 AM

Good Morning! I have the results of my logs which I'll post below



#7 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 04:44 AM

TDSS


00:26:51.0969 0948  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:26:52.0281 0948  ============================================================
00:26:52.0281 0948  Current date / time: 2013/03/03 00:26:52.0281
00:26:52.0281 0948  SystemInfo:
00:26:52.0281 0948 
00:26:52.0281 0948  OS Version: 6.1.7601 ServicePack: 1.0
00:26:52.0281 0948  Product type: Workstation
00:26:52.0281 0948  ComputerName: ADAM-PC
00:26:52.0281 0948  UserName: Adam
00:26:52.0281 0948  Windows directory: C:\Windows
00:26:52.0281 0948  System windows directory: C:\Windows
00:26:52.0281 0948  Running under WOW64
00:26:52.0281 0948  Processor architecture: Intel x64
00:26:52.0281 0948  Number of processors: 2
00:26:52.0281 0948  Page size: 0x1000
00:26:52.0281 0948  Boot type: Normal boot
00:26:52.0281 0948  ============================================================
00:26:58.0802 0948  BG loaded
00:26:59.0395 0948  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:26:59.0410 0948  ============================================================
00:26:59.0410 0948  \Device\Harddisk0\DR0:
00:26:59.0410 0948  MBR partitions:
00:26:59.0410 0948  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
00:26:59.0410 0948  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x22BFB800
00:26:59.0410 0948  ============================================================
00:26:59.0488 0948  C: <-> \Device\Harddisk0\DR0\Partition2
00:26:59.0488 0948  ============================================================
00:26:59.0488 0948  Initialize success
00:26:59.0488 0948  ============================================================
00:27:59.0533 3680  ============================================================
00:27:59.0533 3680  Scan started
00:27:59.0533 3680  Mode: Manual;
00:27:59.0533 3680  ============================================================
00:28:01.0076 3680  ================ Scan system memory ========================
00:28:01.0076 3680  System memory - ok
00:28:01.0077 3680  ================ Scan services =============================
00:28:01.0166 3680  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
00:28:01.0169 3680  !SASCORE - ok
00:28:01.0309 3680  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:28:01.0315 3680  1394ohci - ok
00:28:01.0352 3680  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:28:01.0358 3680  ACPI - ok
00:28:01.0387 3680  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:28:01.0389 3680  AcpiPmi - ok
00:28:01.0478 3680  [ 09E61047B0CEF21559CFCEDF4F14D216 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
00:28:01.0488 3680  Ad-Aware Service - ok
00:28:01.0537 3680  [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
00:28:01.0541 3680  AdobeActiveFileMonitor9.0 - ok
00:28:01.0596 3680  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:28:01.0605 3680  adp94xx - ok
00:28:01.0630 3680  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:28:01.0636 3680  adpahci - ok
00:28:01.0656 3680  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:28:01.0661 3680  adpu320 - ok
00:28:01.0694 3680  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:28:01.0695 3680  AeLookupSvc - ok
00:28:01.0746 3680  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
00:28:01.0750 3680  AFD - ok
00:28:01.0779 3680  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:28:01.0781 3680  agp440 - ok
00:28:01.0814 3680  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
00:28:01.0816 3680  ALG - ok
00:28:01.0839 3680  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:28:01.0842 3680  aliide - ok
00:28:01.0867 3680  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:28:01.0869 3680  AMD External Events Utility - ok
00:28:01.0954 3680  AMD FUEL Service - ok
00:28:01.0961 3680  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
00:28:01.0963 3680  amdide - ok
00:28:01.0992 3680  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:28:01.0995 3680  AmdK8 - ok
00:28:02.0223 3680  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
00:28:02.0305 3680  amdkmdag - ok
00:28:02.0355 3680  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
00:28:02.0360 3680  amdkmdap - ok
00:28:02.0384 3680  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
00:28:02.0385 3680  AmdPPM - ok
00:28:02.0410 3680  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:28:02.0413 3680  amdsata - ok
00:28:02.0437 3680  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
00:28:02.0442 3680  amdsbs - ok
00:28:02.0455 3680  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:28:02.0457 3680  amdxata - ok
00:28:02.0523 3680  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
00:28:02.0524 3680  AODDriver4.2 - ok
00:28:02.0562 3680  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
00:28:02.0564 3680  AppID - ok
00:28:02.0587 3680  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:28:02.0589 3680  AppIDSvc - ok
00:28:02.0614 3680  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
00:28:02.0615 3680  Appinfo - ok
00:28:02.0700 3680  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:28:02.0704 3680  Apple Mobile Device - ok
00:28:02.0739 3680  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
00:28:02.0743 3680  arc - ok
00:28:02.0755 3680  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:28:02.0757 3680  arcsas - ok
00:28:02.0833 3680  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:28:02.0862 3680  aspnet_state - ok
00:28:02.0892 3680  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:28:02.0894 3680  AsyncMac - ok
00:28:02.0910 3680  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
00:28:02.0911 3680  atapi - ok
00:28:02.0992 3680  [ CC406DA84E7DD3FA3AD20340DBC66CF2 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
00:28:03.0011 3680  athr - ok
00:28:03.0075 3680  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:28:03.0076 3680  AtiHDAudioService - ok
00:28:03.0124 3680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:28:03.0130 3680  AudioEndpointBuilder - ok
00:28:03.0154 3680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:28:03.0160 3680  AudioSrv - ok
00:28:03.0197 3680  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:28:03.0201 3680  AxInstSV - ok
00:28:03.0239 3680  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
00:28:03.0248 3680  b06bdrv - ok
00:28:03.0283 3680  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:28:03.0288 3680  b57nd60a - ok
00:28:03.0338 3680  [ A424CB46A145E5AABF15621550976DF2 ] b57xdbd         C:\Windows\system32\drivers\b57xdbd.sys
00:28:03.0339 3680  b57xdbd - ok
00:28:03.0355 3680  [ BE4E6FD5A898812B85D5817AD9754A9F ] b57xdmp         C:\Windows\system32\drivers\b57xdmp.sys
00:28:03.0356 3680  b57xdmp - ok
00:28:03.0412 3680  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
00:28:03.0416 3680  BBSvc - ok
00:28:03.0468 3680  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:28:03.0471 3680  BDESVC - ok
00:28:03.0497 3680  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:28:03.0498 3680  Beep - ok
00:28:03.0533 3680  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
00:28:03.0557 3680  BITS - ok
00:28:03.0575 3680  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
00:28:03.0576 3680  blbdrive - ok
00:28:03.0646 3680  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:28:03.0650 3680  Bonjour Service - ok
00:28:03.0678 3680  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:28:03.0679 3680  bowser - ok
00:28:03.0705 3680  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
00:28:03.0707 3680  BrFiltLo - ok
00:28:03.0720 3680  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
00:28:03.0723 3680  BrFiltUp - ok
00:28:03.0765 3680  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
00:28:03.0766 3680  Browser - ok
00:28:03.0784 3680  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:28:03.0792 3680  Brserid - ok
00:28:03.0808 3680  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:28:03.0811 3680  BrSerWdm - ok
00:28:03.0823 3680  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:28:03.0825 3680  BrUsbMdm - ok
00:28:03.0838 3680  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:28:03.0840 3680  BrUsbSer - ok
00:28:03.0878 3680  [ 413DD8AB0BB30B9C4F5E6A34977A1C34 ] bScsiMSa        C:\Windows\system32\drivers\bScsiMSa.sys
00:28:03.0879 3680  bScsiMSa - ok
00:28:03.0903 3680  [ 9F880F03F4A72215C8B77FD51322C297 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
00:28:03.0904 3680  bScsiSDa - ok
00:28:03.0915 3680  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:28:03.0918 3680  BTHMODEM - ok
00:28:03.0946 3680  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
00:28:03.0949 3680  bthserv - ok
00:28:03.0978 3680  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:28:03.0980 3680  cdfs - ok
00:28:04.0008 3680  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:28:04.0010 3680  cdrom - ok
00:28:04.0031 3680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
00:28:04.0034 3680  CertPropSvc - ok
00:28:04.0057 3680  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
00:28:04.0061 3680  circlass - ok
00:28:04.0082 3680  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
00:28:04.0089 3680  CLFS - ok
00:28:04.0146 3680  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:28:04.0154 3680  clr_optimization_v2.0.50727_32 - ok
00:28:04.0189 3680  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:28:04.0196 3680  clr_optimization_v2.0.50727_64 - ok
00:28:04.0245 3680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:28:04.0348 3680  clr_optimization_v4.0.30319_32 - ok
00:28:04.0382 3680  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:28:04.0465 3680  clr_optimization_v4.0.30319_64 - ok
00:28:04.0482 3680  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
00:28:04.0482 3680  CmBatt - ok
00:28:04.0513 3680  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:28:04.0516 3680  cmdide - ok
00:28:04.0556 3680  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
00:28:04.0564 3680  CNG - ok
00:28:04.0594 3680  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
00:28:04.0596 3680  Compbatt - ok
00:28:04.0611 3680  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
00:28:04.0612 3680  CompositeBus - ok
00:28:04.0620 3680  COMSysApp - ok
00:28:04.0639 3680  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:28:04.0641 3680  crcdisk - ok
00:28:04.0681 3680  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:28:04.0682 3680  CryptSvc - ok
00:28:04.0738 3680  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
00:28:04.0740 3680  CVirtA - ok
00:28:04.0975 3680  [ 66257CB4E4FB69887CDDC71663741435 ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
00:28:04.0987 3680  CVPND - ok
00:28:05.0016 3680  [ CC8E52DAA9826064BA464DBE531F2BB5 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
00:28:05.0019 3680  CVPNDRVA - ok
00:28:05.0062 3680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:28:05.0067 3680  DcomLaunch - ok
00:28:05.0104 3680  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
00:28:05.0110 3680  defragsvc - ok
00:28:05.0144 3680  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:28:05.0145 3680  DfsC - ok
00:28:05.0223 3680  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:28:05.0227 3680  Dhcp - ok
00:28:05.0246 3680  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
00:28:05.0246 3680  discache - ok
00:28:05.0285 3680  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
00:28:05.0288 3680  Disk - ok
00:28:05.0458 3680  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
00:28:05.0460 3680  DNE - ok
00:28:05.0531 3680  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:28:05.0534 3680  Dnscache - ok
00:28:05.0566 3680  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:28:05.0571 3680  dot3svc - ok
00:28:05.0594 3680  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
00:28:05.0596 3680  DPS - ok
00:28:05.0630 3680  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:28:05.0633 3680  drmkaud - ok
00:28:05.0712 3680  [ 32C2CD16DC801AEF9EDAAFEA0DBD769E ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
00:28:05.0716 3680  DsiWMIService - ok
00:28:05.0775 3680  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:28:05.0783 3680  DXGKrnl - ok
00:28:05.0822 3680  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
00:28:05.0824 3680  EapHost - ok
00:28:05.0996 3680  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
00:28:06.0072 3680  ebdrv - ok
00:28:06.0108 3680  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
00:28:06.0109 3680  EFS - ok
00:28:06.0342 3680  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:28:06.0384 3680  ehRecvr - ok
00:28:06.0514 3680  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
00:28:06.0592 3680  ehSched - ok
00:28:06.0665 3680  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:28:06.0674 3680  elxstor - ok
00:28:06.0823 3680  [ EB1C213A8550F066B2CCC29C9F41E2AE ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
00:28:06.0831 3680  ePowerSvc - ok
00:28:06.0847 3680  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:28:06.0849 3680  ErrDev - ok
00:28:06.0898 3680  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
00:28:06.0901 3680  EventSystem - ok
00:28:06.0925 3680  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
00:28:06.0928 3680  exfat - ok
00:28:06.0941 3680  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:28:06.0947 3680  fastfat - ok
00:28:07.0037 3680  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
00:28:07.0043 3680  Fax - ok
00:28:07.0087 3680  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
00:28:07.0089 3680  fdc - ok
00:28:07.0156 3680  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:28:07.0158 3680  fdPHost - ok
00:28:07.0207 3680  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:28:07.0209 3680  FDResPub - ok
00:28:07.0219 3680  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:28:07.0222 3680  FileInfo - ok
00:28:07.0250 3680  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:28:07.0259 3680  Filetrace - ok
00:28:07.0270 3680  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
00:28:07.0288 3680  flpydisk - ok
00:28:07.0329 3680  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:28:07.0331 3680  FltMgr - ok
00:28:07.0487 3680  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
00:28:07.0496 3680  FontCache - ok
00:28:07.0543 3680  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:28:07.0547 3680  FontCache3.0.0.0 - ok
00:28:07.0569 3680  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:28:07.0577 3680  FsDepends - ok
00:28:07.0604 3680  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:28:07.0606 3680  Fs_Rec - ok
00:28:07.0666 3680  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:28:07.0671 3680  fvevol - ok
00:28:07.0689 3680  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:28:07.0692 3680  gagp30kx - ok
00:28:07.0772 3680  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:28:07.0777 3680  GamesAppService - ok
00:28:07.0814 3680  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:28:07.0814 3680  GEARAspiWDM - ok
00:28:07.0856 3680  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
00:28:07.0862 3680  gpsvc - ok
00:28:07.0921 3680  [ F95126E44EBA95A30FB0E4CE6E916015 ] GREGService     C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
00:28:07.0922 3680  GREGService - ok
00:28:07.0943 3680  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:28:07.0946 3680  hcw85cir - ok
00:28:07.0963 3680  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:28:07.0969 3680  HdAudAddService - ok
00:28:07.0997 3680  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
00:28:07.0998 3680  HDAudBus - ok
00:28:08.0011 3680  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
00:28:08.0014 3680  HidBatt - ok
00:28:08.0026 3680  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:28:08.0028 3680  HidBth - ok
00:28:08.0048 3680  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:28:08.0050 3680  HidIr - ok
00:28:08.0083 3680  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
00:28:08.0084 3680  hidserv - ok
00:28:08.0110 3680  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:28:08.0111 3680  HidUsb - ok
00:28:08.0139 3680  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:28:08.0143 3680  hkmsvc - ok
00:28:08.0161 3680  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:28:08.0166 3680  HomeGroupListener - ok
00:28:08.0200 3680  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:28:08.0203 3680  HomeGroupProvider - ok
00:28:08.0217 3680  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:28:08.0219 3680  HpSAMD - ok
00:28:08.0291 3680  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:28:08.0298 3680  HTTP - ok
00:28:08.0329 3680  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:28:08.0334 3680  hwpolicy - ok
00:28:08.0357 3680  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:28:08.0358 3680  i8042prt - ok
00:28:08.0424 3680  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:28:08.0445 3680  iaStorV - ok
00:28:08.0626 3680  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:28:08.0651 3680  idsvc - ok
00:28:08.0680 3680  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:28:08.0683 3680  iirsp - ok
00:28:08.0733 3680  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
00:28:08.0763 3680  IKEEXT - ok
00:28:09.0039 3680  [ 88798B4381FD58FAE2DA07880C177C5C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:28:09.0060 3680  IntcAzAudAddService - ok
00:28:09.0083 3680  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
00:28:09.0086 3680  intelide - ok
00:28:09.0128 3680  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
00:28:09.0137 3680  intelppm - ok
00:28:09.0168 3680  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:28:09.0169 3680  IPBusEnum - ok
00:28:09.0183 3680  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:28:09.0186 3680  IpFilterDriver - ok
00:28:09.0207 3680  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:28:09.0211 3680  IPMIDRV - ok
00:28:09.0260 3680  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:28:09.0264 3680  IPNAT - ok
00:28:09.0422 3680  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:28:09.0433 3680  iPod Service - ok
00:28:09.0482 3680  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:28:09.0485 3680  IRENUM - ok
00:28:09.0498 3680  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:28:09.0506 3680  isapnp - ok
00:28:09.0567 3680  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:28:09.0573 3680  iScsiPrt - ok
00:28:09.0655 3680  [ 0469BFF65BBDEE9E46D0C45EE32A08BD ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
00:28:09.0659 3680  k57nd60a - ok
00:28:09.0736 3680  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
00:28:09.0737 3680  kbdclass - ok
00:28:09.0784 3680  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:28:09.0788 3680  kbdhid - ok
00:28:09.0817 3680  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
00:28:09.0819 3680  KeyIso - ok
00:28:09.0867 3680  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:28:09.0878 3680  KSecDD - ok
00:28:09.0912 3680  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:28:09.0915 3680  KSecPkg - ok
00:28:09.0958 3680  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:28:09.0958 3680  ksthunk - ok
00:28:10.0069 3680  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:28:10.0079 3680  KtmRm - ok
00:28:10.0167 3680  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:28:10.0170 3680  LanmanServer - ok
00:28:10.0217 3680  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:28:10.0220 3680  LanmanWorkstation - ok
00:28:10.0253 3680  Lavasoft Kernexplorer - ok
00:28:10.0355 3680  [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
00:28:10.0358 3680  Live Updater Service - ok
00:28:10.0429 3680  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:28:10.0429 3680  lltdio - ok
00:28:10.0522 3680  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:28:10.0528 3680  lltdsvc - ok
00:28:10.0544 3680  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:28:10.0545 3680  lmhosts - ok
00:28:10.0575 3680  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:28:10.0583 3680  LSI_FC - ok
00:28:10.0604 3680  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:28:10.0607 3680  LSI_SAS - ok
00:28:10.0624 3680  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:28:10.0629 3680  LSI_SAS2 - ok
00:28:10.0659 3680  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:28:10.0666 3680  LSI_SCSI - ok
00:28:10.0720 3680  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
00:28:10.0721 3680  luafv - ok
00:28:10.0813 3680  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
00:28:10.0814 3680  MBAMProtector - ok
00:28:10.0910 3680  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:28:10.0914 3680  MBAMScheduler - ok
00:28:10.0986 3680  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:28:10.0992 3680  MBAMService - ok
00:28:11.0020 3680  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:28:11.0031 3680  Mcx2Svc - ok
00:28:11.0066 3680  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:28:11.0076 3680  megasas - ok
00:28:11.0129 3680  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:28:11.0140 3680  MegaSR - ok
00:28:11.0180 3680  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
00:28:11.0181 3680  MMCSS - ok
00:28:11.0259 3680  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
00:28:11.0265 3680  Modem - ok
00:28:11.0293 3680  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:28:11.0294 3680  monitor - ok
00:28:11.0337 3680  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:28:11.0337 3680  mouclass - ok
00:28:11.0358 3680  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:28:11.0359 3680  mouhid - ok
00:28:11.0400 3680  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:28:11.0410 3680  mountmgr - ok
00:28:11.0423 3680  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:28:11.0426 3680  mpio - ok
00:28:11.0450 3680  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:28:11.0454 3680  mpsdrv - ok
00:28:11.0475 3680  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:28:11.0479 3680  MRxDAV - ok
00:28:11.0513 3680  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:28:11.0515 3680  mrxsmb - ok
00:28:11.0537 3680  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:28:11.0539 3680  mrxsmb10 - ok
00:28:11.0559 3680  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:28:11.0561 3680  mrxsmb20 - ok
00:28:11.0593 3680  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:28:11.0593 3680  msahci - ok
00:28:11.0609 3680  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:28:11.0613 3680  msdsm - ok
00:28:11.0631 3680  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
00:28:11.0634 3680  MSDTC - ok
00:28:11.0659 3680  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:28:11.0660 3680  Msfs - ok
00:28:11.0678 3680  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:28:11.0687 3680  mshidkmdf - ok
00:28:11.0704 3680  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:28:11.0710 3680  msisadrv - ok
00:28:11.0767 3680  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:28:11.0773 3680  MSiSCSI - ok
00:28:11.0778 3680  msiserver - ok
00:28:11.0811 3680  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:28:11.0813 3680  MSKSSRV - ok
00:28:11.0847 3680  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:28:11.0849 3680  MSPCLOCK - ok
00:28:11.0855 3680  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:28:11.0857 3680  MSPQM - ok
00:28:11.0921 3680  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:28:11.0941 3680  MsRPC - ok
00:28:11.0962 3680  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
00:28:11.0963 3680  mssmbios - ok
00:28:11.0971 3680  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:28:11.0974 3680  MSTEE - ok
00:28:11.0987 3680  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
00:28:11.0993 3680  MTConfig - ok
00:28:12.0009 3680  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:28:12.0020 3680  Mup - ok
00:28:12.0103 3680  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
00:28:12.0109 3680  napagent - ok
00:28:12.0167 3680  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:28:12.0169 3680  NativeWifiP - ok
00:28:12.0273 3680  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
00:28:12.0278 3680  NAUpdate - ok
00:28:12.0349 3680  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:28:12.0381 3680  NDIS - ok
00:28:12.0426 3680  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:28:12.0430 3680  NdisCap - ok
00:28:12.0471 3680  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:28:12.0472 3680  NdisTapi - ok
00:28:12.0494 3680  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:28:12.0495 3680  Ndisuio - ok
00:28:12.0512 3680  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:28:12.0514 3680  NdisWan - ok
00:28:12.0532 3680  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:28:12.0533 3680  NDProxy - ok
00:28:12.0552 3680  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:28:12.0553 3680  NetBIOS - ok
00:28:12.0578 3680  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:28:12.0580 3680  NetBT - ok
00:28:12.0591 3680  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
00:28:12.0593 3680  Netlogon - ok
00:28:12.0629 3680  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
00:28:12.0633 3680  Netman - ok
00:28:12.0671 3680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:28:12.0734 3680  NetMsmqActivator - ok
00:28:12.0749 3680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:28:12.0750 3680  NetPipeActivator - ok
00:28:12.0955 3680  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
00:28:12.0959 3680  netprofm - ok
00:28:13.0010 3680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:28:13.0011 3680  NetTcpActivator - ok
00:28:13.0020 3680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:28:13.0023 3680  NetTcpPortSharing - ok
00:28:13.0053 3680  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:28:13.0059 3680  nfrd960 - ok
00:28:13.0130 3680  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:28:13.0133 3680  NlaSvc - ok
00:28:13.0491 3680  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
00:28:13.0511 3680  NOBU - ok
00:28:13.0538 3680  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:28:13.0538 3680  Npfs - ok
00:28:13.0571 3680  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
00:28:13.0573 3680  nsi - ok
00:28:13.0587 3680  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:28:13.0588 3680  nsiproxy - ok
00:28:13.0775 3680  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:28:13.0817 3680  Ntfs - ok
00:28:13.0909 3680  [ 6CC09D2F0BA4A09BABC3C41B8FD888F7 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
00:28:13.0913 3680  NTI IScheduleSvc - ok
00:28:13.0964 3680  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
00:28:13.0965 3680  NTIDrvr - ok
00:28:13.0991 3680  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
00:28:13.0992 3680  Null - ok
00:28:14.0021 3680  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:28:14.0025 3680  nvraid - ok
00:28:14.0051 3680  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:28:14.0056 3680  nvstor - ok
00:28:14.0074 3680  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:28:14.0077 3680  nv_agp - ok
00:28:14.0288 3680  [ 9CF7E8EF673BB0B8BBF520AB1F0331E2 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
00:28:14.0302 3680  OfficeSvc - ok
00:28:14.0318 3680  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:28:14.0321 3680  ohci1394 - ok
00:28:14.0409 3680  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:28:14.0413 3680  ose - ok
00:28:14.0787 3680  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:28:14.0951 3680  osppsvc - ok
00:28:14.0986 3680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:28:14.0993 3680  p2pimsvc - ok
00:28:15.0060 3680  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:28:15.0121 3680  p2psvc - ok
00:28:15.0154 3680  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
00:28:15.0164 3680  Parport - ok
00:28:15.0206 3680  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:28:15.0209 3680  partmgr - ok
00:28:15.0258 3680  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:28:15.0261 3680  PcaSvc - ok
00:28:15.0283 3680  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
00:28:15.0286 3680  pci - ok
00:28:15.0307 3680  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
00:28:15.0310 3680  pciide - ok
00:28:15.0331 3680  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:28:15.0335 3680  pcmcia - ok
00:28:15.0346 3680  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:28:15.0348 3680  pcw - ok
00:28:15.0379 3680  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:28:15.0384 3680  PEAUTH - ok
00:28:15.0784 3680  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:28:15.0792 3680  PerfHost - ok
00:28:15.0888 3680  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
00:28:15.0953 3680  pla - ok
00:28:16.0133 3680  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:28:16.0137 3680  PlugPlay - ok
00:28:16.0212 3680  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:28:16.0214 3680  PNRPAutoReg - ok
00:28:16.0239 3680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:28:16.0244 3680  PNRPsvc - ok
00:28:16.0274 3680  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:28:16.0284 3680  PolicyAgent - ok
00:28:16.0331 3680  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
00:28:16.0334 3680  Power - ok
00:28:16.0366 3680  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:28:16.0367 3680  PptpMiniport - ok
00:28:16.0393 3680  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
00:28:16.0402 3680  Processor - ok
00:28:16.0450 3680  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:28:16.0452 3680  ProfSvc - ok
00:28:16.0475 3680  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:28:16.0477 3680  ProtectedStorage - ok
00:28:16.0550 3680  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:28:16.0552 3680  Psched - ok
00:28:16.0587 3680  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
00:28:16.0590 3680  PxHlpa64 - ok
00:28:16.0752 3680  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:28:16.0795 3680  ql2300 - ok
00:28:16.0832 3680  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:28:16.0837 3680  ql40xx - ok
00:28:16.0870 3680  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
00:28:16.0875 3680  QWAVE - ok
00:28:16.0904 3680  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:28:16.0906 3680  QWAVEdrv - ok
00:28:16.0922 3680  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:28:16.0925 3680  RasAcd - ok
00:28:16.0966 3680  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:28:16.0967 3680  RasAgileVpn - ok
00:28:16.0987 3680  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
00:28:16.0991 3680  RasAuto - ok
00:28:17.0009 3680  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:28:17.0011 3680  Rasl2tp - ok
00:28:17.0035 3680  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
00:28:17.0043 3680  RasMan - ok
00:28:17.0064 3680  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:28:17.0066 3680  RasPppoe - ok
00:28:17.0083 3680  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:28:17.0084 3680  RasSstp - ok
00:28:17.0105 3680  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:28:17.0107 3680  rdbss - ok
00:28:17.0136 3680  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
00:28:17.0143 3680  rdpbus - ok
00:28:17.0155 3680  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:28:17.0156 3680  RDPCDD - ok
00:28:17.0203 3680  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:28:17.0204 3680  RDPENCDD - ok
00:28:17.0263 3680  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:28:17.0263 3680  RDPREFMP - ok
00:28:17.0345 3680  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:28:17.0349 3680  RDPWD - ok
00:28:17.0397 3680  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:28:17.0401 3680  rdyboost - ok
00:28:17.0466 3680  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:28:17.0470 3680  RemoteAccess - ok
00:28:17.0503 3680  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:28:17.0508 3680  RemoteRegistry - ok
00:28:17.0533 3680  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:28:17.0535 3680  RpcEptMapper - ok
00:28:17.0555 3680  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
00:28:17.0557 3680  RpcLocator - ok
00:28:17.0597 3680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
00:28:17.0602 3680  RpcSs - ok
00:28:17.0636 3680  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:28:17.0637 3680  rspndr - ok
00:28:17.0647 3680  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
00:28:17.0648 3680  SamSs - ok
00:28:17.0714 3680  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
00:28:17.0714 3680  SASDIFSV - ok
00:28:17.0773 3680  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
00:28:17.0774 3680  SASKUTIL - ok
00:28:17.0920 3680  [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc         C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
00:28:17.0944 3680  SBAMSvc - ok
00:28:18.0003 3680  [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
00:28:18.0004 3680  sbapifs - ok
00:28:18.0052 3680  [ 19954328DDA3D656F8A879B3A46FFED6 ] SbFw            C:\Windows\system32\drivers\SbFw.sys
00:28:18.0054 3680  SbFw - ok
00:28:18.0103 3680  [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
00:28:18.0104 3680  SBFWIMCL - ok
00:28:18.0111 3680  [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
00:28:18.0113 3680  SBFWIMCLMP - ok
00:28:18.0131 3680  [ B671EEF468D13016B9286F5835A06AE1 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
00:28:18.0134 3680  sbhips - ok
00:28:18.0155 3680  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:28:18.0164 3680  sbp2port - ok
00:28:18.0193 3680  [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
00:28:18.0194 3680  SBRE - ok
00:28:18.0420 3680  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
00:28:18.0457 3680  SBSDWSCService - ok
00:28:18.0493 3680  [ EAB54ADCCECA64B2F38CD859FB494895 ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
00:28:18.0494 3680  sbwtis - ok
00:28:18.0531 3680  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:28:18.0535 3680  SCardSvr - ok
00:28:18.0586 3680  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:28:18.0588 3680  scfilter - ok
00:28:18.0739 3680  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
00:28:18.0750 3680  Schedule - ok
00:28:18.0776 3680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:28:18.0778 3680  SCPolicySvc - ok
00:28:19.0064 3680  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
00:28:19.0067 3680  sdbus - ok
00:28:19.0144 3680  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:28:19.0148 3680  SDRSVC - ok
00:28:19.0253 3680  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:28:19.0255 3680  SeaPort - ok
00:28:19.0286 3680  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:28:19.0286 3680  secdrv - ok
00:28:19.0360 3680  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
00:28:19.0368 3680  seclogon - ok
00:28:19.0408 3680  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
00:28:19.0410 3680  SENS - ok
00:28:19.0439 3680  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:28:19.0441 3680  SensrSvc - ok
00:28:19.0500 3680  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
00:28:19.0509 3680  Serenum - ok
00:28:19.0536 3680  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
00:28:19.0546 3680  Serial - ok
00:28:19.0556 3680  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:28:19.0566 3680  sermouse - ok
00:28:19.0611 3680  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:28:19.0621 3680  SessionEnv - ok
00:28:19.0642 3680  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:28:19.0644 3680  sffdisk - ok
00:28:19.0675 3680  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:28:19.0686 3680  sffp_mmc - ok
00:28:19.0715 3680  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:28:19.0724 3680  sffp_sd - ok
00:28:19.0762 3680  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:28:19.0765 3680  sfloppy - ok
00:28:19.0837 3680  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:28:19.0841 3680  ShellHWDetection - ok
00:28:19.0852 3680  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:28:19.0854 3680  SiSRaid2 - ok
00:28:19.0866 3680  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:28:19.0869 3680  SiSRaid4 - ok
00:28:19.0943 3680  [ 0A0A0183711EFB04F9BCC32BB44471F2 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
00:28:19.0944 3680  SkypeUpdate - ok
00:28:19.0969 3680  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:28:19.0972 3680  Smb - ok
00:28:20.0077 3680  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:28:20.0082 3680  SNMPTRAP - ok
00:28:20.0145 3680  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:28:20.0147 3680  spldr - ok
00:28:20.0190 3680  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
00:28:20.0196 3680  Spooler - ok
00:28:21.0063 3680  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
00:28:21.0137 3680  sppsvc - ok
00:28:21.0169 3680  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:28:21.0172 3680  sppuinotify - ok
00:28:21.0206 3680  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:28:21.0211 3680  srv - ok
00:28:21.0238 3680  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:28:21.0241 3680  srv2 - ok
00:28:21.0258 3680  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:28:21.0260 3680  srvnet - ok
00:28:21.0303 3680  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:28:21.0306 3680  SSDPSRV - ok
00:28:21.0329 3680  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:28:21.0334 3680  SstpSvc - ok
00:28:21.0357 3680  Steam Client Service - ok
00:28:21.0390 3680  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:28:21.0392 3680  stexstor - ok
00:28:21.0441 3680  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
00:28:21.0447 3680  stisvc - ok
00:28:21.0502 3680  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
00:28:21.0503 3680  swenum - ok
00:28:21.0535 3680  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
00:28:21.0556 3680  swprv - ok
00:28:21.0624 3680  [ BBA2EA927EC5CC5DEF5F1BF2B125C0F7 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:28:21.0635 3680  SynTP - ok
00:28:21.0680 3680  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
00:28:21.0695 3680  SysMain - ok
00:28:21.0713 3680  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:28:21.0717 3680  TabletInputService - ok
00:28:21.0732 3680  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:28:21.0738 3680  TapiSrv - ok
00:28:21.0755 3680  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
00:28:21.0758 3680  TBS - ok
00:28:21.0848 3680  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:28:21.0892 3680  Tcpip - ok
00:28:21.0950 3680  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:28:21.0964 3680  TCPIP6 - ok
00:28:22.0008 3680  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:28:22.0009 3680  tcpipreg - ok
00:28:22.0055 3680  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:28:22.0103 3680  TDPIPE - ok
00:28:22.0165 3680  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:28:22.0198 3680  TDTCP - ok
00:28:22.0253 3680  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:28:22.0255 3680  tdx - ok
00:28:22.0319 3680  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
00:28:22.0320 3680  TermDD - ok
00:28:22.0364 3680  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
00:28:22.0386 3680  TermService - ok
00:28:22.0400 3680  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
00:28:22.0402 3680  Themes - ok
00:28:22.0432 3680  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
00:28:22.0433 3680  THREADORDER - ok
00:28:22.0470 3680  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
00:28:22.0605 3680  TrkWks - ok
00:28:22.0660 3680  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:28:22.0682 3680  TrustedInstaller - ok
00:28:22.0705 3680  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:28:22.0722 3680  tssecsrv - ok
00:28:22.0751 3680  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:28:22.0768 3680  TsUsbFlt - ok
00:28:22.0795 3680  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:28:22.0811 3680  TsUsbGD - ok
00:28:22.0842 3680  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:28:22.0862 3680  tunnel - ok
00:28:22.0884 3680  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:28:22.0889 3680  uagp35 - ok
00:28:22.0901 3680  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
00:28:22.0924 3680  UBHelper - ok
00:28:22.0968 3680  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:28:22.0998 3680  udfs - ok
00:28:23.0037 3680  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:28:23.0063 3680  UI0Detect - ok
00:28:23.0083 3680  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:28:23.0106 3680  uliagpkx - ok
00:28:23.0145 3680  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:28:23.0162 3680  umbus - ok
00:28:23.0184 3680  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:28:23.0202 3680  UmPass - ok
00:28:23.0241 3680  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
00:28:23.0270 3680  upnphost - ok
00:28:23.0322 3680  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
00:28:23.0328 3680  USBAAPL64 - ok
00:28:23.0356 3680  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:28:23.0381 3680  usbccgp - ok
00:28:23.0424 3680  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:28:23.0444 3680  usbcir - ok
00:28:23.0467 3680  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:28:23.0487 3680  usbehci - ok
00:28:23.0527 3680  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
00:28:23.0543 3680  usbfilter - ok
00:28:23.0584 3680  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:28:23.0603 3680  usbhub - ok
00:28:23.0638 3680  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
00:28:23.0658 3680  usbohci - ok
00:28:23.0692 3680  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:28:23.0722 3680  usbprint - ok
00:28:23.0791 3680  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:28:23.0814 3680  USBSTOR - ok
00:28:23.0833 3680  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:28:23.0855 3680  usbuhci - ok
00:28:23.0893 3680  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:28:23.0929 3680  usbvideo - ok
00:28:23.0966 3680  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
00:28:23.0982 3680  UxSms - ok
00:28:24.0008 3680  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
00:28:24.0025 3680  VaultSvc - ok
00:28:24.0056 3680  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:28:24.0061 3680  vdrvroot - ok
00:28:24.0090 3680  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
00:28:24.0132 3680  vds - ok
00:28:24.0169 3680  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:28:24.0191 3680  vga - ok
00:28:24.0215 3680  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:28:24.0231 3680  VgaSave - ok
00:28:24.0255 3680  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:28:24.0275 3680  vhdmp - ok
00:28:24.0297 3680  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:28:24.0317 3680  viaide - ok
00:28:24.0345 3680  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:28:24.0379 3680  volmgr - ok
00:28:24.0409 3680  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:28:24.0452 3680  volmgrx - ok
00:28:24.0491 3680  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:28:24.0501 3680  volsnap - ok
00:28:24.0524 3680  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:28:24.0550 3680  vsmraid - ok
00:28:24.0613 3680  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
00:28:24.0759 3680  VSS - ok
00:28:24.0779 3680  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:28:24.0803 3680  vwifibus - ok
00:28:24.0831 3680  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:28:24.0855 3680  vwififlt - ok
00:28:24.0891 3680  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
00:28:24.0914 3680  W32Time - ok
00:28:24.0942 3680  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:28:24.0966 3680  WacomPen - ok
00:28:25.0004 3680  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:28:25.0027 3680  WANARP - ok
00:28:25.0055 3680  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:28:25.0057 3680  Wanarpv6 - ok
00:28:25.0137 3680  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:28:25.0231 3680  WatAdminSvc - ok
00:28:25.0311 3680  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
00:28:25.0391 3680  wbengine - ok
00:28:25.0416 3680  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:28:25.0439 3680  WbioSrvc - ok
00:28:25.0449 3680  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:28:25.0491 3680  wcncsvc - ok
00:28:25.0514 3680  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:28:25.0555 3680  WcsPlugInService - ok
00:28:25.0584 3680  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
00:28:25.0607 3680  Wd - ok
00:28:25.0655 3680  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:28:25.0717 3680  Wdf01000 - ok
00:28:25.0743 3680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:28:25.0782 3680  WdiServiceHost - ok
00:28:25.0815 3680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:28:25.0818 3680  WdiSystemHost - ok
00:28:25.0878 3680  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
00:28:25.0900 3680  WebClient - ok
00:28:25.0924 3680  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:28:25.0950 3680  Wecsvc - ok
00:28:25.0979 3680  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:28:26.0004 3680  wercplsupport - ok
00:28:26.0061 3680  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:28:26.0077 3680  WerSvc - ok
00:28:26.0142 3680  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:28:26.0167 3680  WfpLwf - ok
00:28:26.0192 3680  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:28:26.0218 3680  WIMMount - ok
00:28:26.0229 3680  WinHttpAutoProxySvc - ok
00:28:26.0368 3680  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:28:26.0398 3680  Winmgmt - ok
00:28:26.0749 3680  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
00:28:26.0869 3680  WinRM - ok
00:28:26.0964 3680  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
00:28:26.0981 3680  WinUsb - ok
00:28:27.0072 3680  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:28:27.0095 3680  Wlansvc - ok
00:28:27.0214 3680  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:28:27.0243 3680  wlcrasvc - ok
00:28:27.0511 3680  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:28:27.0555 3680  wlidsvc - ok
00:28:27.0602 3680  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:28:27.0619 3680  WmiAcpi - ok
00:28:27.0665 3680  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:28:27.0721 3680  wmiApSrv - ok
00:28:27.0763 3680  WMPNetworkSvc - ok
00:28:27.0821 3680  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:28:27.0838 3680  WPCSvc - ok
00:28:27.0867 3680  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:28:27.0888 3680  WPDBusEnum - ok
00:28:27.0926 3680  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:28:27.0943 3680  ws2ifsl - ok
00:28:28.0011 3680  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
00:28:28.0040 3680  WSDPrintDevice - ok
00:28:28.0049 3680  WSearch - ok
00:28:28.0261 3680  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:28:28.0361 3680  wuauserv - ok
00:28:28.0409 3680  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:28:28.0443 3680  WudfPf - ok
00:28:28.0479 3680  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:28:28.0510 3680  WUDFRd - ok
00:28:28.0565 3680  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:28:28.0580 3680  wudfsvc - ok
00:28:28.0624 3680  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:28:28.0647 3680  WwanSvc - ok
00:28:28.0941 3680  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
00:28:28.0968 3680  YahooAUService - ok
00:28:29.0008 3680  ================ Scan global ===============================
00:28:29.0056 3680  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:28:29.0126 3680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
00:28:29.0164 3680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
00:28:29.0195 3680  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:28:29.0315 3680  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:28:29.0332 3680  [Global] - ok
00:28:29.0333 3680  ================ Scan MBR ==================================
00:28:29.0355 3680  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:28:30.0258 3680  \Device\Harddisk0\DR0 - ok
00:28:30.0259 3680  ================ Scan VBR ==================================
00:28:30.0278 3680  [ A2571BF8B40099634C48241DEB194375 ] \Device\Harddisk0\DR0\Partition1
00:28:30.0281 3680  \Device\Harddisk0\DR0\Partition1 - ok
00:28:30.0318 3680  [ 84C5C94444D5F794AF6B5269CAE22D34 ] \Device\Harddisk0\DR0\Partition2
00:28:30.0326 3680  \Device\Harddisk0\DR0\Partition2 - ok
00:28:30.0327 3680  ================ Scan active images ========================
00:28:30.0330 3680  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
00:28:30.0330 3680  C:\Windows\System32\drivers\crashdmp.sys - ok
00:28:30.0337 3680  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
00:28:30.0337 3680  C:\Windows\System32\drivers\Dumpata.sys - ok
00:28:30.0341 3680  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
00:28:30.0341 3680  C:\Windows\System32\drivers\dumpfve.sys - ok
00:28:30.0349 3680  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
00:28:30.0349 3680  C:\Windows\System32\drivers\msahci.sys - ok
00:28:30.0355 3680  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
00:28:30.0355 3680  C:\Windows\System32\drivers\beep.sys - ok
00:28:30.0361 3680  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
00:28:30.0361 3680  C:\Windows\System32\drivers\cdrom.sys - ok
00:28:30.0370 3680  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
00:28:30.0370 3680  C:\Windows\System32\drivers\null.sys - ok
00:28:30.0375 3680  [ 9ACEB2A2362FC87A3825963E61BA9076 ] C:\Windows\System32\drivers\sbredrv.sys
00:28:30.0375 3680  C:\Windows\System32\drivers\sbredrv.sys - ok
00:28:30.0383 3680  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
00:28:30.0383 3680  C:\Windows\System32\drivers\RDPCDD.sys - ok
00:28:30.0393 3680  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
00:28:30.0393 3680  C:\Windows\System32\drivers\RDPENCDD.sys - ok
00:28:30.0401 3680  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
00:28:30.0401 3680  C:\Windows\System32\drivers\vga.sys - ok
00:28:30.0404 3680  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
00:28:30.0405 3680  C:\Windows\System32\drivers\videoprt.sys - ok
00:28:30.0412 3680  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
00:28:30.0412 3680  C:\Windows\System32\drivers\watchdog.sys - ok
00:28:30.0422 3680  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
00:28:30.0422 3680  C:\Windows\System32\drivers\msfs.sys - ok
00:28:30.0432 3680  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
00:28:30.0432 3680  C:\Windows\System32\drivers\npfs.sys - ok
00:28:30.0442 3680  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
00:28:30.0442 3680  C:\Windows\System32\drivers\RDPREFMP.sys - ok
00:28:30.0450 3680  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
00:28:30.0450 3680  C:\Windows\System32\drivers\tdi.sys - ok
00:28:30.0457 3680  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
00:28:30.0457 3680  C:\Windows\System32\drivers\tdx.sys - ok
00:28:30.0464 3680  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
00:28:30.0464 3680  C:\Windows\System32\drivers\afd.sys - ok
00:28:30.0469 3680  [ 19954328DDA3D656F8A879B3A46FFED6 ] C:\Windows\System32\drivers\SbFw.sys
00:28:30.0469 3680  C:\Windows\System32\drivers\SbFw.sys - ok
00:28:30.0476 3680  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
00:28:30.0476 3680  C:\Windows\System32\drivers\netbt.sys - ok
00:28:30.0483 3680  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
00:28:30.0483 3680  C:\Windows\System32\drivers\pacer.sys - ok
00:28:30.0489 3680  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
00:28:30.0489 3680  C:\Windows\System32\drivers\wfplwf.sys - ok
00:28:30.0496 3680  [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
00:28:30.0496 3680  C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
00:28:30.0503 3680  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
00:28:30.0503 3680  C:\Windows\System32\drivers\netbios.sys - ok
00:28:30.0509 3680  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
00:28:30.0509 3680  C:\Windows\System32\drivers\termdd.sys - ok
00:28:30.0516 3680  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
00:28:30.0516 3680  C:\Windows\System32\drivers\vwififlt.sys - ok
00:28:30.0523 3680  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
00:28:30.0523 3680  C:\Windows\System32\drivers\wanarp.sys - ok
00:28:30.0529 3680  [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
00:28:30.0529 3680  C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
00:28:30.0537 3680  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
00:28:30.0537 3680  C:\Windows\System32\drivers\mssmbios.sys - ok
00:28:30.0544 3680  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
00:28:30.0544 3680  C:\Windows\System32\drivers\nsiproxy.sys - ok
00:28:30.0550 3680  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
00:28:30.0550 3680  C:\Windows\System32\drivers\rdbss.sys - ok
00:28:30.0556 3680  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
00:28:30.0556 3680  C:\Windows\System32\drivers\blbdrive.sys - ok
00:28:30.0563 3680  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
00:28:30.0563 3680  C:\Windows\System32\drivers\dfsc.sys - ok
00:28:30.0570 3680  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
00:28:30.0570 3680  C:\Windows\System32\drivers\discache.sys - ok
00:28:30.0579 3680  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
00:28:30.0579 3680  C:\Windows\System32\drivers\tunnel.sys - ok
00:28:30.0586 3680  [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
00:28:30.0586 3680  C:\Windows\System32\drivers\amdppm.sys - ok
00:28:30.0593 3680  [ EE22D3ED6D55A855E709F811CCCA97ED ] C:\Windows\System32\drivers\atikmpag.sys
00:28:30.0593 3680  C:\Windows\System32\drivers\atikmpag.sys - ok
00:28:30.0597 3680  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
00:28:30.0597 3680  C:\Windows\System32\smss.exe - ok
00:28:30.0603 3680  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
00:28:30.0603 3680  C:\Windows\System32\ntdll.dll - ok
00:28:30.0612 3680  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
00:28:30.0612 3680  C:\Windows\System32\autochk.exe - ok
00:28:30.0619 3680  [ 22A14DF59FB8D0BE918C597988AF4296 ] C:\Windows\System32\drivers\atikmdag.sys
00:28:30.0619 3680  C:\Windows\System32\drivers\atikmdag.sys - ok
00:28:30.0626 3680  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
00:28:30.0626 3680  C:\Windows\System32\drivers\dxgkrnl.sys - ok
00:28:30.0632 3680  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
00:28:30.0632 3680  C:\Windows\System32\drivers\dxgmms1.sys - ok
00:28:30.0639 3680  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
00:28:30.0639 3680  C:\Windows\System32\drivers\hdaudbus.sys - ok
00:28:30.0646 3680  [ 9F880F03F4A72215C8B77FD51322C297 ] C:\Windows\System32\drivers\bScsiSDa.sys
00:28:30.0646 3680  C:\Windows\System32\drivers\bScsiSDa.sys - ok
00:28:30.0653 3680  [ 0469BFF65BBDEE9E46D0C45EE32A08BD ] C:\Windows\System32\drivers\k57nd60a.sys
00:28:30.0653 3680  C:\Windows\System32\drivers\k57nd60a.sys - ok
00:28:30.0659 3680  [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
00:28:30.0660 3680  C:\Windows\System32\drivers\scsiport.sys - ok
00:28:30.0666 3680  [ A424CB46A145E5AABF15621550976DF2 ] C:\Windows\System32\drivers\b57xdbd.sys
00:28:30.0666 3680  C:\Windows\System32\drivers\b57xdbd.sys - ok
00:28:30.0673 3680  [ 413DD8AB0BB30B9C4F5E6A34977A1C34 ] C:\Windows\System32\drivers\bScsiMSa.sys
00:28:30.0673 3680  C:\Windows\System32\drivers\bScsiMSa.sys - ok
00:28:30.0680 3680  [ CC406DA84E7DD3FA3AD20340DBC66CF2 ] C:\Windows\System32\drivers\athrx.sys
00:28:30.0680 3680  C:\Windows\System32\drivers\athrx.sys - ok
00:28:30.0687 3680  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] C:\Windows\System32\drivers\UBHelper.sys
00:28:30.0687 3680  C:\Windows\System32\drivers\UBHelper.sys - ok
00:28:30.0694 3680  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
00:28:30.0694 3680  C:\Windows\System32\drivers\vwifibus.sys - ok
00:28:30.0701 3680  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] C:\Windows\System32\drivers\NTIDrvr.sys
00:28:30.0701 3680  C:\Windows\System32\drivers\NTIDrvr.sys - ok
00:28:30.0707 3680  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
00:28:30.0707 3680  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
00:28:30.0714 3680  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
00:28:30.0714 3680  C:\Windows\System32\drivers\usbport.sys - ok
00:28:30.0723 3680  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
00:28:30.0723 3680  C:\Windows\System32\drivers\usbehci.sys - ok
00:28:30.0730 3680  [ 573D192E268F0C5B486B7E96F661E538 ] C:\Windows\System32\drivers\usbfilter.sys
00:28:30.0730 3680  C:\Windows\System32\drivers\usbfilter.sys - ok
00:28:30.0738 3680  [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
00:28:30.0738 3680  C:\Windows\System32\drivers\usbohci.sys - ok
00:28:30.0745 3680  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
00:28:30.0745 3680  C:\Windows\System32\drivers\i8042prt.sys - ok
00:28:30.0751 3680  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
00:28:30.0751 3680  C:\Windows\System32\drivers\kbdclass.sys - ok
00:28:30.0758 3680  [ BBA2EA927EC5CC5DEF5F1BF2B125C0F7 ] C:\Windows\System32\drivers\SynTP.sys
00:28:30.0758 3680  C:\Windows\System32\drivers\SynTP.sys - ok
00:28:30.0764 3680  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
00:28:30.0764 3680  C:\Windows\System32\drivers\usbd.sys - ok
00:28:30.0771 3680  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
00:28:30.0771 3680  C:\Windows\System32\drivers\mouclass.sys - ok
00:28:30.0782 3680  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
00:28:30.0782 3680  C:\Windows\System32\drivers\CmBatt.sys - ok
00:28:30.0787 3680  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
00:28:30.0787 3680  C:\Windows\System32\drivers\wmiacpi.sys - ok
00:28:30.0793 3680  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
00:28:30.0794 3680  C:\Windows\System32\drivers\CompositeBus.sys - ok
00:28:30.0800 3680  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] C:\Windows\System32\drivers\dne64x.sys
00:28:30.0800 3680  C:\Windows\System32\drivers\dne64x.sys - ok
00:28:30.0807 3680  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
00:28:30.0807 3680  C:\Windows\System32\drivers\agilevpn.sys - ok
00:28:30.0813 3680  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
00:28:30.0813 3680  C:\Windows\System32\drivers\ndistapi.sys - ok
00:28:30.0820 3680  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
00:28:30.0820 3680  C:\Windows\System32\drivers\rasl2tp.sys - ok
00:28:30.0827 3680  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
00:28:30.0827 3680  C:\Windows\System32\drivers\ndiswan.sys - ok
00:28:30.0833 3680  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
00:28:30.0833 3680  C:\Windows\System32\drivers\raspppoe.sys - ok
00:28:30.0840 3680  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
00:28:30.0840 3680  C:\Windows\System32\drivers\raspptp.sys - ok
00:28:30.0843 3680  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
00:28:30.0843 3680  C:\Windows\System32\drivers\rassstp.sys - ok
00:28:30.0850 3680  [ 513B3BFCD3C465B9820C2D05FA94E630 ] C:\Windows\System32\drivers\SbFwIm.sys
00:28:30.0851 3680  C:\Windows\System32\drivers\SbFwIm.sys - ok
00:28:30.0857 3680  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
00:28:30.0857 3680  C:\Windows\System32\drivers\ks.sys - ok
00:28:30.0863 3680  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
00:28:30.0863 3680  C:\Windows\System32\drivers\swenum.sys - ok
00:28:30.0870 3680  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
00:28:30.0870 3680  C:\Windows\System32\drivers\umbus.sys - ok
00:28:30.0877 3680  [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
00:28:30.0877 3680  C:\Windows\System32\wininet.dll - ok
00:28:30.0885 3680  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
00:28:30.0885 3680  C:\Windows\System32\shell32.dll - ok
00:28:30.0891 3680  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
00:28:30.0891 3680  C:\Windows\System32\drivers\usbhub.sys - ok
00:28:30.0897 3680  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
00:28:30.0897 3680  C:\Windows\System32\normaliz.dll - ok
00:28:30.0904 3680  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
00:28:30.0904 3680  C:\Windows\System32\nsi.dll - ok
00:28:30.0914 3680  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
00:28:30.0914 3680  C:\Windows\System32\drivers\ndproxy.sys - ok
00:28:30.0923 3680  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
00:28:30.0923 3680  C:\Windows\System32\msctf.dll - ok
00:28:30.0930 3680  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
00:28:30.0931 3680  C:\Windows\System32\shlwapi.dll - ok
00:28:30.0939 3680  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
00:28:30.0939 3680  C:\Windows\System32\oleaut32.dll - ok
00:28:30.0947 3680  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
00:28:30.0947 3680  C:\Windows\System32\kernel32.dll - ok
00:28:30.0953 3680  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
00:28:30.0954 3680  C:\Windows\System32\clbcatq.dll - ok
00:28:30.0962 3680  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
00:28:30.0962 3680  C:\Windows\System32\lpk.dll - ok
00:28:30.0967 3680  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
00:28:30.0967 3680  C:\Windows\System32\user32.dll - ok
00:28:30.0979 3680  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
00:28:30.0979 3680  C:\Windows\System32\drivers\drmk.sys - ok
00:28:30.0988 3680  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
00:28:30.0988 3680  C:\Windows\System32\drivers\portcls.sys - ok
00:28:30.0997 3680  [ 437F55435623D4D54D36197F5AD8B435 ] C:\Windows\System32\drivers\AtihdW76.sys
00:28:30.0997 3680  C:\Windows\System32\drivers\AtihdW76.sys - ok
00:28:31.0002 3680  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
00:28:31.0002 3680  C:\Windows\System32\drivers\ksthunk.sys - ok
00:28:31.0009 3680  [ BE4E6FD5A898812B85D5817AD9754A9F ] C:\Windows\System32\drivers\b57xdmp.sys
00:28:31.0009 3680  C:\Windows\System32\drivers\b57xdmp.sys - ok
00:28:31.0023 3680  [ 88798B4381FD58FAE2DA07880C177C5C ] C:\Windows\System32\drivers\RTKVHD64.sys
00:28:31.0023 3680  C:\Windows\System32\drivers\RTKVHD64.sys - ok
00:28:31.0029 3680  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
00:28:31.0030 3680  C:\Windows\System32\Wldap32.dll - ok
00:28:31.0036 3680  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
00:28:31.0036 3680  C:\Windows\System32\psapi.dll - ok
00:28:31.0043 3680  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
00:28:31.0043 3680  C:\Windows\System32\usp10.dll - ok
00:28:31.0050 3680  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
00:28:31.0050 3680  C:\Windows\System32\drivers\usbccgp.sys - ok
00:28:31.0070 3680  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
00:28:31.0070 3680  C:\Windows\System32\drivers\usbvideo.sys - ok
00:28:31.0078 3680  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
00:28:31.0078 3680  C:\Windows\System32\drivers\hidclass.sys - ok
00:28:31.0086 3680  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
00:28:31.0086 3680  C:\Windows\System32\drivers\hidparse.sys - ok
00:28:31.0106 3680  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
00:28:31.0106 3680  C:\Windows\System32\drivers\hidusb.sys - ok
00:28:31.0114 3680  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
00:28:31.0114 3680  C:\Windows\System32\drivers\mouhid.sys - ok
00:28:31.0121 3680  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
00:28:31.0121 3680  C:\Windows\System32\ole32.dll - ok
00:28:31.0128 3680  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
00:28:31.0128 3680  C:\Windows\System32\difxapi.dll - ok
00:28:31.0135 3680  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
00:28:31.0135 3680  C:\Windows\System32\sechost.dll - ok
00:28:31.0142 3680  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
00:28:31.0142 3680  C:\Windows\System32\advapi32.dll - ok
00:28:31.0151 3680  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
00:28:31.0151 3680  C:\Windows\System32\imagehlp.dll - ok
00:28:31.0171 3680  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
00:28:31.0171 3680  C:\Windows\System32\imm32.dll - ok
00:28:31.0178 3680  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
00:28:31.0179 3680  C:\Windows\System32\msvcrt.dll - ok
00:28:31.0186 3680  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
00:28:31.0186 3680  C:\Windows\System32\rpcrt4.dll - ok
00:28:31.0193 3680  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
00:28:31.0193 3680  C:\Windows\System32\ws2_32.dll - ok
00:28:31.0206 3680  [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
00:28:31.0206 3680  C:\Windows\System32\urlmon.dll - ok
00:28:31.0211 3680  [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
00:28:31.0211 3680  C:\Windows\System32\iertutil.dll - ok
00:28:31.0222 3680  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
00:28:31.0222 3680  C:\Windows\System32\setupapi.dll - ok
00:28:31.0227 3680  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
00:28:31.0227 3680  C:\Windows\System32\comdlg32.dll - ok
00:28:31.0236 3680  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
00:28:31.0236 3680  C:\Windows\System32\gdi32.dll - ok
00:28:31.0244 3680  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
00:28:31.0244 3680  C:\Windows\System32\crypt32.dll - ok
00:28:31.0252 3680  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
00:28:31.0252 3680  C:\Windows\System32\comctl32.dll - ok
00:28:31.0263 3680  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
00:28:31.0263 3680  C:\Windows\System32\cfgmgr32.dll - ok
00:28:31.0268 3680  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
00:28:31.0268 3680  C:\Windows\System32\wintrust.dll - ok
00:28:31.0276 3680  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
00:28:31.0276 3680  C:\Windows\System32\devobj.dll - ok
00:28:31.0284 3680  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
00:28:31.0285 3680  C:\Windows\System32\KernelBase.dll - ok
00:28:31.0293 3680  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
00:28:31.0293 3680  C:\Windows\System32\msasn1.dll - ok
00:28:31.0303 3680  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
00:28:31.0304 3680  C:\Windows\SysWOW64\normaliz.dll - ok
00:28:31.0314 3680  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
00:28:31.0314 3680  C:\Windows\System32\drivers\dxapi.sys - ok
00:28:31.0324 3680  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
00:28:31.0324 3680  C:\Windows\System32\win32k.sys - ok
00:28:31.0340 3680  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
00:28:31.0341 3680  C:\Windows\System32\csrsrv.dll - ok
00:28:31.0352 3680  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
00:28:31.0353 3680  C:\Windows\System32\csrss.exe - ok
00:28:31.0363 3680  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
00:28:31.0363 3680  C:\Windows\System32\basesrv.dll - ok
00:28:31.0367 3680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
00:28:31.0367 3680  C:\Windows\System32\winsrv.dll - ok
00:28:31.0380 3680  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
00:28:31.0380 3680  C:\Windows\System32\drivers\monitor.sys - ok
00:28:31.0389 3680  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
00:28:31.0389 3680  C:\Windows\System32\tsddd.dll - ok
00:28:31.0395 3680  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
00:28:31.0395 3680  C:\Windows\System32\sxssrv.dll - ok
00:28:31.0404 3680  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
00:28:31.0404 3680  C:\Windows\System32\wininit.exe - ok
00:28:31.0412 3680  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
00:28:31.0412 3680  C:\Windows\System32\profapi.dll - ok
00:28:31.0424 3680  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
00:28:31.0424 3680  C:\Windows\System32\cdd.dll - ok
00:28:31.0431 3680  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
00:28:31.0431 3680  C:\Windows\System32\RpcRtRemote.dll - ok
00:28:31.0438 3680  [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
00:28:31.0438 3680  C:\Windows\System32\KBDUK.DLL - ok
00:28:31.0447 3680  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
00:28:31.0447 3680  C:\Windows\System32\WlS0WndH.dll - ok
00:28:31.0453 3680  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
00:28:31.0453 3680  C:\Windows\System32\sxs.dll - ok
00:28:31.0460 3680  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
00:28:31.0460 3680  C:\Windows\System32\cryptbase.dll - ok
00:28:31.0467 3680  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
00:28:31.0467 3680  C:\Windows\System32\apphelp.dll - ok
00:28:31.0475 3680  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
00:28:31.0475 3680  C:\Windows\System32\lsasrv.dll - ok
00:28:31.0486 3680  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
00:28:31.0486 3680  C:\Windows\System32\lsass.exe - ok
00:28:31.0495 3680  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
00:28:31.0496 3680  C:\Windows\System32\lsm.exe - ok
00:28:31.0505 3680  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
00:28:31.0505 3680  C:\Windows\System32\services.exe - ok
00:28:31.0512 3680  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
00:28:31.0512 3680  C:\Windows\System32\sspicli.dll - ok
00:28:31.0519 3680  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
00:28:31.0519 3680  C:\Windows\System32\sspisrv.dll - ok
00:28:31.0526 3680  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
00:28:31.0526 3680  C:\Windows\System32\winlogon.exe - ok
00:28:31.0532 3680  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
00:28:31.0532 3680  C:\Windows\System32\sysntfy.dll - ok
00:28:31.0539 3680  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
00:28:31.0539 3680  C:\Windows\System32\wmsgapi.dll - ok
00:28:31.0545 3680  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
00:28:31.0546 3680  C:\Windows\System32\scesrv.dll - ok
00:28:31.0552 3680  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
00:28:31.0552 3680  C:\Windows\System32\scext.dll - ok
00:28:31.0558 3680  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
00:28:31.0559 3680  C:\Windows\System32\secur32.dll - ok
00:28:31.0565 3680  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
00:28:31.0565 3680  C:\Windows\System32\samsrv.dll - ok
00:28:31.0575 3680  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
00:28:31.0575 3680  C:\Windows\System32\srvcli.dll - ok
00:28:31.0583 3680  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
00:28:31.0583 3680  C:\Windows\System32\winsta.dll - ok
00:28:31.0588 3680  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
00:28:31.0588 3680  C:\Windows\System32\cryptdll.dll - ok
00:28:31.0596 3680  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
00:28:31.0596 3680  C:\Windows\System32\wevtapi.dll - ok
00:28:31.0604 3680  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
00:28:31.0604 3680  C:\Windows\System32\cngaudit.dll - ok
00:28:31.0608 3680  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
00:28:31.0608 3680  C:\Windows\System32\authz.dll - ok
00:28:31.0614 3680  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
00:28:31.0614 3680  C:\Windows\System32\ncrypt.dll - ok
00:28:31.0621 3680  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
00:28:31.0621 3680  C:\Windows\System32\bcrypt.dll - ok
00:28:31.0627 3680  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
00:28:31.0627 3680  C:\Windows\System32\msprivs.dll - ok
00:28:31.0634 3680  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
00:28:31.0634 3680  C:\Windows\System32\netjoin.dll - ok
00:28:31.0641 3680  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
00:28:31.0641 3680  C:\Windows\System32\negoexts.dll - ok
00:28:31.0647 3680  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
00:28:31.0647 3680  C:\Windows\System32\kerberos.dll - ok
00:28:31.0654 3680  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
00:28:31.0654 3680  C:\Windows\System32\cryptsp.dll - ok
00:28:31.0660 3680  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
00:28:31.0660 3680  C:\Windows\System32\mswsock.dll - ok
00:28:31.0669 3680  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
00:28:31.0669 3680  C:\Windows\System32\version.dll - ok
00:28:31.0676 3680  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
00:28:31.0676 3680  C:\Windows\System32\msv1_0.dll - ok
00:28:31.0682 3680  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
00:28:31.0682 3680  C:\Windows\System32\wship6.dll - ok
00:28:31.0689 3680  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
00:28:31.0689 3680  C:\Windows\System32\netlogon.dll - ok
00:28:31.0698 3680  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
00:28:31.0698 3680  C:\Windows\System32\dnsapi.dll - ok
00:28:31.0714 3680  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
00:28:31.0714 3680  C:\Windows\System32\logoncli.dll - ok
00:28:31.0722 3680  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
00:28:31.0723 3680  C:\Windows\System32\schannel.dll - ok
00:28:31.0727 3680  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
00:28:31.0727 3680  C:\Windows\System32\wdigest.dll - ok
00:28:31.0735 3680  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
00:28:31.0735 3680  C:\Windows\System32\rsaenh.dll - ok
00:28:31.0742 3680  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
00:28:31.0742 3680  C:\Windows\System32\TSpkg.dll - ok
00:28:31.0748 3680  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
00:28:31.0748 3680  C:\Windows\System32\pku2u.dll - ok
00:28:31.0755 3680  [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
00:28:31.0755 3680  C:\Windows\System32\LIVESSP.DLL - ok
00:28:31.0761 3680  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
00:28:31.0762 3680  C:\Windows\System32\bcryptprimitives.dll - ok
00:28:31.0772 3680  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
00:28:31.0772 3680  C:\Windows\System32\credssp.dll - ok
00:28:31.0779 3680  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
00:28:31.0779 3680  C:\Windows\System32\efslsaext.dll - ok
00:28:31.0786 3680  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
00:28:31.0786 3680  C:\Windows\System32\scecli.dll - ok
00:28:31.0795 3680  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
00:28:31.0795 3680  C:\Windows\System32\ubpm.dll - ok
00:28:31.0802 3680  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
00:28:31.0802 3680  C:\Windows\System32\svchost.exe - ok
00:28:31.0807 3680  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
00:28:31.0807 3680  C:\Windows\System32\umpnpmgr.dll - ok
00:28:31.0814 3680  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
00:28:31.0814 3680  C:\Windows\System32\SPInf.dll - ok
00:28:31.0821 3680  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
00:28:31.0821 3680  C:\Windows\System32\devrtl.dll - ok
00:28:31.0828 3680  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
00:28:31.0828 3680  C:\Windows\System32\userenv.dll - ok
00:28:31.0837 3680  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
00:28:31.0837 3680  C:\Windows\System32\gpapi.dll - ok
00:28:31.0848 3680  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
00:28:31.0848 3680  C:\Windows\System32\umpo.dll - ok
00:28:31.0856 3680  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
00:28:31.0856 3680  C:\Windows\System32\pcwum.dll - ok
00:28:31.0864 3680  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
00:28:31.0864 3680  C:\Windows\System32\powrprof.dll - ok
00:28:31.0871 3680  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
00:28:31.0871 3680  C:\Windows\System32\drivers\luafv.sys - ok
00:28:31.0879 3680  [ 6E342316E72F4B6FA39C99E06373A1A3 ] C:\Windows\System32\drivers\sbapifs.sys
00:28:31.0879 3680  C:\Windows\System32\drivers\sbapifs.sys - ok
00:28:31.0886 3680  [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
00:28:31.0886 3680  C:\Windows\System32\drivers\mbam.sys - ok
00:28:31.0893 3680  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
00:28:31.0893 3680  C:\Windows\System32\drivers\WUDFPf.sys - ok
00:28:31.0900 3680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
00:28:31.0900 3680  C:\Windows\System32\rpcss.dll - ok
00:28:31.0912 3680  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
00:28:31.0912 3680  C:\Windows\System32\RpcEpMap.dll - ok
00:28:31.0916 3680  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
00:28:31.0916 3680  C:\Windows\System32\WSHTCPIP.DLL - ok
00:28:31.0922 3680  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
00:28:31.0922 3680  C:\Windows\System32\wshqos.dll - ok
00:28:31.0928 3680  [ 4EAAAAB8759644D572522FBCDD196A13 ] C:\Windows\System32\atiesrxx.exe
00:28:31.0928 3680  C:\Windows\System32\atiesrxx.exe - ok
00:28:31.0935 3680  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
00:28:31.0935 3680  C:\Windows\System32\FirewallAPI.dll - ok
00:28:31.0943 3680  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
00:28:31.0943 3680  C:\Windows\System32\wtsapi32.dll - ok
00:28:31.0948 3680  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
00:28:31.0949 3680  C:\Windows\System32\LogonUI.exe - ok
00:28:31.0955 3680  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
00:28:31.0955 3680  C:\Windows\System32\authui.dll - ok
00:28:31.0961 3680  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
00:28:31.0961 3680  C:\Windows\System32\wevtsvc.dll - ok
00:28:31.0968 3680  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
00:28:31.0968 3680  C:\Windows\System32\cryptui.dll - ok
00:28:31.0974 3680  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
00:28:31.0974 3680  C:\Windows\System32\adtschema.dll - ok
00:28:31.0981 3680  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
00:28:31.0981 3680  C:\Windows\System32\audiosrv.dll - ok
00:28:31.0988 3680  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
00:28:31.0988 3680  C:\Windows\System32\FntCache.dll - ok
00:28:31.0994 3680  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
00:28:31.0995 3680  C:\Windows\System32\mmcss.dll - ok
00:28:32.0001 3680  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
00:28:32.0001 3680  C:\Windows\System32\avrt.dll - ok
00:28:32.0012 3680  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
00:28:32.0012 3680  C:\Windows\System32\MMDevAPI.dll - ok
00:28:32.0021 3680  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
00:28:32.0021 3680  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
00:28:32.0029 3680  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
00:28:32.0029 3680  C:\Windows\System32\wlansvc.dll - ok
00:28:32.0039 3680  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
00:28:32.0039 3680  C:\Windows\System32\propsys.dll - ok
00:28:32.0047 3680  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
00:28:32.0047 3680  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
00:28:32.0056 3680  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
00:28:32.0056 3680  C:\Windows\System32\drivers\fltMgr.sys - ok
00:28:32.0064 3680  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
00:28:32.0064 3680  C:\Windows\System32\netprofm.dll - ok
00:28:32.0070 3680  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
00:28:32.0070 3680  C:\Windows\System32\PSHED.DLL - ok
00:28:32.0076 3680  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
00:28:32.0076 3680  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
00:28:32.0082 3680  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
00:28:32.0082 3680  C:\Windows\System32\samlib.dll - ok
00:28:32.0088 3680  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
00:28:32.0089 3680  C:\Windows\System32\shacct.dll - ok
00:28:32.0095 3680  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
00:28:32.0095 3680  C:\Windows\System32\uxtheme.dll - ok
00:28:32.0102 3680  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
00:28:32.0102 3680  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
00:28:32.0113 3680  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
00:28:32.0113 3680  C:\Windows\System32\audiodg.exe - ok
00:28:32.0118 3680  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
00:28:32.0118 3680  C:\Windows\System32\dui70.dll - ok
00:28:32.0124 3680  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
00:28:32.0124 3680  C:\Windows\System32\duser.dll - ok
00:28:32.0130 3680  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
00:28:32.0131 3680  C:\Windows\System32\ntmarta.dll - ok
00:28:32.0139 3680  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
00:28:32.0139 3680  C:\Windows\System32\SndVolSSO.dll - ok
00:28:32.0146 3680  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
00:28:32.0146 3680  C:\Windows\System32\hid.dll - ok
00:28:32.0151 3680  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
00:28:32.0151 3680  C:\Windows\System32\winmm.dll - ok
00:28:32.0158 3680  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
00:28:32.0158 3680  C:\Windows\System32\wdmaud.drv - ok
00:28:32.0166 3680  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
00:28:32.0166 3680  C:\Windows\System32\dwmapi.dll - ok
00:28:32.0175 3680  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
00:28:32.0175 3680  C:\Windows\System32\ksuser.dll - ok
00:28:32.0182 3680  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
00:28:32.0182 3680  C:\Windows\System32\xmllite.dll - ok
00:28:32.0189 3680  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
00:28:32.0189 3680  C:\Windows\System32\AudioSes.dll - ok
00:28:32.0198 3680  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
00:28:32.0198 3680  C:\Windows\System32\msacm32.dll - ok
00:28:32.0204 3680  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
00:28:32.0204 3680  C:\Windows\System32\msacm32.drv - ok
00:28:32.0211 3680  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
00:28:32.0211 3680  C:\Windows\System32\midimap.dll - ok
00:28:32.0218 3680  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
00:28:32.0218 3680  C:\Windows\System32\AudioEng.dll - ok
00:28:32.0229 3680  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
00:28:32.0229 3680  C:\Windows\System32\WindowsCodecs.dll - ok
00:28:32.0233 3680  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
00:28:32.0233 3680  C:\Windows\System32\AUDIOKSE.dll - ok
00:28:32.0240 3680  [ A483CC36E04B5C375AF5AD25E8DB020C ] C:\Windows\System32\RtkAPO64.dll
00:28:32.0240 3680  C:\Windows\System32\RtkAPO64.dll - ok
00:28:32.0247 3680  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
00:28:32.0247 3680  C:\Windows\System32\winbrand.dll - ok
00:28:32.0256 3680  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
00:28:32.0256 3680  C:\Windows\System32\WMALFXGFXDSP.dll - ok
00:28:32.0266 3680  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
00:28:32.0266 3680  C:\Windows\System32\VaultCredProvider.dll - ok
00:28:32.0272 3680  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
00:28:32.0272 3680  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
00:28:32.0280 3680  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
00:28:32.0280 3680  C:\Windows\System32\BioCredProv.dll - ok
00:28:32.0288 3680  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
00:28:32.0288 3680  C:\Windows\System32\mfplat.dll - ok
00:28:32.0294 3680  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
00:28:32.0294 3680  C:\Windows\System32\winbio.dll - ok
00:28:32.0301 3680  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
00:28:32.0301 3680  C:\Windows\System32\credui.dll - ok
00:28:32.0309 3680  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
00:28:32.0309 3680  C:\Windows\System32\netapi32.dll - ok
00:28:32.0316 3680  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
00:28:32.0316 3680  C:\Windows\System32\vaultcli.dll - ok
00:28:32.0323 3680  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
00:28:32.0323 3680  C:\Windows\System32\netutils.dll - ok
00:28:32.0330 3680  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
00:28:32.0330 3680  C:\Windows\System32\wkscli.dll - ok
00:28:32.0337 3680  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
00:28:32.0337 3680  C:\Windows\System32\samcli.dll - ok
00:28:32.0344 3680  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
00:28:32.0344 3680  C:\Windows\System32\certCredProvider.dll - ok
00:28:32.0350 3680  [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
00:28:32.0350 3680  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
00:28:32.0358 3680  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
00:28:32.0358 3680  C:\Windows\System32\rasplap.dll - ok
00:28:32.0364 3680  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
00:28:32.0364 3680  C:\Windows\System32\rasapi32.dll - ok
00:28:32.0372 3680  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
00:28:32.0372 3680  C:\Windows\System32\rasman.dll - ok
00:28:32.0377 3680  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
00:28:32.0377 3680  C:\Windows\System32\rtutils.dll - ok
00:28:32.0386 3680  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
00:28:32.0386 3680  C:\Windows\System32\gpsvc.dll - ok
00:28:32.0391 3680  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
00:28:32.0391 3680  C:\Windows\System32\nlaapi.dll - ok
00:28:32.0398 3680  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
00:28:32.0399 3680  C:\Windows\System32\profsvc.dll - ok
00:28:32.0406 3680  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
00:28:32.0406 3680  C:\Windows\System32\themeservice.dll - ok
00:28:32.0416 3680  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
00:28:32.0417 3680  C:\Windows\System32\atl.dll - ok
00:28:32.0422 3680  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
00:28:32.0422 3680  C:\Windows\System32\dsrole.dll - ok
00:28:32.0431 3680  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
00:28:32.0431 3680  C:\Windows\System32\es.dll - ok
00:28:32.0440 3680  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
00:28:32.0464 3680  C:\Windows\System32\slc.dll - ok
00:28:32.0468 3680  [ 0620FE89F70FC0895DC312EEBAA62B06 ] C:\Windows\System32\atieclxx.exe
00:28:32.0468 3680  C:\Windows\System32\atieclxx.exe - ok
00:28:32.0475 3680  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
00:28:32.0475 3680  C:\Windows\System32\UXInit.dll - ok
00:28:32.0482 3680  [ 500CE062629FB734989AEEC2A23A6CD8 ] C:\Windows\System32\atiadlxx.dll
00:28:32.0482 3680  C:\Windows\System32\atiadlxx.dll - ok
00:28:32.0491 3680  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
00:28:32.0492 3680  C:\Windows\System32\comres.dll - ok
00:28:32.0511 3680  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
00:28:32.0511 3680  C:\Windows\System32\Sens.dll - ok
00:28:32.0523 3680  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
00:28:32.0523 3680  C:\Windows\System32\uxsms.dll - ok
00:28:32.0532 3680  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
00:28:32.0532 3680  C:\Windows\System32\WUDFPlatform.dll - ok
00:28:32.0537 3680  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
00:28:32.0537 3680  C:\Windows\System32\WUDFSvc.dll - ok
00:28:32.0547 3680  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
00:28:32.0547 3680  C:\Windows\System32\IPHLPAPI.DLL - ok
00:28:32.0551 3680  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
00:28:32.0551 3680  C:\Windows\System32\drivers\lltdio.sys - ok
00:28:32.0559 3680  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
00:28:32.0559 3680  C:\Windows\System32\drivers\nwifi.sys - ok
00:28:32.0569 3680  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
00:28:32.0569 3680  C:\Windows\System32\winnsi.dll - ok
00:28:32.0576 3680  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
00:28:32.0576 3680  C:\Windows\System32\drivers\ndisuio.sys - ok
00:28:32.0584 3680  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
00:28:32.0584 3680  C:\Windows\System32\drivers\rspndr.sys - ok
00:28:32.0589 3680  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
00:28:32.0589 3680  C:\Windows\System32\lmhsvc.dll - ok
00:28:32.0606 3680  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
00:28:32.0606 3680  C:\Windows\System32\nrpsrv.dll - ok
00:28:32.0613 3680  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
00:28:32.0613 3680  C:\Windows\System32\nsisvc.dll - ok
00:28:32.0621 3680  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
00:28:32.0621 3680  C:\Windows\System32\dhcpcore.dll - ok
00:28:32.0625 3680  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
00:28:32.0625 3680  C:\Windows\System32\keyiso.dll - ok
00:28:32.0644 3680  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
00:28:32.0645 3680  C:\Windows\System32\dnsrslvr.dll - ok
00:28:32.0652 3680  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
00:28:32.0652 3680  C:\Windows\System32\eapsvc.dll - ok
00:28:32.0657 3680  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
00:28:32.0657 3680  C:\Windows\System32\eapphost.dll - ok
00:28:32.0667 3680  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
00:28:32.0667 3680  C:\Windows\System32\dhcpcore6.dll - ok
00:28:32.0674 3680  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
00:28:32.0674 3680  C:\Windows\System32\imageres.dll - ok
00:28:32.0680 3680  [ FB0CFFDAF02A34E5A4211474D3ED870E ] C:\Windows\System32\atimuixx.dll
00:28:32.0680 3680  C:\Windows\System32\atimuixx.dll - ok
00:28:32.0688 3680  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
00:28:32.0688 3680  C:\Windows\System32\FWPUCLNT.DLL - ok
00:28:32.0694 3680  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
00:28:32.0694 3680  C:\Windows\System32\umb.dll - ok
00:28:32.0701 3680  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
00:28:32.0701 3680  C:\Windows\System32\wlanmsm.dll - ok
00:28:32.0709 3680  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
00:28:32.0710 3680  C:\Windows\System32\wlansec.dll - ok
00:28:32.0719 3680  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
00:28:32.0719 3680  C:\Windows\System32\onex.dll - ok
00:28:32.0726 3680  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
00:28:32.0727 3680  C:\Windows\System32\dhcpcsvc.dll - ok
00:28:32.0734 3680  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
00:28:32.0735 3680  C:\Windows\System32\dnsext.dll - ok
00:28:32.0742 3680  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
00:28:32.0742 3680  C:\Windows\System32\eappprxy.dll - ok
00:28:32.0750 3680  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
00:28:32.0750 3680  C:\Windows\System32\dhcpcsvc6.dll - ok
00:28:32.0758 3680  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
00:28:32.0758 3680  C:\Windows\System32\eappcfg.dll - ok
00:28:32.0766 3680  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
00:28:32.0766 3680  C:\Windows\System32\wlgpclnt.dll - ok
00:28:32.0773 3680  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
00:28:32.0773 3680  C:\Windows\System32\l2gpstore.dll - ok
00:28:32.0785 3680  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
00:28:32.0785 3680  C:\Windows\System32\WinSCard.dll - ok
00:28:32.0793 3680  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
00:28:32.0793 3680  C:\Windows\System32\wlanutil.dll - ok
00:28:32.0802 3680  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
00:28:32.0802 3680  C:\Windows\System32\msxml6.dll - ok
00:28:32.0810 3680  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
00:28:32.0810 3680  C:\Windows\System32\shsvcs.dll - ok
00:28:32.0819 3680  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
00:28:32.0819 3680  C:\Windows\System32\schedsvc.dll - ok
00:28:32.0827 3680  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
00:28:32.0827 3680  C:\Windows\System32\ktmw32.dll - ok
00:28:32.0837 3680  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
00:28:32.0837 3680  C:\Windows\System32\fveapi.dll - ok
00:28:32.0845 3680  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
00:28:32.0845 3680  C:\Windows\System32\fvecerts.dll - ok
00:28:32.0853 3680  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
00:28:32.0853 3680  C:\Windows\System32\tbs.dll - ok
00:28:32.0860 3680  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
00:28:32.0861 3680  C:\Windows\System32\taskcomp.dll - ok
00:28:32.0867 3680  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
00:28:32.0867 3680  C:\Windows\System32\wiarpc.dll - ok
00:28:32.0876 3680  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
00:28:32.0876 3680  C:\Windows\System32\drivers\http.sys - ok
00:28:32.0882 3680  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
00:28:32.0882 3680  C:\Windows\System32\spoolsv.exe - ok
00:28:32.0890 3680  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
00:28:32.0890 3680  C:\Windows\System32\drivers\srvnet.sys - ok
00:28:32.0897 3680  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
00:28:32.0897 3680  C:\Windows\System32\netcfgx.dll - ok
00:28:32.0904 3680  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
00:28:32.0904 3680  C:\Windows\System32\drivers\bowser.sys - ok
00:28:32.0911 3680  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
00:28:32.0911 3680  C:\Windows\System32\drivers\mrxsmb.sys - ok
00:28:32.0922 3680  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
00:28:32.0922 3680  C:\Windows\System32\drivers\mrxsmb10.sys - ok
00:28:32.0929 3680  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
00:28:32.0929 3680  C:\Windows\System32\drivers\mrxsmb20.sys - ok
00:28:32.0938 3680  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
00:28:32.0938 3680  C:\Windows\System32\drivers\srv2.sys - ok
00:28:32.0945 3680  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
00:28:32.0945 3680  C:\Windows\System32\wkssvc.dll - ok
00:28:32.0954 3680  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
00:28:32.0954 3680  C:\Windows\System32\drivers\srv.sys - ok
00:28:32.0961 3680  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
00:28:32.0961 3680  C:\Windows\System32\srvsvc.dll - ok
00:28:32.0969 3680  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
00:28:32.0970 3680  C:\Windows\System32\browser.dll - ok
00:28:32.0974 3680  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
00:28:32.0974 3680  C:\Windows\System32\clusapi.dll - ok
00:28:33.0000 3680  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
00:28:33.0000 3680  C:\Windows\System32\netmsg.dll - ok
00:28:33.0010 3680  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
00:28:33.0010 3680  C:\Windows\System32\sscore.dll - ok
00:28:33.0019 3680  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
00:28:33.0019 3680  C:\Windows\System32\resutils.dll - ok
00:28:33.0029 3680  [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
00:28:33.0029 3680  C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
00:28:33.0040 3680  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:28:33.0040 3680  C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:28:33.0048 3680  [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
00:28:33.0048 3680  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
00:28:33.0056 3680  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
00:28:33.0056 3680  C:\Windows\System32\rasadhlp.dll - ok
00:28:33.0064 3680  [ 09E61047B0CEF21559CFCEDF4F14D216 ] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
00:28:33.0064 3680  C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe - ok
00:28:33.0072 3680  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
00:28:33.0072 3680  C:\Windows\SysWOW64\ntdll.dll - ok
00:28:33.0080 3680  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
00:28:33.0080 3680  C:\Windows\System32\wow64.dll - ok
00:28:33.0088 3680  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
00:28:33.0088 3680  C:\Windows\System32\wow64win.dll - ok
00:28:33.0095 3680  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
00:28:33.0095 3680  C:\Windows\System32\wow64cpu.dll - ok
00:28:33.0101 3680  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
00:28:33.0101 3680  C:\Windows\SysWOW64\kernel32.dll - ok
00:28:33.0110 3680  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
00:28:33.0110 3680  C:\Windows\SysWOW64\KernelBase.dll - ok
00:28:33.0118 3680  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
00:28:33.0118 3680  C:\Windows\SysWOW64\user32.dll - ok
00:28:33.0128 3680  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
00:28:33.0128 3680  C:\Windows\SysWOW64\gdi32.dll - ok
00:28:33.0143 3680  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
00:28:33.0143 3680  C:\Windows\SysWOW64\lpk.dll - ok
00:28:33.0147 3680  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
00:28:33.0147 3680  C:\Windows\SysWOW64\usp10.dll - ok
00:28:33.0156 3680  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
00:28:33.0156 3680  C:\Windows\SysWOW64\msvcrt.dll - ok
00:28:33.0162 3680  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
00:28:33.0162 3680  C:\Windows\SysWOW64\advapi32.dll - ok
00:28:33.0172 3680  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
00:28:33.0172 3680  C:\Windows\SysWOW64\rpcrt4.dll - ok
00:28:33.0177 3680  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
00:28:33.0177 3680  C:\Windows\SysWOW64\sechost.dll - ok
00:28:33.0183 3680  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
00:28:33.0183 3680  C:\Windows\SysWOW64\cryptbase.dll - ok
00:28:33.0192 3680  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
00:28:33.0192 3680  C:\Windows\SysWOW64\shell32.dll - ok
00:28:33.0203 3680  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
00:28:33.0203 3680  C:\Windows\SysWOW64\sspicli.dll - ok
00:28:33.0211 3680  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
00:28:33.0211 3680  C:\Windows\SysWOW64\shlwapi.dll - ok
00:28:33.0219 3680  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
00:28:33.0219 3680  C:\Windows\SysWOW64\ole32.dll - ok
00:28:33.0227 3680  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
00:28:33.0227 3680  C:\Windows\SysWOW64\oleaut32.dll - ok
00:28:33.0231 3680  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
00:28:33.0231 3680  C:\Windows\SysWOW64\imm32.dll - ok
00:28:33.0241 3680  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
00:28:33.0241 3680  C:\Windows\SysWOW64\msctf.dll - ok
00:28:33.0247 3680  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
00:28:33.0247 3680  C:\Windows\SysWOW64\profapi.dll - ok
00:28:33.0256 3680  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
00:28:33.0258 3680  C:\Windows\SysWOW64\userenv.dll - ok
00:28:33.0264 3680  [ 1474F121C3DF1232D3E7239C03691EE6 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
00:28:33.0264 3680  C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe - ok
00:28:33.0272 3680  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
00:28:33.0272 3680  C:\Windows\SysWOW64\clbcatq.dll - ok
00:28:33.0281 3680  [ 232C0B9155F6A2C3736A9488F0C456DA ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL
00:28:33.0281 3680  C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL - ok
00:28:33.0290 3680  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
00:28:33.0290 3680  C:\Windows\SysWOW64\mswsock.dll - ok
00:28:33.0299 3680  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
00:28:33.0299 3680  C:\Windows\SysWOW64\ws2_32.dll - ok
00:28:33.0303 3680  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
00:28:33.0303 3680  C:\Windows\SysWOW64\nsi.dll - ok
00:28:33.0310 3680  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
00:28:33.0311 3680  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
00:28:33.0322 3680  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
00:28:33.0322 3680  C:\Windows\SysWOW64\cryptsp.dll - ok
00:28:33.0326 3680  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
00:28:33.0326 3680  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
00:28:33.0333 3680  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
00:28:33.0333 3680  C:\Windows\SysWOW64\rsaenh.dll - ok
00:28:33.0340 3680  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
00:28:33.0340 3680  C:\Windows\System32\msi.dll - ok
00:28:33.0348 3680  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
00:28:33.0348 3680  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
00:28:33.0355 3680  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
00:28:33.0355 3680  C:\Windows\System32\conhost.exe - ok
00:28:33.0363 3680  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
00:28:33.0363 3680  C:\Windows\System32\msiltcfg.dll - ok
00:28:33.0370 3680  [ A567B70468A04F4BA64339D1CAF78E58 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
00:28:33.0370 3680  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
00:28:33.0380 3680  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
00:28:33.0380 3680  C:\Windows\SysWOW64\ntmarta.dll - ok
00:28:33.0390 3680  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
00:28:33.0390 3680  C:\Windows\SysWOW64\Wldap32.dll - ok
00:28:33.0398 3680  [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
00:28:33.0399 3680  C:\Windows\System32\msvcp100.dll - ok
00:28:33.0405 3680  [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
00:28:33.0405 3680  C:\Windows\System32\msvcr100.dll - ok
00:28:33.0414 3680  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys
00:28:33.0415 3680  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys - ok
00:28:33.0420 3680  [ 671A40A97B7105D802A61D05E5477748 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
00:28:33.0420 3680  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
00:28:33.0426 3680  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:28:33.0426 3680  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
00:28:33.0434 3680  [ 6AF588B2525F7AF76BB8B1DD7D59C4BC ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
00:28:33.0434 3680  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
00:28:33.0446 3680  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
00:28:33.0446 3680  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
00:28:33.0452 3680  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:28:33.0452 3680  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:28:33.0465 3680  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
00:28:33.0465 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
00:28:33.0471 3680  [ F59E095B0BEF0CEED72DB039DAC3CD68 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
00:28:33.0472 3680  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
00:28:33.0480 3680  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
00:28:33.0480 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
00:28:33.0491 3680  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
00:28:33.0491 3680  C:\Windows\SysWOW64\version.dll - ok
00:28:33.0507 3680  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple 



#8 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 04:45 AM

Application Support\CoreFoundation.dll
00:28:33.0507 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
00:28:33.0515 3680  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
00:28:33.0515 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
00:28:33.0526 3680  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
00:28:33.0526 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
00:28:33.0536 3680  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
00:28:33.0536 3680  C:\Windows\SysWOW64\wsock32.dll - ok
00:28:33.0545 3680  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
00:28:33.0545 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
00:28:33.0556 3680  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
00:28:33.0557 3680  C:\Windows\SysWOW64\winmm.dll - ok
00:28:33.0564 3680  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
00:28:33.0564 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
00:28:33.0575 3680  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
00:28:33.0575 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
00:28:33.0590 3680  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
00:28:33.0590 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
00:28:33.0597 3680  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
00:28:33.0597 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
00:28:33.0608 3680  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
00:28:33.0608 3680  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
00:28:33.0619 3680  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
00:28:33.0619 3680  C:\Windows\SysWOW64\setupapi.dll - ok
00:28:33.0626 3680  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
00:28:33.0626 3680  C:\Windows\SysWOW64\cfgmgr32.dll - ok
00:28:33.0631 3680  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
00:28:33.0631 3680  C:\Windows\SysWOW64\devobj.dll - ok
00:28:33.0646 3680  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
00:28:33.0646 3680  C:\Windows\SysWOW64\wtsapi32.dll - ok
00:28:33.0655 3680  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
00:28:33.0655 3680  C:\Windows\SysWOW64\dnssd.dll - ok
00:28:33.0664 3680  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
00:28:33.0664 3680  C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:28:33.0672 3680  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
00:28:33.0672 3680  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
00:28:33.0680 3680  [ 8BC7F8F0B7AE856D910B3FDD895EC50E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
00:28:33.0680 3680  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
00:28:33.0685 3680  [ 0E059FCB8F61BFC50014537564A9B26A ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
00:28:33.0685 3680  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
00:28:33.0694 3680  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
00:28:33.0694 3680  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
00:28:33.0705 3680  [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
00:28:33.0705 3680  C:\Windows\SysWOW64\wininet.dll - ok
00:28:33.0713 3680  [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
00:28:33.0713 3680  C:\Windows\SysWOW64\iertutil.dll - ok
00:28:33.0724 3680  [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
00:28:33.0724 3680  C:\Windows\SysWOW64\urlmon.dll - ok
00:28:33.0728 3680  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
00:28:33.0728 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
00:28:33.0739 3680  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
00:28:33.0740 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
00:28:33.0744 3680  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
00:28:33.0744 3680  C:\Windows\SysWOW64\crypt32.dll - ok
00:28:33.0752 3680  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
00:28:33.0752 3680  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
00:28:33.0761 3680  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
00:28:33.0761 3680  C:\Windows\SysWOW64\msasn1.dll - ok
00:28:33.0768 3680  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
00:28:33.0768 3680  C:\Windows\SysWOW64\winnsi.dll - ok
00:28:33.0777 3680  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
00:28:33.0777 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
00:28:33.0784 3680  [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
00:28:33.0784 3680  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
00:28:33.0794 3680  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
00:28:33.0794 3680  C:\Windows\SysWOW64\wintrust.dll - ok
00:28:33.0799 3680  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
00:28:33.0799 3680  C:\Windows\System32\msxml3.dll - ok
00:28:33.0809 3680  [ 66257CB4E4FB69887CDDC71663741435 ] C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
00:28:33.0809 3680  C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe - ok
00:28:33.0816 3680  [ 0D2B530F060C050265D67C191C8A89DE ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
00:28:33.0816 3680  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
00:28:33.0824 3680  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
00:28:33.0824 3680  C:\Windows\System32\cryptsvc.dll - ok
00:28:33.0830 3680  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
00:28:33.0830 3680  C:\Windows\System32\wlanapi.dll - ok
00:28:33.0837 3680  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
00:28:33.0837 3680  C:\Windows\System32\cryptnet.dll - ok
00:28:33.0846 3680  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
00:28:33.0846 3680  C:\Windows\System32\vssapi.dll - ok
00:28:33.0851 3680  [ B7E663FF6F235820BCA06BA925335AE3 ] C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
00:28:33.0851 3680  C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll - ok
00:28:33.0859 3680  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
00:28:33.0859 3680  C:\Windows\System32\vsstrace.dll - ok
00:28:33.0866 3680  [ 126B75D50756FE204283D418AE1A66DF ] C:\Windows\SysWOW64\msvcirt.dll
00:28:33.0866 3680  C:\Windows\SysWOW64\msvcirt.dll - ok
00:28:33.0874 3680  [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
00:28:33.0874 3680  C:\Windows\SysWOW64\msvcp60.dll - ok
00:28:33.0882 3680  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
00:28:33.0882 3680  C:\Windows\SysWOW64\rasapi32.dll - ok
00:28:33.0886 3680  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
00:28:33.0886 3680  C:\Windows\SysWOW64\rasman.dll - ok
00:28:33.0893 3680  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
00:28:33.0893 3680  C:\Windows\SysWOW64\mfc42.dll - ok
00:28:33.0901 3680  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
00:28:33.0901 3680  C:\Windows\SysWOW64\odbc32.dll - ok
00:28:33.0908 3680  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
00:28:33.0908 3680  C:\Windows\SysWOW64\odbcint.dll - ok
00:28:33.0915 3680  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
00:28:33.0915 3680  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
00:28:33.0922 3680  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
00:28:33.0922 3680  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
00:28:33.0928 3680  [ 32C2CD16DC801AEF9EDAAFEA0DBD769E ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe
00:28:33.0928 3680  C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok
00:28:33.0935 3680  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
00:28:33.0935 3680  C:\Windows\System32\dps.dll - ok
00:28:33.0943 3680  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
00:28:33.0943 3680  C:\Windows\System32\taskschd.dll - ok
00:28:33.0949 3680  [ EB1C213A8550F066B2CCC29C9F41E2AE ] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
00:28:33.0949 3680  C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe - ok
00:28:33.0956 3680  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
00:28:33.0956 3680  C:\Windows\SysWOW64\winsta.dll - ok
00:28:33.0965 3680  [ F74285FC99CC90594619D6C85CCF37B7 ] C:\Program Files (x86)\Launch Manager\LMutilps32.exe
00:28:33.0965 3680  C:\Program Files (x86)\Launch Manager\LMutilps32.exe - ok
00:28:33.0971 3680  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
00:28:33.0971 3680  C:\Windows\SysWOW64\apphelp.dll - ok
00:28:33.0981 3680  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
00:28:33.0981 3680  C:\Windows\SysWOW64\netapi32.dll - ok
00:28:33.0991 3680  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
00:28:33.0991 3680  C:\Windows\SysWOW64\netutils.dll - ok
00:28:33.0996 3680  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
00:28:33.0996 3680  C:\Windows\SysWOW64\samcli.dll - ok
00:28:34.0002 3680  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
00:28:34.0002 3680  C:\Windows\SysWOW64\srvcli.dll - ok
00:28:34.0009 3680  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
00:28:34.0009 3680  C:\Windows\SysWOW64\wkscli.dll - ok
00:28:34.0015 3680  [ 352CC5F802D8EDE1FAAE6D3E50664958 ] C:\Program Files (x86)\Launch Manager\LmSmbKel.dll
00:28:34.0015 3680  C:\Program Files (x86)\Launch Manager\LmSmbKel.dll - ok
00:28:34.0023 3680  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
00:28:34.0023 3680  C:\Windows\System32\dbghelp.dll - ok
00:28:34.0029 3680  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
00:28:34.0029 3680  C:\Windows\SysWOW64\uxtheme.dll - ok
00:28:34.0035 3680  [ C096004C197BEE74053C4D5CDDF81A19 ] C:\Program Files\Packard Bell\Packard Bell Power Management\PowerSettingControl.dll
00:28:34.0035 3680  C:\Program Files\Packard Bell\Packard Bell Power Management\PowerSettingControl.dll - ok
00:28:34.0042 3680  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
00:28:34.0042 3680  C:\Windows\System32\oleacc.dll - ok
00:28:34.0049 3680  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
00:28:34.0049 3680  C:\Windows\System32\winspool.drv - ok
00:28:34.0056 3680  [ F95126E44EBA95A30FB0E4CE6E916015 ] C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
00:28:34.0056 3680  C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe - ok
00:28:34.0063 3680  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
00:28:34.0063 3680  C:\Windows\System32\FDResPub.dll - ok
00:28:34.0069 3680  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
00:28:34.0069 3680  C:\Windows\System32\WSDApi.dll - ok
00:28:34.0076 3680  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
00:28:34.0076 3680  C:\Windows\System32\webservices.dll - ok
00:28:34.0082 3680  [ B705C7097F9A0EC941D02DCE7C7D426C ] C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
00:28:34.0082 3680  C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe - ok
00:28:34.0089 3680  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
00:28:34.0089 3680  C:\Windows\SysWOW64\winspool.drv - ok
00:28:34.0096 3680  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
00:28:34.0096 3680  C:\Windows\System32\fundisc.dll - ok
00:28:34.0103 3680  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:28:34.0103 3680  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
00:28:34.0110 3680  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
00:28:34.0110 3680  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
00:28:34.0117 3680  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
00:28:34.0117 3680  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
00:28:34.0124 3680  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:28:34.0125 3680  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
00:28:34.0132 3680  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
00:28:34.0132 3680  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
00:28:34.0139 3680  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
00:28:34.0139 3680  C:\Windows\SysWOW64\mpr.dll - ok
00:28:34.0149 3680  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
00:28:34.0149 3680  C:\Windows\SysWOW64\psapi.dll - ok
00:28:34.0153 3680  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
00:28:34.0153 3680  C:\Windows\System32\ncsi.dll - ok
00:28:34.0165 3680  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
00:28:34.0165 3680  C:\Windows\System32\nlasvc.dll - ok
00:28:34.0174 3680  [ 5839A8027D6D324A7CD494051A96628C ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
00:28:34.0174 3680  C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe - ok
00:28:34.0181 3680  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
00:28:34.0181 3680  C:\Windows\System32\winhttp.dll - ok
00:28:34.0192 3680  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
00:28:34.0192 3680  C:\Windows\System32\webio.dll - ok
00:28:34.0196 3680  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
00:28:34.0196 3680  C:\Windows\System32\ssdpapi.dll - ok
00:28:34.0208 3680  [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll
00:28:34.0208 3680  C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll - ok
00:28:34.0215 3680  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
00:28:34.0215 3680  C:\Windows\System32\wsock32.dll - ok
00:28:34.0222 3680  [ 6CC09D2F0BA4A09BABC3C41B8FD888F7 ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
00:28:34.0223 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe - ok
00:28:34.0230 3680  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
00:28:34.0230 3680  C:\Windows\SysWOW64\oleacc.dll - ok
00:28:34.0237 3680  [ D5A52635A2910C3090C367887A852BB0 ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\Pehook.dll
00:28:34.0237 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\Pehook.dll - ok
00:28:34.0247 3680  [ 9CF7E8EF673BB0B8BBF520AB1F0331E2 ] C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
00:28:34.0247 3680  C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe - ok
00:28:34.0260 3680  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
00:28:34.0260 3680  C:\Windows\SysWOW64\imagehlp.dll - ok
00:28:34.0265 3680  [ B6EC90A045B28036810515666017522D ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\ISchedule.dll
00:28:34.0265 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\ISchedule.dll - ok
00:28:34.0277 3680  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
00:28:34.0277 3680  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
00:28:34.0285 3680  [ 1EE0571A1243268543B95A24A881685A ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\SyncDll.dll
00:28:34.0285 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\SyncDll.dll - ok
00:28:34.0292 3680  [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Program Files\Microsoft Office 15\ClientX64\msvcr100.dll
00:28:34.0293 3680  C:\Program Files\Microsoft Office 15\ClientX64\msvcr100.dll - ok
00:28:34.0310 3680  [ A8B493C03BB982DDB739ED9B5DC3D7D2 ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll
00:28:34.0310 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll - ok
00:28:34.0324 3680  [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files\Microsoft Office 15\ClientX64\msvcp100.dll
00:28:34.0324 3680  C:\Program Files\Microsoft Office 15\ClientX64\msvcp100.dll - ok
00:28:34.0333 3680  [ 40EDD7E2439FA1B6A4B4769A03DB0D22 ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\agent_stub.dll
00:28:34.0333 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\agent_stub.dll - ok
00:28:34.0342 3680  [ 336251456DF00B39C062051EB9C2B0BF ] C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
00:28:34.0342 3680  C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll - ok
00:28:34.0349 3680  [ 6B4151EB2A8593BB13F7C8BF3BC3007A ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\ACE.dll
00:28:34.0349 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\ACE.dll - ok
00:28:34.0358 3680  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
00:28:34.0358 3680  C:\Windows\System32\wer.dll - ok
00:28:34.0366 3680  [ B22FF4AA935331A58443D1AA939F93CA ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\OutlookDispatch.dll
00:28:34.0366 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\OutlookDispatch.dll - ok
00:28:34.0374 3680  [ A7D4E2C269301BEA243676ED56F8B4FF ] C:\Windows\System32\RstrtMgr.dll
00:28:34.0374 3680  C:\Windows\System32\RstrtMgr.dll - ok
00:28:34.0384 3680  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
00:28:34.0384 3680  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
00:28:34.0388 3680  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
00:28:34.0388 3680  C:\Windows\System32\cabinet.dll - ok
00:28:34.0397 3680  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
00:28:34.0397 3680  C:\Windows\System32\drivers\PEAuth.sys - ok
00:28:34.0410 3680  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
00:28:34.0410 3680  C:\Windows\System32\pcasvc.dll - ok
00:28:34.0416 3680  [ 555A29B5F964AFF41D199991ECBCC44A ] C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
00:28:34.0416 3680  C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll - ok
00:28:34.0427 3680  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
00:28:34.0427 3680  C:\Windows\System32\aepic.dll - ok
00:28:34.0435 3680  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
00:28:34.0435 3680  C:\Windows\System32\sfc.dll - ok
00:28:34.0442 3680  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
00:28:34.0445 3680  C:\Windows\System32\sfc_os.dll - ok
00:28:34.0449 3680  [ CC781378E7EDA615D2CDCA3B17829FA4 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:28:34.0449 3680  C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
00:28:34.0461 3680  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
00:28:34.0461 3680  C:\Windows\SysWOW64\SensApi.dll - ok
00:28:34.0468 3680  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
00:28:34.0468 3680  C:\Windows\SysWOW64\webio.dll - ok
00:28:34.0479 3680  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
00:28:34.0479 3680  C:\Windows\SysWOW64\winhttp.dll - ok
00:28:34.0490 3680  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
00:28:34.0490 3680  C:\Windows\SysWOW64\msxml6.dll - ok
00:28:34.0498 3680  [ CDB04BDF2918D52579A93AF0683E3331 ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BookmarkDLL.dll
00:28:34.0498 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\BookmarkDLL.dll - ok
00:28:34.0507 3680  [ 9A559E5C2D87278AB68F12FA40DEBC86 ] C:\Program Files\Microsoft Office 15\ClientX64\streamserver.dll
00:28:34.0507 3680  C:\Program Files\Microsoft Office 15\ClientX64\streamserver.dll - ok
00:28:34.0513 3680  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
00:28:34.0513 3680  C:\Windows\SysWOW64\msimg32.dll - ok
00:28:34.0519 3680  [ A2927000901CBBF716FC4CCCBC6CFE4A ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\WinSetDLL.dll
00:28:34.0519 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\WinSetDLL.dll - ok
00:28:34.0533 3680  [ F4FB4859E39BF4D0B03903297EC741FD ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\MailConverter32.dll
00:28:34.0533 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\MailConverter32.dll - ok
00:28:34.0548 3680  [ 0A0A0183711EFB04F9BCC32BB44471F2 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
00:28:34.0548 3680  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
00:28:34.0557 3680  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
00:28:34.0557 3680  C:\Windows\System32\drivers\secdrv.sys - ok
00:28:34.0564 3680  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
00:28:34.0564 3680  C:\Windows\SysWOW64\mapi32.dll - ok
00:28:34.0575 3680  [ A2E41169999C04463F3FEEECDA3A4841 ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\VssAgent.dll
00:28:34.0575 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\VssAgent.dll - ok
00:28:34.0587 3680  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
00:28:34.0587 3680  C:\Windows\SysWOW64\vssapi.dll - ok
00:28:34.0595 3680  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
00:28:34.0595 3680  C:\Windows\System32\drivers\tcpipreg.sys - ok
00:28:34.0603 3680  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
00:28:34.0603 3680  C:\Windows\System32\sysmain.dll - ok
00:28:34.0608 3680  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
00:28:34.0608 3680  C:\Windows\System32\wiaservc.dll - ok
00:28:34.0615 3680  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
00:28:34.0616 3680  C:\Windows\System32\wiatrace.dll - ok
00:28:34.0627 3680  [ 28CB83C5DEFF5D1659F3D9DC5AE89F0D ] C:\Program Files (x86)\NTI\Packard Bell MyBackup\IShadowS3.dll
00:28:34.0627 3680  C:\Program Files (x86)\NTI\Packard Bell MyBackup\IShadowS3.dll - ok
00:28:34.0632 3680  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
00:28:34.0632 3680  C:\Windows\SysWOW64\atl.dll - ok
00:28:34.0643 3680  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
00:28:34.0643 3680  C:\Windows\SysWOW64\vsstrace.dll - ok
00:28:34.0652 3680  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
00:28:34.0652 3680  C:\Windows\System32\trkwks.dll - ok
00:28:34.0660 3680  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
00:28:34.0660 3680  C:\Windows\SysWOW64\dwmapi.dll - ok
00:28:34.0670 3680  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
00:28:34.0670 3680  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
00:28:34.0676 3680  [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:28:34.0676 3680  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
00:28:34.0684 3680  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
00:28:34.0684 3680  C:\Windows\System32\wbem\WMIsvc.dll - ok
00:28:34.0690 3680  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
00:28:34.0690 3680  C:\Windows\System32\wbemcomn.dll - ok
00:28:34.0697 3680  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
00:28:34.0697 3680  C:\Windows\System32\wbem\WinMgmtR.dll - ok
00:28:34.0704 3680  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
00:28:34.0704 3680  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
00:28:34.0713 3680  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
00:28:34.0713 3680  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
00:28:34.0718 3680  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
00:28:34.0718 3680  C:\Windows\System32\SensApi.dll - ok
00:28:34.0729 3680  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
00:28:34.0729 3680  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok
00:28:34.0737 3680  [ 66C5255881F6F37F5CB22B9C9C777662 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
00:28:34.0737 3680  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
00:28:34.0741 3680  [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
00:28:34.0742 3680  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
00:28:34.0749 3680  [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
00:28:34.0749 3680  C:\Windows\AppPatch\AcGenral.dll - ok
00:28:34.0759 3680  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
00:28:34.0759 3680  C:\Windows\System32\aeevts.dll - ok
00:28:34.0767 3680  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
00:28:34.0767 3680  C:\Windows\SysWOW64\msacm32.dll - ok
00:28:34.0774 3680  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
00:28:34.0774 3680  C:\Windows\SysWOW64\sfc.dll - ok
00:28:34.0784 3680  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
00:28:34.0784 3680  C:\Windows\SysWOW64\sfc_os.dll - ok
00:28:34.0788 3680  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
00:28:34.0789 3680  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
00:28:34.0796 3680  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
00:28:34.0797 3680  C:\Windows\System32\wbem\fastprox.dll - ok
00:28:34.0804 3680  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
00:28:34.0804 3680  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
00:28:34.0811 3680  [ C18A36745336FDAA1A8B9EE0604054AD ] C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvApi.dll
00:28:34.0811 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvApi.dll - ok
00:28:34.0819 3680  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
00:28:34.0819 3680  C:\Windows\SysWOW64\wbemcomn.dll - ok
00:28:34.0837 3680  [ 0032C5D425B16B0DAF7D0FDD48594E39 ] C:\Program Files\Microsoft Office 15\ClientX64\AppVPolicy.dll
00:28:34.0838 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVPolicy.dll - ok
00:28:34.0845 3680  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
00:28:34.0845 3680  C:\Windows\SysWOW64\ntdsapi.dll - ok
00:28:34.0852 3680  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
00:28:34.0852 3680  C:\Windows\System32\ntdsapi.dll - ok
00:28:34.0859 3680  [ F534B135D19CA8485BF947F87EFC582F ] C:\Program Files\Microsoft Office 15\ClientX64\AppVOrchestration.dll
00:28:34.0859 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVOrchestration.dll - ok
00:28:34.0867 3680  [ D3D9B40A45849394AF7DF2F71F70D52C ] C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvStreamingManager.dll
00:28:34.0867 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvStreamingManager.dll - ok
00:28:34.0876 3680  [ 9375B812FE03ED005A10F8C0EC114E78 ] C:\Program Files\Microsoft Office 15\ClientX64\AppVManifest.dll
00:28:34.0876 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVManifest.dll - ok
00:28:34.0884 3680  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
00:28:34.0885 3680  C:\Windows\SysWOW64\wship6.dll - ok
00:28:34.0892 3680  [ 49B2F538DCDED1804B5E1F6F231DF837 ] C:\Program Files\Microsoft Office 15\ClientX64\AppVCatalog.dll
00:28:34.0892 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVCatalog.dll - ok
00:28:34.0901 3680  [ CC8E52DAA9826064BA464DBE531F2BB5 ] C:\Windows\System32\drivers\CVPNDRVA.sys
00:28:34.0901 3680  C:\Windows\System32\drivers\CVPNDRVA.sys - ok
00:28:34.0909 3680  [ ED4C07994B45E17AEFE6E5182FF0F26E ] C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvVirtualization.dll
00:28:34.0909 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvVirtualization.dll - ok
00:28:34.0914 3680  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
00:28:34.0914 3680  C:\Windows\SysWOW64\nlaapi.dll - ok
00:28:34.0919 3680  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
00:28:34.0919 3680  C:\Windows\SysWOW64\hidserv.dll - ok
00:28:34.0926 3680  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
00:28:34.0926 3680  C:\Windows\SysWOW64\wdi.dll - ok
00:28:34.0932 3680  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
00:28:34.0932 3680  C:\Windows\System32\hidserv.dll - ok
00:28:34.0939 3680  [ 4A5CF4687030150F73B7E08FF6AFE05C ] C:\Program Files\Microsoft Office 15\ClientX64\AppVIntegration.dll
00:28:34.0939 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVIntegration.dll - ok
00:28:34.0945 3680  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
00:28:34.0946 3680  C:\Windows\System32\wdi.dll - ok
00:28:34.0952 3680  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
00:28:34.0952 3680  C:\Windows\SysWOW64\NapiNSP.dll - ok
00:28:34.0958 3680  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
00:28:34.0958 3680  C:\Windows\SysWOW64\hid.dll - ok
00:28:34.0965 3680  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
00:28:34.0965 3680  C:\Windows\System32\diagperf.dll - ok
00:28:35.0032 3680  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
00:28:35.0032 3680  C:\Windows\SysWOW64\pnrpnsp.dll - ok
00:28:35.0046 3680  [ 6322C5B9FA93BCB3921A23E4209F13E8 ] C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvSubsystemController.dll
00:28:35.0046 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVIsvSubsystemController.dll - ok
00:28:35.0051 3680  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
00:28:35.0052 3680  C:\Windows\System32\wpdbusenum.dll - ok
00:28:35.0065 3680  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
00:28:35.0065 3680  C:\Windows\SysWOW64\dnsapi.dll - ok
00:28:35.0070 3680  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
00:28:35.0070 3680  C:\Windows\System32\perftrack.dll - ok
00:28:35.0094 3680  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
00:28:35.0094 3680  C:\Windows\System32\pnpts.dll - ok
00:28:35.0117 3680  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
00:28:35.0117 3680  C:\Windows\SysWOW64\winrnr.dll - ok
00:28:35.0179 3680  [ 4AAB66620DA120F76190F04981676EC9 ] C:\Program Files\Microsoft Office 15\ClientX64\AppVFileSystemMetadata.dll
00:28:35.0179 3680  C:\Program Files\Microsoft Office 15\ClientX64\AppVFileSystemMetadata.dll - ok
00:28:35.0185 3680  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
00:28:35.0185 3680  C:\Windows\System32\wdiasqmmodule.dll - ok
00:28:35.0197 3680  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
00:28:35.0197 3680  C:\Windows\SysWOW64\gpapi.dll - ok
00:28:35.0205 3680  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
00:28:35.0205 3680  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
00:28:35.0213 3680  [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
00:28:35.0213 3680  C:\Windows\SysWOW64\wer.dll - ok
00:28:35.0225 3680  [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
00:28:35.0225 3680  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
00:28:35.0275 3680  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
00:28:35.0275 3680  C:\Windows\System32\p2pcollab.dll - ok
00:28:35.0301 3680  [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
00:28:35.0301 3680  C:\Windows\SysWOW64\Apphlpdm.dll - ok
00:28:35.0348 3680  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
00:28:35.0348 3680  C:\Windows\SysWOW64\secur32.dll - ok
00:28:35.0357 3680  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
00:28:35.0357 3680  C:\Windows\System32\Apphlpdm.dll - ok
00:28:35.0366 3680  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
00:28:35.0367 3680  C:\Windows\System32\QAGENTRT.DLL - ok
00:28:35.0375 3680  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
00:28:35.0375 3680  C:\Windows\System32\fveui.dll - ok
00:28:35.0380 3680  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
00:28:35.0380 3680  C:\Windows\SysWOW64\ncrypt.dll - ok
00:28:35.0390 3680  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
00:28:35.0391 3680  C:\Windows\SysWOW64\rasadhlp.dll - ok
00:28:35.0396 3680  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
00:28:35.0396 3680  C:\Windows\SysWOW64\bcrypt.dll - ok
00:28:35.0403 3680  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
00:28:35.0403 3680  C:\Windows\System32\taskhost.exe - ok
00:28:35.0415 3680  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
00:28:35.0415 3680  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
00:28:35.0423 3680  [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
00:28:35.0423 3680  C:\Windows\SysWOW64\dimsjob.dll - ok
00:28:35.0428 3680  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
00:28:35.0428 3680  C:\Windows\System32\dimsjob.dll - ok
00:28:35.0435 3680  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
00:28:35.0435 3680  C:\Windows\SysWOW64\taskschd.dll - ok
00:28:35.0452 3680  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
00:28:35.0452 3680  C:\Windows\SysWOW64\netprofm.dll - ok
00:28:35.0460 3680  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
00:28:35.0460 3680  C:\Windows\System32\npmproxy.dll - ok
00:28:35.0467 3680  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
00:28:35.0467 3680  C:\Windows\SysWOW64\npmproxy.dll - ok
00:28:35.0471 3680  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
00:28:35.0471 3680  C:\Windows\SysWOW64\credssp.dll - ok
00:28:35.0480 3680  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
00:28:35.0480 3680  C:\Windows\System32\NapiNSP.dll - ok
00:28:35.0487 3680  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
00:28:35.0487 3680  C:\Windows\System32\pnrpnsp.dll - ok
00:28:35.0497 3680  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
00:28:35.0497 3680  C:\Windows\System32\winrnr.dll - ok
00:28:35.0501 3680  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
00:28:35.0501 3680  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
00:28:35.0510 3680  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
00:28:35.0510 3680  C:\Windows\System32\PortableDeviceApi.dll - ok
00:28:35.0516 3680  [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
00:28:35.0516 3680  C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
00:28:35.0526 3680  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
00:28:35.0526 3680  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
00:28:35.0534 3680  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
00:28:35.0534 3680  C:\Windows\SysWOW64\cryptnet.dll - ok
00:28:35.0542 3680  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
00:28:35.0542 3680  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
00:28:35.0549 3680  [ 8D47D01378347889A662D54037A988CC ] C:\Windows\SysWOW64\tdh.dll
00:28:35.0549 3680  C:\Windows\SysWOW64\tdh.dll - ok
00:28:35.0558 3680  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
00:28:35.0558 3680  C:\Windows\System32\wbem\wbemprox.dll - ok
00:28:35.0565 3680  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
00:28:35.0565 3680  C:\Windows\System32\tdh.dll - ok
00:28:35.0574 3680  [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
00:28:35.0574 3680  C:\Windows\SysWOW64\dllhost.exe - ok
00:28:35.0581 3680  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
00:28:35.0581 3680  C:\Windows\System32\dllhost.exe - ok
00:28:35.0590 3680  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
00:28:35.0590 3680  C:\Windows\System32\wbem\wbemcore.dll - ok
00:28:35.0596 3680  [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
00:28:35.0596 3680  C:\Windows\SysWOW64\shacct.dll - ok
00:28:35.0605 3680  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
00:28:35.0605 3680  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
00:28:35.0618 3680  [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll
00:28:35.0618 3680  C:\Windows\SysWOW64\wbem\esscli.dll - ok
00:28:35.0627 3680  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
00:28:35.0627 3680  C:\Windows\System32\wbem\esscli.dll - ok
00:28:35.0637 3680  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
00:28:35.0637 3680  C:\Windows\System32\pnidui.dll - ok
00:28:35.0647 3680  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
00:28:35.0647 3680  C:\Windows\System32\wmp.dll - ok
00:28:35.0651 3680  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
00:28:35.0651 3680  C:\Windows\SysWOW64\schannel.dll - ok
00:28:35.0659 3680  [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
00:28:35.0659 3680  C:\Windows\SysWOW64\dssenh.dll - ok
00:28:35.0667 3680  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
00:28:35.0667 3680  C:\Windows\System32\dssenh.dll - ok
00:28:35.0674 3680  [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
00:28:35.0674 3680  C:\Windows\SysWOW64\radardt.dll - ok
00:28:35.0682 3680  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
00:28:35.0682 3680  C:\Windows\System32\radardt.dll - ok
00:28:35.0689 3680  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
00:28:35.0689 3680  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
00:28:35.0696 3680  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
00:28:35.0696 3680  C:\Windows\SysWOW64\samlib.dll - ok
00:28:35.0707 3680  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
00:28:35.0707 3680  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
00:28:35.0712 3680  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
00:28:35.0712 3680  C:\Windows\System32\wbem\wbemsvc.dll - ok
00:28:35.0718 3680  [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
00:28:35.0718 3680  C:\Windows\SysWOW64\IDStore.dll - ok
00:28:35.0727 3680  [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
00:28:35.0727 3680  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
00:28:35.0733 3680  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
00:28:35.0733 3680  C:\Windows\System32\IDStore.dll - ok
00:28:35.0742 3680  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
00:28:35.0742 3680  C:\Windows\System32\wbem\wmiutils.dll - ok
00:28:35.0748 3680  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
00:28:35.0748 3680  C:\Windows\System32\wbem\repdrvfs.dll - ok
00:28:35.0759 3680  [ 93C8EB7AF857F6005F2E44F802E0FA69 ] C:\Windows\SysWOW64\KBDUK.DLL
00:28:35.0759 3680  C:\Windows\SysWOW64\KBDUK.DLL - ok
00:28:35.0763 3680  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
00:28:35.0763 3680  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
00:28:35.0774 3680  [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
00:28:35.0774 3680  C:\Windows\SysWOW64\ncobjapi.dll - ok
00:28:35.0782 3680  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
00:28:35.0782 3680  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
00:28:35.0786 3680  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
00:28:35.0786 3680  C:\Windows\System32\ncobjapi.dll - ok
00:28:35.0795 3680  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
00:28:35.0795 3680  C:\Windows\System32\HotStartUserAgent.dll - ok
00:28:35.0801 3680  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
00:28:35.0801 3680  C:\Windows\System32\wbem\wbemess.dll - ok
00:28:35.0809 3680  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
00:28:35.0809 3680  C:\Windows\SysWOW64\slc.dll - ok
00:28:35.0817 3680  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
00:28:35.0817 3680  C:\Windows\System32\mpr.dll - ok
00:28:35.0824 3680  [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
00:28:35.0825 3680  C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
00:28:35.0833 3680  [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\SysWOW64\userinit.exe
00:28:35.0833 3680  C:\Windows\SysWOW64\userinit.exe - ok
00:28:35.0838 3680  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
00:28:35.0838 3680  C:\Windows\System32\userinit.exe - ok
00:28:35.0850 3680  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
00:28:35.0850 3680  C:\Windows\System32\MsCtfMonitor.dll - ok
00:28:35.0857 3680  [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
00:28:35.0857 3680  C:\Windows\SysWOW64\msutb.dll - ok
00:28:35.0864 3680  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
00:28:35.0864 3680  C:\Windows\System32\msutb.dll - ok
00:28:35.0870 3680  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
00:28:35.0870 3680  C:\Windows\System32\dwm.exe - ok
00:28:35.0879 3680  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
00:28:35.0879 3680  C:\Windows\System32\dwmredir.dll - ok
00:28:35.0887 3680  [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\SysWOW64\dwmcore.dll
00:28:35.0887 3680  C:\Windows\SysWOW64\dwmcore.dll - ok
00:28:35.0897 3680  [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\SysWOW64\PlaySndSrv.dll
00:28:35.0897 3680  C:\Windows\SysWOW64\PlaySndSrv.dll - ok
00:28:35.0903 3680  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
00:28:35.0904 3680  C:\Windows\System32\PlaySndSrv.dll - ok
00:28:35.0916 3680  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
00:28:35.0916 3680  C:\Windows\System32\dwmcore.dll - ok
00:28:35.0920 3680  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
00:28:35.0920 3680  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
00:28:35.0926 3680  [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
00:28:35.0926 3680  C:\Windows\SysWOW64\pautoenr.dll - ok
00:28:35.0933 3680  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
00:28:35.0933 3680  C:\Windows\System32\pautoenr.dll - ok
00:28:35.0939 3680  [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
00:28:35.0939 3680  C:\Windows\SysWOW64\certcli.dll - ok
00:28:35.0944 3680  [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
00:28:35.0944 3680  C:\Windows\SysWOW64\d3d10_1.dll - ok
00:28:35.0950 3680  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
00:28:35.0950 3680  C:\Windows\System32\certcli.dll - ok
00:28:35.0957 3680  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
00:28:35.0957 3680  C:\Windows\System32\d3d10_1.dll - ok
00:28:35.0964 3680  [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
00:28:35.0964 3680  C:\Windows\SysWOW64\d3d10_1core.dll - ok
00:28:35.0982 3680  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
00:28:35.0982 3680  C:\Windows\System32\d3d10_1core.dll - ok
00:28:35.0989 3680  [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
00:28:35.0989 3680  C:\Windows\SysWOW64\CertEnroll.dll - ok
00:28:35.0996 3680  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
00:28:35.0996 3680  C:\Windows\explorer.exe - ok
00:28:36.0002 3680  [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
00:28:36.0002 3680  C:\Windows\SysWOW64\dxgi.dll - ok
00:28:36.0009 3680  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
00:28:36.0009 3680  C:\Windows\System32\dxgi.dll - ok
00:28:36.0016 3680  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
00:28:36.0016 3680  C:\Windows\System32\CertEnroll.dll - ok
00:28:36.0025 3680  [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
00:28:36.0025 3680  C:\Windows\SysWOW64\d3d11.dll - ok
00:28:36.0032 3680  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
00:28:36.0032 3680  C:\Windows\System32\d3d11.dll - ok
00:28:36.0039 3680  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
00:28:36.0039 3680  C:\Windows\SysWOW64\dsrole.dll - ok
00:28:36.0046 3680  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
00:28:36.0046 3680  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
00:28:36.0056 3680  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
00:28:36.0056 3680  C:\Windows\SysWOW64\powrprof.dll - ok
00:28:36.0064 3680  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
00:28:36.0064 3680  C:\Windows\System32\ExplorerFrame.dll - ok
00:28:36.0071 3680  [ D1F1D20DADF0C6882306126026E54EE2 ] C:\Windows\System32\aticfx64.dll
00:28:36.0071 3680  C:\Windows\System32\aticfx64.dll - ok
00:28:36.0076 3680  [ 1C045AA40FC86CAF02D64B6218DC1DD6 ] C:\Windows\System32\atiuxp64.dll
00:28:36.0076 3680  C:\Windows\System32\atiuxp64.dll - ok
00:28:36.0082 3680  [ 6935BD1DD8CD2149DAC2C395F33EFF08 ] C:\Windows\System32\atidxx64.dll
00:28:36.0082 3680  C:\Windows\System32\atidxx64.dll - ok
00:28:36.0088 3680  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
00:28:36.0089 3680  C:\Windows\System32\uDWM.dll - ok
00:28:36.0095 3680  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
00:28:36.0096 3680  C:\Windows\SysWOW64\duser.dll - ok
00:28:36.0102 3680  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
00:28:36.0102 3680  C:\Windows\SysWOW64\dui70.dll - ok
00:28:36.0109 3680  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
00:28:36.0109 3680  C:\Windows\SysWOW64\propsys.dll - ok
00:28:36.0117 3680  [ B5845C97AE81FB40094010E8727CF5DB ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
00:28:36.0117 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL - ok
00:28:36.0127 3680  [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\msvcr100.dll
00:28:36.0127 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\msvcr100.dll - ok
00:28:36.0135 3680  [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\msvcp100.dll
00:28:36.0135 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\msvcp100.dll - ok
00:28:36.0143 3680  [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\atl100.dll
00:28:36.0143 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\atl100.dll - ok
00:28:36.0148 3680  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
00:28:36.0148 3680  C:\Windows\SysWOW64\msi.dll - ok
00:28:36.0156 3680  [ 1821A9197482BDA422DD3FFBFD3AC611 ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF
00:28:36.0156 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF - ok
00:28:36.0163 3680  [ FF5E3A95E892CE5235E72FD37A37E082 ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
00:28:36.0163 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll - ok
00:28:36.0170 3680  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
00:28:36.0170 3680  C:\Windows\SysWOW64\EhStorShell.dll - ok
00:28:36.0177 3680  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
00:28:36.0177 3680  C:\Windows\System32\EhStorShell.dll - ok
00:28:36.0186 3680  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
00:28:36.0186 3680  C:\Windows\SysWOW64\ntshrui.dll - ok
00:28:36.0193 3680  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
00:28:36.0193 3680  C:\Windows\System32\ntshrui.dll - ok
00:28:36.0200 3680  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
00:28:36.0200 3680  C:\Windows\SysWOW64\cscapi.dll - ok
00:28:36.0206 3680  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
00:28:36.0206 3680  C:\Windows\System32\cscapi.dll - ok
00:28:36.0217 3680  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
00:28:36.0217 3680  C:\Windows\System32\IconCodecService.dll - ok
00:28:36.0223 3680  [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
00:28:36.0223 3680  C:\Windows\SysWOW64\IconCodecService.dll - ok
00:28:36.0231 3680  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
00:28:36.0231 3680  C:\Windows\System32\appinfo.dll - ok
00:28:36.0241 3680  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
00:28:36.0241 3680  C:\Windows\SysWOW64\runonce.exe - ok
00:28:36.0248 3680  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
00:28:36.0248 3680  C:\Windows\System32\runonce.exe - ok
00:28:36.0256 3680  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
00:28:36.0256 3680  C:\Windows\SysWOW64\cmd.exe - ok
00:28:36.0263 3680  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
00:28:36.0263 3680  C:\Windows\System32\localspl.dll - ok
00:28:36.0271 3680  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
00:28:36.0271 3680  C:\Windows\System32\spoolss.dll - ok
00:28:36.0275 3680  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
00:28:36.0275 3680  C:\Windows\System32\FXSMON.dll - ok
00:28:36.0282 3680  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
00:28:36.0282 3680  C:\Windows\System32\PrintIsolationProxy.dll - ok
00:28:36.0293 3680  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
00:28:36.0293 3680  C:\Windows\System32\tcpmon.dll - ok
00:28:36.0300 3680  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
00:28:36.0300 3680  C:\Windows\SysWOW64\winbrand.dll - ok
00:28:36.0306 3680  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
00:28:36.0306 3680  C:\Windows\System32\snmpapi.dll - ok
00:28:36.0315 3680  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
00:28:36.0315 3680  C:\Windows\SysWOW64\snmpapi.dll - ok
00:28:36.0324 3680  [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
00:28:36.0325 3680  C:\Windows\SysWOW64\wsnmp32.dll - ok
00:28:36.0330 3680  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
00:28:36.0330 3680  C:\Windows\System32\wsnmp32.dll - ok
00:28:36.0336 3680  [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\SysWOW64\ieframe.dll
00:28:36.0336 3680  C:\Windows\SysWOW64\ieframe.dll - ok
00:28:36.0343 3680  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
00:28:36.0343 3680  C:\Windows\System32\usbmon.dll - ok
00:28:36.0351 3680  [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
00:28:36.0351 3680  C:\Windows\SysWOW64\WlS0WndH.dll - ok
00:28:36.0365 3680  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
00:28:36.0365 3680  C:\Windows\System32\WSDMon.dll - ok
00:28:36.0372 3680  [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
00:28:36.0372 3680  C:\Windows\SysWOW64\WSDApi.dll - ok
00:28:36.0383 3680  [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
00:28:36.0383 3680  C:\Windows\SysWOW64\webservices.dll - ok
00:28:36.0392 3680  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
00:28:36.0392 3680  C:\Windows\SysWOW64\FirewallAPI.dll - ok
00:28:36.0402 3680  [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
00:28:36.0402 3680  C:\Windows\SysWOW64\fundisc.dll - ok
00:28:36.0412 3680  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
00:28:36.0412 3680  C:\Windows\System32\fdPnp.dll - ok
00:28:36.0422 3680  [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll
00:28:36.0423 3680  C:\Windows\SysWOW64\fdPnp.dll - ok
00:28:36.0428 3680  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
00:28:36.0428 3680  C:\Windows\System32\wsdchngr.dll - ok
00:28:36.0444 3680  [ AAF7BEB63E2CC499834B608A85A55E4E ] C:\Windows\SysWOW64\wsdchngr.dll
00:28:36.0445 3680  C:\Windows\SysWOW64\wsdchngr.dll - ok
00:28:36.0451 3680  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
00:28:36.0451 3680  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
00:28:36.0461 3680  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
00:28:36.0461 3680  C:\Windows\SysWOW64\shdocvw.dll - ok
00:28:36.0472 3680  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
00:28:36.0472 3680  C:\Windows\SysWOW64\devrtl.dll - ok
00:28:36.0476 3680  [ 52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\SysWOW64\win32spl.dll
00:28:36.0476 3680  C:\Windows\SysWOW64\win32spl.dll - ok
00:28:36.0485 3680  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
00:28:36.0485 3680  C:\Windows\System32\win32spl.dll - ok
00:28:36.0493 3680  [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
00:28:36.0493 3680  C:\Windows\SysWOW64\SPInf.dll - ok
00:28:36.0501 3680  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
00:28:36.0501 3680  C:\Windows\System32\inetpp.dll - ok
00:28:36.0509 3680  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
00:28:36.0510 3680  C:\Windows\System32\aelupsvc.dll - ok
00:28:36.0518 3680  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Adam\AppData\Local\Temp\F4C9DDFD-9EE4-40E2-AB4B-CDC11CFAFF51.exe
00:28:36.0518 3680  C:\Users\Adam\AppData\Local\Temp\F4C9DDFD-9EE4-40E2-AB4B-CDC11CFAFF51.exe - ok
00:28:36.0527 3680  [ C38D2750A525A6CA891EE1EE49FACC26 ] C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
00:28:36.0527 3680  C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL - ok
00:28:36.0537 3680  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files\Microsoft Office 15\root\office15\msvcr100.dll
00:28:36.0537 3680  C:\Program Files\Microsoft Office 15\root\office15\msvcr100.dll - ok
00:28:36.0545 3680  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files\Microsoft Office 15\root\office15\msvcp100.dll
00:28:36.0545 3680  C:\Program Files\Microsoft Office 15\root\office15\msvcp100.dll - ok
00:28:36.0554 3680  [ 00D2C06A552F782C1F16ACF77DB765A5 ] C:\Program Files\Microsoft Office 15\root\office15\atl100.dll
00:28:36.0554 3680  C:\Program Files\Microsoft Office 15\root\office15\atl100.dll - ok
00:28:36.0566 3680  [ A15C09D748C7A9710D88BDD0D7740896 ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF
00:28:36.0566 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF - ok
00:28:36.0577 3680  [ 23288F12565E93F9D3429B88B0AC19DD ] C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
00:28:36.0577 3680  C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll - ok
00:28:36.0582 3680  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
00:28:36.0582 3680  C:\Windows\SysWOW64\imageres.dll - ok
00:28:36.0592 3680  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
00:28:36.0592 3680  C:\Windows\System32\ie4uinit.exe - ok
00:28:36.0600 3680  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
00:28:36.0600 3680  C:\Windows\System32\iedkcs32.dll - ok
00:28:36.0608 3680  [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\SysWOW64\themeui.dll
00:28:36.0608 3680  C:\Windows\SysWOW64\themeui.dll - ok
00:28:36.0614 3680  [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
00:28:36.0615 3680  C:\Windows\System32\themeui.dll - ok
00:28:36.0620 3680  [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
00:28:36.0620 3680  C:\Windows\SysWOW64\SndVolSSO.dll - ok
00:28:36.0631 3680  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
00:28:36.0631 3680  C:\Windows\SysWOW64\MMDevAPI.dll - ok
00:28:36.0642 3680  [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
00:28:36.0642 3680  C:\Windows\SysWOW64\timedate.cpl - ok
00:28:36.0650 3680  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
00:28:36.0650 3680  C:\Windows\System32\timedate.cpl - ok
00:28:36.0655 3680  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
00:28:36.0655 3680  C:\Windows\SysWOW64\actxprxy.dll - ok
00:28:36.0666 3680  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
00:28:36.0666 3680  C:\Windows\System32\actxprxy.dll - ok
00:28:36.0683 3680  [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
00:28:36.0683 3680  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
00:28:36.0697 3680  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
00:28:36.0697 3680  C:\Windows\SysWOW64\xmllite.dll - ok
00:28:36.0701 3680  [ 966137BF27DDCD95CA92BA27EBD99CD7 ] C:\PROGRA~2\SOCIAL~1\MUITRA~1\PCMENV~1.DLL
00:28:36.0702 3680  C:\PROGRA~2\SOCIAL~1\MUITRA~1\PCMENV~1.DLL - ok
00:28:36.0711 3680  [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
00:28:36.0711 3680  C:\Windows\SysWOW64\msftedit.dll - ok
00:28:36.0720 3680  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
00:28:36.0720 3680  C:\Windows\System32\msftedit.dll - ok
00:28:36.0729 3680  [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
00:28:36.0729 3680  C:\Windows\SysWOW64\gameux.dll - ok
00:28:36.0737 3680  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
00:28:36.0737 3680  C:\Windows\System32\gameux.dll - ok
00:28:36.0747 3680  [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
00:28:36.0747 3680  C:\Windows\SysWOW64\msls31.dll - ok
00:28:36.0753 3680  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
00:28:36.0753 3680  C:\Windows\System32\msls31.dll - ok
00:28:36.0765 3680  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
00:28:36.0765 3680  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
00:28:36.0771 3680  [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
00:28:36.0771 3680  C:\Windows\SysWOW64\authui.dll - ok
00:28:36.0777 3680  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
00:28:36.0777 3680  C:\Windows\SysWOW64\cryptui.dll - ok
00:28:36.0783 3680  [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
00:28:36.0783 3680  C:\Windows\SysWOW64\msiltcfg.dll - ok
00:28:36.0794 3680  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
00:28:36.0794 3680  C:\Windows\System32\shdocvw.dll - ok
00:28:36.0800 3680  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
00:28:36.0800 3680  C:\Windows\SysWOW64\linkinfo.dll - ok
00:28:36.0810 3680  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
00:28:36.0810 3680  C:\Windows\System32\linkinfo.dll - ok
00:28:36.0816 3680  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
00:28:36.0816 3680  C:\Windows\System32\DeviceCenter.dll - ok
00:28:36.0826 3680  [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\Windows\System32\ieframe.dll
00:28:36.0826 3680  C:\Windows\System32\ieframe.dll - ok
00:28:36.0830 3680  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
00:28:36.0830 3680  C:\Windows\SysWOW64\rundll32.exe - ok
00:28:36.0842 3680  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
00:28:36.0842 3680  C:\Windows\SysWOW64\networkexplorer.dll - ok
00:28:36.0847 3680  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\26586910.sys
00:28:36.0847 3680  C:\Windows\System32\drivers\26586910.sys - ok
00:28:36.0853 3680  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
00:28:36.0853 3680  C:\Windows\System32\networkexplorer.dll - ok
00:28:36.0863 3680  [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
00:28:36.0863 3680  C:\Windows\SysWOW64\thumbcache.dll - ok
00:28:36.0870 3680  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
00:28:36.0870 3680  C:\Windows\System32\rundll32.exe - ok
00:28:36.0878 3680  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
00:28:36.0878 3680  C:\Windows\System32\thumbcache.dll - ok
00:28:36.0885 3680  [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
00:28:36.0885 3680  C:\Windows\SysWOW64\stobject.dll - ok
00:28:36.0892 3680  [ B0C095273C641FCA0A369E41023BB9B3 ] C:\Users\Adam\AppData\Roaming\ashart.dll
00:28:36.0892 3680  C:\Users\Adam\AppData\Roaming\ashart.dll - ok
00:28:36.0899 3680  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
00:28:36.0899 3680  C:\Windows\System32\stobject.dll - ok
00:28:36.0911 3680  [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
00:28:36.0911 3680  C:\Windows\SysWOW64\batmeter.dll - ok
00:28:36.0916 3680  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
00:28:36.0916 3680  C:\Windows\AppPatch\AcLayers.dll - ok
00:28:36.0923 3680  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
00:28:36.0923 3680  C:\Windows\System32\batmeter.dll - ok
00:28:36.0930 3680  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
00:28:36.0930 3680  C:\Windows\SysWOW64\riched20.dll - ok
00:28:36.0936 3680  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
00:28:36.0936 3680  C:\Windows\SysWOW64\drprov.dll - ok
00:28:36.0946 3680  [ BFC68382466436FAE8B7A27966FB98CB ] C:\Windows\AppPatch\acwow64.dll
00:28:36.0946 3680  C:\Windows\AppPatch\acwow64.dll - ok
00:28:36.0951 3680  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
00:28:36.0951 3680  C:\Windows\System32\drprov.dll - ok
00:28:36.0959 3680  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
00:28:36.0959 3680  C:\Windows\SysWOW64\ntlanman.dll - ok
00:28:36.0966 3680  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
00:28:36.0966 3680  C:\Windows\System32\ntlanman.dll - ok
00:28:36.0973 3680  [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
00:28:36.0973 3680  C:\Windows\SysWOW64\davclnt.dll - ok
00:28:36.0980 3680  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
00:28:36.0981 3680  C:\Windows\System32\davclnt.dll - ok
00:28:36.0987 3680  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
00:28:36.0987 3680  C:\Windows\SysWOW64\davhlpr.dll - ok
00:28:36.0993 3680  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
00:28:36.0993 3680  C:\Windows\System32\davhlpr.dll - ok
00:28:36.0999 3680  [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll
00:28:36.0999 3680  C:\Windows\SysWOW64\UIAnimation.dll - ok
00:28:37.0009 3680  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
00:28:37.0009 3680  C:\Windows\System32\UIAnimation.dll - ok
00:28:37.0014 3680  [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
00:28:37.0014 3680  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
00:28:37.0021 3680  [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
00:28:37.0021 3680  C:\Windows\SysWOW64\es.dll - ok
00:28:37.0027 3680  [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
00:28:37.0027 3680  C:\Windows\SysWOW64\fdProxy.dll - ok
00:28:37.0034 3680  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
00:28:37.0034 3680  C:\Windows\System32\fdProxy.dll - ok
00:28:37.0041 3680  [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
00:28:37.0041 3680  C:\Windows\SysWOW64\prnfldr.dll - ok
00:28:37.0048 3680  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
00:28:37.0048 3680  C:\Windows\System32\prnfldr.dll - ok
00:28:37.0056 3680  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
00:28:37.0056 3680  C:\Windows\SysWOW64\provsvc.dll - ok
00:28:37.0064 3680  [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
00:28:37.0064 3680  C:\Windows\SysWOW64\apisetschema.dll - ok
00:28:37.0071 3680  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
00:28:37.0071 3680  C:\Windows\System32\provsvc.dll - ok
00:28:37.0082 3680  [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
00:28:37.0082 3680  C:\Windows\SysWOW64\wdmaud.drv - ok
00:28:37.0086 3680  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
00:28:37.0086 3680  C:\Windows\SysWOW64\ksuser.dll - ok
00:28:37.0093 3680  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
00:28:37.0093 3680  C:\Windows\SysWOW64\avrt.dll - ok
00:28:37.0100 3680  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
00:28:37.0101 3680  C:\Windows\System32\DXP.dll - ok
00:28:37.0107 3680  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
00:28:37.0107 3680  C:\Windows\SysWOW64\AudioSes.dll - ok
00:28:37.0114 3680  [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
00:28:37.0114 3680  C:\Windows\SysWOW64\Syncreg.dll - ok
00:28:37.0121 3680  [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
00:28:37.0121 3680  C:\Windows\SysWOW64\oleaccrc.dll - ok
00:28:37.0128 3680  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
00:28:37.0128 3680  C:\Windows\System32\Syncreg.dll - ok
00:28:37.0135 3680  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
00:28:37.0135 3680  C:\Windows\SysWOW64\comdlg32.dll - ok
00:28:37.0143 3680  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
00:28:37.0143 3680  C:\Windows\ehome\ehSSO.dll - ok
00:28:37.0153 3680  [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
00:28:37.0153 3680  C:\Windows\SysWOW64\netshell.dll - ok
00:28:37.0159 3680  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
00:28:37.0159 3680  C:\Windows\System32\netshell.dll - ok
00:28:37.0164 3680  [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
00:28:37.0164 3680  C:\Windows\SysWOW64\AltTab.dll - ok
00:28:37.0170 3680  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
00:28:37.0170 3680  C:\Windows\System32\AltTab.dll - ok
00:28:37.0176 3680  [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
00:28:37.0176 3680  C:\Windows\SysWOW64\evr.dll - ok
00:28:37.0182 3680  [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
00:28:37.0182 3680  C:\Windows\SysWOW64\pnidui.dll - ok
00:28:37.0188 3680  [ 7F73235D527DCF16C38578CD1CD9F7A8 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
00:28:37.0188 3680  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
00:28:37.0195 3680  [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
00:28:37.0195 3680  C:\Windows\SysWOW64\QUTIL.DLL - ok
00:28:37.0199 3680  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
00:28:37.0199 3680  C:\Windows\System32\QUTIL.DLL - ok
00:28:37.0206 3680  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
00:28:37.0206 3680  C:\Windows\SysWOW64\wevtapi.dll - ok
00:28:37.0216 3680  [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
00:28:37.0216 3680  C:\Windows\SysWOW64\msacm32.drv - ok
00:28:37.0221 3680  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
00:28:37.0221 3680  C:\Windows\SysWOW64\rtutils.dll - ok
00:28:37.0229 3680  [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
00:28:37.0229 3680  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
00:28:37.0234 3680  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
00:28:37.0234 3680  C:\Windows\System32\WPDShServiceObj.dll - ok
00:28:37.0241 3680  [ F8D269134EEC097B7E47C818AF4862A7 ] C:\Windows\SysWOW64\ieui.dll
00:28:37.0241 3680  C:\Windows\SysWOW64\ieui.dll - ok
00:28:37.0251 3680  [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
00:28:37.0251 3680  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
00:28:37.0259 3680  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
00:28:37.0259 3680  C:\Windows\System32\PortableDeviceTypes.dll - ok
00:28:37.0266 3680  [ F7BC1D90C3A976A5259BD1A5D7D43038 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
00:28:37.0266 3680  C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
00:28:37.0272 3680  [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
00:28:37.0272 3680  C:\Windows\SysWOW64\midimap.dll - ok
00:28:37.0278 3680  [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
00:28:37.0278 3680  C:\Windows\SysWOW64\srchadmin.dll - ok
00:28:37.0285 3680  [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
00:28:37.0285 3680  C:\Windows\SysWOW64\SearchIndexer.exe - ok
00:28:37.0294 3680  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
00:28:37.0294 3680  C:\Windows\System32\srchadmin.dll - ok
00:28:37.0301 3680  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
00:28:37.0301 3680  C:\Windows\System32\SearchIndexer.exe - ok
00:28:37.0310 3680  [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
00:28:37.0310 3680  C:\Windows\SysWOW64\bthprops.cpl - ok
00:28:37.0318 3680  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
00:28:37.0318 3680  C:\Windows\System32\bthprops.cpl - ok
00:28:37.0325 3680  [ 0F4871B3BF0E48664A24D2717F2117A0 ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
00:28:37.0325 3680  C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
00:28:37.0333 3680  [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
00:28:37.0333 3680  C:\Windows\SysWOW64\ncsi.dll - ok
00:28:37.0339 3680  [ C97434C851C4821BD92D2831FDF1ECBE ] C:\Windows\SysWOW64\mshtml.dll
00:28:37.0339 3680  C:\Windows\SysWOW64\mshtml.dll - ok
00:28:37.0345 3680  [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
00:28:37.0345 3680  C:\Windows\SysWOW64\tquery.dll - ok
00:28:37.0352 3680  [ 84F6D5FE968852C59BCD3E06A36DC356 ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
00:28:37.0352 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe - ok
00:28:37.0358 3680  [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
00:28:37.0358 3680  C:\Windows\SysWOW64\mssrch.dll - ok
00:28:37.0364 3680  [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
00:28:37.0365 3680  C:\Windows\SysWOW64\d2d1.dll - ok
00:28:37.0371 3680  [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
00:28:37.0371 3680  C:\Windows\SysWOW64\esent.dll - ok
00:28:37.0377 3680  [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
00:28:37.0377 3680  C:\Windows\SysWOW64\DWrite.dll - ok
00:28:37.0384 3680  [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
00:28:37.0384 3680  C:\Windows\SysWOW64\msidle.dll - ok
00:28:37.0395 3680  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
00:28:37.0395 3680  C:\Windows\SysWOW64\mssprxy.dll - ok
00:28:37.0399 3680  [ AA0AC5B8C45AF41D1215B156272FC869 ] C:\Windows\SysWOW64\aticfx32.dll
00:28:37.0400 3680  C:\Windows\SysWOW64\aticfx32.dll - ok
00:28:37.0409 3680  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
00:28:37.0410 3680  C:\Windows\System32\FXSST.dll - ok
00:28:37.0415 3680  [ C2E178B380E585590D9198762A45AB64 ] C:\Windows\SysWOW64\atiuxpag.dll
00:28:37.0415 3680  C:\Windows\SysWOW64\atiuxpag.dll - ok
00:28:37.0423 3680  [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
00:28:37.0423 3680  C:\Windows\SysWOW64\FXSAPI.dll - ok
00:28:37.0431 3680  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
00:28:37.0431 3680  C:\Windows\System32\FXSAPI.dll - ok
00:28:37.0438 3680  [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
00:28:37.0438 3680  C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
00:28:37.0445 3680  [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
00:28:37.0445 3680  C:\Windows\SysWOW64\FXSRESM.dll - ok
00:28:37.0448 3680  [ D12FA9A85243BE480828BA78DB7B7BE5 ] C:\Windows\SysWOW64\atidxx32.dll
00:28:37.0448 3680  C:\Windows\SysWOW64\atidxx32.dll - ok
00:28:37.0455 3680  [ 91DF34E16E19E255EA9ECAE6B8A08579 ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\chrome.dll
00:28:37.0455 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\chrome.dll - ok
00:28:37.0463 3680  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
00:28:37.0463 3680  C:\Windows\System32\FXSRESM.dll - ok
00:28:37.0469 3680  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
00:28:37.0469 3680  C:\Windows\SysWOW64\dbghelp.dll - ok
00:28:37.0476 3680  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
00:28:37.0476 3680  C:\Windows\System32\FXSSVC.exe - ok
00:28:37.0484 3680  [ 78C3C413E736DBF4B0FB97D6AF563357 ] C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
00:28:37.0484 3680  C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll - ok
00:28:37.0491 3680  [ 8472F4A6F1769B0271F33F005A2625DB ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\icudt.dll
00:28:37.0491 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\icudt.dll - ok
00:28:37.0499 3680  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
00:28:37.0499 3680  C:\Windows\System32\tquery.dll - ok
00:28:37.0506 3680  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
00:28:37.0506 3680  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
00:28:37.0514 3680  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
00:28:37.0514 3680  C:\Windows\System32\mssrch.dll - ok
00:28:37.0521 3680  [ 1B23409D62A7D88DF6669CEDCC7EE2F2 ] C:\Program Files (x86)\Microsoft\BingBar\DefMgr.dll
00:28:37.0521 3680  C:\Program Files (x86)\Microsoft\BingBar\DefMgr.dll - ok
00:28:37.0528 3680  [ BBD02A0F3FBFCD2629D4A68FBD6B8118 ] C:\Program Files (x86)\Microsoft\BingBar\SeaNote.dll
00:28:37.0528 3680  C:\Program Files (x86)\Microsoft\BingBar\SeaNote.dll - ok
00:28:37.0535 3680  [ 5CF6190CD875DA6B35256FEE573E7908 ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
00:28:37.0535 3680  C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok
00:28:37.0542 3680  [ 59178198B42531569F21C1410C8E6291 ] C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
00:28:37.0542 3680  C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe - ok
00:28:37.0547 3680  [ 744185CA4E05C2182A40E7532E240094 ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll
00:28:37.0547 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll - ok
00:28:37.0557 3680  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
00:28:37.0557 3680  C:\Windows\System32\esent.dll - ok
00:28:37.0562 3680  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
00:28:37.0562 3680  C:\Windows\SysWOW64\mlang.dll - ok
00:28:37.0568 3680  [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll
00:28:37.0568 3680  C:\Windows\SysWOW64\tzres.dll - ok
00:28:37.0574 3680  [ ECE58A352984777519D4937E41871B4C ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
00:28:37.0574 3680  C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
00:28:37.0582 3680  [ 61824C5F77876D97F6523601074AC37E ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppgooglenaclpluginchrome.dll
00:28:37.0582 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppgooglenaclpluginchrome.dll - ok
00:28:37.0590 3680  [ CF39A105CD553EED31E2255AFF4C6742 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
00:28:37.0590 3680  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
00:28:37.0597 3680  [ 463720201490DB1F1D2F0583C5DEF2FA ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll
00:28:37.0597 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll - ok
00:28:37.0604 3680  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
00:28:37.0604 3680  C:\Windows\System32\msidle.dll - ok
00:28:37.0610 3680  [ 45406FFD87F6BA4345B018E303A64FF1 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\wlidcli.dll
00:28:37.0611 3680  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\wlidcli.dll - ok
00:28:37.0619 3680  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
00:28:37.0619 3680  C:\Windows\System32\netman.dll - ok
00:28:37.0624 3680  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
00:28:37.0624 3680  C:\Windows\SysWOW64\cabinet.dll - ok
00:28:37.0632 3680  [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll
00:28:37.0632 3680  C:\Windows\SysWOW64\WinSCard.dll - ok
00:28:37.0638 3680  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
00:28:37.0638 3680  C:\Windows\System32\mssprxy.dll - ok
00:28:37.0645 3680  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
00:28:37.0645 3680  C:\Windows\SysWOW64\sxs.dll - ok
00:28:37.0652 3680  [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
00:28:37.0652 3680  C:\Windows\SysWOW64\rasdlg.dll - ok
00:28:37.0660 3680  [ AC161980958E1F9B2CB6D94003BD02AC ] C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
00:28:37.0660 3680  C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL - ok
00:28:37.0665 3680  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
00:28:37.0665 3680  C:\Windows\System32\rasdlg.dll - ok
00:28:37.0672 3680  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
00:28:37.0672 3680  C:\Windows\System32\en-US\tquery.dll.mui - ok
00:28:37.0678 3680  [ 44509994FA141EF96E73EB444DB035EA ] C:\Program Files (x86)\Microsoft\BingBar\common.dll
00:28:37.0679 3680  C:\Program Files (x86)\Microsoft\BingBar\common.dll - ok
00:28:37.0685 3680  [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
00:28:37.0685 3680  C:\Windows\SysWOW64\mprapi.dll - ok
00:28:37.0691 3680  [ F5B6E7CB061E1CB75359DAA97B436D0A ] C:\Program Files\Microsoft Office 15\root\office15\MSOHEV.DLL
00:28:37.0691 3680  C:\Program Files\Microsoft Office 15\root\office15\MSOHEV.DLL - ok
00:28:37.0698 3680  [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\SysWOW64\stdole2.tlb
00:28:37.0698 3680  C:\Windows\SysWOW64\stdole2.tlb - ok
00:28:37.0705 3680  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
00:28:37.0705 3680  C:\Windows\System32\mprapi.dll - ok
00:28:37.0714 3680  [ 0F6652951129F283C72E1A5A951FF948 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDRES.DLL
00:28:37.0715 3680  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDRES.DLL - ok
00:28:37.0723 3680  [ 8843B6A1B8E102841B2DFF02805C5CEC ] C:\Windows\SysWOW64\jscript.dll
00:28:37.0723 3680  C:\Windows\SysWOW64\jscript.dll - ok
00:28:37.0729 3680  [ 5A8F5570DDE637A98FF3343375E812D9 ] C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
00:28:37.0729 3680  C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe - ok
00:28:37.0736 3680  [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
00:28:37.0736 3680  C:\Windows\SysWOW64\dot3api.dll - ok
00:28:37.0747 3680  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
00:28:37.0747 3680  C:\Windows\System32\dot3api.dll - ok
00:28:37.0755 3680  [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
00:28:37.0755 3680  C:\Windows\SysWOW64\scrrun.dll - ok
00:28:37.0761 3680  [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
00:28:37.0761 3680  C:\Windows\SysWOW64\wlanhlp.dll - ok
00:28:37.0769 3680  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
00:28:37.0769 3680  C:\Windows\System32\wlanhlp.dll - ok
00:28:37.0775 3680  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
00:28:37.0775 3680  C:\Windows\SysWOW64\wlanapi.dll - ok
00:28:37.0782 3680  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
00:28:37.0782 3680  C:\Windows\SysWOW64\d3d9.dll - ok
00:28:37.0791 3680  [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
00:28:37.0791 3680  C:\Windows\SysWOW64\hnetcfg.dll - ok
00:28:37.0798 3680  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
00:28:37.0798 3680  C:\Windows\SysWOW64\d3d8thk.dll - ok
00:28:37.0805 3680  [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
00:28:37.0805 3680  C:\Windows\SysWOW64\Wpc.dll - ok
00:28:37.0812 3680  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
00:28:37.0812 3680  C:\Windows\System32\hnetcfg.dll - ok
00:28:37.0818 3680  [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
00:28:37.0818 3680  C:\Windows\SysWOW64\dxva2.dll - ok
00:28:37.0825 3680  [ B322D163BF127C84DACF16A494F02063 ] C:\Windows\SysWOW64\en-US\jscript.dll.mui
00:28:37.0825 3680  C:\Windows\SysWOW64\en-US\jscript.dll.mui - ok
00:28:37.0831 3680  [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
00:28:37.0831 3680  C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
00:28:37.0838 3680  [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
00:28:37.0838 3680  C:\Windows\SysWOW64\mf.dll - ok
00:28:37.0844 3680  [ C2A9093E56551AACD417926F14F848E8 ] C:\Windows\SysWOW64\msxml6r.dll
00:28:37.0844 3680  C:\Windows\SysWOW64\msxml6r.dll - ok
00:28:37.0851 3680  [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll
00:28:37.0851 3680  C:\Windows\SysWOW64\webcheck.dll - ok
00:28:37.0858 3680  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
00:28:37.0858 3680  C:\Windows\System32\webcheck.dll - ok
00:28:37.0864 3680  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
00:28:37.0864 3680  C:\Windows\SysWOW64\mfplat.dll - ok
00:28:37.0871 3680  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
00:28:37.0871 3680  C:\Windows\System32\mlang.dll - ok
00:28:37.0877 3680  [ 8F3F2F5B2CD3CC8D8F8DC087B0EC4DBA ] C:\Windows\SysWOW64\en-US\msxml6r.dll.mui
00:28:37.0877 3680  C:\Windows\SysWOW64\en-US\msxml6r.dll.mui - ok
00:28:37.0884 3680  [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
00:28:37.0884 3680  C:\Windows\SysWOW64\SyncCenter.dll - ok
00:28:37.0890 3680  [ 600A65F922CCDCBB2D11467914241556 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
00:28:37.0890 3680  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
00:28:37.0897 3680  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
00:28:37.0897 3680  C:\Windows\System32\SyncCenter.dll - ok
00:28:37.0903 3680  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
00:28:37.0903 3680  C:\Windows\SysWOW64\mscms.dll - ok
00:28:37.0910 3680  [ 5D09A0DCE86829EB91A82EA13691CAC6 ] C:\Windows\SysWOW64\atiu9pag.dll
00:28:37.0910 3680  C:\Windows\SysWOW64\atiu9pag.dll - ok
00:28:37.0916 3680  [ EB9F220E8DC22310B199AE6A49B7E168 ] C:\Windows\SysWOW64\atiumdag.dll
00:28:37.0916 3680  C:\Windows\SysWOW64\atiumdag.dll - ok
00:28:37.0923 3680  [ 28D2C5CE5944E1B027CF5C8004CF89A1 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
00:28:37.0923 3680  C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll - ok
00:28:37.0929 3680  [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
00:28:37.0930 3680  C:\Windows\SysWOW64\hgcpl.dll - ok
00:28:37.0936 3680  [ 419680FCE774976FD752EB425D91AEDF ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
00:28:37.0936 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
00:28:37.0943 3680  [ DE5507DBA44CC5B6869205871B64A587 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
00:28:37.0943 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
00:28:37.0950 3680  [ 2402608897A8BCBAC7469A7DB1C874DA ] C:\Windows\SysWOW64\atiumdva.dll
00:28:37.0950 3680  C:\Windows\SysWOW64\atiumdva.dll - ok
00:28:37.0954 3680  [ 2DA7883A884BE60F9EB2810F67E0E361 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
00:28:37.0954 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
00:28:37.0961 3680  [ BB28A86CDFFFBB041C72AD9EFEAA00D0 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
00:28:37.0961 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
00:28:37.0968 3680  [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
00:28:37.0968 3680  C:\Windows\SysWOW64\taskeng.exe - ok
00:28:37.0974 3680  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
00:28:37.0974 3680  C:\Windows\System32\hgcpl.dll - ok
00:28:37.0981 3680  [ 16112E74A62381C69456566D35F9E51E ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
00:28:37.0981 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
00:28:37.0988 3680  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
00:28:37.0988 3680  C:\Windows\System32\taskeng.exe - ok
00:28:37.0995 3680  [ BB7F5F4966E76578A3EC0D11C444C545 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
00:28:37.0995 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
00:28:38.0002 3680  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
00:28:38.0002 3680  C:\Windows\SysWOW64\wlanutil.dll - ok
00:28:38.0008 3680  [ 11EF47BE3D8A4A943E10A63870C1F2C6 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
00:28:38.0009 3680  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
00:28:38.0015 3680  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
00:28:38.0015 3680  C:\Windows\System32\oleres.dll - ok
00:28:38.0021 3680  [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
00:28:38.0021 3680  C:\Windows\SysWOW64\WWanAPI.dll - ok
00:28:38.0028 3680  [ 34E3709244736B8976820F730E5A8815 ] C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
00:28:38.0028 3680  C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll - ok
00:28:38.0035 3680  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
00:28:38.0035 3680  C:\Windows\System32\WWanAPI.dll - ok
00:28:38.0041 3680  [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
00:28:38.0041 3680  C:\Windows\SysWOW64\wwapi.dll - ok
00:28:38.0048 3680  [ 1C9B45E87528B8BB8CFA884EA0099A85 ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\d3dcompiler_43.dll
00:28:38.0048 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\d3dcompiler_43.dll - ok
00:28:38.0055 3680  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
00:28:38.0055 3680  C:\Windows\System32\wwapi.dll - ok
00:28:38.0063 3680  [ FE03C0D034B42CE02774151D026C3BE4 ] C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
00:28:38.0067 3680  C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll - ok
00:28:38.0072 3680  [ 7E34AD9F9EA3045807A01F8FC5EC8FE5 ] C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe
00:28:38.0072 3680  C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe - ok
00:28:38.0079 3680  [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
00:28:38.0079 3680  C:\Windows\SysWOW64\QAGENT.DLL - ok
00:28:38.0085 3680  [ 86E39E9161C3D930D93822F1563C280D ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\d3dx9_43.dll
00:28:38.0085 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\d3dx9_43.dll - ok
00:28:38.0094 3680  [ C517E5EA7CEE783F3681F62D2A362E5B ] C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
00:28:38.0094 3680  C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll - ok
00:28:38.0117 3680  [ 18883601394C553AA6A60D0B7392C5DF ] C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
00:28:38.0117 3680  C:\Program Files (x86)\Yahoo!\Shared\npYState.dll - ok
00:28:38.0124 3680  [ 3FCF47BD73094FA62D81373515F46110 ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
00:28:38.0124 3680  C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
00:28:38.0131 3680  [ 3ADEB04F410DC57CBA0F33B25E570080 ] C:\Program Files\Microsoft Office 15\root\office15\NPSPWRAP.DLL
00:28:38.0131 3680  C:\Program Files\Microsoft Office 15\root\office15\NPSPWRAP.DLL - ok
00:28:38.0139 3680  [ 92391BFB1A6E2280FF5FDD62D285486D ] C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
00:28:38.0139 3680  C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - ok
00:28:38.0146 3680  [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
00:28:38.0146 3680  C:\Windows\SysWOW64\ktmw32.dll - ok
00:28:38.0153 3680  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
00:28:38.0153 3680  C:\Windows\System32\QAGENT.DLL - ok
00:28:38.0161 3680  [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll
00:28:38.0161 3680  C:\Windows\SysWOW64\TSChannel.dll - ok
00:28:38.0168 3680  [ 069F1857D53E39C1287580A358091897 ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\libglesv2.dll
00:28:38.0168 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\libglesv2.dll - ok
00:28:38.0175 3680  [ E0FF893763BA82BAABB869A351F0C455 ] C:\Users\Adam\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
00:28:38.0175 3680  C:\Users\Adam\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
00:28:38.0183 3680  [ 66E4246FEF8C364611F9782AA0809F42 ] C:\Program Files\Internet Explorer\ieproxy.dll
00:28:38.0183 3680  C:\Program Files\Internet Explorer\ieproxy.dll - ok
00:28:38.0190 3680  [ E0605322EAFA4A2248796FA0C97A93F2 ] C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\libegl.dll
00:28:38.0190 3680  C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\libegl.dll - ok
00:28:38.0198 3680  [ DAD55CEF682EAE6FA7B4C9487563A496 ] C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
00:28:38.0198 3680  C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - ok
00:28:38.0202 3680  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
00:28:38.0202 3680  C:\Windows\System32\TSChannel.dll - ok
00:28:38.0211 3680  [ DE3745A51B7AC7FEDC356A83F76C8023 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
00:28:38.0211 3680  C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll - ok
00:28:38.0217 3680  [ 05E38DA1F9E84E40E124C710A6E843B4 ] C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
00:28:38.0217 3680  C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe - ok
00:28:38.0224 3680  [ 9013599B12923A45C029C34E8D2211AC ] C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
00:28:38.0224 3680  C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll - ok
00:28:38.0232 3680  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
00:28:38.0232 3680  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
00:28:38.0240 3680  [ 7AE7A0F78ADF8A6751881CF37ED94F62 ] C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\WPDDM.dll
00:28:38.0240 3680  C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\WPDDM.dll - ok
00:28:38.0247 3680  [ 3B0E514F8DE7993B33948C3A2C0B2D16 ] C:\Users\Adam\AppData\Roaming\dplpi.dll
00:28:38.0247 3680  C:\Users\Adam\AppData\Roaming\dplpi.dll - ok
00:28:38.0254 3680  [ 8A4D564076F8739C8C0C2B9A461F9408 ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
00:28:38.0254 3680  C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll - ok
00:28:38.0261 3680  [ 5FA9B930E89B8CBBB51C4DAACC002207 ] C:\Program Files (x86)\Ad-Aware Antivirus\oehook.dll
00:28:38.0261 3680  C:\Program Files (x86)\Ad-Aware Antivirus\oehook.dll - ok
00:28:38.0268 3680  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
00:28:38.0268 3680  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
00:28:38.0274 3680  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
00:28:38.0274 3680  C:\Windows\System32\wbem\NCProv.dll - ok
00:28:38.0281 3680  [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
00:28:38.0281 3680  C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
00:28:38.0287 3680  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
00:28:38.0287 3680  C:\Windows\SysWOW64\dsound.dll - ok
00:28:38.0294 3680  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
00:28:38.0294 3680  C:\Windows\System32\SearchProtocolHost.exe - ok
00:28:38.0300 3680  [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
00:28:38.0300 3680  C:\Windows\SysWOW64\msshooks.dll - ok
00:28:38.0306 3680  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
00:28:38.0306 3680  C:\Windows\System32\msshooks.dll - ok
00:28:38.0313 3680  [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
00:28:38.0313 3680  C:\Windows\SysWOW64\SearchFilterHost.exe - ok
00:28:38.0319 3680  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
00:28:38.0320 3680  C:\Windows\System32\SearchFilterHost.exe - ok
00:28:38.0326 3680  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
00:28:38.0326 3680  C:\Windows\SysWOW64\mscoree.dll - ok
00:28:38.0341 3680  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
00:28:38.0341 3680  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
00:28:38.0348 3680  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
00:28:38.0348 3680  C:\Windows\System32\mscoree.dll - ok
00:28:38.0355 3680  [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
00:28:38.0355 3680  C:\Windows\SysWOW64\mssph.dll - ok
00:28:38.0362 3680  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
00:28:38.0362 3680  C:\Windows\System32\mssph.dll - ok
00:28:38.0369 3680  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
00:28:38.0369 3680  C:\Windows\System32\mapi32.dll - ok
00:28:38.0375 3680  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
00:28:38.0375 3680  C:\Windows\SysWOW64\authz.dll - ok
00:28:38.0382 3680  [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
00:28:38.0382 3680  C:\Windows\servicing\TrustedInstaller.exe - ok
00:28:38.0394 3680  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
00:28:38.0394 3680  C:\Windows\System32\upnphost.dll - ok
00:28:38.0407 3680  ============================================================
00:28:38.0408 3680  Scan finished
00:28:38.0408 3680  ============================================================
00:28:38.0427 2824  Detected object count: 0
00:28:38.0427 2824  Actual detected object count: 0


aswMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-03 00:36:11
-----------------------------
00:36:11.255    OS Version: Windows x64 6.1.7601 Service Pack 1
00:36:11.255    Number of processors: 2 586 0x100
00:36:11.256    ComputerName: ADAM-PC  UserName: Adam
00:36:13.764    Initialize success
00:40:27.049    AVAST engine defs: 13030201
00:40:56.446    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:40:56.452    Disk 0 Vendor: ST9320310AS 0001SDM1 Size: 305245MB BusType: 11
00:40:56.478    Disk 0 MBR read successfully
00:40:56.481    Disk 0 MBR scan
00:40:56.487    Disk 0 Windows 7 default MBR code
00:40:56.496    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        20480 MB offset 2048
00:40:56.516    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 41945088
00:40:56.536    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       284663 MB offset 42149888
00:40:56.570    Disk 0 scanning C:\Windows\system32\drivers
00:41:08.748    Service scanning
00:41:35.898    Modules scanning
00:41:35.910    Disk 0 trace - called modules:
00:41:35.965    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:41:36.317    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800457b060]
00:41:36.327    3 CLASSPNP.SYS[fffff8800141743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800408a060]
00:41:38.319    AVAST engine scan C:\Windows
00:41:40.755    AVAST engine scan C:\Windows\system32
00:45:18.750    AVAST engine scan C:\Windows\system32\drivers
00:45:33.803    AVAST engine scan C:\Users\Adam
00:55:29.827    AVAST engine scan C:\ProgramData
01:00:03.247    Scan finished successfully
01:13:34.158    Disk 0 MBR has been saved successfully to "C:\Users\Adam\Desktop\MBR.dat"
01:13:34.164    The log file has been saved successfully to "C:\Users\Adam\Desktop\aswMBR.txt"

ESET

C:\Users\All Users\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx    Win32/bProtector.D application   
C:\Users\All Users\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\browsemngr.js    Win32/bProtector.C application   
C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Packard Bell Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask.A application    cleaned by deleting - quarantined
C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx    Win32/bProtector.D application    deleted - quarantined
C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\browsemngr.js    Win32/bProtector.C application    cleaned by deleting - quarantined
C:\Users\Adam\AppData\Local\8419cd39-55e1-4d05-92a5-b67e5193806f.crx    JS/Redirector.NCG trojan    deleted - quarantined
C:\Users\Adam\AppData\Local\Google\Chrome\Application\24.0.1312.57\Extensions\8419cd39-55e1-4d05-92a5-b67e5193806f.crx    JS/Redirector.NCG trojan    deleted - quarantined
C:\Users\Adam\AppData\Local\Google\Chrome\Application\25.0.1364.97\Extensions\8419cd39-55e1-4d05-92a5-b67e5193806f.crx    JS/Redirector.NCG trojan    deleted - quarantined
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\1.0_0\manager.js    JS/Redirector.NCG trojan    cleaned by deleting - quarantined
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll    Win32/bProtector.D application    cleaned by deleting - quarantined
C:\Users\Adam\AppData\Roaming\ashart.dll    a variant of Win32/Medfos.LD trojan    cleaned by deleting (after the next restart) - quarantined
C:\Users\Adam\AppData\Roaming\dplpi.dll    a variant of Win32/Medfos.LD trojan    cleaned by deleting - quarantined



#9 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 04:46 AM

It was too long for one post so I've split it over two!

 

Thank you so much! :)



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 PM

Posted 03 March 2013 - 08:40 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#11 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 10:42 AM

  • Malwarebytes log

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.03.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Adam :: ADAM-PC [administrator]
 
Protection: Disabled
 
03/03/2013 15:04:13
mbam-log-2013-03-03 (15-04-13).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206970
Time elapsed: 3 minute(s), 40 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

 

  • MiniToolBox log

 

MiniToolBox by Farbar  Version:01-03-2013
Ran by Adam (administrator) on 03-03-2013 at 15:02:01
Running from "C:\Users\Adam\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
 
There are 15319 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)
Cisco Systems VPN Adapter for 64-bit Windows = Local Area Connection 2 (Hardware not present)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Adam-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
   Physical Address. . . . . . . . . : C0-F8-DA-04-08-BC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d02d:6752:2862:7a4c%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 03 March 2013 14:50:58
   Lease Expires . . . . . . . . . . : 04 March 2013 14:50:58
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 314636506
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-92-D6-64-B8-70-F4-8C-10-12
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : B8-70-F4-8C-10-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{BDC6A8E5-A4F0-4D15-BBA3-7B4EA26FCF33}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{BC916449-AF67-42D6-9E3E-1CA625F11BC4}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  www.routerlogin.com
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2a00:1450:4009:807::1001
      173.194.34.136
      173.194.34.137
      173.194.34.142
      173.194.34.128
      173.194.34.129
      173.194.34.130
      173.194.34.131
      173.194.34.132
      173.194.34.133
      173.194.34.134
      173.194.34.135
 
 
Pinging google.com [173.194.34.102] with 32 bytes of data:
Reply from 173.194.34.102: bytes=32 time=30ms TTL=57
Reply from 173.194.34.102: bytes=32 time=30ms TTL=57
 
Ping statistics for 173.194.34.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 30ms, Average = 30ms
Server:  www.routerlogin.com
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=895ms TTL=51
Request timed out.
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 895ms, Maximum = 895ms, Average = 895ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...c0 f8 da 04 08 bc ......Atheros AR5B97 Wireless Network Adapter
 11...b8 70 f4 8c 10 12 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.7     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.7    281
      192.168.0.7  255.255.255.255         On-link       192.168.0.7    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.7    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.7    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.7    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::d02d:6752:2862:7a4c/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/03/2013 02:52:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/03/2013 03:27:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (03/03/2013 03:26:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/03/2013 03:26:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (03/03/2013 00:46:21 AM) (Source: Application Hang) (User: )
Description: The program SpybotSD.exe version 1.6.2.46 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 11e4
 
Start Time: 01ce17a6c1ac6234
 
Termination Time: 19
 
Application Path: C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
 
Report Id:
 
Error: (03/03/2013 00:45:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/03/2013 00:45:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/03/2013 00:45:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/03/2013 00:45:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/03/2013 00:45:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (03/03/2013 03:05:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 03:04:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 03:03:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 03:02:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 03:01:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 03:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 02:59:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 02:58:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 02:57:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (03/03/2013 02:56:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
 
Microsoft Office Sessions:
=========================
Error: (03/03/2013 02:52:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/03/2013 03:27:21 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8
 
Error: (03/03/2013 03:26:48 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (03/03/2013 03:26:31 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (03/03/2013 00:46:21 AM) (Source: Application Hang)(User: )
Description: SpybotSD.exe1.6.2.4611e401ce17a6c1ac623419C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
 
Error: (03/03/2013 00:45:54 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Adam\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/03/2013 00:45:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Adam\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/03/2013 00:45:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Adam\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/03/2013 00:45:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Adam\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/03/2013 00:45:42 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Adam\Desktop\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-02 09:30:48.556
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-02 09:30:48.489
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-02 09:30:39.643
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-02 09:30:39.492
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-12 22:29:36.691
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-12 22:29:36.640
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-12 22:28:26.241
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-12 22:28:26.171
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? (Version: 15.4.5722.2)
???? ??? Windows Live (Version: 15.4.3502.0922)
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (Version: 15.4.5722.2)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) (Version: 15.4.5722.2)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
 
Acrobat.com (Version: 1.6.65)
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? (Version: 15.4.5722.2)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (Version: 15.4.5722.2)
Ad-Aware Antivirus (Version: 10.1.211.3382)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Ad-Aware Security Toolbar (Version: 2.1.0.20)
Adobe AIR (Version: 1.5.3.9130)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Premiere Elements 9 (Version: 9.0)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Agatha Christie - 4:50 from Paddington (Version: 2.2.0.95)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD System Monitor (Version: 1.0.5)
AMD VISION Engine Control Center (Version: 2012.1219.1521.27485)
Anti-phishing Domain Advisor (Version: 1.1.0.1)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Backup Manager V3 (Version: 3.0.0.90)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Bonjour (Version: 3.0.0.10)
Broadcom Card Reader Driver Installer (Version: 14.6.1.3)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 3.28)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Control ActiveX del Windows Live Mesh per a connexions remotes (Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a (Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
Crazy Chicken Kart 2 (Version: 2.2.0.95)
CyberLink MediaEspresso (Version: 6.5.1421_35790)
D3DX10 (Version: 15.4.2368.0902)
DesktopEarth (Version: 2.1.1)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
eBay Worldwide (Version: 2.2.0409)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESET Online Scanner v3
FATE (Version: 2.2.0.95)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych (Version: 15.4.5722.2)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 25.0.1364.97)
iCloud (Version: 2.1.1.3)
Identity Card (Version: 1.00.3006)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Jewel Quest Solitaire (Version: 2.2.0.95)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kontrola Windows Live Mesh ActiveX za daljinske veze (Version: 15.4.5722.2)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (Version: 15.4.5722.2)
Launch Manager (Version: 5.1.5)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Professional Plus 2013 - en-us (Version: 15.0.4454.1511)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Norton Online Backup (Version: 2.1.17869)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4454.1511)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1511)
Office 15 Click-to-Run Localization Component (Version: 15.0.4454.1511)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení (Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (Version: 15.4.5722.2)
Packard Bell Games (Version: 1.0.2.4)
Packard Bell MyBackup (Version: 3.0.0.90)
Packard Bell Power Management (Version: 6.00.3006)
Packard Bell Recovery Management (Version: 5.00.3004)
Packard Bell Registration (Version: 1.04.3501)
Packard Bell ScreenSaver (Version: 1.1.1025.2010)
Packard Bell Social Networks (Version: 2.0.2211)
Packard Bell Updater (Version: 1.02.3500)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Polar Bowler (Version: 2.2.0.95)
Pošta Windows Live (Version: 15.4.3502.0922)
QuickTime (Version: 7.73.80.64)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (Version: 6.0.1.6343)
RocketDock 1.3.5
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Skype™ 6.2 (Version: 6.2.106)
Slingo Deluxe (Version: 2.2.0.95)
Spybot - Search & Destroy (Version: 1.6.2)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (Version: 15.4.5722.2)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.17.5)
Team Fortress 2
Torchlight (Version: 2.2.0.95)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (Version: 15.4.5722.2)
uTorrentControl2 Toolbar (Version: 6.8.9.0)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi (Version: 15.4.5722.2)
Video Web Camera (Version: 1.0.1523)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Wedding Dash (Version: 2.2.0.95)
Welcome Center (Version: 1.02.3103)
WildTangent Games App (Packard Bell Games) (Version: 4.0.3.57)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Argazki Galeria (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR 4.11 (32-bit) (Version: 4.11.0)
World of Warcraft (Version: 5.1.0.16357)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zuma Deluxe (Version: 2.2.0.95)
 
 
========================= Devices: ================================
 
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: sbwtis
Description: sbwtis
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: sbwtis
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 45%
Total physical RAM: 3562.9 MB
Available physical RAM: 1937.93 MB
Total Pagefile: 7123.99 MB
Available Pagefile: 5218.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.68 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Packard Bell) (Fixed) (Total:277.99 GB) (Free:163.32 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ADAM-PC
 
Adam                     Administrator            Guest                    
 
 
**** End of log ****
 

 

  • Farbar's Service Scanner log

 

Farbar Service Scanner Version: 03-03-2013
Ran by Adam (administrator) on 03-03-2013 at 15:02:23
Running from "C:\Users\Adam\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
 
MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
 
bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
 
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 

  • AdwCleaner log

 

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 15:34:18
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Adam - ADAM-PC
# Boot Mode : Normal
# Running from : C:\Users\Adam\Downloads\AdwCleaner (1).exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Deleted : C:\Users\Adam\AppData\LocalLow\uTorrentControl2
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\957dfdfe668bd46
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\957dfdfe668bd46
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC5EB246-83DC-40AA-A21E-6D5EC2762B2A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D46745F8-BF21-424B-9AB2-39A0D88BE1F8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16464
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.97
 
File : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [317 octets] - [03/03/2013 15:03:29]
AdwCleaner[S2].txt - [3539 octets] - [03/03/2013 15:34:18]
 
########## EOF - C:\AdwCleaner[S2].txt - [3599 octets] ##########
  • Junkware Removal Tool log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Adam on 03/03/2013 at 15:14:53.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88} 
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
 
   Val Name      Type   Value Data
   ========      ====   ==========
    ashart    REG_SZ    "C:\Windows\System32\rundll32.exe" "C:\Users\Adam\AppData\Roaming\ashart.dll",HasKey
 
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\datamngr
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\anti-phishing domain advisor"
Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\local\google\chrome\user data\default\extensions\cdjbnddbclciabnckgeahmneohjlahdm"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pgafcinpmmpklohkojmllohdhomoefph
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/03/2013 at 15:22:22.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
  • Rkill log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Adam on 03/03/2013 at 15:14:53.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88} 
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
 
   Val Name      Type   Value Data
   ========      ====   ==========
    ashart    REG_SZ    "C:\Windows\System32\rundll32.exe" "C:\Users\Adam\AppData\Roaming\ashart.dll",HasKey
 
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\datamngr
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\anti-phishing domain advisor"
Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Users\Adam\appdata\local\google\chrome\user data\default\extensions\cdjbnddbclciabnckgeahmneohjlahdm"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pgafcinpmmpklohkojmllohdhomoefph
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/03/2013 at 15:22:22.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

  • Autoruns log

 

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
+ "*ForceDelete"    ""    ""    "c:\users\adam\downloads\adwcleaner.exe"
+ "Malwarebytes Anti-Malware"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "ashart"    ""    ""    "File not found: C:\Users\Adam\AppData\Roaming\ashart.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "PhotoStreamsExt"    ""    ""    "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "PhotoStreamsExt"    "ShellStreams.dll"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AdAwareContextMenu64"    "Ad-Aware Antivirus Shell Extension x64"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawareshellextension64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AdAwareContextMenu"    "Ad-Aware Antivirus Shell Extension"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawareshellextension.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ " SkyDrivePro1 (ErrorConflict)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
+ " SkyDrivePro2 (SyncInProgress)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
+ " SkyDrivePro3 (InSync)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ " SkyDrivePro1 (ErrorConflict)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
+ " SkyDrivePro2 (SyncInProgress)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
+ " SkyDrivePro3 (InSync)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Lync Browser Helper"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll"
+ "Microsoft SkyDrive Pro Browser Helper"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\urlredir.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Lync Browser Helper"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\ochelper.dll"
+ "Microsoft SkyDrive Pro Browser Helper"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\urlredir.dll"
+ "Spybot-S&D IE Protection"    "SBSD IE Protection"    "Safer Networking Limited"    "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Bing"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Lync Click to Call"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll"
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Lync Click to Call"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\ochelper.dll"
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\onbttnie.dll"
+ "Spybot - Search & Destroy Configuration"    "SBSD IE Protection"    "Safer Networking Limited"    "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler"    ""    ""    ""
+ "\Ad-Aware Antivirus Scheduled Scan"    "Ad-Aware Antivirus Launcher"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawarelauncher.exe"
+ "\Ad-Aware Update (Weekly)"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
+ "\AdobeAAMUpdater-1.0-Adam-PC-Adam"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\DeviceDetector"    "MediaEspresso DeviceDetector"    "CyberLink"    "c:\program files (x86)\cyberlink\mediaespresso\devicedetector\devicedetector.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1996266182-362656427-532401934-1001Core"    "Google Installer"    "Google Inc."    "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1996266182-362656427-532401934-1001UA"    "Google Installer"    "Google Inc."    "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft Office 15 Sync Maintenance for Adam-PC-Adam Adam-PC"    "Microsoft Office Document Cache"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\msosync.exe"
+ "\Microsoft\Office\Office Automatic Updates"    "Microsoft Office Click-to-Run"    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\integratedoffice.exe"
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack"    "Office Telemetry Agent"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\msoia.exe"
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn"    "Office Telemetry Agent"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\msoia.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\Recovery Management\Burn Notification"    "NotificationCenter"    "Acer"    "c:\program files\packard bell\packard bell recovery management\notificationcenter\notification.exe"
+ "\{EFDC01B4-9C12-4302-B9C8-E8B3BCC149BD}"    "Google Chrome"    "Google Inc."    "c:\users\adam\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore64.exe"
+ "Ad-Aware Service"    "Ad-Aware Service"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawareservice.exe"
+ "AdobeActiveFileMonitor9.0"    "Tracks files that are managed by Elements Organizer"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements 9 organizer\photoshopelementsfileagent.exe"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service"    "Provides FUEL Functionality"    "Advanced Micro Devices, Inc."    "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc"    "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "CVPND"    "Cisco Systems VPN Client"    "Cisco Systems, Inc."    "c:\program files (x86)\cisco systems\vpn client\cvpnd.exe"
+ "DsiWMIService"    "Dritek WMI Service"    "Dritek System Inc."    "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "ePowerSvc"    "Acer ePower Service"    "Acer Incorporated"    "c:\program files\packard bell\packard bell power management\epowersvc.exe"
+ "GamesAppService"    "WT Games App Services"    "WildTangent, Inc."    "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService"    "Global Registration Service"    "Acer Incorporated"    "c:\program files (x86)\packard bell\registration\gregsvc.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "Live Updater Service"    "Updater Service"    "Acer Incorporated"    "c:\program files\packard bell\packard bell updater\updaterservice.exe"
+ "NAUpdate"    "Provides access to Nero application updates and manages Nero applications."    "Nero AG"    "c:\program files (x86)\nero\update\nasvc.exe"
+ "NOBU"    "Norton Online Backup Service"    "Symantec Corporation"    "c:\program files (x86)\symantec\norton online backup\nobuagent.exe"
+ "NTI IScheduleSvc"    "NTI IShadow Manage backup/Sync jobs and  etc..."    "NTI Corporation"    "c:\program files (x86)\nti\packard bell mybackup\ischedulesvc.exe"
+ "OfficeSvc"    "Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during the use of any Microsoft Office program, during initial streaming installation and all subsequent updates."    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\integratedoffice.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Enables the download, installation, and enforcement of digital licenses for Microsoft Office applications. These applications require this service for proper operation. It is strongly recommended that you keep this service enabled."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SBAMSvc"    "Manages your antispyware and antivirus application"    "GFI Software"    "c:\program files (x86)\ad-aware antivirus\sbamsvc.exe"
+ "SBSDWSCService"    "Spybot-S&D Security Center integration"    "Safer Networking Ltd."    "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort"    "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."    "Microsoft Corporation"    "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"    "ATI Radeon Kernel Mode Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"    "AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver4.2"    "AMD OverDrive Service Driver"    "Advanced Micro Devices"    "c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "athr"    "Atheros Extensible Wireless LAN device driver"    "Atheros Communications, Inc."    "c:\windows\system32\drivers\athrx.sys"
+ "AtiHDAudioService"    "AMD High Definition Audio Function Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\atihdw76.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "b57xdbd"    "Broadcom xD Picture Card Bus Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\b57xdbd.sys"
+ "b57xdmp"    "Broadcom xD Picture Card Miniport Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\b57xdmp.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "bScsiMSa"    "Broadcom Memory Stick Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bscsimsa.sys"
+ "bScsiSDa"    "Broadcom SD 3.0 Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bscsisda.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "CVirtA"    "Cisco Systems VPN Adapter"    "Cisco Systems, Inc."    "c:\windows\system32\drivers\cvirta64.sys"
+ "CVPNDRVA"    ""    ""    "c:\windows\system32\drivers\cvpndrva.sys"
+ "DNE"    "Deterministic Network Enhancer for NDIS 5.1"    "Deterministic Networks, Inc."    "c:\windows\system32\drivers\dne64x.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a"    "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\k57nd60a.sys"
+ "Lavasoft Kernexplorer"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr"    "NTI CD-ROM Filter Driver"    "NewTech Infosystems, Inc."    "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64"    "Px Engine Device Driver for 64-bit Windows"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV"    "SASDIFSV64.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL"    "SASKUTIL64.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil64.sys"
+ "sbapifs"    "GFI Active Protection Filter Driver"    "GFI Software"    "c:\windows\system32\drivers\sbapifs.sys"
+ "SbFw"    "GFI Firewall SDK TDI Firewall Driver"    "GFI Software"    "c:\windows\system32\drivers\sbfw.sys"
+ "SBFWIMCL"    "GFI Firewall SDK NDIS Intermediate Driver"    "GFI Software"    "c:\windows\system32\drivers\sbfwim.sys"
+ "SBFWIMCLMP"    "GFI Firewall SDK NDIS Intermediate Driver"    "GFI Software"    "c:\windows\system32\drivers\sbfwim.sys"
+ "sbhips"    "GFI Firewall SDK Host Intrusion Prevention System Driver"    "GFI Software"    "c:\windows\system32\drivers\sbhips.sys"
+ "SBRE"    "GFI Anti-Rootkit Driver"    "GFI Software"    "c:\windows\system32\drivers\sbredrv.sys"
+ "sbwtis"    "GFI Software Transport Inspection WFP Driver"    "GFI Software"    "c:\windows\system32\drivers\sbwtis.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "Serial"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics Incorporated"    "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper"    "NTI CDROM Filter Driver"    "NewTech Infosystems Corporation"    "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter"    "AMD USB Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "AMD MJPEG Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "AMD MJPEG Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder"    "AVC/H.264 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder"    "AAC audio decoder filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder"    "AVC/H.264 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_avc_ds.ax"
+ "MainConcept DV Dif Parser"    "DV Dif Parser DS Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder"    "DirectShow DVCPro Video Decoder"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer"    "DV-Splitter DS Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder"    "DirectShow DVCPro50 Video Decoder"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder"    "DirectShow DVCProHD Video Decoder"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "MMACE Deinterlace"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Track1Filter"    "Adobe Photoshop Elements 9.0 (component)"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter"    "Adobe Photoshop Elements 9.0 (component)"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements 9 organizer\track2filter.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "{D517CC93-7066-4D06-A2AF-2F4298738C2A}"    ""    ""    "File not found: c:\Program Files (x86)\Adobe\Adobe Premiere Elements 9\plug-ins\en_US\DvFileWriter.prm"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\Adam\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ ""    ""    ""    "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget"


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 PM

Posted 03 March 2013 - 10:48 AM

You missed RKILL log.

 

Right click on Junkware removal tool and select run as administrator.The tool should run.

 

Please post the generated log here.



#13 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 10:52 AM

Oops sorry! Here is RKill, I'm running JRT right now

 

Rkill Log

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""

+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
+ "*ForceDelete"    ""    ""    "c:\users\adam\downloads\adwcleaner.exe"
+ "Malwarebytes Anti-Malware"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "ashart"    ""    ""    "File not found: C:\Users\Adam\AppData\Roaming\ashart.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "PhotoStreamsExt"    ""    ""    "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "PhotoStreamsExt"    "ShellStreams.dll"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AdAwareContextMenu64"    "Ad-Aware Antivirus Shell Extension x64"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawareshellextension64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AdAwareContextMenu"    "Ad-Aware Antivirus Shell Extension"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawareshellextension.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ " SkyDrivePro1 (ErrorConflict)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
+ " SkyDrivePro2 (SyncInProgress)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
+ " SkyDrivePro3 (InSync)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ " SkyDrivePro1 (ErrorConflict)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
+ " SkyDrivePro2 (SyncInProgress)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
+ " SkyDrivePro3 (InSync)"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Lync Browser Helper"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll"
+ "Microsoft SkyDrive Pro Browser Helper"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\urlredir.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Lync Browser Helper"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\ochelper.dll"
+ "Microsoft SkyDrive Pro Browser Helper"    "Microsoft SkyDrive Pro Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\grooveex.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\urlredir.dll"
+ "Spybot-S&D IE Protection"    "SBSD IE Protection"    "Safer Networking Limited"    "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Bing"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Lync Click to Call"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll"
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Lync Click to Call"    "Microsoft Lync"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\ochelper.dll"
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\onbttnie.dll"
+ "Spybot - Search & Destroy Configuration"    "SBSD IE Protection"    "Safer Networking Limited"    "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler"    ""    ""    ""
+ "\Ad-Aware Antivirus Scheduled Scan"    "Ad-Aware Antivirus Launcher"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawarelauncher.exe"
+ "\Ad-Aware Update (Weekly)"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
+ "\AdobeAAMUpdater-1.0-Adam-PC-Adam"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\DeviceDetector"    "MediaEspresso DeviceDetector"    "CyberLink"    "c:\program files (x86)\cyberlink\mediaespresso\devicedetector\devicedetector.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1996266182-362656427-532401934-1001Core"    "Google Installer"    "Google Inc."    "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1996266182-362656427-532401934-1001UA"    "Google Installer"    "Google Inc."    "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft Office 15 Sync Maintenance for Adam-PC-Adam Adam-PC"    "Microsoft Office Document Cache"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\msosync.exe"
+ "\Microsoft\Office\Office Automatic Updates"    "Microsoft Office Click-to-Run"    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\integratedoffice.exe"
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack"    "Office Telemetry Agent"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\msoia.exe"
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn"    "Office Telemetry Agent"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\msoia.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\Recovery Management\Burn Notification"    "NotificationCenter"    "Acer"    "c:\program files\packard bell\packard bell recovery management\notificationcenter\notification.exe"
+ "\{EFDC01B4-9C12-4302-B9C8-E8B3BCC149BD}"    "Google Chrome"    "Google Inc."    "c:\users\adam\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore64.exe"
+ "Ad-Aware Service"    "Ad-Aware Service"    "Lavasoft Limited"    "c:\program files (x86)\ad-aware antivirus\adawareservice.exe"
+ "AdobeActiveFileMonitor9.0"    "Tracks files that are managed by Elements Organizer"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements 9 organizer\photoshopelementsfileagent.exe"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service"    "Provides FUEL Functionality"    "Advanced Micro Devices, Inc."    "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc"    "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "CVPND"    "Cisco Systems VPN Client"    "Cisco Systems, Inc."    "c:\program files (x86)\cisco systems\vpn client\cvpnd.exe"
+ "DsiWMIService"    "Dritek WMI Service"    "Dritek System Inc."    "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "ePowerSvc"    "Acer ePower Service"    "Acer Incorporated"    "c:\program files\packard bell\packard bell power management\epowersvc.exe"
+ "GamesAppService"    "WT Games App Services"    "WildTangent, Inc."    "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService"    "Global Registration Service"    "Acer Incorporated"    "c:\program files (x86)\packard bell\registration\gregsvc.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "Live Updater Service"    "Updater Service"    "Acer Incorporated"    "c:\program files\packard bell\packard bell updater\updaterservice.exe"
+ "NAUpdate"    "Provides access to Nero application updates and manages Nero applications."    "Nero AG"    "c:\program files (x86)\nero\update\nasvc.exe"
+ "NOBU"    "Norton Online Backup Service"    "Symantec Corporation"    "c:\program files (x86)\symantec\norton online backup\nobuagent.exe"
+ "NTI IScheduleSvc"    "NTI IShadow Manage backup/Sync jobs and  etc..."    "NTI Corporation"    "c:\program files (x86)\nti\packard bell mybackup\ischedulesvc.exe"
+ "OfficeSvc"    "Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during the use of any Microsoft Office program, during initial streaming installation and all subsequent updates."    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\integratedoffice.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Enables the download, installation, and enforcement of digital licenses for Microsoft Office applications. These applications require this service for proper operation. It is strongly recommended that you keep this service enabled."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SBAMSvc"    "Manages your antispyware and antivirus application"    "GFI Software"    "c:\program files (x86)\ad-aware antivirus\sbamsvc.exe"
+ "SBSDWSCService"    "Spybot-S&D Security Center integration"    "Safer Networking Ltd."    "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort"    "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."    "Microsoft Corporation"    "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"    "ATI Radeon Kernel Mode Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"    "AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver4.2"    "AMD OverDrive Service Driver"    "Advanced Micro Devices"    "c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "athr"    "Atheros Extensible Wireless LAN device driver"    "Atheros Communications, Inc."    "c:\windows\system32\drivers\athrx.sys"
+ "AtiHDAudioService"    "AMD High Definition Audio Function Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\atihdw76.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "b57xdbd"    "Broadcom xD Picture Card Bus Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\b57xdbd.sys"
+ "b57xdmp"    "Broadcom xD Picture Card Miniport Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\b57xdmp.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "bScsiMSa"    "Broadcom Memory Stick Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bscsimsa.sys"
+ "bScsiSDa"    "Broadcom SD 3.0 Driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bscsisda.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "CVirtA"    "Cisco Systems VPN Adapter"    "Cisco Systems, Inc."    "c:\windows\system32\drivers\cvirta64.sys"
+ "CVPNDRVA"    ""    ""    "c:\windows\system32\drivers\cvpndrva.sys"
+ "DNE"    "Deterministic Network Enhancer for NDIS 5.1"    "Deterministic Networks, Inc."    "c:\windows\system32\drivers\dne64x.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a"    "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\k57nd60a.sys"
+ "Lavasoft Kernexplorer"    ""    ""    "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr"    "NTI CD-ROM Filter Driver"    "NewTech Infosystems, Inc."    "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64"    "Px Engine Device Driver for 64-bit Windows"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV"    "SASDIFSV64.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL"    "SASKUTIL64.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil64.sys"
+ "sbapifs"    "GFI Active Protection Filter Driver"    "GFI Software"    "c:\windows\system32\drivers\sbapifs.sys"
+ "SbFw"    "GFI Firewall SDK TDI Firewall Driver"    "GFI Software"    "c:\windows\system32\drivers\sbfw.sys"
+ "SBFWIMCL"    "GFI Firewall SDK NDIS Intermediate Driver"    "GFI Software"    "c:\windows\system32\drivers\sbfwim.sys"
+ "SBFWIMCLMP"    "GFI Firewall SDK NDIS Intermediate Driver"    "GFI Software"    "c:\windows\system32\drivers\sbfwim.sys"
+ "sbhips"    "GFI Firewall SDK Host Intrusion Prevention System Driver"    "GFI Software"    "c:\windows\system32\drivers\sbhips.sys"
+ "SBRE"    "GFI Anti-Rootkit Driver"    "GFI Software"    "c:\windows\system32\drivers\sbredrv.sys"
+ "sbwtis"    "GFI Software Transport Inspection WFP Driver"    "GFI Software"    "c:\windows\system32\drivers\sbwtis.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "Serial"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics Incorporated"    "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper"    "NTI CDROM Filter Driver"    "NewTech Infosystems Corporation"    "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter"    "AMD USB Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "AMD MJPEG Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "AMD MJPEG Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder"    "AVC/H.264 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder"    "AAC audio decoder filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder"    "AVC/H.264 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_avc_ds.ax"
+ "MainConcept DV Dif Parser"    "DV Dif Parser DS Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder"    "DirectShow DVCPro Video Decoder"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer"    "DV-Splitter DS Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder"    "DirectShow DVCPro50 Video Decoder"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder"    "DirectShow DVCProHD Video Decoder"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "MMACE Deinterlace"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Track1Filter"    "Adobe Photoshop Elements 9.0 (component)"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter"    "Adobe Photoshop Elements 9.0 (component)"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements 9 organizer\track2filter.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "{D517CC93-7066-4D06-A2AF-2F4298738C2A}"    ""    ""    "File not found: c:\Program Files (x86)\Adobe\Adobe Premiere Elements 9\plug-ins\en_US\DvFileWriter.prm"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\Adam\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ ""    ""    ""    "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget"


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 PM

Posted 03 March 2013 - 10:55 AM

 This is RKILL.

 

 

Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


 



#15 SaraLouise12

SaraLouise12
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 03 March 2013 - 11:07 AM

Here is JRT:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Adam on 03/03/2013 at 15:52:16.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
 
   Val Name      Type   Value Data
   ========      ====   ==========
    ashart    REG_SZ    "C:\Windows\System32\rundll32.exe" "C:\Users\Adam\AppData\Roaming\ashart.dll",HasKey
 
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/03/2013 at 16:01:49.65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Have I done all this correctly?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users