Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CSRSS.exe Virus. Now I'm transmitting data to a hacker?


  • Please log in to reply
16 replies to this topic

#1 eSmith17

eSmith17

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 02 March 2013 - 07:20 PM

Hello Everyone,

 

This situation started on Friday 3/1/2013 when my wife was checking her Yahoo e-mail while at work and noticed the account had been hacked & someone had been sending out spam to her contacts.  When we got home from work she called a company that does tech support for Yahoo regarding her situation & was told by the representative that our home computer had been hacked & thats how they got her e-mail account info.  Durring the few minutes I spoke with the representative, she told me that a CSRSS.exe virus had infected my computer as well as the network binaries had frozen instead of being a continually changing number or code.  (and that she could fix it for $99.00)

 

Wanting to know more about the situation before paying a stranger nearly a hundred dollars to fix an issue I had only just found out about (and didn't realize I had because I have not experienced any slow down or crashes in any of my daily usage of the computer) I set forth to the internet to learn more about what this CSRSS.exe issue was.

 

I learned that some Trojans disguise themselves as normal programs so at first glance you might not think to get rid of them, as was the case with this issue apparently.  I have since done my best to verify that the one instance of csrss.exe in my windows task manager is a valid one, but am still a bit uncertain.  I only have one instance of it running & it says it's using 11,000k of memory.  When I select the "show processes from all users"  button a second instance of csrss.exe pops up only using 1000k of memory.  Both are labeled now by the task manager as "clinet server runtime process".

 

After browsing some other forums, I've learned what actions to take to hopefuly fix the situation.  I've done a search for any and all files with "csrss.exe" in the file name, and per instructions I found, deleted any suspicious ones that were not actually filed in the C:windows\systerm32 section.  I also downloaded Malware-Bytes Anti Malware program, running the quick scan, followed by the full scan.  It found a few Trojans & PUPs and deleted them.  Then I also downloaded Ad-Aware Antivirus because I had heard it might catch a few things that the Malware-Bytes one might miss.  Lastly, I downloaded and ran the Kaspersky TDSS Killer program and it found a few items the other two anti-virus programs didn't & got rid of them too.

 

This afternoon when my wife had a live-chat with a representative at www.qmpctech.com regarding her yahoo e-mail account they mentioned that at this point even if I've gotten rid of the malware, the PC is already infected and still transmitting data to whomever hacked it in the first place.

 

At this point I've done my best to clean up my PC, but am left wondering if it really did the job or if my PC is still infected and stransmitting sensitive data to someone out there.

 

Thanks in advance.  Any and all help would be greatly appreciated.

 

 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 02 March 2013 - 07:24 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 12:47 AM

Ok, so the website seems to keep timing out whenever a try and post the results.  My best guess is that its too much text for one post, so i'll try and post smaller snipits in hope that that works instead.

 

 

TDSSKiller

16:48:25.0041 5564  TDSS rootkit removing tool 2.8.16.0 Feb

11 2013 18:50:42
16:48:25.0586 5564 

============================================================
16:48:25.0586 5564  Current date / time: 2013/03/02

16:48:25.0586
16:48:25.0586 5564  SystemInfo:
16:48:25.0586 5564 
16:48:25.0586 5564  OS Version: 6.0.6002 ServicePack: 2.0
16:48:25.0586 5564  Product type: Workstation
16:48:25.0586 5564  ComputerName: ESMITH-PC
16:48:25.0586 5564  UserName: e. Smith
16:48:25.0586 5564  Windows directory: C:\Windows
16:48:25.0586 5564  System windows directory: C:\Windows
16:48:25.0586 5564  Processor architecture: Intel x86
16:48:25.0586 5564  Number of processors: 2
16:48:25.0586 5564  Page size: 0x1000
16:48:25.0586 5564  Boot type: Normal boot
16:48:25.0586 5564 

============================================================
16:48:26.0293 5564  BG loaded
16:48:26.0541 5564  Drive \Device\Harddisk0\DR0 - Size:

0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders:

0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type

'K0', Flags 0x00000050
16:48:26.0566 5564  Drive \Device\Harddisk1\DR1 - Size:

0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders:

0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF,

Type 'K0', Flags 0x00000050
16:48:26.0566 5564  Drive \Device\Harddisk2\DR2 - Size:

0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders:

0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF,

Type 'K0', Flags 0x00000050
16:48:26.0567 5564  Drive \Device\Harddisk3\DR3 - Size:

0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders:

0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF,

Type 'K0', Flags 0x00000050
16:48:26.0569 5564 

============================================================
16:48:26.0569 5564  \Device\Harddisk0\DR0:
16:48:26.0569 5564  MBR partitions:
16:48:26.0569 5564  \Device\Harddisk0\DR0\Partition1: MBR,

Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
16:48:26.0569 5564  \Device\Harddisk1\DR1:
16:48:26.0569 5564  MBR partitions:
16:48:26.0569 5564  \Device\Harddisk1\DR1\Partition1: MBR,

Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:48:26.0570 5564  \Device\Harddisk2\DR2:
16:48:26.0570 5564  MBR partitions:
16:48:26.0570 5564  \Device\Harddisk2\DR2\Partition1: MBR,

Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:48:26.0570 5564  \Device\Harddisk3\DR3:
16:48:26.0570 5564  MBR partitions:
16:48:26.0570 5564  \Device\Harddisk3\DR3\Partition1: MBR,

Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:48:26.0570 5564 

============================================================
16:48:26.0583 5564  C: <-> \Device\Harddisk0\DR0\Partition1
16:48:26.0607 5564  D: <-> \Device\Harddisk1\DR1\Partition1
16:48:26.0608 5564  E: <-> \Device\Harddisk2\DR2\Partition1
16:48:26.0608 5564  F: <-> \Device\Harddisk3\DR3\Partition1
16:48:26.0609 5564 

============================================================
16:48:26.0609 5564  Initialize success
16:48:26.0609 5564 

============================================================
16:48:39.0228 4504 

============================================================
16:48:39.0228 4504  Scan started
16:48:39.0228 4504  Mode: Manual; TDLFS;
16:48:39.0228 4504 

============================================================
16:48:39.0511 4504  ================ Scan system memory

========================
16:48:39.0511 4504  System memory - ok
16:48:39.0512 4504  ================ Scan services

=============================
16:48:39.0556 4504  ACDaemon - ok
16:48:39.0662 4504  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ]

ACPI            C:\Windows\system32\drivers\acpi.sys
16:48:39.0664 4504  ACPI - ok
16:48:39.0729 4504  [ D22791FCF6AD10A5591C719C37457A24 ] Ad

-Aware Service D:\Programs\Ad-Aware

Antivirus\AdAwareService.exe
16:48:39.0736 4504  Ad-Aware Service - ok
16:48:39.0799 4504  [ 9942DC4CC265CDA00486504444EF521D ]

AdobeFlashPlayerUpdateSvc C:\Windows\system32

\Macromed\Flash\FlashPlayerUpdateService.exe
16:48:39.0801 4504  AdobeFlashPlayerUpdateSvc - ok
16:48:39.0842 4504  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ]

adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:48:39.0845 4504  adp94xx - ok
16:48:39.0861 4504  [ B84088CA3CDCA97DA44A984C6CE1CCAD ]

adpahci         C:\Windows\system32\drivers\adpahci.sys
16:48:39.0863 4504  adpahci - ok
16:48:39.0881 4504  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ]

adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:48:39.0882 4504  adpu160m - ok
16:48:39.0915 4504  [ 9AE713F8E30EFC2ABCCD84904333DF4D ]

adpu320         C:\Windows\system32\drivers\adpu320.sys
16:48:39.0916 4504  adpu320 - ok
16:48:39.0947 4504  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ]

AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:48:39.0948 4504  AeLookupSvc - ok
16:48:40.0019 4504  [ 3911B972B55FEA0478476B2E777B29FA ] AFD

            C:\Windows\system32\drivers\afd.sys
16:48:40.0021 4504  AFD - ok
16:48:40.0034 4504  [ EF23439CDD587F64C2C1B8825CEAD7D8 ]

agp440          C:\Windows\system32\drivers\agp440.sys
16:48:40.0035 4504  agp440 - ok
16:48:40.0051 4504  [ AE1FDF7BF7BB6C6A70F67699D880592A ]

aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:48:40.0052 4504  aic78xx - ok
16:48:40.0079 4504  [ A1545B731579895D8CC44FC0481C1192 ] ALG

            C:\Windows\System32\alg.exe
16:48:40.0080 4504  ALG - ok
16:48:40.0094 4504  [ 90395B64600EBB4552E26E178C94B2E4 ]

aliide          C:\Windows\system32\drivers\aliide.sys
16:48:40.0095 4504  aliide - ok
16:48:40.0106 4504  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ]

amdagp          C:\Windows\system32\drivers\amdagp.sys
16:48:40.0106 4504  amdagp - ok
16:48:40.0120 4504  [ 0577DF1D323FE75A739C787893D300EA ]

amdide          C:\Windows\system32\drivers\amdide.sys
16:48:40.0120 4504  amdide - ok
16:48:40.0132 4504  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ]

AmdK7           C:\Windows\system32\drivers\amdk7.sys
16:48:40.0132 4504  AmdK7 - ok
16:48:40.0157 4504  [ 0CA0071DA4315B00FC1328CA86B425DA ]

AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:48:40.0158 4504  AmdK8 - ok
16:48:40.0193 4504  [ C6D704C7F0434DC791AAC37CAC4B6E14 ]

Appinfo         C:\Windows\System32\appinfo.dll
16:48:40.0194 4504  Appinfo - ok
16:48:40.0215 4504  [ 0FE769CAE5855B53C90E23F85E7E89FF ]

AppMgmt         C:\Windows\System32\appmgmts.dll
16:48:40.0217 4504  AppMgmt - ok
16:48:40.0248 4504  [ 5F673180268BB1FDB69C99B6619FE379 ] arc

            C:\Windows\system32\drivers\arc.sys
16:48:40.0249 4504  arc - ok
16:48:40.0262 4504  [ 957F7540B5E7F602E44648C7DE5A1C05 ]

arcsas          C:\Windows\system32\drivers\arcsas.sys
16:48:40.0263 4504  arcsas - ok
16:48:40.0299 4504  [ 2B4E66FAC6503494A2C6F32BB6AB3826 ]

AsIO            C:\Windows\system32\drivers\AsIO.sys
16:48:40.0300 4504  AsIO - ok
16:48:40.0323 4504  [ 53B202ABEE6455406254444303E87BE1 ]

AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:48:40.0324 4504  AsyncMac - ok
16:48:40.0347 4504  [ 1F05B78AB91C9075565A9D8A4B880BC4 ]

atapi           C:\Windows\system32\drivers\atapi.sys
16:48:40.0348 4504  atapi - ok
16:48:40.0363 4504  ATMFBUS - ok
16:48:40.0369 4504  ATMFCVsp - ok
16:48:40.0374 4504  ATMFFLT - ok
16:48:40.0379 4504  ATMFMdm - ok
16:48:40.0385 4504  ATMFNET - ok
16:48:40.0390 4504  ATMFNVsp - ok
16:48:40.0395 4504  ATMFVsp - ok
16:48:40.0442 4504  [ 68E2A1A0407A66CF50DA0300852424AB ]

AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:48:40.0444 4504  AudioEndpointBuilder - ok
16:48:40.0459 4504  [ 68E2A1A0407A66CF50DA0300852424AB ]

Audiosrv        C:\Windows\System32\Audiosrv.dll
16:48:40.0462 4504  Audiosrv - ok
16:48:40.0525 4504  [ 67E506B75BD5326A3EC7B70BD014DFB6 ]

Beep            C:\Windows\system32\drivers\Beep.sys
16:48:40.0526 4504  Beep - ok
16:48:40.0546 4504  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE

            C:\Windows\System32\bfe.dll
16:48:40.0549 4504  BFE - ok
16:48:40.0579 4504  [ 93952506C6D67330367F7E7934B6A02F ]

BITS            C:\Windows\System32\qmgr.dll
16:48:40.0584 4504  BITS - ok
16:48:40.0591 4504  blbdrive - ok
16:48:40.0623 4504  [ 35F376253F687BDE63976CCB3F2108CA ]

bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:48:40.0624 4504  bowser - ok
16:48:40.0641 4504  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ]

BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:48:40.0642 4504  BrFiltLo - ok
16:48:40.0653 4504  [ 56801AD62213A41F6497F96DEE83755A ]

BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:48:40.0653 4504  BrFiltUp - ok
16:48:40.0677 4504  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ]

Browser         C:\Windows\System32\browser.dll
16:48:40.0678 4504  Browser - ok
16:48:40.0696 4504  [ B304E75CFF293029EDDF094246747113 ]

Brserid         C:\Windows\system32\drivers\brserid.sys
16:48:40.0697 4504  Brserid - ok
16:48:40.0727 4504  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ]

BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:48:40.0728 4504  BrSerWdm - ok
16:48:40.0753 4504  [ BD456606156BA17E60A04E18016AE54B ]

BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:48:40.0754 4504  BrUsbMdm - ok
16:48:40.0771 4504  [ AF72ED54503F717A43268B3CC5FAEC2E ]

BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:48:40.0772 4504  BrUsbSer - ok
16:48:40.0803 4504  [ AD07C1EC6665B8B35741AB91200C6B68 ]

BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:48:40.0804 4504  BTHMODEM - ok
16:48:40.0837 4504  [ 7ADD03E75BEB9E6DD102C3081D29840A ]

cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:48:40.0838 4504  cdfs - ok
16:48:40.0858 4504  [ 6B4BFFB9BECD728097024276430DB314 ]

cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:48:40.0860 4504  cdrom - ok
16:48:40.0880 4504  [ 312EC3E37A0A1F2006534913E37B4423 ]

CertPropSvc     C:\Windows\System32\certprop.dll
16:48:40.0881 4504  CertPropSvc - ok
16:48:40.0895 4504  [ DA8E0AFC7BAA226C538EF53AC2F90897 ]

circlass        C:\Windows\system32\drivers\circlass.sys
16:48:40.0895 4504  circlass - ok
16:48:40.0914 4504  [ D7659D3B5B92C31E84E53C1431F35132 ]

CLFS            C:\Windows\system32\CLFS.sys
16:48:40.0916 4504  CLFS - ok
16:48:40.0974 4504  [ 8EE772032E2FE80A924F3B8DD5082194 ]

clr_optimization_v2.0.50727_32

C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:48:40.0975 4504  clr_optimization_v2.0.50727_32 - ok
16:48:41.0026 4504  [ C5A75EB48E2344ABDC162BDA79E16841 ]

clr_optimization_v4.0.30319_32

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:48:41.0027 4504  clr_optimization_v4.0.30319_32 - ok
16:48:41.0041 4504  [ 45201046C776FFDAF3FC8A0029C581C8 ]

cmdide          C:\Windows\system32\drivers\cmdide.sys
16:48:41.0042 4504  cmdide - ok
16:48:41.0052 4504  [ 82B8C91D327CFECF76CB58716F7D4997 ]

Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:48:41.0053 4504  Compbatt - ok
16:48:41.0057 4504  COMSysApp - ok
16:48:41.0070 4504  [ 2A213AE086BBEC5E937553C7D9A2B22C ]

crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:48:41.0071 4504  crcdisk - ok
16:48:41.0098 4504  [ 22A7F883508176489F559EE745B5BF5D ]

Crusoe          C:\Windows\system32\drivers\crusoe.sys
16:48:41.0099 4504  Crusoe - ok
16:48:41.0133 4504  [ F1E8C34892336D33EDDCDFE44E474F64 ]

CryptSvc        C:\Windows\system32\cryptsvc.dll
16:48:41.0134 4504  CryptSvc - ok
16:48:41.0168 4504  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC

            C:\Windows\system32\drivers\csc.sys
16:48:41.0169 4504  CSC - ok
16:48:41.0199 4504  [ 0A2095F92F6AE4FE6484D911B0C21E95 ]

CscService      C:\Windows\System32\cscsvc.dll
16:48:41.0202 4504  CscService - ok
16:48:41.0221 4504  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ]

DcomLaunch      C:\Windows\system32\rpcss.dll
16:48:41.0227 4504  DcomLaunch - ok
16:48:41.0292 4504  [ 622C41A07CA7E6DD91770F50D532CB6C ]

DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:48:41.0293 4504  DfsC - ok
16:48:41.0363 4504  [ 2CC3DCFB533A1035B13DCAB6160AB38B ]

DFSR            C:\Windows\system32\DFSR.exe
16:48:41.0375 4504  DFSR - ok
16:48:41.0429 4504  [ 9028559C132146FB75EB7ACF384B086A ]

Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:48:41.0431 4504  Dhcp - ok
16:48:41.0456 4504  [ 5D4AEFC3386920236A548271F8F1AF6A ]

disk            C:\Windows\system32\drivers\disk.sys
16:48:41.0457 4504  disk - ok
16:48:41.0477 4504  [ 57D762F6F5974AF0DA2BE88A3349BAAA ]

Dnscache        C:\Windows\System32\dnsrslvr.dll
16:48:41.0478 4504  Dnscache - ok
16:48:41.0506 4504  [ 324FD74686B1EF5E7C19A8AF49E748F6 ]

dot3svc         C:\Windows\System32\dot3svc.dll
16:48:41.0508 4504  dot3svc - ok
16:48:41.0522 4504  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS

            C:\Windows\system32\dps.dll
16:48:41.0523 4504  DPS - ok
16:48:41.0539 4504  [ 97FEF831AB90BEE128C9AF390E243F80 ]

drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:48:41.0539 4504  drmkaud - ok
16:48:41.0576 4504  [ C68AC676B0EF30CFBB1080ADCE49EB1F ]

DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:48:41.0580 4504  DXGKrnl - ok
16:48:41.0595 4504  [ F88FB26547FD2CE6D0A5AF2985892C48 ]

E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
16:48:41.0596 4504  E1G60 - ok
16:48:41.0624 4504  [ C0B95E40D85CD807D614E264248A45B9 ]

EapHost         C:\Windows\System32\eapsvc.dll
16:48:41.0625 4504  EapHost - ok
16:48:41.0639 4504  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ]

Ecache          C:\Windows\system32\drivers\ecache.sys
16:48:41.0640 4504  Ecache - ok
16:48:41.0671 4504  [ 9BE3744D295A7701EB425332014F0797 ]

ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:48:41.0673 4504  ehRecvr - ok
16:48:41.0691 4504  [ AD1870C8E5D6DD340C829E6074BF3C3F ]

ehSched         C:\Windows\ehome\ehsched.exe
16:48:41.0692 4504  ehSched - ok
16:48:41.0701 4504  [ C27C4EE8926E74AA72EFCAB24C5242C3 ]

ehstart         C:\Windows\ehome\ehstart.dll
16:48:41.0702 4504  ehstart - ok
16:48:41.0737 4504  [ E8F3F21A71720C84BCF423B80028359F ]

elxstor         C:\Windows\system32\drivers\elxstor.sys
16:48:41.0739 4504  elxstor - ok
16:48:41.0792 4504  [ 4E6B23DFC917EA39306B529B773950F4 ]

EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:48:41.0796 4504  EMDMgmt - ok
16:48:41.0831 4504  [ 67058C46504BC12D821F38CF99B7B28F ]

EventSystem     C:\Windows\system32\es.dll
16:48:41.0833 4504  EventSystem - ok
16:48:41.0863 4504  [ 22B408651F9123527BCEE54B4F6C5CAE ]

exfat           C:\Windows\system32\drivers\exfat.sys
16:48:41.0864 4504  exfat - ok
16:48:41.0908 4504  [ 1E9B9A70D332103C52995E957DC09EF8 ]

fastfat         C:\Windows\system32\drivers\fastfat.sys
16:48:41.0909 4504  fastfat - ok
16:48:41.0930 4504  [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax

            C:\Windows\system32\fxssvc.exe
16:48:41.0934 4504  Fax - ok
16:48:41.0955 4504  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc

            C:\Windows\system32\DRIVERS\fdc.sys
16:48:41.0956 4504  fdc - ok
16:48:41.0968 4504  [ 6629B5F0E98151F4AFDD87567EA32BA3 ]

fdPHost         C:\Windows\system32\fdPHost.dll
16:48:41.0969 4504  fdPHost - ok
16:48:41.0992 4504  [ 89ED56DCE8E47AF40892778A5BD31FD2 ]

FDResPub        C:\Windows\system32\fdrespub.dll
16:48:41.0993 4504  FDResPub - ok
16:48:42.0016 4504  [ A8C0139A884861E3AAE9CFE73B208A9F ]

FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:48:42.0017 4504  FileInfo - ok
16:48:42.0036 4504  [ 0AE429A696AECBC5970E3CF2C62635AE ]

Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:48:42.0037 4504  Filetrace - ok
16:48:42.0047 4504  [ 85B7CF99D532820495D68D747FDA9EBD ]

flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:48:42.0048 4504  flpydisk - ok
16:48:42.0064 4504  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ]

FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:48:42.0065 4504  FltMgr - ok
16:48:42.0104 4504  [ 8CE364388C8ECA59B14B539179276D44 ]

FontCache       C:\Windows\system32\FntCache.dll
16:48:42.0109 4504  FontCache - ok
16:48:42.0190 4504  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ]

FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0

\WPF\PresentationFontCache.exe
16:48:42.0190 4504  FontCache3.0.0.0 - ok
16:48:42.0229 4504  [ B972A66758577E0BFD1DE0F91AAA27B5 ]

Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:48:42.0230 4504  Fs_Rec - ok
16:48:42.0244 4504  [ FECF4C2E42440A8D132BF94EEE3C3FC9 ]

fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:48:42.0245 4504  fvevol - ok
16:48:42.0261 4504  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ]

gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:48:42.0262 4504  gagp30kx - ok
16:48:42.0284 4504  [ 483924F92E55A5F9423201EC635E2CED ]

gfibto          C:\Windows\system32\drivers\gfibto.sys
16:48:42.0284 4504  gfibto - ok
16:48:42.0322 4504  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ]

gpsvc           C:\Windows\System32\gpsvc.dll
16:48:42.0325 4504  gpsvc - ok
16:48:42.0369 4504  [ F02A533F517EB38333CB12A9E8963773 ]

gupdate         C:\Program

Files\Google\Update\GoogleUpdate.exe
16:48:42.0370 4504  gupdate - ok
16:48:42.0373 4504  [ F02A533F517EB38333CB12A9E8963773 ]

gupdatem        C:\Program

Files\Google\Update\GoogleUpdate.exe
16:48:42.0374 4504  gupdatem - ok
16:48:42.0399 4504  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ]

gusvc           C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
16:48:42.0400 4504  gusvc - ok
16:48:42.0425 4504  [ 3F90E001369A07243763BD5A523D8722 ]

HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:48:42.0426 4504  HdAudAddService - ok
16:48:42.0460 4504  [ 062452B7FFD68C8C042A6261FE8DFF4A ]

HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:48:42.0464 4504  HDAudBus - ok
16:48:42.0481 4504  [ 1338520E78D90154ED6BE8F84DE5FCEB ]

HidBth          C:\Windows\system32\drivers\hidbth.sys
16:48:42.0482 4504  HidBth - ok
16:48:42.0509 4504  [ FF3160C3A2445128C5A6D9B076DA519E ]

HidIr           C:\Windows\system32\drivers\hidir.sys
16:48:42.0510 4504  HidIr - ok
16:48:42.0548 4504  [ 84067081F3318162797385E11A8F0582 ]

hidserv         C:\Windows\system32\hidserv.dll
16:48:42.0549 4504  hidserv - ok
16:48:42.0567 4504  [ CCA4B519B17E23A00B826C55716809CC ]

HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:48:42.0568 4504  HidUsb - ok
16:48:42.0590 4504  [ D8AD255B37DA92434C26E4876DB7D418 ]

hkmsvc          C:\Windows\system32\kmsvc.dll
16:48:42.0592 4504  hkmsvc - ok
16:48:42.0623 4504  [ DF353B401001246853763C4B7AAA6F50 ]

HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:48:42.0625 4504  HpCISSs - ok
16:48:42.0673 4504  [ F870AA3E254628EBEAFE754108D664DE ]

HTTP            C:\Windows\system32\drivers\HTTP.sys
16:48:42.0676 4504  HTTP - ok
16:48:42.0692 4504  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ]

i2omp           C:\Windows\system32\drivers\i2omp.sys
16:48:42.0694 4504  i2omp - ok
16:48:42.0719 4504  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ]

i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:48:42.0720 4504  i8042prt - ok
16:48:42.0739 4504  [ C957BF4B5D80B46C5017BF0101E6C906 ]

iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:48:42.0741 4504  iaStorV - ok
16:48:42.0812 4504  [ 98477B08E61945F974ED9FDC4CB6BDAB ]

idsvc           C:\Windows\Microsoft.NET\Framework\v3.0

\Windows Communication Foundation\infocard.exe
16:48:42.0835 4504  idsvc - ok
16:48:42.0872 4504  [ 2D077BF86E843F901D8DB709C95B49A5 ]

iirsp           C:\Windows\system32\drivers\iirsp.sys
16:48:42.0873 4504  iirsp - ok
16:48:42.0901 4504  [ 9908D8A397B76CD8D31D0D383C5773C9 ]

IKEEXT          C:\Windows\System32\ikeext.dll
16:48:42.0904 4504  IKEEXT - ok
16:48:42.0921 4504  [ 83AA759F3189E6370C30DE5DC5590718 ]

intelide        C:\Windows\system32\drivers\intelide.sys
16:48:42.0922 4504  intelide - ok
16:48:42.0938 4504  [ 224191001E78C89DFA78924C3EA595FF ]

intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:48:42.0938 4504  intelppm - ok
16:48:42.0949 4504  [ 9AC218C6E6105477484C6FDBE7D409A4 ]

IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:48:42.0951 4504  IPBusEnum - ok
16:48:42.0974 4504  [ 62C265C38769B864CB25B4BCF62DF6C3 ]

IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:48:42.0974 4504  IpFilterDriver - ok
16:48:43.0001 4504  [ 1998BD97F950680BB55F55A7244679C2 ]

iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:48:43.0004 4504  iphlpsvc - ok
16:48:43.0008 4504  IpInIp - ok
16:48:43.0034 4504  [ 40F34F8ABA2A015D780E4B09138B6C17 ]

IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:48:43.0035 4504  IPMIDRV - ok
16:48:43.0085 4504  [ 8793643A67B42CEC66490B2A0CF92D68 ]

IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:48:43.0086 4504  IPNAT - ok
16:48:43.0124 4504  [ 109C0DFB82C3632FBD11949B73AEEAC9 ]

IRENUM          C:\Windows\system32\drivers\irenum.sys
16:48:43.0125 4504  IRENUM - ok
16:48:43.0135 4504  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ]

isapnp          C:\Windows\system32\drivers\isapnp.sys
16:48:43.0136 4504  isapnp - ok
16:48:43.0168 4504  [ 232FA340531D940AAC623B121A595034 ]

iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:48:43.0172 4504  iScsiPrt - ok
16:48:43.0204 4504  [ BCED60D16156E428F8DF8CF27B0DF150 ]

iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:48:43.0205 4504  iteatapi - ok
16:48:43.0212 4504  [ 06FA654504A498C30ADCA8BEC4E87E7E ]

iteraid         C:\Windows\system32\drivers\iteraid.sys
16:48:43.0214 4504  iteraid - ok
16:48:43.0253 4504  [ 37605E0A8CF00CBBA538E753E4344C6E ]

kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:48:43.0255 4504  kbdclass - ok
16:48:43.0282 4504  [ EDE59EC70E25C24581ADD1FBEC7325F7 ]

kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:48:43.0282 4504  kbdhid - ok
16:48:43.0339 4504  [ A3E186B4B935905B829219502557314E ]

KeyIso          C:\Windows\system32\lsass.exe
16:48:43.0341 4504  KeyIso - ok
16:48:43.0405 4504  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ]

KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:48:43.0408 4504  KSecDD - ok
16:48:43.0432 4504  [ 8078F8F8F7A79E2E6B494523A828C585 ]

KtmRm           C:\Windows\system32\msdtckrm.dll
16:48:43.0439 4504  KtmRm - ok
16:48:43.0461 4504  [ 1BF5EEBFD518DD7298434D8C862F825D ]

LanmanServer    C:\Windows\system32\srvsvc.dll
16:48:43.0464 4504  LanmanServer - ok
16:48:43.0486 4504  [ 1DB69705B695B987082C8BAEC0C6B34F ]

LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:48:43.0489 4504  LanmanWorkstation - ok
16:48:43.0562 4504  [ 3AF6B73A3AD1FC37C5933441F66CEB91 ]

LBTServ         C:\Program Files\Common

Files\Logishrd\Bluetooth\LBTServ.exe
16:48:43.0563 4504  LBTServ - ok
16:48:43.0591 4504  [ 7F9C7B28CF1C859E1C42619EEA946DC8 ]

LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:48:43.0592 4504  LHidFilt - ok
16:48:43.0606 4504  [ D1C5883087A0C3F1344D9D55A44901F6 ]

lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:48:43.0607 4504  lltdio - ok
16:48:43.0626 4504  [ 2D5A428872F1442631D0959A34ABFF63 ]

lltdsvc         C:\Windows\System32\lltdsvc.dll
16:48:43.0628 4504  lltdsvc - ok
16:48:43.0650 4504  [ 35D40113E4A5B961B6CE5C5857702518 ]

lmhosts         C:\Windows\System32\lmhsvc.dll
16:48:43.0652 4504  lmhosts - ok
16:48:43.0673 4504  [ AB33792A87285344F43B5CE23421BAB0 ]

LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:48:43.0675 4504  LMouFilt - ok
16:48:43.0708 4504  [ A2262FB9F28935E862B4DB46438C80D2 ]

LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:48:43.0709 4504  LSI_FC - ok
16:48:43.0725 4504  [ 30D73327D390F72A62F32C103DAF1D6D ]

LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:48:43.0726 4504  LSI_SAS - ok
16:48:43.0741 4504  [ E1E36FEFD45849A95F1AB81DE0159FE3 ]

LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:48:43.0742 4504  LSI_SCSI - ok
16:48:43.0786 4504  [ 8F5C7426567798E62A3B3614965D62CC ]

luafv           C:\Windows\system32\drivers\luafv.sys
16:48:43.0786 4504  luafv - ok
16:48:43.0824 4504  [ AEF9BABB8A506BC4CE0451A64AADED46 ]

Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:48:43.0826 4504  Mcx2Svc - ok
16:48:43.0852 4504  [ D153B14FC6598EAE8422A2037553ADCE ]

megasas         C:\Windows\system32\drivers\megasas.sys
16:48:43.0853 4504  megasas - ok
16:48:43.0915 4504  [ 123271BD5237AB991DC5C21FDF8835EB ]

Microsoft Office Groove Audit Service C:\Program

Files\Microsoft Office\Office12\GrooveAuditService.exe
16:48:43.0917 4504  Microsoft Office Groove Audit Service -

ok
16:48:43.0949 4504  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ]

MMCSS           C:\Windows\system32\mmcss.dll
16:48:43.0950 4504  MMCSS - ok
16:48:43.0975 4504  [ E13B5EA0F51BA5B1512EC671393D09BA ]

Modem           C:\Windows\system32\drivers\modem.sys
16:48:43.0975 4504  Modem - ok
16:48:43.0998 4504  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ]

monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:48:43.0999 4504  monitor - ok
16:48:44.0024 4504  [ 5BF6A1326A335C5298477754A506D263 ]

mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:48:44.0025 4504  mouclass - ok
16:48:44.0034 4504  [ 93B8D4869E12CFBE663915502900876F ]

mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:48:44.0035 4504  mouhid - ok
16:48:44.0056 4504  [ BDAFC88AA6B92F7842416EA6A48E1600 ]

MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:48:44.0057 4504  MountMgr - ok
16:48:44.0073 4504  [ 583A41F26278D9E0EA548163D6139397 ]

mpio            C:\Windows\system32\drivers\mpio.sys
16:48:44.0074 4504  mpio - ok
16:48:44.0096 4504  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ]

mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:48:44.0097 4504  mpsdrv - ok
16:48:44.0119 4504  [ 5DE62C6E9108F14F6794060A9BDECAEC ]

MpsSvc          C:\Windows\system32\mpssvc.dll
16:48:44.0122 4504  MpsSvc - ok
16:48:44.0168 4504  [ 4FBBB70D30FD20EC51F80061703B001E ]

Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:48:44.0170 4504  Mraid35x - ok
16:48:44.0281 4504  MREMPR5 - ok
16:48:44.0290 4504  MRENDIS5 - ok
16:48:44.0313 4504  [ 82CEA0395524AACFEB58BA1448E8325C ]

MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:48:44.0314 4504  MRxDAV - ok
16:48:44.0403 4504  [ 1E94971C4B446AB2290DEB71D01CF0C2 ]

mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:48:44.0404 4504  mrxsmb - ok
16:48:44.0427 4504  [ 4FCCB34D793B116423209C0F8B7A3B03 ]

mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:48:44.0429 4504  mrxsmb10 - ok
16:48:44.0434 4504  [ C3CB1B40AD4A0124D617A1199B0B9D7C ]

mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:48:44.0435 4504  mrxsmb20 - ok
16:48:44.0461 4504  [ 742AED7939E734C36B7E8D6228CE26B7 ]

msahci          C:\Windows\system32\drivers\msahci.sys
16:48:44.0462 4504  msahci - ok
16:48:44.0480 4504  [ 3FC82A2AE4CC149165A94699183D3028 ]

msdsm           C:\Windows\system32\drivers\msdsm.sys
16:48:44.0481 4504  msdsm - ok
16:48:44.0532 4504  [ FD7520CC3A80C5FC8C48852BB24C6DED ]

MSDTC           C:\Windows\System32\msdtc.exe
16:48:44.0534 4504  MSDTC - ok
16:48:44.0562 4504  [ A9927F4A46B816C92F461ACB90CF8515 ]

Msfs            C:\Windows\system32\drivers\Msfs.sys
16:48:44.0563 4504  Msfs - ok
16:48:44.0575 4504  [ 0F400E306F385C56317357D6DEA56F62 ]

msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:48:44.0575 4504  msisadrv - ok
16:48:44.0607 4504  [ 85466C0757A23D9A9AECDC0755203CB2 ]

MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:48:44.0608 4504  MSiSCSI - ok
16:48:44.0612 4504  msiserver - ok
16:48:44.0647 4504  [ D8C63D34D9C9E56C059E24EC7185CC07 ]

MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:48:44.0647 4504  MSKSSRV - ok
16:48:44.0664 4504  [ 1D373C90D62DDB641D50E55B9E78D65E ]

MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:48:44.0665 4504  MSPCLOCK - ok
16:48:44.0676 4504  [ B572DA05BF4E098D4BBA3A4734FB505B ]

MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:48:44.0677 4504  MSPQM - ok
16:48:44.0701 4504  [ B49456D70555DE905C311BCDA6EC6ADB ]

MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:48:44.0702 4504  MsRPC - ok
16:48:44.0711 4504  [ E384487CB84BE41D09711C30CA79646C ]

mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:48:44.0711 4504  mssmbios - ok
16:48:44.0727 4504  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ]

MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:48:44.0727 4504  MSTEE - ok
16:48:44.0746 4504  [ DCDAAB8697A47894A554050CE18D0B56 ]

MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
16:48:44.0747 4504  MTsensor - ok
16:48:44.0752 4504  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup

            C:\Windows\system32\Drivers\mup.sys
16:48:44.0754 4504  Mup - ok
16:48:44.0781 4504  [ E4EAF0C5C1B41B5C83386CF212CA9584 ]

napagent        C:\Windows\system32\qagentRT.dll
16:48:44.0784 4504  napagent - ok
16:48:44.0805 4504  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ]

NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:48:44.0807 4504  NativeWifiP - ok
16:48:44.0829 4504  [ 1357274D1883F68300AEADD15D7BBB42 ]

NDIS            C:\Windows\system32\drivers\ndis.sys
16:48:44.0833 4504  NDIS - ok
16:48:44.0844 4504  [ 0E186E90404980569FB449BA7519AE61 ]

NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:48:44.0845 4504  NdisTapi - ok
16:48:44.0872 4504  [ D6973AA34C4D5D76C0430B181C3CD389 ]

Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:48:44.0873 4504  Ndisuio - ok
16:48:44.0889 4504  [ 818F648618AE34F729FDB47EC68345C3 ]

NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:48:44.0890 4504  NdisWan - ok
16:48:44.0911 4504  [ 71DAB552B41936358F3B541AE5997FB3 ]

NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:48:44.0912 4504  NDProxy - ok
16:48:44.0927 4504  [ BCD093A5A6777CF626434568DC7DBA78 ]

NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:48:44.0928 4504  NetBIOS - ok
16:48:44.0945 4504  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ]

netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:48:44.0947 4504  netbt - ok
16:48:44.0956 4504  [ A3E186B4B935905B829219502557314E ]

Netlogon        C:\Windows\system32\lsass.exe
16:48:44.0957 4504  Netlogon - ok
16:48:44.0982 4504  [ C8052711DAECC48B982434C5116CA401 ]

Netman          C:\Windows\System32\netman.dll
16:48:44.0986 4504  Netman - ok
16:48:45.0005 4504  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ]

netprofm        C:\Windows\System32\netprofm.dll
16:48:45.0008 4504  netprofm - ok
16:48:45.0022 4504  [ D6C4E4A39A36029AC0813D476FBD0248 ]

NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0

\Windows Communication Foundation\SMSvcHost.exe
16:48:45.0023 4504  NetTcpPortSharing - ok
16:48:45.0047 4504  [ 2E7FB731D4790A1BC6270ACCEFACB36E ]

nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:48:45.0047 4504  nfrd960 - ok
16:48:45.0078 4504  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ]

NlaSvc          C:\Windows\System32\nlasvc.dll
16:48:45.0080 4504  NlaSvc - ok
16:48:45.0089 4504  [ D36F239D7CCE1931598E8FB90A0DBC26 ]

Npfs            C:\Windows\system32\drivers\Npfs.sys
16:48:45.0090 4504  Npfs - ok
16:48:45.0112 4504  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi

            C:\Windows\system32\nsisvc.dll
16:48:45.0114 4504  nsi - ok
16:48:45.0125 4504  [ 609773E344A97410CE4EBF74A8914FCF ]

nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:48:45.0126 4504  nsiproxy - ok
16:48:45.0164 4504  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ]

Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:48:45.0171 4504  Ntfs - ok
16:48:45.0214 4504  [ E875C093AEC0C978A90F30C9E0DFBB72 ]

ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
16:48:45.0215 4504  ntrigdigi - ok
16:48:45.0240 4504  [ C5DBBCDA07D780BDA9B685DF333BB41E ]

Null            C:\Windows\system32\drivers\Null.sys
16:48:45.0241 4504  Null - ok
16:48:45.0446 4504  [ 0A1B502CBC8230DA74BEFBAADDB58916 ]

nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:48:45.0507 4504  nvlddmkm - ok
16:48:45.0536 4504  [ E69E946F80C1C31C53003BFBF50CBB7C ]

nvraid          C:\Windows\system32\drivers\nvraid.sys
16:48:45.0537 4504  nvraid - ok
16:48:45.0552 4504  [ 9E0BA19A28C498A6D323D065DB76DFFC ]

nvstor          C:\Windows\system32\drivers\nvstor.sys
16:48:45.0554 4504  nvstor - ok
16:48:45.0626 4504  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ]

nvsvc           C:\Windows\system32\nvvsvc.exe
16:48:45.0632 4504  nvsvc - ok
16:48:45.0693 4504  [ 0629259E3AF6BB0534FCECA208973404 ]

nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA

Update Core\daemonu.exe
16:48:45.0699 4504  nvUpdatusService - ok
16:48:45.0719 4504  [ 07C186427EB8FCC3D8D7927187F260F7 ]

nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:48:45.0720 4504  nv_agp - ok
16:48:45.0725 4504  NwlnkFlt - ok
16:48:45.0730 4504  NwlnkFwd - ok
16:48:45.0822 4504  [ 785F487A64950F3CB8E9F16253BA3B7B ]

odserv          C:\Program Files\Common Files\Microsoft

Shared\OFFICE12\ODSERV.EXE
16:48:45.0825 4504  odserv - ok
16:48:45.0853 4504  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ]

ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:48:45.0854 4504  ohci1394 - ok
16:48:45.0891 4504  [ 5A432A042DAE460ABE7199B758E8606C ] ose

            C:\Program Files\Common Files\Microsoft

Shared\Source Engine\OSE.EXE
16:48:45.0892 4504  ose - ok
16:48:45.0922 4504  [ 0C8E8E61AD1EB0B250B846712C917506 ]

p2pimsvc        C:\Windows\system32\p2psvc.dll
16:48:45.0927 4504  p2pimsvc - ok
16:48:45.0947 4504  [ 0C8E8E61AD1EB0B250B846712C917506 ]

p2psvc          C:\Windows\system32\p2psvc.dll
16:48:45.0952 4504  p2psvc - ok
16:48:45.0974 4504  [ 8A79FDF04A73428597E2CAF9D0D67850 ]

Parport         C:\Windows\system32\DRIVERS\parport.sys
16:48:45.0975 4504  Parport - ok
16:48:46.0030 4504  [ B9C2B89F08670E159F7181891E449CD9 ]

partmgr         C:\Windows\system32\drivers\partmgr.sys
16:48:46.0031 4504  partmgr - ok
16:48:46.0039 4504  [ 6C580025C81CAF3AE9E3617C22CAD00E ]

Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:48:46.0039 4504  Parvdm - ok
16:48:46.0065 4504  [ C6276AD11F4BB49B58AA1ED88537F14A ]

PcaSvc          C:\Windows\System32\pcasvc.dll
16:48:46.0066 4504  PcaSvc - ok
16:48:46.0093 4504  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci

            C:\Windows\system32\drivers\pci.sys
16:48:46.0094 4504  pci - ok
16:48:46.0106 4504  [ 1636D43F10416AEB483BC6001097B26C ]

pciide          C:\Windows\system32\drivers\pciide.sys
16:48:46.0107 4504  pciide - ok
16:48:46.0122 4504  [ E6F3FB1B86AA519E7698AD05E58B04E5 ]

pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:48:46.0124 4504  pcmcia - ok
16:48:46.0166 4504  [ 6349F6ED9C623B44B52EA3C63C831A92 ]

PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:48:46.0172 4504  PEAUTH - ok
16:48:46.0264 4504  [ B1689DF169143F57053F795390C99DB3 ] pla

            C:\Windows\system32\pla.dll
16:48:46.0274 4504  pla - ok
16:48:46.0294 4504  [ C5E7F8A996EC0A82D508FD9064A5569E ]

PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:48:46.0297 4504  PlugPlay - ok
16:48:46.0308 4504  [ 0C8E8E61AD1EB0B250B846712C917506 ]

PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:48:46.0313 4504  PNRPAutoReg - ok
16:48:46.0323 4504  [ 0C8E8E61AD1EB0B250B846712C917506 ]

PNRPsvc         C:\Windows\system32\p2psvc.dll
16:48:46.0328 4504  PNRPsvc - ok
16:48:46.0347 4504  [ D0494460421A03CD5225CCA0059AA146 ]

PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:48:46.0350 4504  PolicyAgent - ok
16:48:46.0360 4504  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ]

PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:48:46.0361 4504  PptpMiniport - ok
16:48:46.0388 4504  [ 0E3CEF5D28B40CF273281D620C50700A ]

Processor       C:\Windows\system32\drivers\processr.sys
16:48:46.0390 4504  Processor - ok
16:48:46.0430 4504  [ 0508FAA222D28835310B7BFCA7A77346 ]

ProfSvc         C:\Windows\system32\profsvc.dll
16:48:46.0433 4504  ProfSvc - ok
16:48:46.0440 4504  [ A3E186B4B935905B829219502557314E ]

ProtectedStorage C:\Windows\system32\lsass.exe
16:48:46.0441 4504  ProtectedStorage - ok
16:48:46.0468 4504  [ 99514FAA8DF93D34B5589187DB3AA0BA ]

PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:48:46.0469 4504  PSched - ok
16:48:46.0509 4504  [ CCDAC889326317792480C0A67156A1EC ]

ql2300          C:\Windows\system32\drivers\ql2300.sys
16:48:46.0514 4504  ql2300 - ok
16:48:46.0548 4504  [ 81A7E5C076E59995D54BC1ED3A16E60B ]

ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:48:46.0549 4504  ql40xx - ok
16:48:46.0573 4504  [ E9ECAE663F47E6CB43962D18AB18890F ]

QWAVE           C:\Windows\system32\qwave.dll
16:48:46.0576 4504  QWAVE - ok
16:48:46.0595 4504  [ 9F5E0E1926014D17486901C88ECA2DB7 ]

QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:48:46.0596 4504  QWAVEdrv - ok
16:48:46.0615 4504  [ 147D7F9C556D259924351FEB0DE606C3 ]

RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:48:46.0616 4504  RasAcd - ok
16:48:46.0636 4504  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ]

RasAuto         C:\Windows\System32\rasauto.dll
16:48:46.0638 4504  RasAuto - ok
16:48:46.0650 4504  [ A214ADBAF4CB47DD2728859EF31F26B0 ]

Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:48:46.0651 4504  Rasl2tp - ok
16:48:46.0688 4504  [ 75D47445D70CA6F9F894B032FBC64FCF ]

RasMan          C:\Windows\System32\rasmans.dll
16:48:46.0691 4504  RasMan - ok
16:48:46.0714 4504  [ 509A98DD18AF4375E1FC40BC175F1DEF ]

RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:48:46.0715 4504  RasPppoe - ok
16:48:46.0735 4504  [ 2005F4A1E05FA09389AC85840F0A9E4D ]

RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:48:46.0736 4504  RasSstp - ok
16:48:46.0753 4504  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ]

rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:48:46.0755 4504  rdbss - ok
16:48:46.0759 4504  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ]

RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:48:46.0760 4504  RDPCDD - ok
16:48:46.0775 4504  [ 943B18305EAE3935598A9B4A3D560B4C ]

rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
16:48:46.0776 4504  rdpdr - ok
16:48:46.0780 4504  [ 9D91FE5286F748862ECFFA05F8A0710C ]

RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:48:46.0781 4504  RDPENCDD - ok
16:48:46.0840 4504  [ C127EBD5AFAB31524662C48DFCEB773A ]

RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:48:46.0841 4504  RDPWD - ok
16:48:46.0865 4504  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ]

RemoteAccess    C:\Windows\System32\mprdim.dll
16:48:46.0867 4504  RemoteAccess - ok
16:48:46.0890 4504  [ 9E6894EA18DAFF37B63E1005F83AE4AB ]

RemoteRegistry  C:\Windows\system32\regsvc.dll
16:48:46.0893 4504  RemoteRegistry - ok
16:48:46.0912 4504  [ 5123F83CBC4349D065534EEB6BBDC42B ]

RpcLocator      C:\Windows\system32\locator.exe
16:48:46.0913 4504  RpcLocator - ok
16:48:46.0930 4504  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ]

RpcSs           C:\Windows\system32\rpcss.dll
16:48:46.0935 4504  RpcSs - ok
16:48:46.0952 4504  [ 9C508F4074A39E8B4B31D27198146FAD ]

rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:48:46.0953 4504  rspndr - ok
16:48:47.0002 4504  [ 92F0EFC2D29D2B38ADF9FE49701523C1 ]

rt61x86         C:\Windows\system32\DRIVERS\netr61.sys
16:48:47.0005 4504  rt61x86 - ok
16:48:47.0054 4504  [ 283392AF1860ECDB5E0F8EBD7F3D72DF ]

RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
16:48:47.0055 4504  RTL8169 - ok
16:48:47.0059 4504  [ A3E186B4B935905B829219502557314E ]

SamSs           C:\Windows\system32\lsass.exe
16:48:47.0060 4504  SamSs - ok
16:48:47.0151 4504  [ 99FC1599F89A80216E41175B8CA44D89 ]

SBAMSvc         D:\Programs\Ad-Aware Antivirus\SBAMSvc.exe
16:48:47.0171 4504  SBAMSvc - ok
16:48:47.0220 4504  [ 87574F4C899E8AEDDDC1EDF71D3E045E ]

sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
16:48:47.0221 4504  sbapifs - ok
16:48:47.0265 4504  [ 3CE8F073A557E172B330109436984E30 ]

sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:48:47.0266 4504  sbp2port - ok
16:48:47.0289 4504  [ 77B7A11A0C3D78D3386398FBBEA1B632 ]

SCardSvr        C:\Windows\System32\SCardSvr.dll
16:48:47.0291 4504  SCardSvr - ok
16:48:47.0316 4504  [ 1A58069DB21D05EB2AB58EE5753EBE8D ]

Schedule        C:\Windows\system32\schedsvc.dll
16:48:47.0320 4504  Schedule - ok
16:48:47.0330 4504  [ 312EC3E37A0A1F2006534913E37B4423 ]

SCPolicySvc     C:\Windows\System32\certprop.dll
16:48:47.0331 4504  SCPolicySvc - ok
16:48:47.0336 4504  [ 716313D9F6B0529D03F726D5AAF6F191 ]

SDRSVC          C:\Windows\System32\SDRSVC.dll
16:48:47.0338 4504  SDRSVC - ok
16:48:47.0352 4504  [ 90A3935D05B494A5A39D37E71F09A677 ]

secdrv          C:\Windows\system32\drivers\secdrv.sys
16:48:47.0353 4504  secdrv - ok
16:48:47.0371 4504  [ FD5199D4D8A521005E4B5EE7FE00FA9B ]

seclogon        C:\Windows\system32\seclogon.dll
16:48:47.0373 4504  seclogon - ok
16:48:47.0382 4504  [ A9BBAB5759771E523F55563D6CBE140F ]

SENS            C:\Windows\System32\sens.dll
16:48:47.0384 4504  SENS - ok
16:48:47.0402 4504  [ CE9EC966638EF0B10B864DDEDF62A099 ]

Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:48:47.0403 4504  Serenum - ok
16:48:47.0424 4504  [ 6D663022DB3E7058907784AE14B69898 ]

Serial          C:\Windows\system32\DRIVERS\serial.sys
16:48:47.0425 4504  Serial - ok
16:48:47.0446 4504  [ 8AF3D28A879BF75DB53A0EE7A4289624 ]

sermouse        C:\Windows\system32\drivers\sermouse.sys
16:48:47.0447 4504  sermouse - ok
16:48:47.0467 4504  [ D2193326F729B163125610DBF3E17D57 ]

SessionEnv      C:\Windows\system32\sessenv.dll
16:48:47.0470 4504  SessionEnv - ok
16:48:47.0483 4504  [ 103B79418DA647736EE95645F305F68A ]

sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:48:47.0484 4504  sffdisk - ok
16:48:47.0492 4504  [ 8FD08A310645FE872EEEC6E08C6BF3EE ]

sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:48:47.0494 4504  sffp_mmc - ok
16:48:47.0504 4504  [ 9CFA05FCFCB7124E69CFC812B72F9614 ]

sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:48:47.0505 4504  sffp_sd - ok
16:48:47.0519 4504  [ 46ED8E91793B2E6F848015445A0AC188 ]

sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:48:47.0520 4504  sfloppy - ok
16:48:47.0535 4504  [ E1499BD0FF76B1B2FBBF1AF339D91165 ]

SharedAccess    C:\Windows\System32\ipnathlp.dll
16:48:47.0538 4504  SharedAccess - ok
16:48:47.0568 4504  [ C7230FBEE14437716701C15BE02C27B8 ]

ShellHWDetection C:\Windows\System32\shsvcs.dll
16:48:47.0571 4504  ShellHWDetection - ok
16:48:47.0582 4504  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ]

sisagp          C:\Windows\system32\drivers\sisagp.sys
16:48:47.0584 4504  sisagp - ok
16:48:47.0622 4504  [ CEDD6F4E7D84E9F98B34B3FE988373AA ]

SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:48:47.0623 4504  SiSRaid2 - ok
16:48:47.0664 4504  [ DF843C528C4F69D12CE41CE462E973A7 ]

SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:48:47.0665 4504  SiSRaid4 - ok
16:48:47.0744 4504  [ 862BB4CBC05D80C5B45BE430E5EF872F ]

slsvc           C:\Windows\system32\SLsvc.exe
16:48:47.0764 4504  slsvc - ok
16:48:47.0792 4504  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ]

SLUINotify      C:\Windows\system32\SLUINotify.dll
16:48:47.0794 4504  SLUINotify - ok
16:48:47.0813 4504  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb

            C:\Windows\system32\DRIVERS\smb.sys
16:48:47.0814 4504  Smb - ok
16:48:47.0836 4504  [ 2A146A055B4401C16EE62D18B8E2A032 ]

SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:48:47.0838 4504  SNMPTRAP - ok
16:48:47.0858 4504  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ]

spldr           C:\Windows\system32\drivers\spldr.sys
16:48:47.0858 4504  spldr - ok
16:48:47.0880 4504  [ 8554097E5136C3BF9F69FE578A1B35F4 ]

Spooler         C:\Windows\System32\spoolsv.exe
16:48:47.0883 4504  Spooler - ok
16:48:47.0907 4504  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv

            C:\Windows\system32\DRIVERS\srv.sys
16:48:47.0909 4504  srv - ok
16:48:47.0966 4504  [ FF33AFF99564B1AA534F58868CBE41EF ]

srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:48:47.0967 4504  srv2 - ok
16:48:48.0023 4504  [ 7605C0E1D01A08F3ECD743F38B834A44 ]

srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:48:48.0024 4504  srvnet - ok
16:48:48.0033 4504  [ 03D50B37234967433A5EA5BA72BC0B62 ]

SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:48:48.0035 4504  SSDPSRV - ok
16:48:48.0059 4504  [ 6F1A32E7B7B30F004D9A20AFADB14944 ]

SstpSvc         C:\Windows\system32\sstpsvc.dll
16:48:48.0062 4504  SstpSvc - ok
16:48:48.0079 4504  Steam Client Service - ok
16:48:48.0126 4504  [ F0359F7CE712D69ACEF0886BDB4792ED ]

Stereo Service  C:\Program Files\NVIDIA Corporation\3D

Vision\nvSCPAPISvr.exe
16:48:48.0133 4504  Stereo Service - ok
16:48:48.0159 4504  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ]

stisvc          C:\Windows\System32\wiaservc.dll
16:48:48.0163 4504  stisvc - ok
16:48:48.0177 4504  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ]

swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:48:48.0179 4504  swenum - ok
16:48:48.0208 4504  [ F21FD248040681CCA1FB6C9A03AAA93D ]

swprv           C:\Windows\System32\swprv.dll
16:48:48.0211 4504  swprv - ok
16:48:48.0249 4504  [ 192AA3AC01DF071B541094F251DEED10 ]

Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:48:48.0250 4504  Symc8xx - ok
16:48:48.0280 4504  [ 8C8EB8C76736EBAF3B13B633B2E64125 ]

Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:48:48.0281 4504  Sym_hi - ok
16:48:48.0306 4504  [ 8072AF52B5FD103BBBA387A1E49F62CB ]

Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:48:48.0307 4504  Sym_u3 - ok
16:48:48.0356 4504  [ 9A51B04E9886AA4EE90093586B0BA88D ]

SysMain         C:\Windows\system32\sysmain.dll
16:48:48.0360 4504  SysMain - ok
16:48:48.0381 4504  [ 2DCA225EAE15F42C0933E998EE0231C3 ]

TabletInputService C:\Windows\System32\TabSvc.dll
16:48:48.0383 4504  TabletInputService - ok
16:48:48.0402 4504  [ D7673E4B38CE21EE54C59EEEB65E2483 ]

TapiSrv         C:\Windows\System32\tapisrv.dll
16:48:48.0405 4504  TapiSrv - ok
16:48:48.0428 4504  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS

            C:\Windows\System32\tbssvc.dll
16:48:48.0430 4504  TBS - ok
16:48:48.0470 4504  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ]

Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:48:48.0475 4504  Tcpip - ok
16:48:48.0512 4504  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ]

Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:48:48.0517 4504  Tcpip6 - ok
16:48:48.0574 4504  [ 608C345A255D82A6289C2D468EB41FD7 ]

tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:48:48.0576 4504  tcpipreg - ok
16:48:48.0591 4504  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ]

TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:48:48.0591 4504  TDPIPE - ok
16:48:48.0617 4504  [ 389C63E32B3CEFED425B61ED92D3F021 ]

TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:48:48.0618 4504  TDTCP - ok
16:48:48.0655 4504  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx

            C:\Windows\system32\DRIVERS\tdx.sys
16:48:48.0656 4504  tdx - ok
16:48:48.0663 4504  [ 3CAD38910468EAB9A6479E2F01DB43C7 ]

TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:48:48.0664 4504  TermDD - ok
16:48:48.0702 4504  [ BB95DA09BEF6E7A131BFF3BA5032090D ]

TermService     C:\Windows\System32\termsrv.dll
16:48:48.0706 4504  TermService - ok
16:48:48.0718 4504  [ C7230FBEE14437716701C15BE02C27B8 ]

Themes          C:\Windows\system32\shsvcs.dll
16:48:48.0722 4504  Themes - ok
16:48:48.0731 4504  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ]

THREADORDER     C:\Windows\system32\mmcss.dll
16:48:48.0732 4504  THREADORDER - ok
16:48:48.0743 4504  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ]

TrkWks          C:\Windows\System32\trkwks.dll
16:48:48.0745 4504  TrkWks - ok
16:48:48.0786 4504  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ]

TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:48:48.0786 4504  TrustedInstaller - ok
16:48:48.0817 4504  [ DCF0F056A2E4F52287264F5AB29CF206 ]

tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:48:48.0818 4504  tssecsrv - ok
16:48:48.0855 4504  [ CAECC0120AC49E3D2F758B9169872D38 ]

tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:48:48.0856 4504  tunmp - ok
16:48:48.0879 4504  [ 300DB877AC094FEAB0BE7688C3454A9C ]

tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:48:48.0880 4504  tunnel - ok
16:48:48.0900 4504  [ C3ADE15414120033A36C0F293D4A4121 ]

uagp35          C:\Windows\system32\drivers\uagp35.sys
16:48:48.0901 4504  uagp35 - ok
16:48:48.0922 4504  [ D9728AF68C4C7693CB100B8441CBDEC6 ]

udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:48:48.0924 4504  udfs - ok
16:48:48.0953 4504  [ ECEF404F62863755951E09C802C94AD5 ]

UI0Detect       C:\Windows\system32\UI0Detect.exe
16:48:48.0955 4504  UI0Detect - ok
16:48:48.0969 4504  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ]

uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:48:48.0970 4504  uliagpkx - ok
16:48:48.0985 4504  [ 3CD4EA35A6221B85DCC25DAA46313F8D ]

uliahci         C:\Windows\system32\drivers\uliahci.sys
16:48:48.0987 4504  uliahci - ok
16:48:49.0018 4504  [ 8514D0E5CD0534467C5FC61BE94A569F ]

UlSata          C:\Windows\system32\drivers\ulsata.sys
16:48:49.0019 4504  UlSata - ok
16:48:49.0034 4504  [ 38C3C6E62B157A6BC46594FADA45C62B ]

ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:48:49.0035 4504  ulsata2 - ok
16:48:49.0078 4504  [ 32CFF9F809AE9AED85464492BF3E32D2 ]

umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:48:49.0079 4504  umbus - ok
16:48:49.0105 4504  [ 8A66360F38F81E960E2367B428CBD5D9 ]

UmRdpService    C:\Windows\System32\umrdp.dll
16:48:49.0108 4504  UmRdpService - ok
16:48:49.0134 4504  [ 68308183F4AE0BE7BF8ECD07CB297999 ]

upnphost        C:\Windows\System32\upnphost.dll
16:48:49.0137 4504  upnphost - ok
16:48:49.0169 4504  [ 32DB9517628FF0D070682AAB61E688F0 ]

usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:48:49.0170 4504  usbaudio - ok
16:48:49.0188 4504  [ CAF811AE4C147FFCD5B51750C7F09142 ]

usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:48:49.0190 4504  usbccgp - ok
16:48:49.0222 4504  [ E9476E6C486E76BC4898074768FB7131 ]

usbcir          C:\Windows\system32\drivers\usbcir.sys
16:48:49.0223 4504  usbcir - ok
16:48:49.0256 4504  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ]

usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:48:49.0257 4504  usbehci - ok
16:48:49.0271 4504  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ]

usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:48:49.0272 4504  usbhub - ok
16:48:49.0282 4504  [ 38DBC7DD6CC5A72011F187425384388B ]

usbohci         C:\Windows\system32\drivers\usbohci.sys
16:48:49.0283 4504  usbohci - ok
16:48:49.0300 4504  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ]

usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:48:49.0301 4504  usbprint - ok
16:48:49.0331 4504  [ BE3DA31C191BC222D9AD503C5224F2AD ]

USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:48:49.0332 4504  USBSTOR - ok
16:48:49.0401 4504  [ 814D653EFC4D48BE3B04A307ECEFF56F ]

usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:48:49.0402 4504  usbuhci - ok
16:48:49.0410 4504  [ 1509E705F3AC1D474C92454A5C2DD81F ]

UxSms           C:\Windows\System32\uxsms.dll
16:48:49.0413 4504  UxSms - ok
16:48:49.0441 4504  [ CD88D1B7776DC17A119049742EC07EB4 ] vds

            C:\Windows\System32\vds.exe
16:48:49.0444 4504  vds - ok
16:48:49.0461 4504  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga

            C:\Windows\system32\DRIVERS\vgapnp.sys
16:48:49.0462 4504  vga - ok
16:48:49.0486 4504  [ 2E93AC0A1D8C79D019DB6C51F036636C ]

VgaSave         C:\Windows\System32\drivers\vga.sys
16:48:49.0487 4504  VgaSave - ok
16:48:49.0502 4504  [ 045D9961E591CF0674A920B6BA3BA5CB ]

viaagp          C:\Windows\system32\drivers\viaagp.sys
16:48:49.0503 4504  viaagp - ok
16:48:49.0533 4504  [ 56A4DE5F02F2E88182B0981119B4DD98 ]

ViaC7           C:\Windows\system32\drivers\viac7.sys
16:48:49.0534 4504  ViaC7 - ok
16:48:49.0568 4504  [ FD2E3175FCADA350C7AB4521DCA187EC ]

viaide          C:\Windows\system32\drivers\viaide.sys
16:48:49.0569 4504  viaide - ok
16:48:49.0582 4504  [ 69503668AC66C77C6CD7AF86FBDF8C43 ]

volmgr          C:\Windows\system32\drivers\volmgr.sys
16:48:49.0583 4504  volmgr - ok
16:48:49.0603 4504  [ 23E41B834759917BFD6B9A0D625D0C28 ]

volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:48:49.0605 4504  volmgrx - ok
16:48:49.0643 4504  [ 786DB5771F05EF300390399F626BF30A ]

volsnap         C:\Windows\system32\drivers\volsnap.sys
16:48:49.0644 4504  volsnap - ok
16:48:49.0657 4504  [ D984439746D42B30FC65A4C3546C6829 ]

vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:48:49.0658 4504  vsmraid - ok
16:48:49.0691 4504  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS

            C:\Windows\system32\vssvc.exe
16:48:49.0698 4504  VSS - ok
16:48:49.0722 4504  [ 96EA68B9EB310A69C25EBB0282B2B9DE ]

W32Time         C:\Windows\system32\w32time.dll
16:48:49.0726 4504  W32Time - ok
16:48:49.0750 4504  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ]

WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:48:49.0752 4504  WacomPen - ok
16:48:49.0788 4504  [ 55201897378CCA7AF8B5EFD874374A26 ]

Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:48:49.0789 4504  Wanarp - ok
16:48:49.0793 4504  [ 55201897378CCA7AF8B5EFD874374A26 ]

Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:48:49.0794 4504  Wanarpv6 - ok
16:48:49.0817 4504  [ 20B23332885DFB93FE0185362EE811E9 ]

wbengine        C:\Windows\system32\wbengine.exe
16:48:49.0824 4504  wbengine - ok
16:48:49.0839 4504  [ A3CD60FD826381B49F03832590E069AF ]

wcncsvc         C:\Windows\System32\wcncsvc.dll
16:48:49.0843 4504  wcncsvc - ok
16:48:49.0863 4504  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ]

WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:48:49.0865 4504  WcsPlugInService - ok
16:48:49.0875 4504  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd 

            C:\Windows\system32\drivers\wd.sys
16:48:49.0876 4504  Wd - ok
16:48:49.0928 4504  [ D6EFAF429FD30C5DF613D220E344CCE7 ]

WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
16:48:49.0929 4504  WDC_SAM - ok
16:48:49.0977 4504  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ]

Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:48:49.0981 4504  Wdf01000 - ok
16:48:49.0995 4504  [ ABFC76B48BB6C96E3338D8943C5D93B5 ]

WdiServiceHost  C:\Windows\system32\wdi.dll
16:48:49.0997 4504  WdiServiceHost - ok
16:48:50.0010 4504  [ ABFC76B48BB6C96E3338D8943C5D93B5 ]

WdiSystemHost   C:\Windows\system32\wdi.dll
16:48:50.0012 4504  WdiSystemHost - ok
16:48:50.0029 4504  [ 04C37D8107320312FBAE09926103D5E2 ]

WebClient       C:\Windows\System32\webclnt.dll
16:48:50.0032 4504  WebClient - ok
16:48:50.0054 4504  [ AE3736E7E8892241C23E4EBBB7453B60 ]

Wecsvc          C:\Windows\system32\wecsvc.dll
16:48:50.0057 4504  Wecsvc - ok
16:48:50.0076 4504  [ 670FF720071ED741206D69BD995EA453 ]

wercplsupport   C:\Windows\System32\wercplsupport.dll
16:48:50.0079 4504  wercplsupport - ok
16:48:50.0090 4504  [ 32B88481D3B326DA6DEB07B1D03481E7 ]

WerSvc          C:\Windows\System32\WerSvc.dll
16:48:50.0093 4504  WerSvc - ok
16:48:50.0143 4504  [ 4575AA12561C5648483403541D0D7F2B ]

WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:48:50.0144 4504  WinDefend - ok
16:48:50.0150 4504  WinHttpAutoProxySvc - ok
16:48:50.0182 4504  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ]

Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:48:50.0183 4504  Winmgmt - ok
16:48:50.0222 4504  [ 7CFE68BDC065E55AA5E8421607037511 ]

WinRM           C:\Windows\system32\WsmSvc.dll
16:48:50.0231 4504  WinRM - ok
16:48:50.0295 4504  [ C008405E4FEEB069E30DA1D823910234 ]

Wlansvc         C:\Windows\System32\wlansvc.dll
16:48:50.0300 4504  Wlansvc - ok
16:48:50.0374 4504  [ 5144AE67D60EC653F97DDF3FEED29E77 ]

wlidsvc         C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WLIDSVC.EXE
16:48:50.0407 4504  wlidsvc - ok
16:48:50.0434 4504  [ 701A9F884A294327E9141D73746EE279 ]

WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:48:50.0434 4504  WmiAcpi - ok
16:48:50.0465 4504  [ 43BE3875207DCB62A85C8C49970B66CC ]

wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:48:50.0466 4504  wmiApSrv - ok
16:48:50.0510 4504  [ 3978704576A121A9204F8CC49A301A9B ]

WMPNetworkSvc   C:\Program Files\Windows Media

Player\wmpnetwk.exe
16:48:50.0515 4504  WMPNetworkSvc - ok
16:48:50.0526 4504  [ CFC5A04558F5070CEE3E3A7809F3FF52 ]

WPCSvc          C:\Windows\System32\wpcsvc.dll
16:48:50.0529 4504  WPCSvc - ok
16:48:50.0544 4504  [ 801FBDB89D472B3C467EB112A0FC9246 ]

WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:48:50.0546 4504  WPDBusEnum - ok
16:48:50.0609 4504  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ]

WPFFontCache_v0400

C:\Windows\Microsoft.NET\Framework\v4.0.30319

\WPF\WPFFontCache_v0400.exe
16:48:50.0633 4504  WPFFontCache_v0400 - ok
16:48:50.0662 4504  [ E3A3CB253C0EC2494D4A61F5E43A389C ]

ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:48:50.0663 4504  ws2ifsl - ok
16:48:50.0682 4504  [ 1CA6C40261DDC0425987980D0CD2AAAB ]

wscsvc          C:\Windows\System32\wscsvc.dll
16:48:50.0684 4504  wscsvc - ok
16:48:50.0688 4504  WSearch - ok
16:48:50.0781 4504  [ FC3EC24FCE372C89423E015A2AC1A31E ]

wuauserv        C:\Windows\system32\wuaueng.dll
16:48:50.0793 4504  wuauserv - ok
16:48:50.0817 4504  [ 06E6F32C8D0A3F66D956F57B43A2E070 ]

WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:48:50.0818 4504  WudfPf - ok
16:48:50.0831 4504  [ 867C301E8B790040AE9CF6486E8041DF ]

WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:48:50.0832 4504  WUDFRd - ok
16:48:50.0851 4504  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ]

wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:48:50.0854 4504  wudfsvc - ok
16:48:50.0888 4504  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ]

YahooAUService  C:\Program Files\Yahoo!

\SoftwareUpdate\YahooAUService.exe
16:48:50.0903 4504  YahooAUService - ok
16:48:50.0907 4504  ================ Scan global

===============================
16:48:50.0956 4504  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ]

C:\Windows\system32\basesrv.dll
16:48:50.0985 4504  [ D2293B069E4B63DC17B2F08D45E71124 ]

C:\Windows\system32\winsrv.dll
16:48:51.0011 4504  [ D2293B069E4B63DC17B2F08D45E71124 ]

C:\Windows\system32\winsrv.dll
16:48:51.0084 4504  [ D4E6D91C1349B7BFB3599A6ADA56851B ]

C:\Windows\system32\services.exe
16:48:51.0087 4504  [Global] - ok
16:48:51.0087 4504  ================ Scan MBR

==================================
16:48:51.0098 4504  [ 5C616939100B85E558DA92B899A0FC36 ]

\Device\Harddisk0\DR0
16:48:51.0563 4504  \Device\Harddisk0\DR0 - ok
16:48:51.0581 4504  [ 5C616939100B85E558DA92B899A0FC36 ]

\Device\Harddisk1\DR1
16:48:51.0916 4504  \Device\Harddisk1\DR1 - ok
16:48:51.0919 4504  [ 5C616939100B85E558DA92B899A0FC36 ]

\Device\Harddisk2\DR2
16:48:52.0081 4504  \Device\Harddisk2\DR2 - ok
16:48:52.0084 4504  [ 5C616939100B85E558DA92B899A0FC36 ]

\Device\Harddisk3\DR3
16:48:52.0103 4504  \Device\Harddisk3\DR3 - ok
16:48:52.0103 4504  ================ Scan VBR

==================================
16:48:52.0106 4504  [ C3EB4283969A03F67288279B3EBB888F ]

\Device\Harddisk0\DR0\Partition1
16:48:52.0107 4504  \Device\Harddisk0\DR0\Partition1 - ok
16:48:52.0109 4504  [ 68B492EB50165875F417C534F90212AB ]

\Device\Harddisk1\DR1\Partition1
16:48:52.0111 4504  \Device\Harddisk1\DR1\Partition1 - ok
16:48:52.0113 4504  [ 0B04381137B43EB20D9D2078FA8CEEE7 ]

\Device\Harddisk2\DR2\Partition1
16:48:52.0115 4504  \Device\Harddisk2\DR2\Partition1 - ok
16:48:52.0117 4504  [ 67CB97E4A77EE9AF7E93A239182AF811 ]

\Device\Harddisk3\DR3\Partition1
16:48:52.0119 4504  \Device\Harddisk3\DR3\Partition1 - ok
16:48:52.0120 4504  ================ Scan active images

========================
16:48:52.0121 4504  [ 36975327EF03949CC378AB01E316B574 ]

C:\Windows\System32\drivers\crashdmp.sys
16:48:52.0122 4504  C:\Windows\System32\drivers\crashdmp.sys

- ok
16:48:52.0125 4504  [ C67EBF9C05531C406E1E079FF669A2E6 ]

C:\Windows\System32\drivers\Dumpata.sys
16:48:52.0125 4504  C:\Windows\System32\drivers\Dumpata.sys

- ok
16:48:52.0129 4504  [ 1F05B78AB91C9075565A9D8A4B880BC4 ]

C:\Windows\System32\drivers\atapi.sys
16:48:52.0129 4504  C:\Windows\System32\drivers\atapi.sys -

ok
16:48:52.0133 4504  [ 7680C2C92271A3E156A816C9FE9AE01C ]

C:\Windows\System32\drivers\dumpfve.sys
16:48:52.0133 4504  C:\Windows\System32\drivers\dumpfve.sys

- ok
16:48:52.0137 4504  [ CAECC0120AC49E3D2F758B9169872D38 ]

C:\Windows\System32\drivers\TUNMP.SYS
16:48:52.0137 4504  C:\Windows\System32\drivers\TUNMP.SYS -

ok
16:48:52.0139 4504  [ 300DB877AC094FEAB0BE7688C3454A9C ]

C:\Windows\System32\drivers\tunnel.sys
16:48:52.0139 4504  C:\Windows\System32\drivers\tunnel.sys -

ok
16:48:52.0143 4504  [ 224191001E78C89DFA78924C3EA595FF ]

C:\Windows\System32\drivers\intelppm.sys
16:48:52.0143 4504  C:\Windows\System32\drivers\intelppm.sys

- ok
16:48:52.0147 4504  [ 0A1B502CBC8230DA74BEFBAADDB58916 ]

C:\Windows\System32\drivers\nvlddmkm.sys
16:48:52.0147 4504  C:\Windows\System32\drivers\nvlddmkm.sys

- ok
16:48:52.0151 4504  [ 8A3C4E55C8E24D1D12AF4142D50939FC ]

C:\Windows\System32\drivers\nvBridge.kmd
16:48:52.0151 4504  C:\Windows\System32\drivers\nvBridge.kmd

- ok
16:48:52.0154 4504  [ C68AC676B0EF30CFBB1080ADCE49EB1F ]

C:\Windows\System32\drivers\dxgkrnl.sys
16:48:52.0154 4504  C:\Windows\System32\drivers\dxgkrnl.sys

- ok
16:48:52.0158 4504  [ 4A5C31E2C1646034E6A60EBA4C747FF6 ]

C:\Windows\System32\drivers\watchdog.sys
16:48:52.0158 4504  C:\Windows\System32\drivers\watchdog.sys

- ok
16:48:52.0161 4504  [ 062452B7FFD68C8C042A6261FE8DFF4A ]

C:\Windows\System32\drivers\hdaudbus.sys
16:48:52.0161 4504  C:\Windows\System32\drivers\hdaudbus.sys

- ok
16:48:52.0165 4504  [ A1C100A87D981AD0774FBC0B4B82E913 ]

C:\Windows\System32\drivers\usbport.sys
16:48:52.0165 4504  C:\Windows\System32\drivers\usbport.sys

- ok
16:48:52.0169 4504  [ 814D653EFC4D48BE3B04A307ECEFF56F ]

C:\Windows\System32\drivers\usbuhci.sys
16:48:52.0169 4504  C:\Windows\System32\drivers\usbuhci.sys

- ok
16:48:52.0172 4504  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ]

C:\Windows\System32\drivers\usbehci.sys
16:48:52.0172 4504  C:\Windows\System32\drivers\usbehci.sys

- ok
16:48:52.0176 4504  [ 283392AF1860ECDB5E0F8EBD7F3D72DF ]

C:\Windows\System32\drivers\Rtlh86.sys
16:48:52.0176 4504  C:\Windows\System32\drivers\Rtlh86.sys -

ok
16:48:52.0180 4504  [ 6B4BFFB9BECD728097024276430DB314 ]

C:\Windows\System32\drivers\cdrom.sys
16:48:52.0180 4504  C:\Windows\System32\drivers\cdrom.sys -

ok
16:48:52.0183 4504  [ 6D663022DB3E7058907784AE14B69898 ]

C:\Windows\System32\drivers\serial.sys
16:48:52.0183 4504  C:\Windows\System32\drivers\serial.sys -

ok
16:48:52.0186 4504  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ]

C:\Windows\System32\drivers\fdc.sys
16:48:52.0186 4504  C:\Windows\System32\drivers\fdc.sys - ok
16:48:52.0190 4504  [ CE9EC966638EF0B10B864DDEDF62A099 ]

C:\Windows\System32\drivers\serenum.sys
16:48:52.0190 4504  C:\Windows\System32\drivers\serenum.sys

- ok
16:48:52.0194 4504  [ DCDAAB8697A47894A554050CE18D0B56 ]

C:\Windows\System32\drivers\ASACPI.sys
16:48:52.0194 4504  C:\Windows\System32\drivers\ASACPI.sys -

ok
16:48:52.0197 4504  [ 8A79FDF04A73428597E2CAF9D0D67850 ]

C:\Windows\System32\drivers\parport.sys
16:48:52.0197 4504  C:\Windows\System32\drivers\parport.sys

- ok
16:48:52.0201 4504  [ 232FA340531D940AAC623B121A595034 ]

C:\Windows\System32\drivers\msiscsi.sys
16:48:52.0201 4504  C:\Windows\System32\drivers\msiscsi.sys

- ok
16:48:52.0204 4504  [ 47E55AFE1ED1D5AFF09690DB226F4A7A ]

C:\Windows\System32\drivers\Storport.sys
16:48:52.0204 4504  C:\Windows\System32\drivers\Storport.sys

- ok
16:48:52.0207 4504  [ 77937EFF009AC696B90E09F671F9D0A4 ]

C:\Windows\System32\drivers\tdi.sys
16:48:52.0208 4504  C:\Windows\System32\drivers\tdi.sys - ok
16:48:52.0212 4504  [ 0E186E90404980569FB449BA7519AE61 ]

C:\Windows\System32\drivers\ndistapi.sys
16:48:52.0212 4504  C:\Windows\System32\drivers\ndistapi.sys

- ok
16:48:52.0215 4504  [ A214ADBAF4CB47DD2728859EF31F26B0 ]

C:\Windows\System32\drivers\rasl2tp.sys
16:48:52.0215 4504  C:\Windows\System32\drivers\rasl2tp.sys

- ok
16:48:52.0219 4504  [ 818F648618AE34F729FDB47EC68345C3 ]

C:\Windows\System32\drivers\ndiswan.sys
16:48:52.0219 4504  C:\Windows\System32\drivers\ndiswan.sys

- ok
16:48:52.0222 4504  [ 509A98DD18AF4375E1FC40BC175F1DEF ]

C:\Windows\System32\drivers\raspppoe.sys
16:48:52.0222 4504  C:\Windows\System32\drivers\raspppoe.sys

- ok
16:48:52.0226 4504  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ]

C:\Windows\System32\drivers\raspptp.sys
16:48:52.0226 4504  C:\Windows\System32\drivers\raspptp.sys

- ok
16:48:52.0230 4504  [ 2005F4A1E05FA09389AC85840F0A9E4D ]

C:\Windows\System32\drivers\rassstp.sys
16:48:52.0230 4504  C:\Windows\System32\drivers\rassstp.sys

- ok
16:48:52.0233 4504  [ 943B18305EAE3935598A9B4A3D560B4C ]

C:\Windows\System32\drivers\rdpdr.sys
16:48:52.0233 4504  C:\Windows\System32\drivers\rdpdr.sys -

ok
16:48:52.0236 4504  [ 3CAD38910468EAB9A6479E2F01DB43C7 ]

C:\Windows\System32\drivers\termdd.sys
16:48:52.0236 4504  C:\Windows\System32\drivers\termdd.sys -

ok
16:48:52.0240 4504  [ 37605E0A8CF00CBBA538E753E4344C6E ]

C:\Windows\System32\drivers\kbdclass.sys
16:48:52.0240 4504  C:\Windows\System32\drivers\kbdclass.sys

- ok
16:48:52.0243 4504  [ 5BF6A1326A335C5298477754A506D263 ]

C:\Windows\System32\drivers\mouclass.sys
16:48:52.0243 4504  C:\Windows\System32\drivers\mouclass.sys

- ok
16:48:52.0247 4504  [ EF73C1E29FBE7B0FD0274BF4394E346A ]

C:\Windows\System32\drivers\ks.sys
16:48:52.0247 4504  C:\Windows\System32\drivers\ks.sys - ok
16:48:52.0250 4504  [ E384487CB84BE41D09711C30CA79646C ]

C:\Windows\System32\drivers\mssmbios.sys
16:48:52.0251 4504  C:\Windows\System32\drivers\mssmbios.sys

- ok
16:48:52.0254 4504  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ]

C:\Windows\System32\drivers\swenum.sys
16:48:52.0254 4504  C:\Windows\System32\drivers\swenum.sys -

ok
16:48:52.0258 4504  [ 32CFF9F809AE9AED85464492BF3E32D2 ]

C:\Windows\System32\drivers\umbus.sys
16:48:52.0258 4504  C:\Windows\System32\drivers\umbus.sys -

ok
16:48:52.0262 4504  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ]

C:\Windows\System32\drivers\usbhub.sys
16:48:52.0262 4504  C:\Windows\System32\drivers\usbhub.sys -

ok
16:48:52.0264 4504  [ 85B7CF99D532820495D68D747FDA9EBD ]

C:\Windows\System32\drivers\flpydisk.sys
16:48:52.0264 4504  C:\Windows\System32\drivers\flpydisk.sys

- ok
16:48:52.0268 4504  [ 71DAB552B41936358F3B541AE5997FB3 ]

C:\Windows\System32\drivers\ndproxy.sys
16:48:52.0268 4504  C:\Windows\System32\drivers\ndproxy.sys

- ok
16:48:52.0272 4504  [ 7BE5A3C671A2CB56E94403BFC2020A0D ]

C:\Windows\System32\drivers\drmk.sys
16:48:52.0272 4504  C:\Windows\System32\drivers\drmk.sys -

ok
16:48:52.0275 4504  [ 3F90E001369A07243763BD5A523D8722 ]

C:\Windows\System32\drivers\HdAudio.sys
16:48:52.0275 4504  C:\Windows\System32\drivers\HdAudio.sys

- ok
16:48:52.0279 4504  [ 218286724EC530FF252648369E05B090 ]

C:\Windows\System32\drivers\portcls.sys
16:48:52.0279 4504  C:\Windows\System32\drivers\portcls.sys

- ok
16:48:52.0282 4504  [ 67E506B75BD5326A3EC7B70BD014DFB6 ]

C:\Windows\System32\drivers\beep.sys
16:48:52.0282 4504  C:\Windows\System32\drivers\beep.sys -

ok
16:48:52.0285 4504  [ B972A66758577E0BFD1DE0F91AAA27B5 ]

C:\Windows\System32\drivers\fs_rec.sys
16:48:52.0286 4504  C:\Windows\System32\drivers\fs_rec.sys -

ok
16:48:52.0290 4504  [ C5DBBCDA07D780BDA9B685DF333BB41E ]

C:\Windows\System32\drivers\null.sys
16:48:52.0290 4504  C:\Windows\System32\drivers\null.sys -

ok
16:48:52.0293 4504  [ 175444D3A01CA45D0E1C5DC5F48DF7CD ]

C:\Windows\System32\drivers\hidparse.sys
16:48:52.0293 4504  C:\Windows\System32\drivers\hidparse.sys

- ok
16:48:52.0297 4504  [ EDE59EC70E25C24581ADD1FBEC7325F7 ]

C:\Windows\System32\drivers\kbdhid.sys
16:48:52.0297 4504  C:\Windows\System32\drivers\kbdhid.sys -

ok
16:48:52.0300 4504  [ C048D2C33D27441A0CDCAAE2651EB03D ]

C:\Windows\System32\drivers\videoprt.sys
16:48:52.0300 4504  C:\Windows\System32\drivers\videoprt.sys

- ok
16:48:52.0304 4504  [ 2E93AC0A1D8C79D019DB6C51F036636C ]

C:\Windows\System32\drivers\vga.sys
16:48:52.0304 4504  C:\Windows\System32\drivers\vga.sys - ok
16:48:52.0307 4504  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ]

C:\Windows\System32\drivers\RDPCDD.sys
16:48:52.0307 4504  C:\Windows\System32\drivers\RDPCDD.sys -

ok
16:48:52.0310 4504  [ 9D91FE5286F748862ECFFA05F8A0710C ]

C:\Windows\System32\drivers\RDPENCDD.sys
16:48:52.0310 4504  C:\Windows\System32\drivers\RDPENCDD.sys

- ok
16:48:52.0314 4504  [ A9927F4A46B816C92F461ACB90CF8515 ]

C:\Windows\System32\drivers\msfs.sys
16:48:52.0314 4504  C:\Windows\System32\drivers\msfs.sys -

ok
16:48:52.0317 4504  [ D36F239D7CCE1931598E8FB90A0DBC26 ]

C:\Windows\System32\drivers\npfs.sys
16:48:52.0317 4504  C:\Windows\System32\drivers\npfs.sys -

ok
16:48:52.0322 4504  [ 147D7F9C556D259924351FEB0DE606C3 ]

C:\Windows\System32\drivers\rasacd.sys
16:48:52.0322 4504  C:\Windows\System32\drivers\rasacd.sys -

ok
16:48:52.0325 4504  [ 76B06EB8A01FC8624D699E7045303E54 ]

C:\Windows\System32\drivers\tdx.sys
16:48:52.0325 4504  C:\Windows\System32\drivers\tdx.sys - ok
16:48:52.0328 4504  [ 7B75299A4D201D6A6533603D6914AB04 ]

C:\Windows\System32\drivers\smb.sys
16:48:52.0328 4504  C:\Windows\System32\drivers\smb.sys - ok
16:48:52.0332 4504  [ 3911B972B55FEA0478476B2E777B29FA ]

C:\Windows\System32\drivers\afd.sys
16:48:52.0332 4504  C:\Windows\System32\drivers\afd.sys - ok
16:48:52.0336 4504  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ]

C:\Windows\System32\drivers\netbt.sys
16:48:52.0336 4504  C:\Windows\System32\drivers\netbt.sys -

ok
16:48:52.0339 4504  [ 99514FAA8DF93D34B5589187DB3AA0BA ]

C:\Windows\System32\drivers\pacer.sys
16:48:52.0339 4504  C:\Windows\System32\drivers\pacer.sys -

ok
16:48:52.0343 4504  [ BCD093A5A6777CF626434568DC7DBA78 ]

C:\Windows\System32\drivers\netbios.sys
16:48:52.0343 4504  C:\Windows\System32\drivers\netbios.sys

- ok
16:48:52.0346 4504  [ 55201897378CCA7AF8B5EFD874374A26 ]

C:\Windows\System32\drivers\wanarp.sys
16:48:52.0346 4504  C:\Windows\System32\drivers\wanarp.sys -

ok
16:48:52.0349 4504  [ 609773E344A97410CE4EBF74A8914FCF ]

C:\Windows\System32\drivers\nsiproxy.sys
16:48:52.0349 4504  C:\Windows\System32\drivers\nsiproxy.sys

- ok
16:48:52.0353 4504  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ]

C:\Windows\System32\drivers\rdbss.sys
16:48:52.0353 4504  C:\Windows\System32\drivers\rdbss.sys -

ok
16:48:52.0356 4504  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ]

C:\Windows\System32\drivers\csc.sys
16:48:52.0356 4504  C:\Windows\System32\drivers\csc.sys - ok
16:48:52.0360 4504  [ 2B4E66FAC6503494A2C6F32BB6AB3826 ]

C:\Windows\System32\drivers\AsIO.sys
16:48:52.0360 4504  C:\Windows\System32\drivers\AsIO.sys -

ok
16:48:52.0363 4504  [ 622C41A07CA7E6DD91770F50D532CB6C ]

C:\Windows\System32\drivers\dfsc.sys
16:48:52.0363 4504  C:\Windows\System32\drivers\dfsc.sys -

ok
16:48:52.0367 4504  [ DDA770BBD7C2ED024D6F50E279D90E5B ]

C:\Windows\System32\ntdll.dll
16:48:52.0367 4504  C:\Windows\System32\ntdll.dll - ok
16:48:52.0370 4504  [ 98AF15A94CD6AC37248E72E5FE789B35 ]

C:\Windows\System32\smss.exe
16:48:52.0370 4504  C:\Windows\System32\smss.exe - ok
16:48:52.0373 4504  [ 10761177A6EBE45843F443E99509F5E7 ]

C:\Windows\System32\autochk.exe
16:48:52.0373 4504  C:\Windows\System32\autochk.exe - ok
16:48:52.0377 4504  [ 790FDAC6D0C762DF9047C3C625A6FF6C ]

C:\Windows\System32\drivers\usbd.sys
16:48:52.0377 4504  C:\Windows\System32\drivers\usbd.sys -

ok
16:48:52.0381 4504  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ]

C:\Windows\System32\drivers\usbprint.sys
16:48:52.0381 4504  C:\Windows\System32\drivers\usbprint.sys

- ok
16:48:52.0385 4504  [ CAF811AE4C147FFCD5B51750C7F09142 ]

C:\Windows\System32\drivers\usbccgp.sys
16:48:52.0385 4504  C:\Windows\System32\drivers\usbccgp.sys

- ok
16:48:52.0387 4504  [ 5961CADB7CAD938368D2028725EF771D ]

C:\Windows\System32\drivers\hidclass.sys
16:48:52.0387 4504  C:\Windows\System32\drivers\hidclass.sys

- ok
16:48:52.0390 4504  [ CCA4B519B17E23A00B826C55716809CC ]

C:\Windows\System32\drivers\hidusb.sys
16:48:52.0391 4504  C:\Windows\System32\drivers\hidusb.sys -

ok
16:48:52.0394 4504  [ 7F9C7B28CF1C859E1C42619EEA946DC8 ]

C:\Windows\System32\drivers\LHidFilt.Sys
16:48:52.0394 4504  C:\Windows\System32\drivers\LHidFilt.Sys

- ok
16:48:52.0398 4504  [ 93B8D4869E12CFBE663915502900876F ]

C:\Windows\System32\drivers\mouhid.sys
16:48:52.0398 4504  C:\Windows\System32\drivers\mouhid.sys -

ok
16:48:52.0402 4504  [ AB33792A87285344F43B5CE23421BAB0 ]

C:\Windows\System32\drivers\LMouFilt.Sys
16:48:52.0402 4504  C:\Windows\System32\drivers\LMouFilt.Sys

- ok
16:48:52.0405 4504  [ 32DB9517628FF0D070682AAB61E688F0 ]

C:\Windows\System32\drivers\USBAUDIO.sys
16:48:52.0405 4504  C:\Windows\System32\drivers\USBAUDIO.sys

- ok
16:48:52.0408 4504  [ 551F51B66E5EA87A38D8197EB3BDB57A ]

C:\Windows\System32\setupapi.dll
16:48:52.0408 4504  C:\Windows\System32\setupapi.dll - ok
16:48:52.0412 4504  [ 75510147B94598407666F4802797C75A ]

C:\Windows\System32\user32.dll
16:48:52.0412 4504  C:\Windows\System32\user32.dll - ok
16:48:52.0416 4504  [ 4AA2A0E26CEF1A803741253DCF9A1503 ]

C:\Windows\System32\comdlg32.dll
16:48:52.0416 4504  C:\Windows\System32\comdlg32.dll - ok
16:48:52.0419 4504  [ D171EAA745A2C0C583CDDA13D9088EE4 ]

C:\Windows\System32\iertutil.dll
16:48:52.0419 4504  C:\Windows\System32\iertutil.dll - ok
16:48:52.0423 4504  [ 50CAA7072C171B9887215C83D52069E4 ]

C:\Windows\System32\advapi32.dll
16:48:52.0423 4504  C:\Windows\System32\advapi32.dll - ok
16:48:52.0426 4504  [ AAF101900A23D75AE1AE00840FA6F3B8 ]

C:\Windows\System32\shell32.dll
16:48:52.0426 4504  C:\Windows\System32\shell32.dll - ok
16:48:52.0429 4504  [ 9586E7CB2255A8B097A7E4538202585E ]

C:\Windows\System32\ole32.dll
16:48:52.0429 4504  C:\Windows\System32\ole32.dll - ok
16:48:52.0432 4504  [ 7856E3B4594714EF89BB97375E8644EE ]

C:\Windows\System32\gdi32.dll
16:48:52.0432 4504  C:\Windows\System32\gdi32.dll - ok
16:48:52.0436 4504  [ 420B075CD71AB9E58D15DD258958FBA3 ]

C:\Windows\System32\shlwapi.dll
16:48:52.0436 4504  C:\Windows\System32\shlwapi.dll - ok
16:48:52.0439 4504  [ B49B56B64F57699A1A663D2CF7D0A56F ]

C:\Windows\System32\wininet.dll
16:48:52.0439 4504  C:\Windows\System32\wininet.dll - ok
16:48:52.0443 4504  [ B304D47D5744BA20FCB99FB8B2C07B0B ]

C:\Windows\System32\ws2_32.dll
16:48:52.0443 4504  C:\Windows\System32\ws2_32.dll - ok
16:48:52.0447 4504  [ A64AEBC6C78B4CFD7F41A7277879DF8F ]

C:\Windows\System32\nsi.dll
16:48:52.0447 4504  C:\Windows\System32\nsi.dll - ok
16:48:52.0450 4504  [ BE157C3800DA3010EFC48280ECF81C16 ]

C:\Windows\System32\urlmon.dll
16:48:52.0450 4504  C:\Windows\System32\urlmon.dll - ok
16:48:52.0453 4504  [ EB0E02749CE5C488741C9A0ABEAB5DEC ]

C:\Windows\System32\lpk.dll
16:48:52.0453 4504  C:\Windows\System32\lpk.dll - ok
16:48:52.0456 4504  [ 6F29236AB5926100972924BD29D9D225 ]

C:\Windows\System32\normaliz.dll
16:48:52.0456 4504  C:\Windows\System32\normaliz.dll - ok
16:48:52.0461 4504  [ B218342214D9BBA0F54EA12BA2E9278C ]

C:\Windows\System32\oleaut32.dll
16:48:52.0461 4504  C:\Windows\System32\oleaut32.dll - ok
16:48:52.0464 4504  [ C8BDCECEE082B54F0BAC838BF0A34597 ]

C:\Windows\System32\imm32.dll
16:48:52.0464 4504  C:\Windows\System32\imm32.dll - ok
16:48:52.0467 4504  [ E3C3BD69701CE6B7B17101E4F7740534 ]

C:\Windows\System32\msctf.dll
16:48:52.0467 4504  C:\Windows\System32\msctf.dll - ok
16:48:52.0470 4504  [ 17AF64D727545F2804F6E6D998327E3F ]

C:\Windows\System32\msvcrt.dll
16:48:52.0470 4504  C:\Windows\System32\msvcrt.dll - ok
16:48:52.0473 4504  [ E2281CFF793D7A09CE2B35F9F8732EE3 ]

C:\Windows\System32\rpcrt4.dll
16:48:52.0473 4504  C:\Windows\System32\rpcrt4.dll - ok
16:48:52.0477 4504  [ DC3105CC925A0D47F61B54E66AB730FC ]

C:\Windows\System32\kernel32.dll
16:48:52.0477 4504  C:\Windows\System32\kernel32.dll - ok
16:48:52.0480 4504  [ B8A609FB5EFB4E44FC1355B1C01C64BC ]

C:\Windows\System32\Wldap32.dll
16:48:52.0480 4504  C:\Windows\System32\Wldap32.dll - ok
16:48:52.0483 4504  [ C394079EB162E812D682C73FA96AF6E4 ]

C:\Windows\System32\clbcatq.dll
16:48:52.0483 4504  C:\Windows\System32\clbcatq.dll - ok
16:48:52.0487 4504  [ 80FFF14F1757B9AF8BE9D314FC1AE88B ]

C:\Windows\System32\usp10.dll
16:48:52.0487 4504  C:\Windows\System32\usp10.dll - ok
16:48:52.0490 4504  [ EB49FAA5EBBC06356FB12476438781B9 ]

C:\Windows\System32\imagehlp.dll
16:48:52.0490 4504  C:\Windows\System32\imagehlp.dll - ok
16:48:52.0494 4504  [ DC8891A9203810FC994E7FCCF76E94C8 ]

C:\Windows\System32\comctl32.dll
16:48:52.0494 4504  C:\Windows\System32\comctl32.dll - ok
16:48:52.0496 4504  [ 93A1732F7F997E36A5C3893539E2FF02 ]

C:\Windows\System32\psapi.dll
16:48:52.0496 4504  C:\Windows\System32\psapi.dll - ok
16:48:52.0500 4504  [ EAAAFEF04FBB45665C9576E525D45A12 ]

C:\Windows\System32\drivers\dxapi.sys
16:48:52.0500 4504  C:\Windows\System32\drivers\dxapi.sys -

ok
16:48:52.0503 4504  [ 1C1F3014453865E805A8708751743A48 ]

C:\Windows\System32\win32k.sys
16:48:52.0503 4504  C:\Windows\System32\win32k.sys - ok
16:48:52.0507 4504  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ]

C:\Windows\System32\basesrv.dll
16:48:52.0508 4504  C:\Windows\System32\basesrv.dll - ok
16:48:52.0511 4504  [ 187076DD5D8D4D5D23079D0741195EAD ]

C:\Windows\System32\csrsrv.dll
16:48:52.0511 4504  C:\Windows\System32\csrsrv.dll - ok
16:48:52.0513 4504  [ ABCA209EBA02CB59233614DB83B4F50D ]

C:\Windows\System32\csrss.exe
16:48:52.0513 4504  C:\Windows\System32\csrss.exe - ok
16:48:52.0516 4504  [ D2293B069E4B63DC17B2F08D45E71124 ]

C:\Windows\System32\winsrv.dll
16:48:52.0516 4504  C:\Windows\System32\winsrv.dll - ok
16:48:52.0520 4504  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ]

C:\Windows\System32\drivers\monitor.sys
16:48:52.0520 4504  C:\Windows\System32\drivers\monitor.sys

- ok
16:48:52.0524 4504  [ CC21507D246861671A0BF97E75CE1B00 ]

C:\Windows\System32\tsddd.dll
16:48:52.0524 4504  C:\Windows\System32\tsddd.dll - ok
16:48:52.0527 4504  [ 101BA3EA053480BB5D957EF37C06B5ED ]

C:\Windows\System32\wininit.exe
16:48:52.0527 4504  C:\Windows\System32\wininit.exe - ok
16:48:52.0531 4504  [ 12C8D6C564702B0776512932290A3F6B ]

C:\Windows\System32\KBDUS.DLL
16:48:52.0531 4504  C:\Windows\System32\KBDUS.DLL - ok
16:48:52.0534 4504  [ D602FEDBD9155FC2DED6863FB60C950F ]

C:\Windows\System32\secur32.dll
16:48:52.0534 4504  C:\Windows\System32\secur32.dll - ok
16:48:52.0538 4504  [ 665417528489096BBCB8AEA46D3DA924 ]

C:\Windows\System32\userenv.dll
16:48:52.0538 4504  C:\Windows\System32\userenv.dll - ok
16:48:52.0541 4504  [ 1107BD574A84367735FEC38B9BD64E6B ]

C:\Windows\System32\apphelp.dll
16:48:52.0541 4504  C:\Windows\System32\apphelp.dll - ok
16:48:52.0544 4504  [ D4E6D91C1349B7BFB3599A6ADA56851B ]

C:\Windows\System32\services.exe
16:48:52.0545 4504  C:\Windows\System32\services.exe - ok
16:48:52.0548 4504  [ 92283D9E33EC5F41ECC0B430B7459241 ]

C:\Windows\System32\WlS0WndH.dll
16:48:52.0548 4504  C:\Windows\System32\WlS0WndH.dll - ok
16:48:52.0552 4504  [ BE6FAC6F0745C67DAE7522C96406D083 ]

C:\Windows\System32\sxs.dll
16:48:52.0552 4504  C:\Windows\System32\sxs.dll - ok
16:48:52.0555 4504  [ CF9F5BBC2740C41DD471278C41B91F5F ]

C:\Windows\System32\cdd.dll
16:48:52.0555 4504  C:\Windows\System32\cdd.dll - ok
16:48:52.0558 4504  [ D90911B3FA05D7B930C1286084B404DE ]

C:\Windows\System32\scesrv.dll
16:48:52.0558 4504  C:\Windows\System32\scesrv.dll - ok
16:48:52.0561 4504  [ 7BEDD051B53821B040EAD42DB0724848 ]

C:\Windows\System32\WerFault.exe
16:48:52.0561 4504  C:\Windows\System32\WerFault.exe - ok
16:48:52.0564 4504  [ 1AE011BB950A5E0B05023D2AFEC3666D ]

C:\Windows\System32\authz.dll
16:48:52.0564 4504  C:\Windows\System32\authz.dll - ok
16:48:52.0568 4504  [ 98B656EAF128CD06F625B09C84D959E1 ]

C:\Windows\System32\netapi32.dll
16:48:52.0568 4504  C:\Windows\System32\netapi32.dll - ok
16:48:52.0572 4504  [ A3E186B4B935905B829219502557314E ]

C:\Windows\System32\lsass.exe
16:48:52.0572 4504  C:\Windows\System32\lsass.exe - ok
16:48:52.0575 4504  [ 13CC59C1B04E9F20A87987C68CD4BE3F ]

C:\Windows\System32\ncrypt.dll
16:48:52.0575 4504  C:\Windows\System32\ncrypt.dll - ok
16:48:52.0578 4504  [ 4774AD6C447E02E954BD9A793614EBEC ]

C:\Windows\System32\lsm.exe
16:48:52.0578 4504  C:\Windows\System32\lsm.exe - ok
16:48:52.0581 4504  [ 71F5A7104FDF16C0AC5283A6CE666553 ]

C:\Windows\System32\sysntfy.dll
16:48:52.0581 4504  C:\Windows\System32\sysntfy.dll - ok
16:48:52.0585 4504  [ F0321DA5203F1E71917F3B7A13DC4912 ]

C:\Windows\System32\wmsgapi.dll
16:48:52.0585 4504  C:\Windows\System32\wmsgapi.dll - ok
16:48:52.0589 4504  [ 2FA16465F64DB54B1F7F511395EB4FD7 ]

C:\Windows\System32\ncobjapi.dll
16:48:52.0589 4504  C:\Windows\System32\ncobjapi.dll - ok
16:48:52.0592 4504  [ B0F9073BE86C6D4EDD4EBA674251E699 ]

C:\Windows\System32\crypt32.dll
16:48:52.0592 4504  C:\Windows\System32\crypt32.dll - ok
16:48:52.0595 4504  [ 178FAC2B7C66E9A4400CE7AC37623E3F ]

C:\Windows\System32\lsasrv.dll
16:48:52.0595 4504  C:\Windows\System32\lsasrv.dll - ok
16:48:52.0598 4504  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ]

C:\Windows\System32\aelupsvc.dll
16:48:52.0598 4504  C:\Windows\System32\aelupsvc.dll - ok
16:48:52.0602 4504  [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ]

C:\Windows\System32\msasn1.dll
16:48:52.0602 4504  C:\Windows\System32\msasn1.dll - ok
16:48:52.0605 4504  [ A1545B731579895D8CC44FC0481C1192 ]

C:\Windows\System32\alg.exe
16:48:52.0605 4504  C:\Windows\System32\alg.exe - ok
16:48:52.0608 4504  [ C6D704C7F0434DC791AAC37CAC4B6E14 ]

C:\Windows\System32\appinfo.dll
16:48:52.0608 4504  C:\Windows\System32\appinfo.dll - ok
16:48:52.0611 4504  [ 0FE769CAE5855B53C90E23F85E7E89FF ]

C:\Windows\System32\appmgmts.dll
16:48:52.0612 4504  C:\Windows\System32\appmgmts.dll - ok
16:48:52.0615 4504  [ DE0DD9AE3430F84A96B5501112A696BE ]

C:\Windows\System32\bcrypt.dll
16:48:52.0615 4504  C:\Windows\System32\bcrypt.dll - ok
16:48:52.0619 4504  [ 7808BF0E367ED7348808879CEF482AB3 ]

C:\Windows\System32\samsrv.dll
16:48:52.0619 4504  C:\Windows\System32\samsrv.dll - ok
16:48:52.0622 4504  [ 459B48188494490707DCA8BAA91AA185 ]

C:\Windows\System32\cryptdll.dll
16:48:52.0622 4504  C:\Windows\System32\cryptdll.dll - ok
16:48:52.0625 4504  [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ]

C:\Windows\System32\wer.dll
16:48:52.0625 4504  C:\Windows\System32\wer.dll - ok
16:48:52.0629 4504  [ EC760B0B76A4353DE49D66520EB2141F ]

C:\Windows\System32\SensApi.dll
16:48:52.0629 4504  C:\Windows\System32\SensApi.dll - ok
16:48:52.0633 4504  [ 85E861D0B88DB2B54ACB0839654C09F7 ]

C:\Windows\System32\dnsapi.dll
16:48:52.0633 4504  C:\Windows\System32\dnsapi.dll - ok
16:48:52.0636 4504  [ 68E2A1A0407A66CF50DA0300852424AB ]

C:\Windows\System32\audiosrv.dll
16:48:52.0636 4504  C:\Windows\System32\audiosrv.dll - ok
16:48:52.0638 4504  [ 453DE2958C885527E20C79A3FEFE6AF7 ]

C:\Windows\System32\samlib.dll
16:48:52.0639 4504  C:\Windows\System32\samlib.dll - ok
16:48:52.0642 4504  [ C789AF0F724FDA5852FB9A7D3A432381 ]

C:\Windows\System32\BFE.DLL
16:48:52.0642 4504  C:\Windows\System32\BFE.DLL - ok
16:48:52.0645 4504  [ 965AC9FBF2C67231C157E99C03C58D24 ]

C:\Windows\System32\feclient.dll
16:48:52.0645 4504  C:\Windows\System32\feclient.dll - ok
16:48:52.0649 4504  [ 1F94EA31C9543B855F53BDAC7792DA4E ]

C:\Windows\System32\mpr.dll
16:48:52.0649 4504  C:\Windows\System32\mpr.dll - ok
16:48:52.0652 4504  [ 7F0F1D4B0D847696F8E309423D227DCE ]

C:\Windows\System32\ntdsapi.dll
16:48:52.0652 4504  C:\Windows\System32\ntdsapi.dll - ok
16:48:52.0655 4504  [ DC15AB7168C0309D8F04FD95B6240422 ]

C:\Windows\System32\oleacc.dll
16:48:52.0656 4504  C:\Windows\System32\oleacc.dll - ok
16:48:52.0659 4504  [ 93952506C6D67330367F7E7934B6A02F ]

C:\Windows\System32\qmgr.dll
16:48:52.0659 4504  C:\Windows\System32\qmgr.dll - ok
16:48:52.0662 4504  [ C6DF7A87063D006ECF1FD8156CB6DE3F ]

C:\Windows\System32\SLC.dll
16:48:52.0662 4504  C:\Windows\System32\SLC.dll - ok
16:48:52.0666 4504  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ]

C:\Windows\System32\wevtapi.dll
16:48:52.0666 4504  C:\Windows\System32\wevtapi.dll - ok
16:48:52.0669 4504  [ 7F15B4953378C8B5161D65C26D5FED4D ]

C:\Windows\System32\cngaudit.dll
16:48:52.0669 4504  C:\Windows\System32\cngaudit.dll - ok
16:48:52.0672 4504  [ 9028559C132146FB75EB7ACF384B086A ]

C:\Windows\System32\dhcpcsvc.dll
16:48:52.0672 4504  C:\Windows\System32\dhcpcsvc.dll - ok
16:48:52.0676 4504  [ DFB6B71CDABA9DFB49C9D2B318B97A1A ]

C:\Windows\System32\dhcpcsvc6.dll
16:48:52.0676 4504  C:\Windows\System32\dhcpcsvc6.dll - ok
16:48:52.0679 4504  [ 4FE8425F21B3F0F8C4B4726351D43EAA ]

C:\Windows\System32\IPHLPAPI.DLL
16:48:52.0679 4504  C:\Windows\System32\IPHLPAPI.DLL - ok
16:48:52.0682 4504  [ 6B09105742C75DF80CEF21700F20F55A ]

C:\Windows\System32\winnsi.dll
16:48:52.0682 4504  C:\Windows\System32\winnsi.dll - ok
16:48:52.0686 4504  [ 77784A2BD5912A4EC6284255865526BC ]

C:\Windows\System32\Faultrep.dll
16:48:52.0686 4504  C:\Windows\System32\Faultrep.dll - ok
16:48:52.0689 4504  [ 69827805A221C21450BA22F4326A2EE3 ]

C:\Windows\System32\version.dll
16:48:52.0689 4504  C:\Windows\System32\version.dll - ok
16:48:52.0693 4504  [ BE3C082837866C4C291ADAF163C10EA6 ]

C:\Windows\winsxs\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0e

d3\comctl32.dll
16:48:52.0693 4504 

C:\Windows\winsxs\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0e

d3\comctl32.dll - ok
16:48:52.0696 4504  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ]

C:\Windows\System32\browser.dll
16:48:52.0697 4504  C:\Windows\System32\browser.dll - ok
16:48:52.0700 4504  [ 312EC3E37A0A1F2006534913E37B4423 ]

C:\Windows\System32\certprop.dll
16:48:52.0700 4504  C:\Windows\System32\certprop.dll - ok
16:48:52.0703 4504  [ 4211249955AF9133E2E357CC92B54DFD ]

C:\Windows\System32\comres.dll
16:48:52.0703 4504  C:\Windows\System32\comres.dll - ok
16:48:52.0706 4504  [ 26F139DDEC6407508071930D3D07337E ]

C:\Windows\System32\credssp.dll
16:48:52.0706 4504  C:\Windows\System32\credssp.dll - ok
16:48:52.0710 4504  [ AA01497884F9CBAC89470120AF78D2B1 ]

C:\Windows\System32\kerberos.dll
16:48:52.0710 4504  C:\Windows\System32\kerberos.dll - ok
16:48:52.0714 4504  [ ABE9EEA1EABEA0711610A637A7B1C25D ]

C:\Windows\System32\msprivs.dll
16:48:52.0714 4504  C:\Windows\System32\msprivs.dll - ok
16:48:52.0717 4504  [ 22CFAEB9172F5F198048401485CD0571 ]

C:\Windows\System32\WSHTCPIP.DLL
16:48:52.0717 4504  C:\Windows\System32\WSHTCPIP.DLL - ok
16:48:52.0720 4504  [ F1E8C34892336D33EDDCDFE44E474F64 ]

C:\Windows\System32\cryptsvc.dll
16:48:52.0720 4504  C:\Windows\System32\cryptsvc.dll - ok
16:48:52.0723 4504  [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ]

C:\Windows\System32\wship6.dll
16:48:52.0723 4504  C:\Windows\System32\wship6.dll - ok
16:48:52.0726 4504  [ 05C3B38DB95BA5585817A4F898EE5581 ]

C:\Windows\System32\wshqos.dll
16:48:52.0726 4504  C:\Windows\System32\wshqos.dll - ok
16:48:52.0730 4504  [ 0A2095F92F6AE4FE6484D911B0C21E95 ]

C:\Windows\System32\cscsvc.dll
16:48:52.0730 4504  C:\Windows\System32\cscsvc.dll - ok
16:48:52.0733 4504  [ 74F380C8EC8813626C670D46E8A714D1 ]

C:\Windows\System32\dfsrres.dll
16:48:52.0733 4504  C:\Windows\System32\dfsrres.dll - ok
16:48:52.0736 4504  [ 08D6D1692B62C9EE4062E1FA04D8FE2F ]

C:\Windows\System32\oleres.dll
16:48:52.0736 4504  C:\Windows\System32\oleres.dll - ok
16:48:52.0739 4504  [ FC62A635063B762E1C3C60EA77279378 ]

C:\Windows\System32\NapiNSP.dll
16:48:52.0740 4504  C:\Windows\System32\NapiNSP.dll - ok
16:48:52.0743 4504  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ]

C:\Windows\System32\nlasvc.dll
16:48:52.0743 4504  C:\Windows\System32\nlasvc.dll - ok
16:48:52.0745 4504  [ 690D41DF1D555F96D4898A0F54EBA065 ]

C:\Windows\System32\pnrpnsp.dll
16:48:52.0745 4504  C:\Windows\System32\pnrpnsp.dll - ok
16:48:52.0749 4504  [ 324FD74686B1EF5E7C19A8AF49E748F6 ]

C:\Windows\System32\dot3svc.dll
16:48:52.0749 4504  C:\Windows\System32\dot3svc.dll - ok
16:48:52.0753 4504  [ A622E888F8AA2F6B49E9BC466F0E5DEF ]

C:\Windows\System32\dps.dll
16:48:52.0753 4504  C:\Windows\System32\dps.dll - ok
16:48:52.0756 4504  [ 8617350C9B590B63E620881092751BCB ]

C:\Windows\System32\mswsock.dll
16:48:52.0756 4504  C:\Windows\System32\mswsock.dll - ok
16:48:52.0760 4504  [ 9BE3744D295A7701EB425332014F0797 ]

C:\Windows\ehome\ehrecvr.exe
16:48:52.0760 4504  C:\Windows\ehome\ehrecvr.exe - ok
16:48:52.0762 4504  [ C0B95E40D85CD807D614E264248A45B9 ]

C:\Windows\System32\eapsvc.dll
16:48:52.0762 4504  C:\Windows\System32\eapsvc.dll - ok
16:48:52.0765 4504  [ 4ABCE74D012971305249E45E095E9EA6 ]

C:\Windows\System32\msv1_0.dll
16:48:52.0765 4504  C:\Windows\System32\msv1_0.dll - ok
16:48:52.0768 4504  [ 95DAECF0FB120A7B5DA679CC54E37DDE ]

C:\Windows\System32\netlogon.dll
16:48:52.0768 4504  C:\Windows\System32\netlogon.dll - ok
16:48:52.0772 4504  [ 72910BC4A218C49EA8E43D1FAEC403A5 ]

C:\Windows\System32\winbrand.dll
16:48:52.0772 4504  C:\Windows\System32\winbrand.dll - ok
16:48:52.0776 4504  [ AD1870C8E5D6DD340C829E6074BF3C3F ]

C:\Windows\ehome\ehsched.exe
16:48:52.0776 4504  C:\Windows\ehome\ehsched.exe - ok
16:48:52.0779 4504  [ C27C4EE8926E74AA72EFCAB24C5242C3 ]

C:\Windows\ehome\ehstart.dll
16:48:52.0779 4504  C:\Windows\ehome\ehstart.dll - ok
16:48:52.0782 4504  [ 4E6B23DFC917EA39306B529B773950F4 ]

C:\Windows\System32\emdmgmt.dll
16:48:52.0782 4504  C:\Windows\System32\emdmgmt.dll - ok
16:48:52.0786 4504  [ 898E7C06A350D4A1A64A9EA264D55452 ]

C:\Windows\System32\winlogon.exe
16:48:52.0786 4504  C:\Windows\System32\winlogon.exe - ok
16:48:52.0790 4504  [ 50E3E76B0901BB4FC029BB88BFA5CE79 ]

C:\Windows\System32\schannel.dll
16:48:52.0790 4504  C:\Windows\System32\schannel.dll - ok
16:48:52.0793 4504  [ A1B40A28F38D27A7E3229EE4C7064434 ]

C:\Windows\System32\wevtsvc.dll
16:48:52.0793 4504  C:\Windows\System32\wevtsvc.dll - ok
16:48:52.0797 4504  [ 4AAFC7461633848AA87A363B2CBEC522 ]

C:\Windows\System32\winsta.dll
16:48:52.0797 4504  C:\Windows\System32\winsta.dll - ok
16:48:52.0800 4504  [ 5C23BBF67E6C373926525367D29F6E0C ]

C:\Windows\System32\FXSRESM.dll
16:48:52.0800 4504  C:\Windows\System32\FXSRESM.dll - ok
16:48:52.0803 4504  [ 6629B5F0E98151F4AFDD87567EA32BA3 ]

C:\Windows\System32\fdPHost.dll
16:48:52.0803 4504  C:\Windows\System32\fdPHost.dll - ok
16:48:52.0806 4504  [ 89ED56DCE8E47AF40892778A5BD31FD2 ]

C:\Windows\System32\FDResPub.dll
16:48:52.0806 4504  C:\Windows\System32\FDResPub.dll - ok
16:48:52.0810 4504  [ 93620229F3CC3B67A3528BF39F064C30 ]

C:\Windows\System32\wdigest.dll
16:48:52.0810 4504  C:\Windows\System32\wdigest.dll - ok
16:48:52.0813 4504  [ 8CE364388C8ECA59B14B539179276D44 ]

C:\Windows\System32\FntCache.dll
16:48:52.0813 4504  C:\Windows\System32\FntCache.dll - ok
16:48:52.0817 4504  [ E14170AEA125119B98FA2BDE3FF4F462 ]

C:\Windows\System32\rsaenh.dll
16:48:52.0817 4504  C:\Windows\System32\rsaenh.dll - ok
16:48:52.0821 4504  [ F8873D15018F411588BEC02C1725BADA ]

C:\Windows\System32\TSpkg.dll
16:48:52.0821 4504  C:\Windows\System32\TSpkg.dll - ok
16:48:52.0824 4504  [ 0F420E81062757EA8363CBACD4D40D6D ]

C:\Windows\System32\gpapi.dll
16:48:52.0824 4504  C:\Windows\System32\gpapi.dll - ok
16:48:52.0827 4504  [ 302964DCAC79D618CC7B72C778DA9FD2 ]

C:\Windows\System32\PresentationHost.exe
16:48:52.0827 4504  C:\Windows\System32\PresentationHost.exe

- ok
16:48:52.0831 4504  [ 05586F5438AB0DA4F5149159E0E5FD4B ]

C:\Windows\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\ServiceModelInstallRC.dll
16:48:52.0831 4504  C:\Windows\Microsoft.NET\Framework\v3.0

\Windows Communication Foundation\ServiceModelInstallRC.dll

- ok
16:48:52.0835 4504  [ 84067081F3318162797385E11A8F0582 ]

C:\Windows\System32\hidserv.dll
16:48:52.0835 4504  C:\Windows\System32\hidserv.dll - ok
16:48:52.0838 4504  [ D8AD255B37DA92434C26E4876DB7D418 ]

C:\Windows\System32\KMSVC.DLL
16:48:52.0838 4504  C:\Windows\System32\KMSVC.DLL - ok
16:48:52.0842 4504  [ 9908D8A397B76CD8D31D0D383C5773C9 ]

C:\Windows\System32\IKEEXT.DLL
16:48:52.0842 4504  C:\Windows\System32\IKEEXT.DLL - ok
16:48:52.0844 4504  [ 9AC218C6E6105477484C6FDBE7D409A4 ]

C:\Windows\System32\IPBusEnum.dll
16:48:52.0844 4504  C:\Windows\System32\IPBusEnum.dll - ok
16:48:52.0848 4504  [ 3464DAE0E801F5A81A23C571D86F30B2 ]

C:\Windows\System32\rascfg.dll
16:48:52.0848 4504  C:\Windows\System32\rascfg.dll - ok
16:48:52.0852 4504  [ 1998BD97F950680BB55F55A7244679C2 ]

C:\Windows\System32\iphlpsvc.dll
16:48:52.0852 4504  C:\Windows\System32\iphlpsvc.dll - ok
16:48:52.0855 4504  [ 74C2F29CC612B2B34231BEBD824D2FB2 ]

C:\Windows\System32\keyiso.dll
16:48:52.0855 4504  C:\Windows\System32\keyiso.dll - ok
16:48:52.0859 4504  [ 1BF5EEBFD518DD7298434D8C862F825D ]

C:\Windows\System32\srvsvc.dll
16:48:52.0859 4504  C:\Windows\System32\srvsvc.dll - ok
16:48:52.0862 4504  [ 132F6237FA3BF3E9715F63A1CCF72BF1 ]

C:\Windows\ehome\ehres.dll



16:48:52.0862 4504  C:\Windows\ehome\ehres.dll - ok
16:48:52.0865 4504  [ FA0593D936C9B95FB6FAA32AD1595D49 ]

C:\Windows\System32\lltdres.dll
16:48:52.0865 4504  C:\Windows\System32\lltdres.dll - ok
16:48:52.0869 4504  [ 35D40113E4A5B961B6CE5C5857702518 ]

C:\Windows\System32\lmhsvc.dll
16:48:52.0869 4504  C:\Windows\System32\lmhsvc.dll - ok
16:48:52.0872 4504  [ 1DB69705B695B987082C8BAEC0C6B34F ]

C:\Windows\System32\wkssvc.dll
16:48:52.0872 4504  C:\Windows\System32\wkssvc.dll - ok
16:48:52.0875 4504  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ]

C:\Windows\System32\FirewallAPI.dll
16:48:52.0875 4504  C:\Windows\System32\FirewallAPI.dll - ok
16:48:52.0879 4504  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ]

C:\Windows\System32\mmcss.dll
16:48:52.0879 4504  C:\Windows\System32\mmcss.dll - ok
16:48:52.0883 4504  [ EA822412BBBA9B7D2B1A3748AD50EFB8 ]

C:\Windows\System32\iscsidsc.dll
16:48:52.0883 4504  C:\Windows\System32\iscsidsc.dll - ok
16:48:52.0886 4504  [ ED21401F1E2F6BC2F54C462BB66D0D6B ]

C:\Windows\System32\msimsg.dll
16:48:52.0886 4504  C:\Windows\System32\msimsg.dll - ok
16:48:52.0888 4504  [ E4EAF0C5C1B41B5C83386CF212CA9584 ]

C:\Windows\System32\QAGENTRT.DLL
16:48:52.0888 4504  C:\Windows\System32\QAGENTRT.DLL - ok
16:48:52.0892 4504  [ C8052711DAECC48B982434C5116CA401 ]

C:\Windows\System32\netman.dll
16:48:52.0892 4504  C:\Windows\System32\netman.dll - ok
16:48:52.0895 4504  [ ED640F4CE585058119B824CC76591D9C ]

C:\Windows\System32\netprof.dll
16:48:52.0895 4504  C:\Windows\System32\netprof.dll - ok
16:48:52.0898 4504  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ]

C:\Windows\System32\nsisvc.dll
16:48:52.0899 4504  C:\Windows\System32\nsisvc.dll - ok
16:48:52.0902 4504  [ 0C8E8E61AD1EB0B250B846712C917506 ]

C:\Windows\System32\p2psvc.dll
16:48:52.0902 4504  C:\Windows\System32\p2psvc.dll - ok
16:48:52.0905 4504  [ C6276AD11F4BB49B58AA1ED88537F14A ]

C:\Windows\System32\pcasvc.dll
16:48:52.0905 4504  C:\Windows\System32\pcasvc.dll - ok
16:48:52.0908 4504  [ B1689DF169143F57053F795390C99DB3 ]

C:\Windows\System32\pla.dll
16:48:52.0908 4504  C:\Windows\System32\pla.dll - ok
16:48:52.0912 4504  [ 64B28D672B5B6A01E87B0C3096B1E047 ]

C:\Windows\System32\polstore.dll
16:48:52.0912 4504  C:\Windows\System32\polstore.dll - ok
16:48:52.0915 4504  [ C5E7F8A996EC0A82D508FD9064A5569E ]

C:\Windows\System32\umpnpmgr.dll
16:48:52.0915 4504  C:\Windows\System32\umpnpmgr.dll - ok
16:48:52.0919 4504  [ 0508FAA222D28835310B7BFCA7A77346 ]

C:\Windows\System32\profsvc.dll
16:48:52.0919 4504  C:\Windows\System32\profsvc.dll - ok
16:48:52.0922 4504  [ 08F9134A2215B7ED985409A4DF60AC60 ]

C:\Windows\System32\psbase.dll
16:48:52.0922 4504  C:\Windows\System32\psbase.dll - ok
16:48:52.0926 4504  [ 9F5E0E1926014D17486901C88ECA2DB7 ]

C:\Windows\System32\drivers\qwavedrv.sys
16:48:52.0926 4504  C:\Windows\System32\drivers\qwavedrv.sys

- ok
16:48:52.0930 4504  [ E9ECAE663F47E6CB43962D18AB18890F ]

C:\Windows\System32\qwave.dll
16:48:52.0930 4504  C:\Windows\System32\qwave.dll - ok
16:48:52.0933 4504  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ]

C:\Windows\System32\rasauto.dll
16:48:52.0933 4504  C:\Windows\System32\rasauto.dll - ok
16:48:52.0937 4504  [ 75D47445D70CA6F9F894B032FBC64FCF ]

C:\Windows\System32\rasmans.dll
16:48:52.0937 4504  C:\Windows\System32\rasmans.dll - ok
16:48:52.0940 4504  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ]

C:\Windows\System32\mprdim.dll
16:48:52.0940 4504  C:\Windows\System32\mprdim.dll - ok
16:48:52.0944 4504  [ 6F1A32E7B7B30F004D9A20AFADB14944 ]

C:\Windows\System32\sstpsvc.dll
16:48:52.0944 4504  C:\Windows\System32\sstpsvc.dll - ok
16:48:52.0948 4504  [ 5123F83CBC4349D065534EEB6BBDC42B ]

C:\Windows\System32\Locator.exe
16:48:52.0948 4504  C:\Windows\System32\Locator.exe - ok
16:48:52.0951 4504  [ 9E6894EA18DAFF37B63E1005F83AE4AB ]

C:\Windows\System32\regsvc.dll
16:48:52.0951 4504  C:\Windows\System32\regsvc.dll - ok
16:48:52.0954 4504  [ 77B7A11A0C3D78D3386398FBBEA1B632 ]

C:\Windows\System32\SCardSvr.dll
16:48:52.0954 4504  C:\Windows\System32\SCardSvr.dll - ok
16:48:52.0957 4504  [ 1A58069DB21D05EB2AB58EE5753EBE8D ]

C:\Windows\System32\schedsvc.dll
16:48:52.0957 4504  C:\Windows\System32\schedsvc.dll - ok
16:48:52.0961 4504  [ 716313D9F6B0529D03F726D5AAF6F191 ]

C:\Windows\System32\sdrsvc.dll
16:48:52.0961 4504  C:\Windows\System32\sdrsvc.dll - ok
16:48:52.0965 4504  [ FD5199D4D8A521005E4B5EE7FE00FA9B ]

C:\Windows\System32\seclogon.dll
16:48:52.0965 4504  C:\Windows\System32\seclogon.dll - ok
16:48:52.0968 4504  [ A9BBAB5759771E523F55563D6CBE140F ]

C:\Windows\System32\Sens.dll
16:48:52.0968 4504  C:\Windows\System32\Sens.dll - ok
16:48:52.0970 4504  [ D2193326F729B163125610DBF3E17D57 ]

C:\Windows\System32\SessEnv.dll
16:48:52.0970 4504  C:\Windows\System32\SessEnv.dll - ok
16:48:52.0974 4504  [ E1499BD0FF76B1B2FBBF1AF339D91165 ]

C:\Windows\System32\ipnathlp.dll
16:48:52.0974 4504  C:\Windows\System32\ipnathlp.dll - ok
16:48:52.0978 4504  [ C7230FBEE14437716701C15BE02C27B8 ]

C:\Windows\System32\shsvcs.dll
16:48:52.0978 4504  C:\Windows\System32\shsvcs.dll - ok
16:48:52.0981 4504  [ 862BB4CBC05D80C5B45BE430E5EF872F ]

C:\Windows\System32\SLsvc.exe
16:48:52.0981 4504  C:\Windows\System32\SLsvc.exe - ok
16:48:52.0984 4504  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ]

C:\Windows\System32\SLUINotify.dll
16:48:52.0984 4504  C:\Windows\System32\SLUINotify.dll - ok
16:48:52.0988 4504  [ 2A146A055B4401C16EE62D18B8E2A032 ]

C:\Windows\System32\snmptrap.exe
16:48:52.0988 4504  C:\Windows\System32\snmptrap.exe - ok
16:48:52.0991 4504  [ E4060CFE50F87C72316CB0FDB20E4913 ]

C:\Windows\System32\tcpipcfg.dll
16:48:52.0992 4504  C:\Windows\System32\tcpipcfg.dll - ok
16:48:52.0995 4504  [ 8554097E5136C3BF9F69FE578A1B35F4 ]

C:\Windows\System32\spoolsv.exe
16:48:52.0995 4504  C:\Windows\System32\spoolsv.exe - ok
16:48:52.0997 4504  [ 03D50B37234967433A5EA5BA72BC0B62 ]

C:\Windows\System32\ssdpsrv.dll
16:48:52.0997 4504  C:\Windows\System32\ssdpsrv.dll - ok
16:48:53.0001 4504  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ]

C:\Windows\System32\wiaservc.dll
16:48:53.0001 4504  C:\Windows\System32\wiaservc.dll - ok
16:48:53.0005 4504  [ F21FD248040681CCA1FB6C9A03AAA93D ]

C:\Windows\System32\swprv.dll
16:48:53.0005 4504  C:\Windows\System32\swprv.dll - ok
16:48:53.0009 4504  [ 9A51B04E9886AA4EE90093586B0BA88D ]

C:\Windows\System32\sysmain.dll
16:48:53.0009 4504  C:\Windows\System32\sysmain.dll - ok
16:48:53.0011 4504  [ 2DCA225EAE15F42C0933E998EE0231C3 ]

C:\Windows\System32\TabSvc.dll
16:48:53.0011 4504  C:\Windows\System32\TabSvc.dll - ok
16:48:53.0014 4504  [ D7673E4B38CE21EE54C59EEEB65E2483 ]

C:\Windows\System32\tapisrv.dll
16:48:53.0014 4504  C:\Windows\System32\tapisrv.dll - ok
16:48:53.0018 4504  [ CB05822CD9CC6C688168E113C603DBE7 ]

C:\Windows\System32\tbssvc.dll
16:48:53.0018 4504  C:\Windows\System32\tbssvc.dll - ok
16:48:53.0021 4504  [ BB95DA09BEF6E7A131BFF3BA5032090D ]

C:\Windows\System32\termsrv.dll
16:48:53.0021 4504  C:\Windows\System32\termsrv.dll - ok
16:48:53.0025 4504  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ]

C:\Windows\servicing\TrustedInstaller.exe
16:48:53.0025 4504 

C:\Windows\servicing\TrustedInstaller.exe - ok
16:48:53.0028 4504  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ]

C:\Windows\System32\trkwks.dll
16:48:53.0029 4504  C:\Windows\System32\trkwks.dll - ok
16:48:53.0032 4504  [ ECEF404F62863755951E09C802C94AD5 ]

C:\Windows\System32\UI0Detect.exe
16:48:53.0032 4504  C:\Windows\System32\UI0Detect.exe - ok
16:48:53.0035 4504  [ 8A66360F38F81E960E2367B428CBD5D9 ]

C:\Windows\System32\umrdp.dll
16:48:53.0035 4504  C:\Windows\System32\umrdp.dll - ok
16:48:53.0039 4504  [ 68308183F4AE0BE7BF8ECD07CB297999 ]

C:\Windows\System32\upnphost.dll
16:48:53.0039 4504  C:\Windows\System32\upnphost.dll - ok
16:48:53.0042 4504  [ 01DD1004181FD46ECDC3628228EB269D ]

C:\Windows\System32\dwm.exe
16:48:53.0042 4504  C:\Windows\System32\dwm.exe - ok
16:48:53.0046 4504  [ CD88D1B7776DC17A119049742EC07EB4 ]

C:\Windows\System32\vds.exe
16:48:53.0046 4504  C:\Windows\System32\vds.exe - ok
16:48:53.0049 4504  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ]

C:\Windows\System32\VSSVC.exe
16:48:53.0049 4504  C:\Windows\System32\VSSVC.exe - ok
16:48:53.0052 4504  [ 96EA68B9EB310A69C25EBB0282B2B9DE ]

C:\Windows\System32\w32time.dll
16:48:53.0052 4504  C:\Windows\System32\w32time.dll - ok
16:48:53.0055 4504  [ 20B23332885DFB93FE0185362EE811E9 ]

C:\Windows\System32\wbengine.exe
16:48:53.0056 4504  C:\Windows\System32\wbengine.exe - ok
16:48:53.0059 4504  [ A3CD60FD826381B49F03832590E069AF ]

C:\Windows\System32\wcncsvc.dll
16:48:53.0059 4504  C:\Windows\System32\wcncsvc.dll - ok
16:48:53.0062 4504  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ]

C:\Windows\System32\WcsPlugInService.dll
16:48:53.0062 4504  C:\Windows\System32\WcsPlugInService.dll

- ok
16:48:53.0065 4504  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ]

C:\Windows\System32\drivers\Wdf01000.sys
16:48:53.0065 4504  C:\Windows\System32\drivers\Wdf01000.sys

- ok
16:48:53.0069 4504  [ ABFC76B48BB6C96E3338D8943C5D93B5 ]

C:\Windows\System32\wdi.dll
16:48:53.0069 4504  C:\Windows\System32\wdi.dll - ok
16:48:53.0073 4504  [ 04C37D8107320312FBAE09926103D5E2 ]

C:\Windows\System32\WebClnt.dll
16:48:53.0073 4504  C:\Windows\System32\WebClnt.dll - ok
16:48:53.0077 4504  [ AE3736E7E8892241C23E4EBBB7453B60 ]

C:\Windows\System32\wecsvc.dll
16:48:53.0077 4504  C:\Windows\System32\wecsvc.dll - ok
16:48:53.0080 4504  [ 670FF720071ED741206D69BD995EA453 ]

C:\Windows\System32\wercplsupport.dll
16:48:53.0080 4504  C:\Windows\System32\wercplsupport.dll -

ok
16:48:53.0083 4504  [ 32B88481D3B326DA6DEB07B1D03481E7 ]

C:\Windows\System32\wersvc.dll
16:48:53.0083 4504  C:\Windows\System32\wersvc.dll - ok
16:48:53.0087 4504  [ 62DB790A860CDFC4278D2F03CC5675D8 ]

C:\Program Files\Windows Defender\MsMpRes.dll
16:48:53.0087 4504  C:\Program Files\Windows

Defender\MsMpRes.dll - ok
16:48:53.0091 4504  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ]

C:\Windows\System32\wbem\WMIsvc.dll
16:48:53.0091 4504  C:\Windows\System32\wbem\WMIsvc.dll - ok
16:48:53.0094 4504  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ]

C:\Windows\System32\winhttp.dll
16:48:53.0094 4504  C:\Windows\System32\winhttp.dll - ok
16:48:53.0096 4504  [ 7CFE68BDC065E55AA5E8421607037511 ]

C:\Windows\System32\WsmSvc.dll
16:48:53.0097 4504  C:\Windows\System32\WsmSvc.dll - ok
16:48:53.0101 4504  [ 43BE3875207DCB62A85C8C49970B66CC ]

C:\Windows\System32\wbem\WmiApSrv.exe
16:48:53.0101 4504  C:\Windows\System32\wbem\WmiApSrv.exe -

ok
16:48:53.0104 4504  [ C008405E4FEEB069E30DA1D823910234 ]

C:\Windows\System32\wlansvc.dll
16:48:53.0104 4504  C:\Windows\System32\wlansvc.dll - ok
16:48:53.0108 4504  [ 3978704576A121A9204F8CC49A301A9B ]

C:\Program Files\Windows Media Player\wmpnetwk.exe
16:48:53.0108 4504  C:\Program Files\Windows Media

Player\wmpnetwk.exe - ok
16:48:53.0111 4504  [ CFC5A04558F5070CEE3E3A7809F3FF52 ]

C:\Windows\System32\wpcsvc.dll
16:48:53.0111 4504  C:\Windows\System32\wpcsvc.dll - ok
16:48:53.0115 4504  [ 801FBDB89D472B3C467EB112A0FC9246 ]

C:\Windows\System32\wpdbusenum.dll
16:48:53.0115 4504  C:\Windows\System32\wpdbusenum.dll - ok
16:48:53.0119 4504  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ]

C:\Windows\Microsoft.NET\Framework\v4.0.30319

\WPF\WPFFontCache_v0400.exe
16:48:53.0119 4504 

C:\Windows\Microsoft.NET\Framework\v4.0.30319

\WPF\WPFFontCache_v0400.exe - ok
16:48:53.0122 4504  [ 1CA6C40261DDC0425987980D0CD2AAAB ]

C:\Windows\System32\wscsvc.dll
16:48:53.0122 4504  C:\Windows\System32\wscsvc.dll - ok
16:48:53.0125 4504  [ AED0DFF80C6B3914769407E78D7AB21A ]

C:\Windows\System32\SearchIndexer.exe
16:48:53.0125 4504  C:\Windows\System32\SearchIndexer.exe -

ok
16:48:53.0129 4504  [ FC3EC24FCE372C89423E015A2AC1A31E ]

C:\Windows\System32\wuaueng.dll
16:48:53.0129 4504  C:\Windows\System32\wuaueng.dll - ok
16:48:53.0133 4504  [ 06E6F32C8D0A3F66D956F57B43A2E070 ]

C:\Windows\System32\drivers\WUDFPf.sys
16:48:53.0133 4504  C:\Windows\System32\drivers\WUDFPf.sys -

ok
16:48:53.0135 4504  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ]

C:\Windows\System32\WUDFSvc.dll
16:48:53.0135 4504  C:\Windows\System32\WUDFSvc.dll - ok
16:48:53.0139 4504  [ 8FC182167381E9915651267044105EE1 ]

C:\Windows\System32\scecli.dll
16:48:53.0139 4504  C:\Windows\System32\scecli.dll - ok
16:48:53.0142 4504  [ CD08EEC61C591AF59A39F4363C567D30 ]

C:\Windows\System32\ntmarta.dll
16:48:53.0142 4504  C:\Windows\System32\ntmarta.dll - ok
16:48:53.0146 4504  [ 3794B461C45882E06856F282EEF025AF ]

C:\Windows\System32\svchost.exe
16:48:53.0146 4504  C:\Windows\System32\svchost.exe - ok
16:48:53.0150 4504  [ 9A7F4B2EDACD11444D048AA19CBB26AF ]

C:\Windows\System32\powrprof.dll
16:48:53.0150 4504  C:\Windows\System32\powrprof.dll - ok
16:48:53.0154 4504  [ 8F5C7426567798E62A3B3614965D62CC ]

C:\Windows\System32\drivers\luafv.sys
16:48:53.0154 4504  C:\Windows\System32\drivers\luafv.sys -

ok
16:48:53.0157 4504  [ 87574F4C899E8AEDDDC1EDF71D3E045E ]

C:\Windows\System32\drivers\sbapifs.sys
16:48:53.0157 4504  C:\Windows\System32\drivers\sbapifs.sys

- ok
16:48:53.0160 4504  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ]

C:\Windows\System32\nvvsvc.exe
16:48:53.0160 4504  C:\Windows\System32\nvvsvc.exe - ok
16:48:53.0164 4504  [ F42483814FC39170B3982A184EC5AAA2 ]

C:\Windows\System32\wtsapi32.dll
16:48:53.0164 4504  C:\Windows\System32\wtsapi32.dll - ok
16:48:53.0168 4504  [ F0359F7CE712D69ACEF0886BDB4792ED ]

C:\Program Files\NVIDIA Corporation\3D

Vision\nvSCPAPISvr.exe
16:48:53.0168 4504  C:\Program Files\NVIDIA Corporation\3D

Vision\nvSCPAPISvr.exe - ok
16:48:53.0171 4504  [ 145E7826A07D98628924A9B06F6273AB ]

C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll
16:48:53.0171 4504  C:\Program Files\NVIDIA Corporation\3D

Vision\nvstres.dll - ok
16:48:53.0175 4504  [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ]

C:\Windows\System32\winspool.drv
16:48:53.0175 4504  C:\Windows\System32\winspool.drv - ok
16:48:53.0178 4504  [ 7AD857422AFA068A39A4B4BBF7FCC49C ]

C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll
16:48:53.0178 4504  C:\Program Files\NVIDIA Corporation\3D

Vision\nvwl.dll - ok
16:48:53.0182 4504  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ]

C:\Windows\System32\rpcss.dll
16:48:53.0182 4504  C:\Windows\System32\rpcss.dll - ok
16:48:53.0185 4504  [ B2E569EF26DAC9D6994A2AFF4F601B7A ]

C:\Windows\System32\wintrust.dll
16:48:53.0185 4504  C:\Windows\System32\wintrust.dll - ok
16:48:53.0189 4504  [ A99871BA522CB2539AE275AC18CACC8F ]

C:\Windows\System32\cabinet.dll
16:48:53.0189 4504  C:\Windows\System32\cabinet.dll - ok
16:48:53.0192 4504  [ 4575AA12561C5648483403541D0D7F2B ]

C:\Program Files\Windows Defender\MpSvc.dll
16:48:53.0192 4504  C:\Program Files\Windows

Defender\MpSvc.dll - ok
16:48:53.0196 4504  [ 1BD363738B672A394EBE3B8A78EAB9D3 ]

C:\Program Files\Windows Defender\MpClient.dll
16:48:53.0196 4504  C:\Program Files\Windows

Defender\MpClient.dll - ok
16:48:53.0200 4504  [ 62D577288B48998FC6667BF22DC5B690 ]

C:\Windows\System32\LogonUI.exe
16:48:53.0200 4504  C:\Windows\System32\LogonUI.exe - ok
16:48:53.0203 4504  [ 58C2521D87C494831A625202C80354AD ]

C:\Windows\System32\authui.dll
16:48:53.0203 4504  C:\Windows\System32\authui.dll - ok
16:48:53.0206 4504  [ 56B5914070B2C243DFB3D186070DA89D ]

C:\Windows\System32\MMDevAPI.dll
16:48:53.0206 4504  C:\Windows\System32\MMDevAPI.dll - ok
16:48:53.0210 4504  [ C9244BCAC83B259B920BBEE18A97BFE1 ]

C:\Windows\System32\avrt.dll
16:48:53.0210 4504  C:\Windows\System32\avrt.dll - ok
16:48:53.0214 4504  [ 97FEF831AB90BEE128C9AF390E243F80 ]

C:\Windows\System32\drivers\drmkaud.sys
16:48:53.0214 4504  C:\Windows\System32\drivers\drmkaud.sys

- ok
16:48:53.0217 4504  [ 2EC53B5A351C4D443896DBAD117F7E82 ]

C:\Windows\System32\msimg32.dll
16:48:53.0217 4504  C:\Windows\System32\msimg32.dll - ok
16:48:53.0220 4504  [ 999D69DEB576C2C424294DF025891CC6 ]

C:\Windows\System32\uxtheme.dll
16:48:53.0220 4504  C:\Windows\System32\uxtheme.dll - ok
16:48:53.0227 4504  [ 76EAEF4DDEBBC7C38853F586C0E91DCE ]

C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144cc

f1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
16:48:53.0227 4504 

C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144cc

f1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
16:48:53.0230 4504  [ 75EB73E64F5B4655D9797D20F26DE320 ]

C:\Windows\System32\duser.dll
16:48:53.0230 4504  C:\Windows\System32\duser.dll - ok
16:48:53.0234 4504  [ 1908CC7673F72601AFFDCA022689CEDF ]

C:\Windows\System32\xmllite.dll
16:48:53.0234 4504  C:\Windows\System32\xmllite.dll - ok
16:48:53.0237 4504  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ]

C:\Windows\System32\SmartcardCredentialProvider.dll
16:48:53.0237 4504  C:\Windows\System32

\SmartcardCredentialProvider.dll - ok
16:48:53.0241 4504  [ 9DC3723519F52B6BC63EACD4BD411313 ]

C:\Windows\System32\rasplap.dll
16:48:53.0241 4504  C:\Windows\System32\rasplap.dll - ok
16:48:53.0245 4504  [ 3CB863B78642405371CB3A71C07E2382 ]

C:\Windows\System32\rasapi32.dll
16:48:53.0245 4504  C:\Windows\System32\rasapi32.dll - ok
16:48:53.0247 4504  [ 3A1DDA77F331D107BA40DB06E4D666E9 ]

C:\Windows\System32\rasman.dll
16:48:53.0247 4504  C:\Windows\System32\rasman.dll - ok
16:48:53.0250 4504  [ 3D418A22A56471295AEB1CEB9027C3DA ]

C:\Windows\System32\rtutils.dll
16:48:53.0250 4504  C:\Windows\System32\rtutils.dll - ok
16:48:53.0254 4504  [ 70F08ECE7A30A639D3F0C8C433685C7D ]

C:\Windows\System32\tapi32.dll
16:48:53.0254 4504  C:\Windows\System32\tapi32.dll - ok
16:48:53.0258 4504  [ 14FF750EFE13B0C21E5A06507C3A97B1 ]

C:\Windows\System32\winmm.dll
16:48:53.0258 4504  C:\Windows\System32\winmm.dll - ok
16:48:53.0260 4504  [ 627920CFF5DFCF8CF54CF2D592D61307 ]

C:\Windows\System32\WinSCard.dll
16:48:53.0260 4504  C:\Windows\System32\WinSCard.dll - ok
16:48:53.0264 4504  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ]

C:\Windows\System32\shacct.dll
16:48:53.0264 4504  C:\Windows\System32\shacct.dll - ok
16:48:53.0267 4504  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ]

C:\Windows\System32\shgina.dll
16:48:53.0267 4504  C:\Windows\System32\shgina.dll - ok
16:48:53.0270 4504  [ 7DACD94118E2D8B6D72F47ADEB0367BF ]

C:\Windows\System32\propsys.dll
16:48:53.0271 4504  C:\Windows\System32\propsys.dll - ok
16:48:53.0275 4504  [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ]

C:\Windows\System32\adtschema.dll
16:48:53.0275 4504  C:\Windows\System32\adtschema.dll - ok
16:48:53.0278 4504  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ]

C:\Windows\System32\drivers\fltMgr.sys
16:48:53.0278 4504  C:\Windows\System32\drivers\fltMgr.sys -

ok
16:48:53.0281 4504  [ 57418956DDAE128D1023C508E7D07071 ]

C:\Windows\System32\PSHED.DLL
16:48:53.0281 4504  C:\Windows\System32\PSHED.DLL - ok
16:48:53.0284 4504  [ 3437B9E218A2E4586BEF4F7A3BD00777 ]

C:\Windows\System32\audiodg.exe
16:48:53.0284 4504  C:\Windows\System32\audiodg.exe - ok
16:48:53.0288 4504  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ]

C:\Windows\System32\gpsvc.dll
16:48:53.0289 4504  C:\Windows\System32\gpsvc.dll - ok
16:48:53.0292 4504  [ D1A84F7D4CAFCFE2A32149FF418056E5 ]

C:\Windows\System32\nlaapi.dll
16:48:53.0292 4504  C:\Windows\System32\nlaapi.dll - ok
16:48:53.0295 4504  [ 7258434974EA735725FD2D4A65C5E821 ]

C:\Windows\System32\AudioSes.dll
16:48:53.0295 4504  C:\Windows\System32\AudioSes.dll - ok
16:48:53.0298 4504  [ 919CC2A0476D5A6A4C935D4B88E29912 ]

C:\Windows\System32\ksuser.dll
16:48:53.0298 4504  C:\Windows\System32\ksuser.dll - ok
16:48:53.0302 4504  [ 4DF066ECEE5A7B20BF8B39EF4D646600 ]

C:\Windows\System32\wdmaud.drv
16:48:53.0302 4504  C:\Windows\System32\wdmaud.drv - ok
16:48:53.0305 4504  [ 409F36C8BD06FCE184631EB4142B009A ]

C:\Windows\System32\atl.dll
16:48:53.0305 4504  C:\Windows\System32\atl.dll - ok
16:48:53.0308 4504  [ 67058C46504BC12D821F38CF99B7B28F ]

C:\Windows\System32\es.dll
16:48:53.0308 4504  C:\Windows\System32\es.dll - ok
16:48:53.0311 4504  [ DB7F4AB85298F3FE522C5512B8B0F56D ]

C:\Windows\System32\AudioEng.dll
16:48:53.0311 4504  C:\Windows\System32\AudioEng.dll - ok
16:48:53.0314 4504  [ BDBB449425991154135E5ED1559927E6 ]

C:\Windows\System32\msacm32.dll
16:48:53.0314 4504  C:\Windows\System32\msacm32.dll - ok
16:48:53.0318 4504  [ 166F004D73EA2CF4AC61800CA469458D ]

C:\Windows\System32\msacm32.drv
16:48:53.0318 4504  C:\Windows\System32\msacm32.drv - ok
16:48:53.0322 4504  [ 83199EF88D691E730B80666E29F90D58 ]

C:\Windows\System32\midimap.dll
16:48:53.0322 4504  C:\Windows\System32\midimap.dll - ok
16:48:53.0325 4504  [ C71F2B4D0151CFEDE5D405C5D60B6FCE ]

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
16:48:53.0326 4504  C:\Program Files\NVIDIA

Corporation\Display\nvxdsync.exe - ok
16:48:53.0329 4504  [ DEC53E152E18541D3D585794D99F02B7 ]

C:\Windows\System32\nvsvc.dll
16:48:53.0329 4504  C:\Windows\System32\nvsvc.dll - ok
16:48:53.0332 4504  [ 8269CC01940A202BBB9FDF26705DBD67 ]

C:\Windows\System32\hid.dll
16:48:53.0332 4504  C:\Windows\System32\hid.dll - ok
16:48:53.0336 4504  [ 1509E705F3AC1D474C92454A5C2DD81F ]

C:\Windows\System32\uxsms.dll
16:48:53.0336 4504  C:\Windows\System32\uxsms.dll - ok
16:48:53.0340 4504  [ D5CF1536137026ACDED95BF6CBF849F6 ]

C:\Windows\System32\WUDFPlatform.dll
16:48:53.0340 4504  C:\Windows\System32\WUDFPlatform.dll -

ok
16:48:53.0343 4504  [ 296937202E4D930AAE98085B99D744D8 ]

C:\Windows\System32\AUDIOKSE.dll
16:48:53.0343 4504  C:\Windows\System32\AUDIOKSE.dll - ok
16:48:53.0346 4504  [ 0727200F10320A6BA7E59433094FBBA7 ]

C:\Windows\System32\WMALFXGFXDSP.dll
16:48:53.0346 4504  C:\Windows\System32\WMALFXGFXDSP.dll -

ok
16:48:53.0350 4504  [ 11695C9D4ADB2E9C6C5B0B6447F4EAD7 ]

C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
16:48:53.0350 4504  C:\Program Files\NVIDIA

Corporation\Display\nvxdapix.dll - ok
16:48:53.0353 4504  [ BF142D4F8C61ED3629A9CDD7BA867900 ]

C:\Windows\System32\mfplat.dll
16:48:53.0353 4504  C:\Windows\System32\mfplat.dll - ok
16:48:53.0357 4504  [ D1C5883087A0C3F1344D9D55A44901F6 ]

C:\Windows\System32\drivers\lltdio.sys
16:48:53.0357 4504  C:\Windows\System32\drivers\lltdio.sys -

ok
16:48:53.0360 4504  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ]

C:\Windows\System32\drivers\nwifi.sys
16:48:53.0360 4504  C:\Windows\System32\drivers\nwifi.sys -

ok
16:48:53.0363 4504  [ D6973AA34C4D5D76C0430B181C3CD389 ]

C:\Windows\System32\drivers\ndisuio.sys
16:48:53.0363 4504  C:\Windows\System32\drivers\ndisuio.sys

- ok
16:48:53.0367 4504  [ 5F1DEC3824E566457F53F24F493FEF08 ]

C:\Windows\System32\mscms.dll
16:48:53.0367 4504  C:\Windows\System32\mscms.dll - ok
16:48:53.0371 4504  [ 9C508F4074A39E8B4B31D27198146FAD ]

C:\Windows\System32\drivers\rspndr.sys
16:48:53.0371 4504  C:\Windows\System32\drivers\rspndr.sys -

ok
16:48:53.0374 4504  [ 9B96F6952186336CC6E3D4E08BE2E0AF ]

C:\Windows\System32\dwmapi.dll
16:48:53.0374 4504  C:\Windows\System32\dwmapi.dll - ok
16:48:53.0377 4504  [ A7F8BAD9590ADDC425B4003E94780DFA ]

C:\Windows\System32\drivers\spsys.sys
16:48:53.0377 4504  C:\Windows\System32\drivers\spsys.sys -

ok
16:48:53.0381 4504  [ 57D762F6F5974AF0DA2BE88A3349BAAA ]

C:\Windows\System32\dnsrslvr.dll
16:48:53.0381 4504  C:\Windows\System32\dnsrslvr.dll - ok
16:48:53.0385 4504  [ CEDE7CB889F5BAE7B6FA90C8BBA79498 ]

C:\Windows\System32\nvapi.dll
16:48:53.0385 4504  C:\Windows\System32\nvapi.dll - ok
16:48:53.0387 4504  [ 6836D001FC733F205ACB80A7986CB6C9 ]

C:\Windows\System32\WindowsCodecs.dll
16:48:53.0387 4504  C:\Windows\System32\WindowsCodecs.dll -

ok
16:48:53.0390 4504  [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ]

C:\Windows\System32\eapphost.dll
16:48:53.0390 4504  C:\Windows\System32\eapphost.dll - ok
16:48:53.0394 4504  [ 572CBECE3BAA034CD3AF3CBBA5A6F8F2 ]

C:\Windows\System32\nvsvcr.dll
16:48:53.0394 4504  C:\Windows\System32\nvsvcr.dll - ok
16:48:53.0397 4504  [ 3B0489DE8CC3058B48471660C60A7B75 ]

C:\Windows\System32\rastls.dll
16:48:53.0398 4504  C:\Windows\System32\rastls.dll - ok
16:48:53.0401 4504  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ]

C:\Windows\System32\raschap.dll
16:48:53.0401 4504  C:\Windows\System32\raschap.dll - ok
16:48:53.0404 4504  [ E45051C374F845EDF3DB02A35BA13193 ]

C:\Windows\System32\umb.dll
16:48:53.0404 4504  C:\Windows\System32\umb.dll - ok
16:48:53.0407 4504  [ 3727F8B85E24BBDD325BFF75F029DDE3 ]

C:\Windows\System32\wlanmsm.dll
16:48:53.0407 4504  C:\Windows\System32\wlanmsm.dll - ok
16:48:53.0411 4504  [ 4662AF853DFAD5648CE3814E7D9EF3D6 ]

C:\Windows\System32\wlansec.dll
16:48:53.0411 4504  C:\Windows\System32\wlansec.dll - ok
16:48:53.0415 4504  [ 4ED8382D5F1C9D2028FBDA35E3B2DD47 ]

C:\Program Files\NVIDIA Corporation\Display\nvui.dll
16:48:53.0415 4504  C:\Program Files\NVIDIA

Corporation\Display\nvui.dll - ok
16:48:53.0418 4504  [ B64AC7967D6B9FB2D6152AC768A1CB88 ]

C:\Windows\System32\onex.dll
16:48:53.0418 4504  C:\Windows\System32\onex.dll - ok
16:48:53.0421 4504  [ 9BA2B36132A41AEBDA66C1D90F8470C2 ]

C:\Windows\System32\nvcpl.dll
16:48:53.0421 4504  C:\Windows\System32\nvcpl.dll - ok
16:48:53.0425 4504  [ 9D9FFC923FADBB575E0452EA0BBB15BD ]

C:\Windows\System32\eappprxy.dll
16:48:53.0425 4504  C:\Windows\System32\eappprxy.dll - ok
16:48:53.0428 4504  [ 5D0FE613570CABE3992F7DBCD68E61D1 ]

C:\Windows\System32\eappcfg.dll
16:48:53.0428 4504  C:\Windows\System32\eappcfg.dll - ok
16:48:53.0432 4504  [ 91D995A67D9447592A1BF21CBC15C628 ]

C:\Windows\System32\wlgpclnt.dll
16:48:53.0432 4504  C:\Windows\System32\wlgpclnt.dll - ok
16:48:53.0435 4504  [ 19FFAD68A02AF1BF0BC336EE26CD6767 ]

C:\Windows\System32\l2gpstore.dll
16:48:53.0435 4504  C:\Windows\System32\l2gpstore.dll - ok
16:48:53.0439 4504  [ EB2170D0DDF3B2A92506AE16BC524B0B ]

C:\Windows\System32\wlanutil.dll
16:48:53.0439 4504  C:\Windows\System32\wlanutil.dll - ok
16:48:53.0443 4504  [ 0296DAEB5555A248E8ABF7E5012A37A6 ]

C:\Windows\System32\msxml6.dll
16:48:53.0443 4504  C:\Windows\System32\msxml6.dll - ok
16:48:53.0446 4504  [ 4E78E6587B4D5B014874E5938B3FBF5F ]

C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
16:48:53.0446 4504  C:\Program Files\NVIDIA

Corporation\Display\nvxdbat.dll - ok
16:48:53.0450 4504  [ CA0B849566776A17F35F0339BE17DFD9 ]

C:\Windows\System32\ktmw32.dll
16:48:53.0450 4504  C:\Windows\System32\ktmw32.dll - ok
16:48:53.0454 4504  [ 35ACD5EA63D75E97DD0E9A1629E582B2 ]

C:\Windows\winsxs\x86_microsoft.windows.common-

controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c

436\comctl32.dll
16:48:53.0454 4504 

C:\Windows\winsxs\x86_microsoft.windows.common-

controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c

436\comctl32.dll - ok
16:48:53.0457 4504  [ 04D603957DA11F2A401D114B7FF9BF36 ]

C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
16:48:53.0457 4504  C:\Program Files\NVIDIA

Corporation\Display\nvuir.dll - ok
16:48:53.0461 4504  [ 3B313DD380E041BE611577D5ADC7DC97 ]

C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
16:48:53.0462 4504  C:\Program Files\NVIDIA

Corporation\Display\nvxdplcy.dll - ok
16:48:53.0465 4504  [ 2A6A2C09ECC2CB495628E45F1379ECE8 ]

C:\Windows\System32\taskcomp.dll
16:48:53.0465 4504  C:\Windows\System32\taskcomp.dll - ok
16:48:53.0468 4504  [ F870AA3E254628EBEAFE754108D664DE ]

C:\Windows\System32\drivers\http.sys
16:48:53.0468 4504  C:\Windows\System32\drivers\http.sys -

ok
16:48:53.0471 4504  [ BE01E566D1F569AAB32D0335613E1EEA ]

C:\Windows\System32\dllhost.exe
16:48:53.0471 4504  C:\Windows\System32\dllhost.exe - ok
16:48:53.0475 4504  [ 73FE2E5FA55088A241AA2732F5D387D6 ]

C:\Windows\System32\wiarpc.dll
16:48:53.0475 4504  C:\Windows\System32\wiarpc.dll - ok
16:48:53.0478 4504  [ 1DACD1530C6E58AEAE9F6DE7DA851935 ]

C:\Windows\System32\shimeng.dll
16:48:53.0478 4504  C:\Windows\System32\shimeng.dll - ok
16:48:53.0481 4504  [ E79FDA8D320147FDC347C504B3487F87 ]

C:\Windows\System32\spoolss.dll
16:48:53.0482 4504  C:\Windows\System32\spoolss.dll - ok
16:48:53.0485 4504  [ 7605C0E1D01A08F3ECD743F38B834A44 ]

C:\Windows\System32\drivers\srvnet.sys
16:48:53.0485 4504  C:\Windows\System32\drivers\srvnet.sys -

ok
16:48:53.0488 4504  [ B0D12F4344EB2AE96E487D2DF6F74413 ]

C:\Windows\System32\FWPUCLNT.DLL
16:48:53.0488 4504  C:\Windows\System32\FWPUCLNT.DLL - ok
16:48:53.0492 4504  [ 3CD1B69551236977918E60F9543C89A2 ]

C:\Windows\System32\AtBroker.exe
16:48:53.0492 4504  C:\Windows\System32\AtBroker.exe - ok
16:48:53.0496 4504  [ 3D50C4B10352367D5CB20ED1F50F8DA2 ]

C:\Windows\System32\taskeng.exe
16:48:53.0496 4504  C:\Windows\System32\taskeng.exe - ok
16:48:53.0498 4504  [ 0E135526E9785D085BCD9AEDE6FBCBF9 ]

C:\Windows\System32\userinit.exe
16:48:53.0498 4504  C:\Windows\System32\userinit.exe - ok
16:48:53.0501 4504  [ 35F376253F687BDE63976CCB3F2108CA ]

C:\Windows\System32\drivers\bowser.sys
16:48:53.0501 4504  C:\Windows\System32\drivers\bowser.sys -

ok
16:48:53.0505 4504  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ]

C:\Windows\System32\drivers\mpsdrv.sys
16:48:53.0505 4504  C:\Windows\System32\drivers\mpsdrv.sys -

ok
16:48:53.0509 4504  [ 5DE62C6E9108F14F6794060A9BDECAEC ]

C:\Windows\System32\MPSSVC.dll
16:48:53.0509 4504  C:\Windows\System32\MPSSVC.dll - ok
16:48:53.0512 4504  [ 82CEA0395524AACFEB58BA1448E8325C ]

C:\Windows\System32\drivers\mrxdav.sys
16:48:53.0512 4504  C:\Windows\System32\drivers\mrxdav.sys -

ok
16:48:53.0515 4504  [ 1E94971C4B446AB2290DEB71D01CF0C2 ]

C:\Windows\System32\drivers\mrxsmb.sys
16:48:53.0515 4504  C:\Windows\System32\drivers\mrxsmb.sys -

ok
16:48:53.0519 4504  [ 4FCCB34D793B116423209C0F8B7A3B03 ]

C:\Windows\System32\drivers\mrxsmb10.sys
16:48:53.0519 4504  C:\Windows\System32\drivers\mrxsmb10.sys

- ok
16:48:53.0523 4504  [ C3CB1B40AD4A0124D617A1199B0B9D7C ]

C:\Windows\System32\drivers\mrxsmb20.sys
16:48:53.0523 4504  C:\Windows\System32\drivers\mrxsmb20.sys

- ok
16:48:53.0527 4504  [ FF33AFF99564B1AA534F58868CBE41EF ]

C:\Windows\System32\drivers\srv2.sys
16:48:53.0527 4504  C:\Windows\System32\drivers\srv2.sys -

ok
16:48:53.0530 4504  [ D80C6539C00CB4F5D59066865479C308 ]

C:\Windows\System32\dwmredir.dll
16:48:53.0530 4504  C:\Windows\System32\dwmredir.dll - ok
16:48:53.0533 4504  [ C99403A5B641520DAED0021DDA06F272 ]

C:\Windows\System32\milcore.dll
16:48:53.0533 4504  C:\Windows\System32\milcore.dll - ok
16:48:53.0537 4504  [ 41987F9FC0E61ADF54F581E15029AD91 ]

C:\Windows\System32\drivers\srv.sys
16:48:53.0537 4504  C:\Windows\System32\drivers\srv.sys - ok
16:48:53.0541 4504  [ 8AAEEE8E59A70F37579993D118A34EE0 ]

C:\Windows\System32\d3d9.dll
16:48:53.0541 4504  C:\Windows\System32\d3d9.dll - ok
16:48:53.0544 4504  [ B11FDCA4410D6252964EF97F9A47DE74 ]

C:\Windows\System32\TSChannel.dll
16:48:53.0544 4504  C:\Windows\System32\TSChannel.dll - ok
16:48:53.0547 4504  [ CD6DA5770CAE9D5E6E86722E17B442E0 ]

C:\Windows\System32\d3d8thk.dll
16:48:53.0547 4504  C:\Windows\System32\d3d8thk.dll - ok
16:48:53.0551 4504  [ C411C80F90D6732380352B98B37BBD53 ]

C:\Windows\System32\winrnr.dll
16:48:53.0551 4504  C:\Windows\System32\winrnr.dll - ok
16:48:53.0554 4504  [ 82FC59A500AA685F833E61E3A1BB7DAF ]

C:\Windows\System32\nvd3dum.dll
16:48:53.0554 4504  C:\Windows\System32\nvd3dum.dll - ok
16:48:53.0557 4504  [ A7D525E5C0D91C8C1D84C6BCD25AD77D ]

C:\Windows\System32\rasadhlp.dll
16:48:53.0557 4504  C:\Windows\System32\rasadhlp.dll - ok
16:48:53.0560 4504  [ D07D4C3038F3578FFCE1C0237F2A1253 ]

C:\Windows\explorer.exe
16:48:53.0560 4504  C:\Windows\explorer.exe - ok
16:48:53.0563 4504  [ A324D72A06C110152E7607745F39BFA1 ]

C:\Windows\System32\netmsg.dll
16:48:53.0563 4504  C:\Windows\System32\netmsg.dll - ok
16:48:53.0567 4504  [ 0745D6EAD386710110817FBEC03F5161 ]

C:\Windows\System32\wfapigp.dll
16:48:53.0567 4504  C:\Windows\System32\wfapigp.dll - ok
16:48:53.0571 4504  [ 452341E471D2D961229DFE0842957272 ]

C:\Windows\System32\sscore.dll
16:48:53.0571 4504  C:\Windows\System32\sscore.dll - ok
16:48:53.0574 4504  [ D333058925CE305E39DE8D5AD2B52A46 ]

C:\Windows\System32\clusapi.dll
16:48:53.0574 4504  C:\Windows\System32\clusapi.dll - ok
16:48:53.0578 4504  [ 6468C3FF6D0C7874FA8C619AF3E23B22 ]

C:\Windows\System32\activeds.dll
16:48:53.0578 4504  C:\Windows\System32\activeds.dll - ok
16:48:53.0582 4504  [ E9B9C1B98C8D6D48407E1C1203EAC659 ]

C:\Windows\System32\adsldpc.dll
16:48:53.0582 4504  C:\Windows\System32\adsldpc.dll - ok
16:48:53.0586 4504  [ C56AA14CE7D47B38571E6AF79E3E6CA4 ]

C:\Windows\System32\PhysX.cpl
16:48:53.0586 4504  C:\Windows\System32\PhysX.cpl - ok
16:48:53.0589 4504  [ 63396CBB1365769D520E0FD89C2419F2 ]

C:\Windows\System32\localspl.dll
16:48:53.0589 4504  C:\Windows\System32\localspl.dll - ok
16:48:53.0592 4504  [ 1311171CF8F6D2954441EF2A42693035 ]

C:\Windows\System32\WsmRes.dll
16:48:53.0592 4504  C:\Windows\System32\WsmRes.dll - ok
16:48:53.0594 4504  [ 93E317D7AD783D8EAEE2E3500BFE889D ]

C:\Windows\System32\credui.dll
16:48:53.0594 4504  C:\Windows\System32\credui.dll - ok
16:48:53.0598 4504  [ E230F3776F373F4C5E788794B53101E4 ]

C:\Windows\System32\plasrv.exe
16:48:53.0598 4504  C:\Windows\System32\plasrv.exe - ok
16:48:53.0602 4504  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ]

C:\Windows\System32\resutils.dll
16:48:53.0602 4504  C:\Windows\System32\resutils.dll - ok
16:48:53.0605 4504  [ F4E1AA5D59C849A4AB47E895DC76B9C8 ]

C:\Windows\System32\sfc.dll
16:48:53.0605 4504  C:\Windows\System32\sfc.dll - ok
16:48:53.0609 4504  [ 4B555106290BD117334E9A08761C035A ]

C:\Windows\System32\rundll32.exe
16:48:53.0609 4504  C:\Windows\System32\rundll32.exe - ok
16:48:53.0612 4504  [ 4DC52B7F3FCE2E7B8EB5AF756B3B908C ]

C:\Windows\System32\FXSMON.dll
16:48:53.0612 4504  C:\Windows\System32\FXSMON.dll - ok
16:48:53.0616 4504  [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58 ]

C:\Windows\System32\HPZ3LLHN.DLL
16:48:53.0616 4504  C:\Windows\System32\HPZ3LLHN.DLL - ok
16:48:53.0619 4504  [ C52CE534397E1D3A442FB4C88A3CBE42 ]

C:\Windows\System32\msonpmon.dll
16:48:53.0619 4504  C:\Windows\System32\msonpmon.dll - ok
16:48:53.0622 4504  [ F02A533F517EB38333CB12A9E8963773 ]

C:\Program Files\Google\Update\GoogleUpdate.exe
16:48:53.0623 4504  C:\Program

Files\Google\Update\GoogleUpdate.exe - ok
16:48:53.0626 4504  [ C9564CF4976E7E96B4052737AA2492B4 ]

C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:48:53.0626 4504 

C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:48:53.0630 4504  [ 782C8019C89920A77B1907AD3B4C8FF9 ]

C:\Windows\System32\HotStartUserAgent.dll
16:48:53.0630 4504  C:\Windows\System32

\HotStartUserAgent.dll - ok
16:48:53.0634 4504  [ 43E1054C713C48D252A1826C5E14AACA ]

C:\Windows\System32\MsCtfMonitor.dll
16:48:53.0634 4504  C:\Windows\System32\MsCtfMonitor.dll -

ok
16:48:53.0637 4504  [ C6DA42ADA0C5FC8CB05744229D632B47 ]

C:\Windows\System32\msutb.dll
16:48:53.0637 4504  C:\Windows\System32\msutb.dll - ok
16:48:53.0640 4504  [ 401DFFDBBBD3F07C747ED1AE2BB88106 ]

C:\Windows\System32\msi.dll
16:48:53.0640 4504  C:\Windows\System32\msi.dll - ok
16:48:53.0643 4504  [ 53B202ABEE6455406254444303E87BE1 ]

C:\Windows\System32\drivers\asyncmac.sys
16:48:53.0643 4504  C:\Windows\System32\drivers\asyncmac.sys

- ok
16:48:53.0647 4504  [ 57125869A7B9638A5D11DD685AA65EB4 ]

C:\Windows\System32\PlaySndSrv.dll
16:48:53.0647 4504  C:\Windows\System32\PlaySndSrv.dll - ok
16:48:53.0652 4504  [ 2E5672EEA419A4DC9DACD714632E1DC3 ]

C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
16:48:53.0652 4504  C:\Program

Files\Google\Update\1.3.21.135\goopdate.dll - ok
16:48:53.0655 4504  [ D6804F089CBB6749E95124E7C4D80900 ]

C:\Windows\AppPatch\AcLayers.dll
16:48:53.0655 4504  C:\Windows\AppPatch\AcLayers.dll - ok
16:48:53.0658 4504  [ 167AC31450C0C53A01FA1491E94D7678 ]

C:\Windows\System32\shdocvw.dll
16:48:53.0658 4504  C:\Windows\System32\shdocvw.dll - ok
16:48:53.0662 4504  [ 4504819D18FAC09B6108D8728467E5B2 ]

C:\Windows\System32\browseui.dll
16:48:53.0662 4504  C:\Windows\System32\browseui.dll - ok
16:48:53.0665 4504  [ BB0EB921877A1A7EF15AE2D97A71CBA9 ]

C:\Windows\System32\tcpmon.dll
16:48:53.0666 4504  C:\Windows\System32\tcpmon.dll - ok
16:48:53.0669 4504  [ AF24A9DF84637BF9858EC6FB88EBA7B2 ]

C:\Windows\System32\snmpapi.dll
16:48:53.0669 4504  C:\Windows\System32\snmpapi.dll - ok
16:48:53.0672 4504  [ 1EDE113859276E4B0F19B80F39E2CC95 ]

C:\Windows\System32\wsnmp32.dll
16:48:53.0672 4504  C:\Windows\System32\wsnmp32.dll - ok
16:48:53.0675 4504  [ 5091452DC719281CF1DD69367E13B494 ]

C:\Windows\System32\tcpmib.dll
16:48:53.0675 4504  C:\Windows\System32\tcpmib.dll - ok
16:48:53.0679 4504  [ B4F5DE3DAD8E6B97272F45DB97674878 ]

C:\Windows\System32\mgmtapi.dll
16:48:53.0679 4504  C:\Windows\System32\mgmtapi.dll - ok
16:48:53.0682 4504  [ 0BF0BB276F17B6AD61A8694D2551EC28 ]

C:\Windows\System32\usbmon.dll
16:48:53.0682 4504  C:\Windows\System32\usbmon.dll - ok
16:48:53.0686 4504  [ D922592AB65C5D9B88B30B4510A3464E ]

C:\Windows\System32\cscapi.dll
16:48:53.0686 4504  C:\Windows\System32\cscapi.dll - ok
16:48:53.0689 4504  [ 4934241CD20AC87D78121352E3BA8318 ]

C:\Windows\System32\dbghelp.dll
16:48:53.0689 4504  C:\Windows\System32\dbghelp.dll - ok
16:48:53.0693 4504  [ BECDDA0990DEBD72A30096533521AD73 ]

C:\Program Files\Google\Update\1.3.21.135

\GoogleCrashHandler.exe
16:48:53.0693 4504  C:\Program

Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
16:48:53.0697 4504  [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ]

C:\Windows\System32\WSDMon.dll
16:48:53.0697 4504  C:\Windows\System32\WSDMon.dll - ok
16:48:53.0700 4504  [ 14E4470BF8ACA69A85D741BA99F75F96 ]

C:\Windows\System32\EhStorShell.dll
16:48:53.0701 4504  C:\Windows\System32\EhStorShell.dll - ok
16:48:53.0704 4504  [ AD48183027CAFCEBC322CB9CAC60F9B8 ]

C:\Windows\System32\WSDApi.dll
16:48:53.0704 4504  C:\Windows\System32\WSDApi.dll - ok
16:48:53.0707 4504  [ 30DB64D316F502558DB2380F7343C9FD ]

C:\Program Files\Microsoft Office\Office12

\GrooveShellExtensions.dll
16:48:53.0707 4504  C:\Program Files\Microsoft

Office\Office12\GrooveShellExtensions.dll - ok
16:48:53.0712 4504  [ F86293D93760C70ADF4F19E66E3FA5E8 ]

C:\Windows\System32\httpapi.dll
16:48:53.0712 4504  C:\Windows\System32\httpapi.dll - ok
16:48:53.0715 4504  [ 1A09CB187440993FA5E24DE1EEB7B916 ]

C:\Windows\System32\cfgmgr32.dll
16:48:53.0715 4504  C:\Windows\System32\cfgmgr32.dll - ok
16:48:53.0717 4504  [ 207204AF80505AF51271FE164B56F662 ]

C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
16:48:53.0717 4504  C:\Program Files\Microsoft

Office\Office12\GrooveUtil.dll - ok
16:48:53.0721 4504  [ 30EFEBDC960A482E3E188B9960B286E2 ]

C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
16:48:53.0721 4504  C:\Program Files\Microsoft

Office\Office12\GrooveNew.dll - ok
16:48:53.0726 4504  [ D5E459BED3DB9CF7FC6CC1455F177D2D ]

C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_d1cb102c435421de\ATL80.dll
16:48:53.0726 4504 

C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
16:48:53.0729 4504  [ 22B81ADCA500945D8009EC615E760364 ]

C:\Windows\System32\cscui.dll
16:48:53.0729 4504  C:\Windows\System32\cscui.dll - ok
16:48:53.0733 4504  [ 4EDA94333BDB75B1BC0A7610BED34F00 ]

C:\Windows\System32\fundisc.dll
16:48:53.0733 4504  C:\Windows\System32\fundisc.dll - ok
16:48:53.0736 4504  [ C1BB3EF5FAFCBC9573DEEB57E8DF9309 ]

C:\Windows\System32\cscdll.dll
16:48:53.0736 4504  C:\Windows\System32\cscdll.dll - ok
16:48:53.0739 4504  [ 111C47816F39A91EAAA18DA0A54E8E63 ]

C:\Windows\System32\imageres.dll
16:48:53.0740 4504  C:\Windows\System32\imageres.dll - ok
16:48:53.0743 4504  [ 6ABD253226770EAE1292B4C945ED4B4B ]

C:\Windows\System32\msxml3.dll
16:48:53.0743 4504  C:\Windows\System32\msxml3.dll - ok
16:48:53.0746 4504  [ 73FD66B14D3C4252F7A524B8836A4359 ]

C:\Windows\System32\mstask.dll
16:48:53.0746 4504  C:\Windows\System32\mstask.dll - ok
16:48:53.0749 4504  [ 801DECF3A583C270E5C398FCD082E3DD ]

C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
16:48:53.0749 4504  C:\Windows\System32

\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
16:48:53.0753 4504  [ F348280907B38FDBDB3CEF55D456E149 ]

C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
16:48:53.0753 4504  C:\Windows\System32

\spool\prtprocs\w32x86\msonpppr.dll - ok
16:48:53.0757 4504  [ C90B296C43EDD9DD1751AD3B590ACDE6 ]

C:\Windows\System32\win32spl.dll
16:48:53.0757 4504  C:\Windows\System32\win32spl.dll - ok
16:48:53.0759 4504  [ 4BF053944E973C073339BE841C9ECF28 ]

C:\Windows\System32\netrap.dll
16:48:53.0759 4504  C:\Windows\System32\netrap.dll - ok
16:48:53.0763 4504  [ E340845C8E96D107C36420065D7A5733 ]

C:\Windows\System32\printcom.dll
16:48:53.0763 4504  C:\Windows\System32\printcom.dll - ok
16:48:53.0766 4504  [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ]

C:\Windows\System32\inetpp.dll
16:48:53.0766 4504  C:\Windows\System32\inetpp.dll - ok
16:48:53.0769 4504  [ 08578F3CA5365F896D90CE2BF97FD000 ]

C:\Windows\System32\IconCodecService.dll
16:48:53.0769 4504  C:\Windows\System32\IconCodecService.dll

- ok
16:48:53.0773 4504  [ 295363D4317820AED0D527E15B90A8ED ]

C:\Windows\System32\pdh.dll
16:48:53.0773 4504  C:\Windows\System32\pdh.dll - ok
16:48:53.0777 4504  [ 8A38B5E8493A9D103083B8620AC5F3A1 ]

C:\Windows\System32\tdh.dll
16:48:53.0777 4504  C:\Windows\System32\tdh.dll - ok
16:48:53.0780 4504  [ 293C5CCD99D332ECC94637FEDA38D1F2 ]

C:\Windows\System32\TMM.dll
16:48:53.0780 4504  C:\Windows\System32\TMM.dll - ok
16:48:53.0783 4504  [ BDE89AB6F15F0093A2A7861D1FC413ED ]

C:\Windows\System32\QAGENT.DLL
16:48:53.0783 4504  C:\Windows\System32\QAGENT.DLL - ok
16:48:53.0787 4504  [ 769D027B977CED05658C85E698D3C5B1 ]

C:\Windows\System32\QUTIL.DLL
16:48:53.0787 4504  C:\Windows\System32\QUTIL.DLL - ok
16:48:53.0790 4504  [ 6C580025C81CAF3AE9E3617C22CAD00E ]

C:\Windows\System32\drivers\parvdm.sys
16:48:53.0790 4504  C:\Windows\System32\drivers\parvdm.sys -

ok
16:48:53.0794 4504  [ D22791FCF6AD10A5591C719C37457A24 ]

D:\Programs\Ad-Aware Antivirus\AdAwareService.exe
16:48:53.0794 4504  D:\Programs\Ad-Aware

Antivirus\AdAwareService.exe - ok
16:48:53.0797 4504  [ 6349F6ED9C623B44B52EA3C63C831A92 ]

C:\Windows\System32\drivers\PEAuth.sys
16:48:53.0797 4504  C:\Windows\System32\drivers\PEAuth.sys -

ok
16:48:53.0800 4504  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ]

C:\Windows\System32\ncsi.dll
16:48:53.0800 4504  C:\Windows\System32\ncsi.dll - ok
16:48:53.0804 4504  [ DE7F813217EC88C0A6D4D8F2F39D7949 ]

C:\Windows\System32\msiltcfg.dll
16:48:53.0804 4504  C:\Windows\System32\msiltcfg.dll - ok
16:48:53.0807 4504  [ 52E129522C1775DBB8CC252E7A0655C7 ]

C:\Windows\System32\taskschd.dll
16:48:53.0807 4504  C:\Windows\System32\taskschd.dll - ok
16:48:53.0811 4504  [ E7D0F91E44D9D3B2116FA549BDCDB756 ]

C:\Windows\System32\wdscore.dll
16:48:53.0811 4504  C:\Windows\System32\wdscore.dll - ok
16:48:53.0814 4504  [ 90A3935D05B494A5A39D37E71F09A677 ]

C:\Windows\System32\drivers\secdrv.sys
16:48:53.0814 4504  C:\Windows\System32\drivers\secdrv.sys -

ok
16:48:53.0818 4504  [ D0494460421A03CD5225CCA0059AA146 ]

C:\Windows\System32\IPSECSVC.DLL
16:48:53.0818 4504  C:\Windows\System32\IPSECSVC.DLL - ok
16:48:53.0822 4504  [ 428FF21418ADCD6FAD6189CD9520A67B ]

C:\Windows\System32\wiatrace.dll
16:48:53.0822 4504  C:\Windows\System32\wiatrace.dll - ok
16:48:53.0825 4504  [ 608C345A255D82A6289C2D468EB41FD7 ]

C:\Windows\System32\drivers\tcpipreg.sys
16:48:53.0825 4504  C:\Windows\System32\drivers\tcpipreg.sys

- ok
16:48:53.0829 4504  [ 1DFC366D2154EF2B381A7F2CB165C7F4 ]

C:\Windows\System32\diagperf.dll
16:48:53.0829 4504  C:\Windows\System32\diagperf.dll - ok
16:48:53.0832 4504  [ 0C84B6AFFA7486422235584110D7176F ]

C:\Windows\System32\icaapi.dll
16:48:53.0832 4504  C:\Windows\System32\icaapi.dll - ok
16:48:53.0836 4504  [ 01BCD91CC2B0EFDA4890F547010750BD ]

C:\Windows\System32\ssdpapi.dll
16:48:53.0836 4504  C:\Windows\System32\ssdpapi.dll - ok
16:48:53.0839 4504  [ 4DBA143F06BAD1DF935CB9603140CF2A ]

C:\Windows\System32\wsdchngr.dll
16:48:53.0839 4504  C:\Windows\System32\wsdchngr.dll - ok
16:48:53.0842 4504  [ 5144AE67D60EC653F97DDF3FEED29E77 ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\WLIDSVC.EXE
16:48:53.0842 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\WLIDSVC.EXE - ok
16:48:53.0845 4504  [ 74B8C2EA72D43727142D12397D5A49F9 ]

C:\Windows\System32\wbemcomn.dll
16:48:53.0845 4504  C:\Windows\System32\wbemcomn.dll - ok
16:48:53.0849 4504  [ 42608AE9AF2641EE473A1797C25CFFC2 ]

C:\Windows\System32\FwRemoteSvr.dll
16:48:53.0850 4504  C:\Windows\System32\FwRemoteSvr.dll - ok
16:48:53.0853 4504  [ 1F18B9EA1BBFF033413414C3BEA13AD6 ]

C:\Windows\System32\wbem\WinMgmtR.dll
16:48:53.0853 4504  C:\Windows\System32\wbem\WinMgmtR.dll -

ok
16:48:53.0857 4504  [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\SQMAPI.DLL
16:48:53.0857 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\SQMAPI.DLL - ok
16:48:53.0860 4504  [ 2205A220A264E8C8B86492BF3D112907 ]

C:\Windows\System32\PortableDeviceApi.dll
16:48:53.0860 4504  C:\Windows\System32

\PortableDeviceApi.dll - ok
16:48:53.0863 4504  [ DEB9D08750423069647C3A066CEC7A1B ]

C:\Windows\System32\tquery.dll
16:48:53.0863 4504  C:\Windows\System32\tquery.dll - ok
16:48:53.0867 4504  [ 218B73EA8341EA9FDF018D43052E790A ]

C:\Windows\System32\mssrch.dll
16:48:53.0867 4504  C:\Windows\System32\mssrch.dll - ok
16:48:53.0871 4504  [ B53BD9E63867CD9FD853F666CA172713 ]

C:\Windows\System32\PortableDeviceConnectApi.dll
16:48:53.0871 4504  C:\Windows\System32

\PortableDeviceConnectApi.dll - ok
16:48:53.0874 4504  [ A1CF0ED4315C7EBFF0B8E86C36B86FE6 ]

C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
16:48:53.0874 4504 

C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll -

ok
16:48:53.0878 4504  [ E582816A4855914DEFFC212E12B3B744 ]

C:\Windows\System32\wsock32.dll
16:48:53.0878 4504  C:\Windows\System32\wsock32.dll - ok
16:48:53.0882 4504  [ 8D78BA30DB4AE040A52EDEE725782715 ]

C:\Windows\System32\actxprxy.dll
16:48:53.0882 4504  C:\Windows\System32\actxprxy.dll - ok
16:48:53.0885 4504  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ]

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:48:53.0885 4504  C:\Program Files\Yahoo!

\SoftwareUpdate\YahooAUService.exe - ok
16:48:53.0888 4504  [ AAB5FEAABF4CB6F76D794203831C8D94 ]

C:\Windows\System32\msidle.dll
16:48:53.0889 4504  C:\Windows\System32\msidle.dll - ok
16:48:53.0892 4504  [ B458B58F7BB97C48D01AC3CF5805AAAC ]

C:\Windows\System32\Query.dll
16:48:53.0892 4504  C:\Windows\System32\Query.dll - ok
16:48:53.0895 4504  [ FD647CA82ACF232DBE5F20345647B948 ]

C:\Windows\AppPatch\AcGenral.dll
16:48:53.0895 4504  C:\Windows\AppPatch\AcGenral.dll - ok
16:48:53.0899 4504  [ BADC359C9A0D9C217B7E8DA17BF3F5BB ]

C:\Windows\System32\ntshrui.dll
16:48:53.0899 4504  C:\Windows\System32\ntshrui.dll - ok
16:48:53.0903 4504  [ 8F58544719E1C435BC36A8B207096581 ]

C:\Windows\System32\verclsid.exe
16:48:53.0903 4504  C:\Windows\System32\verclsid.exe - ok
16:48:53.0906 4504  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ]

C:\Windows\System32\sfc_os.dll
16:48:53.0906 4504  C:\Windows\System32\sfc_os.dll - ok
16:48:53.0909 4504  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ]

C:\Windows\System32\netprofm.dll
16:48:53.0909 4504  C:\Windows\System32\netprofm.dll - ok
16:48:53.0913 4504  [ BF7E4D6F60A6D9E866432855C6F8C262 ]

C:\Windows\System32\sqmapi.dll
16:48:53.0913 4504  C:\Windows\System32\sqmapi.dll - ok
16:48:53.0916 4504  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ]

C:\Windows\System32\netcfgx.dll
16:48:53.0916 4504  C:\Windows\System32\netcfgx.dll - ok
16:48:53.0920 4504  [ B8A21907FE2F1A113F3487D9AB60BEF9 ]

C:\Windows\System32\en-US\tquery.dll.mui
16:48:53.0920 4504  C:\Windows\System32\en-US\tquery.dll.mui

- ok
16:48:53.0923 4504  [ DFCAB29E8FD38F95650CC1E203E8D318 ]

C:\Windows\System32\npmproxy.dll
16:48:53.0925 4504  C:\Windows\System32\npmproxy.dll - ok
16:48:53.0928 4504  [ A952D0DED445F26AEFCF593A935AB300 ]

C:\Windows\System32\hnetcfg.dll
16:48:53.0928 4504  C:\Windows\System32\hnetcfg.dll - ok
16:48:53.0932 4504  [ 30F0DC266B46118E9FBCF5B2A30EB1DB ]

C:\Windows\System32\wbem\wbemprox.dll
16:48:53.0932 4504  C:\Windows\System32\wbem\wbemprox.dll -

ok
16:48:53.0935 4504  [ 22DC784B32BEE306A99F50D6DC2460BC ]

C:\Windows\System32\esent.dll
16:48:53.0935 4504  C:\Windows\System32\esent.dll - ok
16:48:53.0939 4504  [ F85134BF76CB335A39F8D7BC4173D4FB ]

C:\Windows\System32\msscb.dll
16:48:53.0939 4504  C:\Windows\System32\msscb.dll - ok
16:48:53.0942 4504  [ 21322832C99E8DE85BD047689A2A69DB ]

C:\Windows\System32\pnpts.dll
16:48:53.0942 4504  C:\Windows\System32\pnpts.dll - ok
16:48:53.0946 4504  [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ]

C:\Windows\System32\vssapi.dll
16:48:53.0946 4504  C:\Windows\System32\vssapi.dll - ok
16:48:53.0949 4504  [ FEA6D21F78922D641A0C9346D885133B ]

C:\Windows\System32\mssprxy.dll
16:48:53.0949 4504  C:\Windows\System32\mssprxy.dll - ok
16:48:53.0953 4504  [ F0062778F50838145AC46B384FFB4FA3 ]

C:\Windows\System32\pcadm.dll
16:48:53.0953 4504  C:\Windows\System32\pcadm.dll - ok
16:48:53.0956 4504  [ DC3AE9F1554DCD97F90983DDBDACD83D ]

C:\Windows\System32\vsstrace.dll
16:48:53.0956 4504  C:\Windows\System32\vsstrace.dll - ok
16:48:53.0959 4504  [ FC1EEE57EB9CD57279D70BA2A9131C38 ]

C:\Windows\System32\wbem\wbemcore.dll
16:48:53.0959 4504  C:\Windows\System32\wbem\wbemcore.dll -

ok
16:48:53.0963 4504  [ C10E13721B0AAEBEB5EBA914F1D18181 ]

C:\Windows\System32\wbem\esscli.dll
16:48:53.0963 4504  C:\Windows\System32\wbem\esscli.dll - ok
16:48:53.0966 4504  [ BC5A34B6A14C93BF04E3F4E8EA57090A ]

C:\Windows\System32\wbem\fastprox.dll
16:48:53.0966 4504  C:\Windows\System32\wbem\fastprox.dll -

ok
16:48:53.0969 4504  [ 834933F16EA839AC5AC7CBF88638DF27 ]

C:\Windows\System32\wbem\repdrvfs.dll
16:48:53.0969 4504  C:\Windows\System32\wbem\repdrvfs.dll -

ok
16:48:53.0972 4504  [ DB0F37DBA4C245C61E5936DDBDE62438 ]

C:\Windows\System32\wbem\wbemsvc.dll
16:48:53.0972 4504  C:\Windows\System32\wbem\wbemsvc.dll -

ok
16:48:53.0976 4504  [ 2C3B09E586BDA2CC49A292BE7BADC589 ]

C:\Windows\System32\wbem\wmiutils.dll
16:48:53.0976 4504  C:\Windows\System32\wbem\wmiutils.dll -

ok
16:48:53.0980 4504  [ C2C6C014B96581EC8BF0C8604DE1743E ]

C:\Windows\System32\wbem\WmiPrvSD.dll
16:48:53.0980 4504  C:\Windows\System32\wbem\WmiPrvSD.dll -

ok
16:48:53.0983 4504  [ A609A192E98934A8D352704C99AB8577 ]

C:\Windows\System32\wbem\wbemess.dll
16:48:53.0983 4504  C:\Windows\System32\wbem\wbemess.dll -

ok
16:48:53.0986 4504  [ 9A6A653ADF28D9D69670B48F535E6B90 ]

C:\Windows\System32\runonce.exe
16:48:53.0986 4504  C:\Windows\System32\runonce.exe - ok
16:48:53.0990 4504  [ 74F26FC01B180D4A99A168ED69C30A53 ]

C:\Windows\System32\cmd.exe
16:48:53.0990 4504  C:\Windows\System32\cmd.exe - ok
16:48:53.0993 4504  [ 0E816EA3C5DCE94C95099E8B38E75E67 ]

C:\Windows\System32\ieframe.dll
16:48:53.0993 4504  C:\Windows\System32\ieframe.dll - ok
16:48:53.0997 4504  [ 178A34E5554DCE485E1262DDF027960C ]

C:\Users\e. Smith\AppData\Local\Temp\CD680CFA-2381-4403-

85B6-CD84B551019A.exe
16:48:53.0997 4504  C:\Users\e.

Smith\AppData\Local\Temp\CD680CFA-2381-4403-85B6-

CD84B551019A.exe - ok
16:48:53.0999 4504  [ C0B8B96D018849FD8CCF15FED84E8782 ]

C:\Windows\System32\ie4uinit.exe
16:48:53.0999 4504  C:\Windows\System32\ie4uinit.exe - ok
16:48:54.0003 4504  [ F0FEFB0B5D25A75D478A4317139D937E ]

C:\Windows\System32\iedkcs32.dll
16:48:54.0029 4504  C:\Windows\System32\iedkcs32.dll - ok
16:48:54.0032 4504  [ 4B19A9A4191353007E9819A832B81186 ]

C:\Windows\System32\timedate.cpl
16:48:54.0032 4504  C:\Windows\System32\timedate.cpl - ok
16:48:54.0035 4504  [ FF41E1AC301F51E16F61AD7C0F45467C ]

C:\Windows\System32\msshsq.dll
16:48:54.0035 4504  C:\Windows\System32\msshsq.dll - ok
16:48:54.0039 4504  [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ]

C:\Windows\System32\NaturalLanguage6.dll
16:48:54.0040 4504  C:\Windows\System32\NaturalLanguage6.dll

- ok
16:48:54.0043 4504  [ AA111488C03C58A2BF66509ABB4FDE60 ]

C:\Windows\System32\NlsData0009.dll
16:48:54.0043 4504  C:\Windows\System32\NlsData0009.dll - ok
16:48:54.0046 4504  [ 8629B71343F61E1140243581C63BC0C7 ]

C:\Windows\System32\NlsLexicons0009.dll
16:48:54.0046 4504  C:\Windows\System32\NlsLexicons0009.dll

- ok
16:48:54.0049 4504  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ]

C:\Program Files\Microsoft Office\Office12

\GrooveSystemServices.dll
16:48:54.0049 4504  C:\Program Files\Microsoft

Office\Office12\GrooveSystemServices.dll - ok
16:48:54.0054 4504  [ 24F90AEFEBE601D427CB4511E74CDCB6 ]

C:\Windows\System32\linkinfo.dll
16:48:54.0054 4504  C:\Windows\System32\linkinfo.dll - ok
16:48:54.0057 4504  [ 533AECD1B5356870AE2D905B4D3B42B7 ]

C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
16:48:54.0057 4504  C:\Program Files\Microsoft

Office\Office12\GrooveMisc.dll - ok
16:48:54.0061 4504  [ 5016B8FC59AD616F03813FBE63295081 ]

C:\Windows\System32\thumbcache.dll
16:48:54.0061 4504  C:\Windows\System32\thumbcache.dll - ok
16:48:54.0065 4504  [ 04044BF8E6989BE45FA718C24407CA28 ]

C:\Windows\System32\networkexplorer.dll
16:48:54.0065 4504  C:\Windows\System32\networkexplorer.dll

- ok
16:48:54.0069 4504  [ 698EB1E5F8C66344D97C00B5699E871D ]

C:\Program Files\Internet Explorer\iexplore.exe
16:48:54.0069 4504  C:\Program Files\Internet

Explorer\iexplore.exe - ok
16:48:54.0072 4504  [ E42A642E162B0468B2C4E9D803079C7F ]

C:\Windows\KHALMNPR.Exe
16:48:54.0072 4504  C:\Windows\KHALMNPR.Exe - ok
16:48:54.0075 4504  [ 4A4E8F1BC67105DDED5647CB3663AF87 ]

D:\Programs\uTorrent\utorrent.exe
16:48:54.0075 4504  D:\Programs\uTorrent\utorrent.exe - ok
16:48:54.0079 4504  [ 8D40FA84FB925E1324D4DE4F619CDEE6 ]

C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
16:48:54.0079 4504  C:\PROGRA~1\MICROS~2\Office12

\OUTLOOK.EXE - ok
16:48:54.0082 4504  [ E91B5FA739CCF7F0CE3282B0FCFA5108 ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\WLIDSVCM.EXE
16:48:54.0082 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\WLIDSVCM.EXE - ok
16:48:54.0086 4504  [ 018C9AD55FE3C14A2AC50370A7F4CD39 ]

C:\Program Files\Media converter\MediaConverter.exe
16:48:54.0086 4504  C:\Program Files\Media

converter\MediaConverter.exe - ok
16:48:54.0090 4504  [ 70DB692BDD1074A8F0AF8B7A23EB7BE3 ]

C:\Program Files\FX\FX AccuCharts\Professional.exe
16:48:54.0090 4504  C:\Program Files\FX\FX

AccuCharts\Professional.exe - ok
16:48:54.0092 4504  [ D610CDEDF1F702EB0A86B0FBD9BB49E5 ]

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
16:48:54.0092 4504  C:\Program Files\NVIDIA

Corporation\Display\nvtray.exe - ok
16:48:54.0096 4504  [ 07B74B353CEDA9629092AE2AA3C53F90 ]

C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
16:48:54.0096 4504  C:\Program Files\NVIDIA

Corporation\Update Common\NvUpdt.dll - ok
16:48:54.0100 4504  [ 2A8681AEA24003040CA7D677BE9F1702 ]

C:\Windows\System32\drivers\21102037.sys
16:48:54.0100 4504  C:\Windows\System32\drivers\21102037.sys

- ok
16:48:54.0104 4504  [ 716CCAD4089663248F1D98B1FE3BB234 ]

C:\Program Files\NVIDIA Corporation\Update

Common\EasyDaemonAPIU.dll
16:48:54.0104 4504  C:\Program Files\NVIDIA

Corporation\Update Common\EasyDaemonAPIU.dll - ok
16:48:54.0107 4504  [ F5F08BF486998EFA8171CB09065B15D9 ]

C:\Program Files\NVIDIA Corporation\Update

Common\NvUpdtr.dll
16:48:54.0107 4504  C:\Program Files\NVIDIA

Corporation\Update Common\NvUpdtr.dll - ok
16:48:54.0111 4504  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ]

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
16:48:54.0111 4504  C:\Program Files\Microsoft

Office\Office12\GrooveMonitor.exe - ok
16:48:54.0115 4504  [ 61216539E55DDF2F78E421E7EF140650 ]

C:\Windows\System32\ExplorerFrame.dll
16:48:54.0115 4504  C:\Windows\System32\ExplorerFrame.dll -

ok
16:48:54.0118 4504  [ E66532FD491AD5604C36916715FBA092 ]

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
16:48:54.0118 4504  C:\Program Files\Adobe\Reader 9.0

\Reader\reader_sl.exe - ok
16:48:54.0122 4504  [ 12916E0642E92561C98B18A2A2D01B14 ]

C:\Program Files\Common Files\Java\Java Update\jusched.exe
16:48:54.0122 4504  C:\Program Files\Common Files\Java\Java

Update\jusched.exe - ok
16:48:54.0125 4504  [ 3CB07566302BCEEB898DE270A0BEC175 ]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:48:54.0125 4504  C:\Program Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe - ok
16:48:54.0129 4504  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ]

C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_d09154e044272b9a\msvcp80.dll
16:48:54.0129 4504 

C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
16:48:54.0133 4504  [ 1B7AB479BAEEC5F2B25399139BBEA279 ]

C:\Program Files\Adobe\Acrobat_com\Acrobat_com.exe
16:48:54.0133 4504  C:\Program

Files\Adobe\Acrobat_com\Acrobat_com.exe - ok
16:48:54.0136 4504  [ 99D97E76C86E635DE617E80B0158746B ]

D:\Programs\Trillian Multi Messenger\Trillian\trillian.exe
16:48:54.0136 4504  D:\Programs\Trillian Multi

Messenger\Trillian\trillian.exe - ok
16:48:54.0140 4504  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ]

C:\Windows\System32\riched20.dll
16:48:54.0140 4504  C:\Windows\System32\riched20.dll - ok
16:48:54.0144 4504  [ F7F2F299DD5019C67D9FDDB18E5D3916 ]

C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
16:48:54.0144 4504  C:\Program Files\Adobe\Reader 9.0

\Reader\AcroRd32.exe - ok
16:48:54.0148 4504  [ 4519ABC749CBC620B5A262768349FA4C ]

D:\Games\Torchlight II_Repack\R.G. Catalyst\Torchlight

II\Torchlight2.exe
16:48:54.0148 4504  D:\Games\Torchlight II_Repack\R.G.

Catalyst\Torchlight II\Torchlight2.exe - ok
16:48:54.0152 4504  [ E1C64D85F4ADF8D2722840A1314AAD10 ]

D:\Games\Torchlight\Torchlight\Torchlight.exe
16:48:54.0152 4504 

D:\Games\Torchlight\Torchlight\Torchlight.exe - ok
16:48:54.0155 4504  [ BFFAFB4804DE5F54E236CE6202409AA8 ]

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
16:48:54.0155 4504  C:\ProgramData\Ad-Aware Browsing

Protection\adawarebp.exe - ok
16:48:54.0158 4504  [ 46FD58A19453BC8C54E1F2EA7255869D ]

D:\Games\Steam\Steam\steam.exe
16:48:54.0158 4504  D:\Games\Steam\Steam\steam.exe - ok
16:48:54.0162 4504  [ 5D382503243869B16C4B8CA9FAD0527C ]

D:\Programs\Ad-Aware Antivirus\AdAwareLauncher.exe
16:48:54.0162 4504  D:\Programs\Ad-Aware

Antivirus\AdAwareLauncher.exe - ok
16:48:54.0166 4504  [ 00000000000000000000000000000000 ]

D:\Games\Torchlight\Torchlight.exe
16:48:54.0166 4504  D:\Games\Torchlight\Torchlight.exe - ok
16:48:54.0169 4504  [ 027E5E14C9CFF810377701BDEAD8210F ]

C:\Windows\System32\control.exe
16:48:54.0169 4504  C:\Windows\System32\control.exe - ok
16:48:54.0172 4504  [ B5950DF243837D8217F4E597919B224A ]

C:\Windows\System32\stobject.dll
16:48:54.0172 4504  C:\Windows\System32\stobject.dll - ok
16:48:54.0175 4504  [ EC69B16644C613F41A57169F8D068F1D ]

C:\Windows\System32\batmeter.dll
16:48:54.0175 4504  C:\Windows\System32\batmeter.dll - ok
16:48:54.0179 4504  [ 8FE69528E4BACCB0469A5F2722A37E18 ]

D:\Games\Portal\Portal Game\Portal\Portal.exe
16:48:54.0179 4504  D:\Games\Portal\Portal

Game\Portal\Portal.exe - ok
16:48:54.0182 4504  [ 9E35FF7F943AE0FB89192BFE058B7FD4 ]

C:\Program Files\Windows Sidebar\sidebar.exe
16:48:54.0182 4504  C:\Program Files\Windows

Sidebar\sidebar.exe - ok
16:48:54.0186 4504  [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ]

C:\Program Files\Windows Mail\WinMail.exe
16:48:54.0186 4504  C:\Program Files\Windows

Mail\WinMail.exe - ok
16:48:54.0189 4504  [ 248A1F31ABB58DDDDC01490EF0BDC777 ]

C:\Windows\System32\cryptui.dll
16:48:54.0189 4504  C:\Windows\System32\cryptui.dll - ok
16:48:54.0193 4504  [ 6AC349AB0980C713CD8FFB37199443F3 ]

D:\Games\Fallout 3\Fallout3.exe
16:48:54.0193 4504  D:\Games\Fallout 3\Fallout3.exe - ok
16:48:54.0197 4504  [ 17C0E094BEE5BC03CF491972F71AA6EF ]

C:\Windows\System32\wlanapi.dll
16:48:54.0197 4504  C:\Windows\System32\wlanapi.dll - ok
16:48:54.0200 4504  [ E0935512DA2BFEB80271EA523FEF174A ]

C:\Program Files\Creative\Software Update 3\SoftAuto.exe
16:48:54.0200 4504  C:\Program Files\Creative\Software

Update 3\SoftAuto.exe - ok
16:48:54.0204 4504  [ E2641D15A8A0F50F3FD2A3A90129BC04 ]

D:\Programs\AD-AWA~1\AdAware.exe
16:48:54.0204 4504  D:\Programs\AD-AWA~1\AdAware.exe - ok
16:48:54.0207 4504  [ CE0FF9DA42DB18EB83E843E78E7EA19A ]

C:\Program Files\Creative\Software Update 3\CTIntrfu.dll
16:48:54.0207 4504  C:\Program Files\Creative\Software

Update 3\CTIntrfu.dll - ok
16:48:54.0211 4504  [ DAF60E13E96ECB67F0EDAA89C6B01B8D ]

C:\Windows\System32\notepad.exe
16:48:54.0211 4504  C:\Windows\System32\notepad.exe - ok
16:48:54.0215 4504  [ 6C90415A6FA967E3746C32E7E6366B22 ]

D:\Programs\DVD Flick\dvdflick.exe
16:48:54.0215 4504  D:\Programs\DVD Flick\dvdflick.exe - ok
16:48:54.0217 4504  [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ]

C:\Windows\System32\oledlg.dll
16:48:54.0217 4504  C:\Windows\System32\oledlg.dll - ok
16:48:54.0221 4504  [ CCDA8B1932A5F31123F695042DBCD514 ]

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
16:48:54.0221 4504  C:\ProgramData\Ad-Aware Browsing

Protection\adawarebp.dll - ok
16:48:54.0227 4504  [ 5A03F0602E0350F2A7561C42B683F352 ]

C:\Program Files\Creative\Shared Files\MtpManU.dll
16:48:54.0227 4504  C:\Program Files\Creative\Shared

Files\MtpManU.dll - ok
16:48:54.0231 4504  [ 50ABE7CDA2DAE898216121D14092C182 ]

C:\Windows\System32\WMVCORE.DLL
16:48:54.0231 4504  C:\Windows\System32\WMVCORE.DLL - ok
16:48:54.0234 4504  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ]

C:\Program

Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:48:54.0234 4504  C:\Program

Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

- ok
16:48:54.0237 4504  [ 790222D6CCFC576F0D07D418E6115D85 ]

C:\Program Files\Windows Calendar\WinCal.exe
16:48:54.0237 4504  C:\Program Files\Windows

Calendar\WinCal.exe - ok
16:48:54.0241 4504  [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ]

C:\Windows\System32\WMASF.DLL
16:48:54.0241 4504  C:\Windows\System32\WMASF.DLL - ok
16:48:54.0245 4504  [ 2310A32BB0164552A311BFA02102A3D6 ]

C:\Windows\System32\msvcp60.dll
16:48:54.0245 4504  C:\Windows\System32\msvcp60.dll - ok
16:48:54.0248 4504  [ ABEAE6158F413355722C567C270E1076 ]

D:\Programs\AD-AWA~1\htmlayout.dll
16:48:54.0248 4504  D:\Programs\AD-AWA~1\htmlayout.dll - ok
16:48:54.0250 4504  [ 915D3430FE926376DD942AE45A9A1665 ]

C:\Windows\System32\mswmdm.dll
16:48:54.0250 4504  C:\Windows\System32\mswmdm.dll - ok
16:48:54.0254 4504  [ 1D6B95871DC006190964B04E5657E35F ]

C:\Windows\System32\rastapi.dll
16:48:54.0254 4504  C:\Windows\System32\rastapi.dll - ok
16:48:54.0257 4504  [ B96B60EC821F86D445C9739A0F3DED59 ]

C:\Windows\System32\unimdm.tsp
16:48:54.0257 4504  C:\Windows\System32\unimdm.tsp - ok
16:48:54.0260 4504  [ ADBE422B3CFA6A18520129E7CFF90DB5 ]

D:\Programs\AD-AWA~1\lavalicense.dll
16:48:54.0260 4504  D:\Programs\AD-AWA~1\lavalicense.dll -

ok
16:48:54.0264 4504  [ C559672F31ABE6BA7277DD73C4502238 ]

C:\Windows\System32\msiexec.exe
16:48:54.0264 4504  C:\Windows\System32\msiexec.exe - ok
16:48:54.0267 4504  [ 9F1FAC04A274ADF9F65F9E1B851BDB1E ]

C:\Windows\System32\wmdmps.dll
16:48:54.0267 4504  C:\Windows\System32\wmdmps.dll - ok
16:48:54.0270 4504  [ 83ADC95272B048DFD1563E0EA0F269FB ]

C:\Windows\System32\cewmdm.dll
16:48:54.0270 4504  C:\Windows\System32\cewmdm.dll - ok
16:48:54.0274 4504  [ DFBAADF1B624DC71E88D34D86B3595BE ]

C:\Windows\System32\uniplat.dll
16:48:54.0274 4504  C:\Windows\System32\uniplat.dll - ok
16:48:54.0278 4504  [ 1FC325E387B7CB8A796E402DC75561D7 ]

C:\Program Files\Creative\Shared Files\PdtIdMgu.pid
16:48:54.0278 4504  C:\Program Files\Creative\Shared

Files\PdtIdMgu.pid - ok
16:48:54.0281 4504  [ B4B59AC042EE3733A862F26CBC0B17FC ]

C:\Windows\System32\hidphone.tsp
16:48:54.0281 4504  C:\Windows\System32\hidphone.tsp - ok
16:48:54.0284 4504  [ 953193A9DEA40348C1086D171F6440AE ]

C:\Windows\System32\kmddsp.tsp
16:48:54.0284 4504  C:\Windows\System32\kmddsp.tsp - ok
16:48:54.0288 4504  [ 2F6776ACEFE41EE889C464EA407918F2 ]

C:\Windows\System32\ndptsp.tsp
16:48:54.0288 4504  C:\Windows\System32\ndptsp.tsp - ok
16:48:54.0292 4504  [ 8B645890A93F1FBBC7DA3E07CC72D762 ]

C:\Windows\System32\rasppp.dll
16:48:54.0292 4504  C:\Windows\System32\rasppp.dll - ok
16:48:54.0295 4504  [ B624202660474516E73AA95238FD9843 ]

C:\Logitech G5 Mouse Drivers\SetPoint\SetPoint.exe
16:48:54.0295 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\SetPoint.exe - ok
16:48:54.0299 4504  [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ]

C:\Program Files\Windows Media Player\wmplayer.exe
16:48:54.0299 4504  C:\Program Files\Windows Media

Player\wmplayer.exe - ok
16:48:54.0302 4504  [ 56E315ACFB08A177B4D01E42B9044DB5 ]

C:\Windows\System32\mprapi.dll
16:48:54.0302 4504  C:\Windows\System32\mprapi.dll - ok
16:48:54.0305 4504  [ 88225070DD2F7B0B2ED51E7935078641 ]

C:\Windows\System32\rasqec.dll
16:48:54.0305 4504  C:\Windows\System32\rasqec.dll - ok
16:48:54.0309 4504  [ E78DD38C769C3E68BC300394B3AC73E7 ]

D:\Games\Dead Space\Dead Space\Dead Space.exe
16:48:54.0309 4504  D:\Games\Dead Space\Dead Space\Dead

Space.exe - ok
16:48:54.0312 4504  [ 4B1EB3AD2771AE8D0390ED1444B7B493 ]

C:\Logitech G5 Mouse Drivers\SetPoint\lgscroll.dll
16:48:54.0312 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\lgscroll.dll - ok
16:48:54.0316 4504  [ 22AA20E24295D0D98AFF72C65BD7DBFA ]

C:\Windows\System32\KemXML.dll
16:48:54.0316 4504  C:\Windows\System32\KemXML.dll - ok
16:48:54.0320 4504  [ 810F104256F6BCD7012545B0BEA18D23 ]

C:\Windows\System32\kemutb.dll
16:48:54.0320 4504  C:\Windows\System32\kemutb.dll - ok
16:48:54.0323 4504  [ 8ADAE4E00D86A8530B8176A853B4B9B9 ]

C:\Windows\System32\KemUtil.dll
16:48:54.0323 4504  C:\Windows\System32\KemUtil.dll - ok
16:48:54.0327 4504  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ]

C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
16:48:54.0327 4504 

C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.

0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
16:48:54.0330 4504  [ 7BDCEAF13D9EC5873C43BD8063BEC871 ]

C:\Windows\System32\KemWnd.dll
16:48:54.0330 4504  C:\Windows\System32\KemWnd.dll - ok
16:48:54.0334 4504  [ 559DC15B74C66EC38C4ECF81503C7757 ]

C:\Logitech G5 Mouse Drivers\SetPoint\SetPointCOM.dll
16:48:54.0334 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\SetPointCOM.dll - ok
16:48:54.0338 4504  [ D20AF468FA7F09B9561C8232BB80D4BA ]

C:\Logitech G5 Mouse Drivers\SetPoint\khalwrapper.dll
16:48:54.0338 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\khalwrapper.dll - ok
16:48:54.0341 4504  [ 28A09777D2D952122567A8A82F1A2C7B ]

C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b

_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
16:48:54.0341 4504 

C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b

_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
16:48:54.0344 4504  [ 99FC1599F89A80216E41175B8CA44D89 ]

D:\Programs\Ad-Aware Antivirus\SBAMSvc.exe
16:48:54.0344 4504  D:\Programs\Ad-Aware

Antivirus\SBAMSvc.exe - ok
16:48:54.0348 4504  [ B736E9A31EDB4D7CE3632FFCFBD69304 ]

C:\Logitech G5 Mouse Drivers\SetPoint\Macros\MacroCore.dll
16:48:54.0348 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\Macros\MacroCore.dll - ok
16:48:54.0353 4504  [ 145D7CB9862D6FA5A6F068F9F8B61B39 ]

C:\Logitech G5 Mouse Drivers\SetPoint\IMHook.dll
16:48:54.0353 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\IMHook.dll - ok
16:48:54.0357 4504  [ C0F8561D8F32926EB25165CBDC7BBA3F ]

C:\Logitech G5 Mouse Drivers\SetPoint\WebBrowserSupport.dll
16:48:54.0357 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\WebBrowserSupport.dll - ok
16:48:54.0360 4504  [ 2C3196C163BEF55A404A2549C7B69589 ]

C:\Logitech G5 Mouse

Drivers\SetPoint\Macros\MacroAppSwitch.dll
16:48:54.0360 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\Macros\MacroAppSwitch.dll - ok
16:48:54.0364 4504  [ 9EBA2C513B44A87C1E4A2A4115FA5AB8 ]

D:\Programs\Ad-Aware Antivirus\SpursDownload.dll
16:48:54.0364 4504  D:\Programs\Ad-Aware

Antivirus\SpursDownload.dll - ok
16:48:54.0368 4504  [ 254AC97C9AF4DDF3F5F57855198527B7 ]

C:\Windows\System32\wermgr.exe
16:48:54.0368 4504  C:\Windows\System32\wermgr.exe - ok
16:48:54.0371 4504  [ 4A79F94E9A9D911D1BB525C262CCE2BA ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALAPI.dll
16:48:54.0371 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALAPI.dll - ok
16:48:54.0375 4504  [ E96BC31E0114F0999FB0F92FC65D61CA ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
16:48:54.0375 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALMNPR.exe - ok
16:48:54.0378 4504  [ E691826F57C814DECD85E143BB8F15C0 ]

D:\Programs\Ad-Aware Antivirus\SBTE.dll
16:48:54.0378 4504  D:\Programs\Ad-Aware Antivirus\SBTE.dll

- ok
16:48:54.0382 4504  [ 2D3D77C6E0BFD1CEBF241F1F54D9614B ]

C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
16:48:54.0382 4504  C:\Program Files\Common

Files\Logishrd\Bluetooth\LBTServ.dll - ok
16:48:54.0386 4504  [ D7A835DB03CFE8168574893BF7E5C886 ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALITCH.dll
16:48:54.0386 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALITCH.dll - ok
16:48:54.0389 4504  [ 2BE37815B1FCA885119612C658DB8CA8 ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMW.dll
16:48:54.0389 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALMW.dll - ok
16:48:54.0393 4504  [ 9DB55C2361E0974A9630EECD70C69FAB ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALHPP.dll
16:48:54.0393 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALHPP.dll - ok
16:48:54.0397 4504  [ 70D4F5E5490A8947262A0D591309CEB4 ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMOU.dll
16:48:54.0397 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALMOU.dll - ok
16:48:54.0401 4504  [ 24F2095044B9EE2AD1ED2B1D7152893E ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALHID.dll
16:48:54.0401 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALHID.dll - ok
16:48:54.0404 4504  [ B02910B449EA0B5AF9D3422A9F907D8D ]

C:\Program Files\Common Files\Logishrd\KHAL2\KHALUSB.dll
16:48:54.0404 4504  C:\Program Files\Common

Files\Logishrd\KHAL2\KHALUSB.dll - ok
16:48:54.0408 4504  [ 13710783A04D427B6F621EE697569217 ]

C:\Logitech G5 Mouse Drivers\SetPoint\KGame.dll
16:48:54.0408 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\KGame.dll - ok
16:48:54.0412 4504  [ 09289206C1FDDD64CA96E024D5C4B23E ]

D:\Programs\Ad-Aware Antivirus\sbap.dll
16:48:54.0412 4504  D:\Programs\Ad-Aware Antivirus\sbap.dll

- ok
16:48:54.0415 4504  [ 8A5092AE59D6ED5B181292CDBFB22B2F ]

C:\Logitech G5 Mouse Drivers\SetPoint\GameHook.dll
16:48:54.0415 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\GameHook.dll - ok
16:48:54.0419 4504  [ BF899F57858B8C6F162D9EEB2370641C ]

C:\Windows\System32\wercon.exe
16:48:54.0419 4504  C:\Windows\System32\wercon.exe - ok
16:48:54.0423 4504  [ 08AF0B15AC1696F1F9B58FAB6560372B ]

D:\Programs\Ad-Aware Antivirus\SBArva.dll
16:48:54.0423 4504  D:\Programs\Ad-Aware

Antivirus\SBArva.dll - ok
16:48:54.0425 4504  [ 9CE7BD04EDF43A81685030FF09E7F4D7 ]

D:\Programs\Ad-Aware Antivirus\mimepp.dll
16:48:54.0425 4504  D:\Programs\Ad-Aware

Antivirus\mimepp.dll - ok
16:48:54.0429 4504  [ 414F0C81BC69D2BF7216B0A5432DBA7F ]

D:\Programs\Ad-Aware Antivirus\SbHips.dll
16:48:54.0429 4504  D:\Programs\Ad-Aware

Antivirus\SbHips.dll - ok
16:48:54.0433 4504  [ CC1959AB3929997F4198AA69C854086F ]

C:\Windows\System32\regsvr32.exe
16:48:54.0433 4504  C:\Windows\System32\regsvr32.exe - ok
16:48:54.0437 4504  [ 3AC7DBA716EB802538DA95F2D8E14FF1 ]

D:\My Stuff\D&D stuff - backed up 20060909\Shadowrun\Chummer

Character Generator\Chummer.exe
16:48:54.0437 4504  D:\My Stuff\D&D stuff - backed up

20060909\Shadowrun\Chummer Character Generator\Chummer.exe -

ok
16:48:54.0440 4504  [ 30F02D9C55053367E26A11482F51E255 ]

C:\Windows\System32\SndVolSSO.dll
16:48:54.0440 4504  C:\Windows\System32\SndVolSSO.dll - ok
16:48:54.0445 4504  [ C610485022BDAF12F3836B6955470B69 ]

D:\Programs\Ad-Aware Antivirus\vipre.dll
16:48:54.0445 4504  D:\Programs\Ad-Aware Antivirus\vipre.dll

- ok
16:48:54.0448 4504  [ A3DA017AA8E7EA77F64DDC027FCF4AE8 ]

D:\Games\Cryptic Studios\Champions Online.exe
16:48:54.0448 4504  D:\Games\Cryptic Studios\Champions

Online.exe - ok
16:48:54.0452 4504  [ 9D3D007C2540A69812D798A36F3279B7 ]

D:\Programs\Ad-Aware Antivirus\Definitions\vcore.dll
16:48:54.0452 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\vcore.dll - ok
16:48:54.0455 4504  [ C731FC78CB6546C7FE189C9A40D7EED0 ]

D:\Programs\Ad-Aware Antivirus\Definitions\remediation.dll
16:48:54.0455 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\remediation.dll - ok
16:48:54.0459 4504  [ D1B01B7933F26211E80EAC667A909E1B ]

D:\Programs\Ad-Aware Antivirus\Definitions\patchw32.dll
16:48:54.0459 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\patchw32.dll - ok
16:48:54.0463 4504  [ 76E7410B3A308F6960D3CE06DC7874AD ]

C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002

\gtn.dll
16:48:54.0463 4504  C:\Program

Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll -

ok
16:48:54.0466 4504  [ 917A728A12F25FCF4636858FAC9979FA ]

C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002

\swg.dll
16:48:54.0466 4504  C:\Program

Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll -

ok
16:48:54.0469 4504  [ C8DBFEF835FF54467425C8F3ABCF7046 ]

C:\Windows\System32\dssenh.dll
16:48:54.0469 4504  C:\Windows\System32\dssenh.dll - ok
16:48:54.0473 4504  [ 5CAAE5333EF36DB4A8D294418AB37E80 ]

C:\Windows\System32\p2pcollab.dll
16:48:54.0473 4504  C:\Windows\System32\p2pcollab.dll - ok
16:48:54.0476 4504  [ C97434C851C4821BD92D2831FDF1ECBE ]

C:\Windows\System32\mshtml.dll
16:48:54.0476 4504  C:\Windows\System32\mshtml.dll - ok
16:48:54.0480 4504  [ 3EB6D30D82F0E300FCFBAD0498F654FD ]

C:\Windows\System32\mlang.dll
16:48:54.0480 4504  C:\Windows\System32\mlang.dll - ok
16:48:54.0483 4504  [ AC6B8F8058EE27932F9AF8A2D959D201 ]

C:\Windows\System32\msimtf.dll
16:48:54.0483 4504  C:\Windows\System32\msimtf.dll - ok
16:48:54.0486 4504  [ C079169E6A07FC4412475C02969EB9CE ]

C:\Windows\System32\jscript9.dll
16:48:54.0486 4504  C:\Windows\System32\jscript9.dll - ok
16:48:54.0490 4504  [ E9B39C81C87E5B790FCE121DA9E02701 ]

C:\Windows\System32\d2d1.dll
16:48:54.0490 4504  C:\Windows\System32\d2d1.dll - ok
16:48:54.0493 4504  [ 7A88900F2F11882FFCE3BF3D4EAEFB4B ]

C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
16:48:54.0493 4504  C:\Program Files\Microsoft

Games\Mahjong\Mahjong.exe - ok
16:48:54.0497 4504  [ CABD1B34BD05C986B4DBC18BC0E947EE ]

C:\Windows\System32\DWrite.dll
16:48:54.0497 4504  C:\Windows\System32\DWrite.dll - ok
16:48:54.0499 4504  [ 06164026C38AA5366E4D127E2E36FDE8 ]

C:\Program Files\Windows Mail\wab.exe
16:48:54.0499 4504  C:\Program Files\Windows Mail\wab.exe -

ok
16:48:54.0503 4504  [ 4CDB86D282A0FCEE8D8EBDED9FDAEC07 ]

C:\Program Files\Microsoft Games\HoldEm\HoldEm.exe
16:48:54.0503 4504  C:\Program Files\Microsoft

Games\HoldEm\HoldEm.exe - ok
16:48:54.0507 4504  [ 941486AB385556BF6A62342F8CA15BD8 ]

C:\Windows\System32\accessibilitycpl.dll
16:48:54.0507 4504  C:\Windows\System32\accessibilitycpl.dll

- ok
16:48:54.0510 4504  [ E47C854A28A81F2939F42CBE9FEA994C ]

C:\Windows\System32\Magnify.exe
16:48:54.0510 4504  C:\Windows\System32\Magnify.exe - ok
16:48:54.0513 4504  [ 4A1C09E38508A5DDF5EE11A0329D9B1D ]

D:\Programs\championBuilder\championBuilder.exe
16:48:54.0513 4504 

D:\Programs\championBuilder\championBuilder.exe - ok
16:48:54.0517 4504  [ 27BB54357A51594D9F9B6257B5B9A879 ]

C:\Windows\System32\Narrator.exe
16:48:54.0517 4504  C:\Windows\System32\Narrator.exe - ok
16:48:54.0520 4504  [ DC888EB2A9E3FC6CD2275F44618257E4 ]

D:\Games\Alice - Madness Returns\Alice.Madness.Returns-

KaOs\Alice2\Binaries\Win32\AliceMadnessReturns.exe
16:48:54.0521 4504  D:\Games\Alice - Madness

Returns\Alice.Madness.Returns-KaOs\Alice2\Binaries\Win32

\AliceMadnessReturns.exe - ok
16:48:54.0525 4504  [ 31170CAF2B2FF87BE9A4D5F53444D166 ]

C:\Program Files\Windows Sidebar\wlsrvc.dll
16:48:54.0525 4504  C:\Program Files\Windows

Sidebar\wlsrvc.dll - ok
16:48:54.0528 4504  [ AAAE543C535ED596ECAD2AB8761C2C6F ]

C:\Windows\System32\dxgi.dll
16:48:54.0528 4504  C:\Windows\System32\dxgi.dll - ok
16:48:54.0531 4504  [ 5256383D1D266A9EEFCDB270340C0E5C ]

C:\Windows\System32\d3d10_1.dll
16:48:54.0532 4504  C:\Windows\System32\d3d10_1.dll - ok
16:48:54.0535 4504  [ A441F5B43EAF4BD4E3ACFBE38841B46B ]

C:\Windows\System32\d3d10_1core.dll
16:48:54.0535 4504  C:\Windows\System32\d3d10_1core.dll - ok
16:48:54.0539 4504  [ 4A4C71376ECA305D6DEA021F1A44816D ]

C:\Windows\System32\d3d10warp.dll
16:48:54.0539 4504  C:\Windows\System32\d3d10warp.dll - ok
16:48:54.0542 4504  [ 35AAE2E841AA1A949775168E119482C9 ]

C:\Windows\System32\msls31.dll
16:48:54.0542 4504  C:\Windows\System32\msls31.dll - ok
16:48:54.0546 4504  [ 2C7B4E944A48B9A07B7BF2AB262F197E ]

C:\Windows\System32\icm32.dll
16:48:54.0546 4504  C:\Windows\System32\icm32.dll - ok
16:48:54.0548 4504  [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ]

C:\Windows\System32\d3d10.dll
16:48:54.0548 4504  C:\Windows\System32\d3d10.dll - ok
16:48:54.0552 4504  [ 9C7094F537782A82B6A29B4A7172E180 ]

C:\Windows\System32\d3d10core.dll
16:48:54.0552 4504  C:\Windows\System32\d3d10core.dll - ok
16:48:54.0556 4504  [ B0AC88C4E3B63EC8B67768301D10E652 ]

C:\Logitech G5 Mouse Drivers\SetPoint\SetPointCOMWMP9.dll
16:48:54.0556 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\SetPointCOMWMP9.dll - ok
16:48:54.0559 4504  [ B292E60B5334E6763BA365D8FD96D3B7 ]

C:\Logitech G5 Mouse Drivers\SetPoint\SetPointCOMMM9.dll
16:48:54.0559 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\SetPointCOMMM9.dll - ok
16:48:54.0563 4504  [ 469F2841AB3C27A88C37CA7681D9CA28 ]

C:\Logitech G5 Mouse Drivers\SetPoint\LU\LuLnchr.exe
16:48:54.0563 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\LU\LuLnchr.exe - ok
16:48:54.0566 4504  [ 5146B1592CD05550F5ECBDCB3D39B974 ]

C:\Logitech G5 Mouse Drivers\SetPoint\LCabHandler.dll
16:48:54.0566 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\LCabHandler.dll - ok
16:48:54.0571 4504  [ D4A8714E8A999DB88A497DB4B33CAD30 ]

C:\Logitech G5 Mouse Drivers\SetPoint\LU\LogitechUpdate.exe
16:48:54.0571 4504  C:\Logitech G5 Mouse

Drivers\SetPoint\LU\LogitechUpdate.exe - ok
16:48:54.0574 4504  [ FA2A3AFADC4FB47DBC234A4E57F92CDB ]

C:\Windows\System32\ddraw.dll
16:48:54.0574 4504  C:\Windows\System32\ddraw.dll - ok
16:48:54.0578 4504  [ EF764E33878B3A4A9E5A2FB5D0D031D0 ]

C:\Windows\System32\dciman32.dll
16:48:54.0578 4504  C:\Windows\System32\dciman32.dll - ok
16:48:54.0581 4504  [ C166EF14CBC85AC9747DDA3797F30A06 ]

C:\Windows\System32\d3dim700.dll
16:48:54.0581 4504  C:\Windows\System32\d3dim700.dll - ok
16:48:54.0585 4504  [ A5CBDC87E694154F90DBA134733E7E8B ]

C:\Windows\System32\brcpl.dll
16:48:54.0585 4504  C:\Windows\System32\brcpl.dll - ok
16:48:54.0588 4504  [ 877F2939794EBA4F3D1BB967007E99E8 ]

C:\Windows\System32\osk.exe
16:48:54.0588 4504  C:\Windows\System32\osk.exe - ok
16:48:54.0590 4504  [ 9DA1F1163C7B5DA29EEC2FF3A731EEA9 ]

D:\Programs\Ventrilo\Ventrilo.exe
16:48:54.0590 4504  D:\Programs\Ventrilo\Ventrilo.exe - ok
16:48:54.0594 4504  [ 0D392EDE3B97E0B3131B2F63EF1DB94E ]

C:\Program Files\Windows Defender\MSASCui.exe
16:48:54.0594 4504  C:\Program Files\Windows

Defender\MSASCui.exe - ok
16:48:54.0597 4504  [ 9352AF851D98380738161620C916A042 ]

C:\Windows\System32\url.dll
16:48:54.0597 4504  C:\Windows\System32\url.dll - ok
16:48:54.0601 4504  [ 313B30189557A2E2793F845DE0F0A4D5 ]

C:\Windows\ehome\ehSSO.dll
16:48:54.0601 4504  C:\Windows\ehome\ehSSO.dll - ok
16:48:54.0604 4504  [ 0625121315030761D1C1643F30F5DFB6 ]

C:\Program Files\CCleaner\CCleaner.exe
16:48:54.0605 4504  C:\Program Files\CCleaner\CCleaner.exe -

ok
16:48:54.0608 4504  [ 5822232EB8D37DD29BA7DB99F02AD6BE ]

D:\Games\Hellgate London\Launcher.exe
16:48:54.0608 4504  D:\Games\Hellgate London\Launcher.exe -

ok
16:48:54.0611 4504  [ E98E402067978DB38282158F9E8609CA ]

C:\Windows\System32\netshell.dll
16:48:54.0611 4504  C:\Windows\System32\netshell.dll - ok
16:48:54.0615 4504  [ 75AD59B9B12EB194486BE8D97B062994 ]

C:\Windows\System32\pnidui.dll
16:48:54.0615 4504  C:\Windows\System32\pnidui.dll - ok
16:48:54.0618 4504  [ 395335431AD55C167CFDBBAB8420DA73 ]

C:\Program Files\Movie Maker\DVDMaker.exe
16:48:54.0618 4504  C:\Program Files\Movie

Maker\DVDMaker.exe - ok
16:48:54.0622 4504  [ 9BC80212D083A44095C29E4509B66B49 ]

C:\Program Files\CCleaner\uninst.exe
16:48:54.0622 4504  C:\Program Files\CCleaner\uninst.exe -

ok
16:48:54.0625 4504  [ 5822232EB8D37DD29BA7DB99F02AD6BE ]

C:\Windows\Installer\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}

\LAUNCHER_ICON
16:48:54.0625 4504  C:\Windows\Installer\{A2B4455D-1046-

4732-BFBC-0821BEFC07BC}\LAUNCHER_ICON - ok
16:48:54.0629 4504  [ 191050AA5A806956F44D020AA0F1DB91 ]

D:\Games\Borderlands 2 + Update 2 - AGB Golden

Team\Borderlands 2\Binaries\Win32\Borderlands2.exe
16:48:54.0629 4504  D:\Games\Borderlands 2 + Update 2 - AGB

Golden Team\Borderlands 2\Binaries\Win32\Borderlands2.exe -

ok
16:48:54.0633 4504  [ 2DD6AF8E97F59C9D39329BBC2A81F13F ]

C:\Windows\System32\rasdlg.dll
16:48:54.0633 4504  C:\Windows\System32\rasdlg.dll - ok
16:48:54.0636 4504  [ 8AB90809C01511FB75EC606C9EEC5B9F ]

C:\Windows\System32\WFS.exe
16:48:54.0636 4504  C:\Windows\System32\WFS.exe - ok
16:48:54.0640 4504  [ BE5961CE4DE0B363069910EDB897498B ]

D:\Games\Mario Bros Collection\Mario Bros Collection\N64

\Project64.exe
16:48:54.0640 4504  D:\Games\Mario Bros Collection\Mario

Bros Collection\N64\Project64.exe - ok
16:48:54.0643 4504  [ 4A839160ED1963F9A1526DDA2D1233B2 ]

C:\Windows\System32\AltTab.dll
16:48:54.0643 4504  C:\Windows\System32\AltTab.dll - ok
16:48:54.0647 4504  [ 883D02AB5D350BC45E0F60E8CFA97FDC ]

C:\Windows\System32\PortableDeviceTypes.dll
16:48:54.0647 4504  C:\Windows\System32

\PortableDeviceTypes.dll - ok
16:48:54.0651 4504  [ 6B5C53E0932C510606D700B7A896EF73 ]

C:\Windows\System32\WPDShServiceObj.dll
16:48:54.0651 4504  C:\Windows\System32\WPDShServiceObj.dll

- ok
16:48:54.0654 4504  [ 4663A05D1C8D8A591C2F5B3865ED868C ]

C:\Windows\System32\WFSR.dll
16:48:54.0654 4504  C:\Windows\System32\WFSR.dll - ok
16:48:54.0658 4504  [ 5EB6F880B9A37C7C88022C6C1E1582AB ]

C:\Users\e.

Smith\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-

4237-A2D9-D856464AD727}

\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
16:48:54.0658 4504  C:\Users\e.

Smith\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-

4237-A2D9-D856464AD727}

\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe - ok
16:48:54.0662 4504  [ 4725295F9A3613D5E07C8B265AF5AE75 ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\SIGNINOPTIONS.EXE
16:48:54.0662 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\SIGNINOPTIONS.EXE - ok
16:48:54.0666 4504  [ 2CDAF8849A20D8DF8ACCE36BBB8849F3 ]

C:\Windows\System32\cscobj.dll
16:48:54.0666 4504  C:\Windows\System32\cscobj.dll - ok
16:48:54.0669 4504  [ 744F08CF9ACFFB1C715191D04DEEE907 ]

C:\Windows\System32\srchadmin.dll
16:48:54.0669 4504  C:\Windows\System32\srchadmin.dll - ok
16:48:54.0672 4504  [ 158F8E46AB4809937F8800058374E797 ]

D:\Programs\winrar\WinRAR.exe
16:48:54.0672 4504  D:\Programs\winrar\WinRAR.exe - ok
16:48:54.0674 4504  [ 5193DE33F3284C447E0D31DAFBF92570 ]

C:\Windows\System32\webcheck.dll
16:48:54.0674 4504  C:\Windows\System32\webcheck.dll - ok
16:48:54.0679 4504  [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ]

C:\Windows\System32\SyncCenter.dll
16:48:54.0679 4504  C:\Windows\System32\SyncCenter.dll - ok
16:48:54.0682 4504  [ 7ADD03E75BEB9E6DD102C3081D29840A ]

C:\Windows\System32\drivers\cdfs.sys
16:48:54.0682 4504  C:\Windows\System32\drivers\cdfs.sys -

ok
16:48:54.0686 4504  [ 9B0726A03B790E5B82BED44D24009BEF ]

C:\Windows\System32\imapi2.dll
16:48:54.0686 4504  C:\Windows\System32\imapi2.dll - ok
16:48:54.0689 4504  [ B7ED332A57FC78CA29E40D3619550225 ]

C:\Windows\ehome\ehshell.exe
16:48:54.0689 4504  C:\Windows\ehome\ehshell.exe - ok
16:48:54.0693 4504  [ 069385484EA57B663D688894C88975C5 ]

C:\Windows\System32\wuapp.exe
16:48:54.0693 4504  C:\Windows\System32\wuapp.exe - ok
16:48:54.0696 4504  [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ]

C:\Windows\System32\wscntfy.dll
16:48:54.0696 4504  C:\Windows\System32\wscntfy.dll - ok
16:48:54.0700 4504  [ A0F4852A5DB9754BEC06F84B400AE743 ]

C:\Windows\System32\wscapi.dll
16:48:54.0700 4504  C:\Windows\System32\wscapi.dll - ok
16:48:54.0703 4504  [ 285C594C4913FA9DC7BB6BA3AD6F101A ]

C:\Windows\System32\wucltux.dll
16:48:54.0703 4504  C:\Windows\System32\wucltux.dll - ok
16:48:54.0706 4504  [ C0ABD66F31C0B84CD944802E6D3D02C2 ]

C:\Windows\System32\bthprops.cpl
16:48:54.0706 4504  C:\Windows\System32\bthprops.cpl - ok
16:48:54.0710 4504  [ 52BC119E49F88F2A5D1466230B1275C7 ]

C:\Program Files\Windows Collaboration\WinCollab.exe
16:48:54.0710 4504  C:\Program Files\Windows

Collaboration\WinCollab.exe - ok
16:48:54.0714 4504  [ C4AB08459CD7B59B410ACFC04D90E87B ]

C:\Program Files\Movie Maker\MOVIEMK.exe
16:48:54.0714 4504  C:\Program Files\Movie Maker\MOVIEMK.exe

- ok
16:48:54.0716 4504  [ E2554540B42EEAE89C17A708EA61854F ]

C:\Windows\System32\FXSST.dll
16:48:54.0716 4504  C:\Windows\System32\FXSST.dll - ok
16:48:54.0719 4504  [ A4CB04C22EC6D8BC799AE7E3C8290510 ]

C:\Windows\System32\FXSAPI.dll
16:48:54.0719 4504  C:\Windows\System32\FXSAPI.dll - ok
16:48:54.0723 4504  [ DFBA0F60FA301E5B1BFB1403A93EE23E ]

C:\Windows\System32\FXSSVC.exe
16:48:54.0723 4504  C:\Windows\System32\FXSSVC.exe - ok
16:48:54.0727 4504  [ C03AC1FBCD625F93D2C245D97E06F270 ]

C:\Program Files\Windows Photo

Gallery\WindowsPhotoGallery.exe
16:48:54.0727 4504  C:\Program Files\Windows Photo

Gallery\WindowsPhotoGallery.exe - ok
16:48:54.0730 4504  [ 1ED2124313CCE34C877247574212EFC8 ]

C:\Windows\System32\calc.exe
16:48:54.0730 4504  C:\Windows\System32\calc.exe - ok
16:48:54.0734 4504  [ 338104E0E18307CD65604FE317B5FB8D ]

C:\Windows\System32\mblctr.exe
16:48:54.0734 4504  C:\Windows\System32\mblctr.exe - ok
16:48:54.0737 4504  [ B1AFF0B6DED627A1D22A6817DD58AC0F ]

C:\Windows\System32\NetProj.exe
16:48:54.0737 4504  C:\Windows\System32\NetProj.exe - ok
16:48:54.0741 4504  [ 7B33E611511197DFD27B37A444FB4014 ]

D:\Programs\Ad-Aware Antivirus\Definitions\lgpl.dll
16:48:54.0741 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\lgpl.dll - ok
16:48:54.0744 4504  [ 7DC7D177B59D55B1A09F3A8E14FDFB58 ]

D:\Programs\Ad-Aware Antivirus\Definitions\lib7zip.dll
16:48:54.0744 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\lib7zip.dll - ok
16:48:54.0748 4504  [ A577868F76CEE16D6A82625FD55F379A ]

C:\Windows\System32\NetProjW.dll
16:48:54.0748 4504  C:\Windows\System32\NetProjW.dll - ok
16:48:54.0750 4504  [ 50BC994B5BD8A2F905A69F601FC3DC1D ]

D:\Programs\Ad-Aware Antivirus\Definitions\libBase64.dll
16:48:54.0750 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libBase64.dll - ok
16:48:54.0754 4504  [ 0EFC248A61B604DC84C89F400CA1C1F0 ]

D:\Programs\Ad-Aware Antivirus\Definitions\libCHM.dll
16:48:54.0754 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libCHM.dll - ok
16:48:54.0757 4504  [ C8EA2E332EC6884D08CE2D5EEFCB8440 ]

D:\Programs\Ad-Aware Antivirus\Definitions\libEmail.dll
16:48:54.0757 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libEmail.dll - ok
16:48:54.0761 4504  [ 694AF8B27C9A0A99399E02CE977F986B ]

C:\Windows\System32\mspaint.exe
16:48:54.0761 4504  C:\Windows\System32\mspaint.exe - ok
16:48:54.0765 4504  [ BF47C9A5372E4DF8F435AB2F03BE3C32 ]

D:\Programs\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
16:48:54.0765 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libMachoUniv.dll - ok
16:48:54.0769 4504  [ 28188263A5D451261ECBFA6303D4D702 ]

D:\Programs\Ad-Aware Antivirus\Definitions\libMsCab.dll
16:48:54.0769 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libMsCab.dll - ok
16:48:54.0773 4504  [ 16FEE292E95EDC274385103E6B498019 ]

C:\Windows\System32\mstsc.exe
16:48:54.0773 4504  C:\Windows\System32\mstsc.exe - ok
16:48:54.0777 4504  [ 3225B53B1C53672E97295861947ED3DE ]

D:\Programs\Ad-Aware Antivirus\Definitions\libMsi.dll
16:48:54.0777 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libMsi.dll - ok
16:48:54.0780 4504  [ 5798D98B64240F18A012AA76F632734A ]

D:\Programs\Ad-Aware Antivirus\Definitions\libNSIS.dll
16:48:54.0780 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libNSIS.dll - ok
16:48:54.0784 4504  [ 1F8A4BE6C00F689A6FE3A678B5C2B603 ]

D:\Programs\Ad-Aware Antivirus\Definitions\libOleA.dll
16:48:54.0784 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libOleA.dll - ok
16:48:54.0788 4504  [ FB5C1ED6BBA79291FDA664CF142EEA4D ]

D:\Programs\Ad-Aware Antivirus\Definitions\libRar.dll
16:48:54.0788 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libRar.dll - ok
16:48:54.0791 4504  [ E80DB295132C5EF0C623935422BD0FC7 ]

C:\Windows\System32\SnippingTool.exe
16:48:54.0792 4504  C:\Windows\System32\SnippingTool.exe -

ok
16:48:54.0795 4504  [ 56DD7D9679A86EFC4C31A03A92C3237D ]

D:\Programs\Ad-Aware Antivirus\Definitions\libRTF.dll
16:48:54.0795 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libRTF.dll - ok
16:48:54.0798 4504  [ 5D2638498DEA94F0D65136D49625A8DC ]

D:\Programs\Ad-Aware Antivirus\Definitions\libtd.dll
16:48:54.0798 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libtd.dll - ok
16:48:54.0802 4504  [ 477E3D0DF9DC60957CB9E0C0D8B47019 ]

D:\Programs\Ad-Aware Antivirus\Definitions\libVvs.dll
16:48:54.0802 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libVvs.dll - ok
16:48:54.0806 4504  [ 0E47902C881A09DC64D5DEBA611B370A ]

D:\Programs\Ad-Aware Antivirus\Definitions\libZip.dll
16:48:54.0806 4504  D:\Programs\Ad-Aware

Antivirus\Definitions\libZip.dll - ok
16:48:54.0810 4504  [ 248F33A6C2380757BC1E20E34D9E827B ]

C:\Windows\System32\SoundRecorder.exe
16:48:54.0810 4504  C:\Windows\System32\SoundRecorder.exe -

ok
16:48:54.0813 4504  [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ]

C:\Windows\System32\mobsync.exe
16:48:54.0813 4504  C:\Windows\System32\mobsync.exe - ok
16:48:54.0816 4504  [ 16FC5B430123238E522B18E63C257AF8 ]

C:\Windows\System32\oobefldr.dll
16:48:54.0816 4504  C:\Windows\System32\oobefldr.dll - ok
16:48:54.0821 4504  [ 19D0FC69D4E68D5CE2E4B34940529727 ]

C:\Program Files\Windows NT\Accessories\wordpad.exe
16:48:54.0821 4504  C:\Program Files\Windows

NT\Accessories\wordpad.exe - ok
16:48:54.0824 4504  [ 105A4D87C8DCF2CF5DB042830B203E5F ]

C:\Windows\Speech\Common\sapisvr.exe
16:48:54.0824 4504  C:\Windows\Speech\Common\sapisvr.exe -

ok
16:48:54.0828 4504  [ 9AD8AEAAB3EB89277AF1DDF31B14F90F ]

C:\Windows\System32\Speech\SpeechUX\sapi.cpl
16:48:54.0828 4504  C:\Windows\System32

\Speech\SpeechUX\sapi.cpl - ok
16:48:54.0831 4504  [ 967FC9D11343766707E8A3D238597018 ]

D:\Programs\Ad-Aware Antivirus\gfiarksh.dll
16:48:54.0831 4504  D:\Programs\Ad-Aware

Antivirus\gfiarksh.dll - ok
16:48:54.0835 4504  [ A623666C8A8EC9A57DCA07915A3F1EC6 ]

C:\Windows\System32\sdclt.exe
16:48:54.0835 4504  C:\Windows\System32\sdclt.exe - ok
16:48:54.0839 4504  [ A9542FF2E9A82CF100E5729EC79068F0 ]

C:\Windows\System32\fltLib.dll
16:48:54.0839 4504  C:\Windows\System32\fltLib.dll - ok
16:48:54.0841 4504  [ BB4910DE8B6C5E30DF39EC97308D44BA ]

C:\Windows\System32\charmap.exe
16:48:54.0841 4504  C:\Windows\System32\charmap.exe - ok
16:48:54.0844 4504  [ 2327C11B043FCEB80BE00CC8D077E9AA ]

C:\Windows\System32\dfrgui.exe
16:48:54.0844 4504  C:\Windows\System32\dfrgui.exe - ok
16:48:54.0848 4504  [ DF1F51D2938A403BFE671B13A12FA434 ]

C:\Windows\System32\vdmdbg.dll
16:48:54.0848 4504  C:\Windows\System32\vdmdbg.dll - ok
16:48:54.0852 4504  [ 6B59E42D12D76455E1657DF2BFD47C90 ]

D:\Programs\Ad-Aware Antivirus\kbu.dll
16:48:54.0852 4504  D:\Programs\Ad-Aware Antivirus\kbu.dll -

ok
16:48:54.0855 4504  [ 86AB3F6C784197DC1D994A83AF4259CD ]

C:\Windows\System32\cleanmgr.exe
16:48:54.0855 4504  C:\Windows\System32\cleanmgr.exe - ok
16:48:54.0859 4504  [ 25F656BDA535FF119540D60C2554B9DA ]

D:\Programs\Ad-Aware Antivirus\SBAMTray.exe
16:48:54.0859 4504  D:\Programs\Ad-Aware

Antivirus\SBAMTray.exe - ok
16:48:54.0862 4504  [ FBF628702A408977FEB0845D48F4F154 ]

C:\Windows\System32\migwiz\migwiz.exe
16:48:54.0862 4504  C:\Windows\System32\migwiz\migwiz.exe -

ok
16:48:54.0866 4504  [ E92F9A1CAF8369D541DA870B683A33D6 ]

D:\Programs\Ad-Aware Antivirus\SBAMSvcPS.dll
16:48:54.0867 4504  D:\Programs\Ad-Aware

Antivirus\SBAMSvcPS.dll - ok
16:48:54.0870 4504  [ D3D1CE8FF30786D50272DA3085149904 ]

C:\Windows\System32\msinfo32.exe
16:48:54.0870 4504  C:\Windows\System32\msinfo32.exe - ok
16:48:54.0874 4504  [ 8DB67B4DE8288BB38345D84D9A29685A ]

D:\Games\Steam\Steam\crashhandler.dll
16:48:54.0874 4504  D:\Games\Steam\Steam\crashhandler.dll -

ok
16:48:54.0877 4504  [ 95D5AC5CCBE10E8B4B8A0DF41022568D ]

C:\Windows\System32\rstrui.exe
16:48:54.0877 4504  C:\Windows\System32\rstrui.exe - ok
16:48:54.0881 4504  [ B13A8D6F708AA2034A9DE0979F81D890 ]

C:\Windows\System32\miguiresource.dll
16:48:54.0881 4504  C:\Windows\System32\miguiresource.dll -

ok
16:48:54.0884 4504  [ C0D2BF4C7D61F4EA8AE09D1991ACAE21 ]

D:\Games\Steam\Steam\steamerrorreporter.exe
16:48:54.0884 4504 

D:\Games\Steam\Steam\steamerrorreporter.exe - ok
16:48:54.0887 4504  [ C9B520028498E5DA23651619F8A556D4 ]

C:\Windows\System32\StikyNot.exe
16:48:54.0887 4504  C:\Windows\System32\StikyNot.exe - ok
16:48:54.0891 4504  [ 7122B0AA2212B07BBFC49BD22215BF3B ]

C:\Program Files\Common Files\microsoft

shared\ink\TabTip.exe
16:48:54.0891 4504  C:\Program Files\Common Files\microsoft

shared\ink\TabTip.exe - ok
16:48:54.0894 4504  [ C20436B4F0596ACD5569749206F99265 ]

C:\Program Files\Windows Journal\Journal.exe
16:48:54.0894 4504  C:\Program Files\Windows

Journal\Journal.exe - ok
16:48:54.0899 4504  [ ACA0CE61B0714401338D3DFEA19FD7A5 ]

D:\Games\Steam\Steam\tier0_s.dll
16:48:54.0899 4504  D:\Games\Steam\Steam\tier0_s.dll - ok
16:48:54.0902 4504  [ 29A3E5B7C14337F4B5DDB82B2AFFED21 ]

D:\Games\Steam\Steam\vstdlib_s.dll
16:48:54.0902 4504  D:\Games\Steam\Steam\vstdlib_s.dll - ok
16:48:54.0906 4504  [ 36B6F71B6D7D280302B348145DB05A9F ]

C:\Windows\System32\WindowsPowerShell\v1.0

\powershell_ise.exe
16:48:54.0906 4504  C:\Windows\System32

\WindowsPowerShell\v1.0\powershell_ise.exe - ok
16:48:54.0909 4504  [ DF4217DDB34A0B73DC7AAC7829371C0C ]

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
16:48:54.0909 4504  C:\Windows\System32

\WindowsPowerShell\v1.0\powershell.exe - ok
16:48:54.0914 4504  [ 4CAAD229A00C0DEFFF51841AE2B93B46 ]

C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll
16:48:54.0914 4504  C:\Windows\System32

\WindowsPowerShell\v1.0\pwrshmsg.dll - ok
16:48:54.0917 4504  [ 2CB350B72FEA6FB5A010099A4444B636 ]

C:\Windows\System32\mycomput.dll
16:48:54.0917 4504  C:\Windows\System32\mycomput.dll - ok
16:48:54.0920 4504  [ 1C474C0C4CB5F15A555FE912CBF4549C ]

C:\Windows\System32\odbcad32.exe
16:48:54.0920 4504  C:\Windows\System32\odbcad32.exe - ok
16:48:54.0923 4504  [ 0DAAF8032546D1B4543D7B101B53FD6C ]

C:\Windows\System32\odbcint.dll
16:48:54.0923 4504  C:\Windows\System32\odbcint.dll - ok
16:48:54.0927 4504  [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ]

C:\Windows\System32\iscsicpl.exe
16:48:54.0927 4504  C:\Windows\System32\iscsicpl.exe - ok
16:48:54.0932 4504  [ F84D0B1B90404D0A27E86F159FBDAC81 ]

C:\Windows\System32\iscsicpl.dll
16:48:54.0932 4504  C:\Windows\System32\iscsicpl.dll - ok
16:48:54.0935 4504  [ 8D865A3E7E2C78317EDE4EAE8316284F ]

C:\Windows\System32\MdSched.exe
16:48:54.0935 4504  C:\Windows\System32\MdSched.exe - ok
16:48:54.0938 4504  [ 415DEF33B1B23DD094824614D5A326E0 ]

C:\Windows\System32\pmcsnap.dll
16:48:54.0939 4504  C:\Windows\System32\pmcsnap.dll - ok
16:48:54.0942 4504  [ 1959E5AAEE0D988C10F19CEC7DFF2242 ]

C:\Windows\System32\wdc.dll
16:48:54.0943 4504  C:\Windows\System32\wdc.dll - ok
16:48:54.0946 4504  [ 210FFD034BDB5108B55B6EC23CD4CE6E ]

C:\Windows\System32\wsecedit.dll
16:48:54.0946 4504  C:\Windows\System32\wsecedit.dll - ok
16:48:54.0950 4504  [ 90438B514A5AC6A23602484A907E20A7 ]

C:\Windows\System32\filemgmt.dll
16:48:54.0950 4504  C:\Windows\System32\filemgmt.dll - ok
16:48:54.0953 4504  [ 7629E9BB2FF06EACA62580A2C1D4FE6A ]

C:\Windows\System32\msconfig.exe
16:48:54.0953 4504  C:\Windows\System32\msconfig.exe - ok
16:48:54.0956 4504  [ 0ADED25D371AE14665CE514E413988E7 ]

C:\Windows\System32\AuthFWGP.dll
16:48:54.0956 4504  C:\Windows\System32\AuthFWGP.dll - ok
16:48:54.0961 4504  [ 6C6F3EBF62592AA3F8F7541E3A144BB2 ]

C:\Program Files\ASUS\Cool & Quiet\cnq.exe
16:48:54.0961 4504  C:\Program Files\ASUS\Cool &

Quiet\cnq.exe - ok
16:48:54.0964 4504  [ FB6674A519505CC93E28CF600BBC23A3 ]

C:\Program Files\InstallShield Installation

Information\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}\Setup.exe
16:48:54.0964 4504  C:\Program Files\InstallShield

Installation Information\{1ADE1AA0-7F82-4BB1-B1BD-

727DE438057B}\Setup.exe - ok
16:48:54.0967 4504  [ 3A2EEE8444A8E5C1A454C57B2198F5FC ]

C:\Windows\System32\ntlanman.dll
16:48:54.0967 4504  C:\Windows\System32\ntlanman.dll - ok
16:48:54.0971 4504  [ CFBD2E1FE18B50748A76703A2DC6D4E3 ]

C:\Windows\System32\davclnt.dll
16:48:54.0971 4504  C:\Windows\System32\davclnt.dll - ok
16:48:54.0975 4504  [ 582EFE56FC0858E58A6CEBA2A64B02C7 ]

C:\Windows\System32\drprov.dll
16:48:54.0975 4504  C:\Windows\System32\drprov.dll - ok
16:48:54.0978 4504  [ E92143D1B2E32FAF6CC56FD97B908F6A ]

C:\Windows\System32\wpdshext.dll
16:48:54.0978 4504  C:\Windows\System32\wpdshext.dll - ok
16:48:54.0982 4504  [ 42D08A04BEA63D24545C543583BC5D7A ]

C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
16:48:54.0982 4504  C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll -

ok
16:48:54.0985 4504  [ 67C30FAFA58BD7E02A9DA8BE28512934 ]

C:\Windows\System32\audiodev.dll
16:48:54.0985 4504  C:\Windows\System32\audiodev.dll - ok
16:48:54.0988 4504  [ A262124398F38FD0E740F8A16E62822F ]

D:\Games\Borderlands 2 + Update 2 - AGB Golden

Team\Borderlands 2\unins000.exe
16:48:54.0988 4504  D:\Games\Borderlands 2 + Update 2 - AGB

Golden Team\Borderlands 2\unins000.exe - ok
16:48:54.0993 4504  [ C457AD5367AC3A5DEB016899FC73B21A ]

C:\Program Files\Creative\Creative Centrale\Centrale.exe
16:48:54.0993 4504  C:\Program Files\Creative\Creative

Centrale\Centrale.exe - ok
16:48:54.0997 4504  [ 71386E71D8EA3304B384097F9741EC0A ]

C:\Program Files\Creative\Product

Registration\English\InetReg.exe
16:48:54.0997 4504  C:\Program Files\Creative\Product

Registration\English\InetReg.exe - ok
16:48:55.0000 4504  [ 82256AE8932658C3F142AC687C90C7A9 ]

D:\Programs\DVD Flick\unins000.exe
16:48:55.0000 4504  D:\Programs\DVD Flick\unins000.exe - ok
16:48:55.0003 4504  [ C605010CB7433A193AAE007BC5FABDD6 ]

D:\Programs\AD-AWA~1\AdAwareStatistics.dll
16:48:55.0003 4504  D:\Programs\AD-AWA~1

\AdAwareStatistics.dll - ok
16:48:55.0006 4504  [ 0AE229A42DE5B45635C4F101517D9918 ]

D:\Programs\AD-AWA~1\Statistics.dll
16:48:55.0006 4504  D:\Programs\AD-AWA~1\Statistics.dll - ok
16:48:55.0010 4504  [ 5D999BF519415D1C8EE0B97FF6A254DB ]

C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
16:48:55.0010 4504  C:\Program Files\Microsoft

Office\Office12\MSOHEVI.DLL - ok
16:48:55.0013 4504  [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ]

C:\Windows\System32\wbem\WmiPrvSE.exe
16:48:55.0013 4504  C:\Windows\System32\wbem\WmiPrvSE.exe -

ok
16:48:55.0017 4504  [ F723422A11CD6FA13036746272200993 ]

C:\Windows\System32\wbem\cimwin32.dll
16:48:55.0017 4504  C:\Windows\System32\wbem\cimwin32.dll -

ok
16:48:55.0020 4504  [ 67BB7141F7F5F37411F796943B3418B6 ]

C:\Windows\System32\framedynos.dll
16:48:55.0021 4504  C:\Windows\System32\framedynos.dll - ok
16:48:55.0024 4504  [ 2E0B0A051FFAA86E358465BB0880D453 ]

C:\Windows\System32\wuauclt.exe
16:48:55.0024 4504  C:\Windows\System32\wuauclt.exe - ok
16:48:55.0028 4504  [ 87CDFFCBD09C1CA03A068343D5D93250 ]

C:\Windows\System32\wmi.dll
16:48:55.0028 4504  C:\Windows\System32\wmi.dll - ok
16:48:55.0031 4504  [ BC80F2837A316C8A9CA94E216E4AEA2D ]

C:\Windows\System32\WindowsUltimateExtrasCPL.dll
16:48:55.0031 4504  C:\Windows\System32

\WindowsUltimateExtrasCPL.dll - ok
16:48:55.0034 4504  [ 3EB6F58533D1CA9D74FA83D8D044E5E3 ]

C:\Windows\System32\wbem\WMIPIPRT.dll
16:48:55.0034 4504  C:\Windows\System32\wbem\WMIPIPRT.dll -

ok
16:48:55.0038 4504  [ 82E96DB463FE876E663ACAE19F73F26C ]

C:\Windows\System32\provthrd.dll
16:48:55.0038 4504  C:\Windows\System32\provthrd.dll - ok
16:48:55.0042 4504  [ 992B1994668D8FB07EEBF610F41FEB0B ]

C:\Windows\System32\msvcirt.dll
16:48:55.0042 4504  C:\Windows\System32\msvcirt.dll - ok
16:48:55.0045 4504  [ 4304D04DFDAAE621171A2F955981016E ]

C:\Program Files\Microsoft Games\Chess\Chess.exe
16:48:55.0045 4504  C:\Program Files\Microsoft

Games\Chess\Chess.exe - ok
16:48:55.0048 4504  [ 7C3B760D5056CDE279C02CD574843CE0 ]

D:\Programs\AD-AWA~1\cart\CartSdk.dll
16:48:55.0048 4504  D:\Programs\AD-AWA~1\cart\CartSdk.dll -

ok
16:48:55.0052 4504  [ 21AD332BE723EFE40D9F32AD97BA8376 ]

C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
16:48:55.0052 4504  C:\Program Files\Microsoft

Games\FreeCell\FreeCell.exe - ok
16:48:55.0055 4504  [ 9A75518600FBA10980EE94267CA98489 ]

C:\Windows\System32\gameux.dll
16:48:55.0055 4504  C:\Windows\System32\gameux.dll - ok
16:48:55.0059 4504  [ 09469B8EDD2755143FDA06867AAD7E73 ]

C:\Windows\System32\cryptnet.dll
16:48:55.0059 4504  C:\Windows\System32\cryptnet.dll - ok
16:48:55.0062 4504  [ 6ED28075D6D9E0C0464048A30432A142 ]

C:\Program Files\Microsoft Games\Hearts\Hearts.exe
16:48:55.0062 4504  C:\Program Files\Microsoft

Games\Hearts\Hearts.exe - ok
16:48:55.0066 4504  [ EFF7DBEE92519EB96F70E1E31FDE7098 ]

C:\Program Files\Microsoft Games\inkball\inkball.exe
16:48:55.0066 4504  C:\Program Files\Microsoft

Games\inkball\inkball.exe - ok
16:48:55.0070 4504  [ C8C383E6AA546780B2AD3034D6F6ACEF ]

C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
16:48:55.0070 4504  C:\Program Files\Microsoft

Games\Minesweeper\MineSweeper.exe - ok
16:48:55.0074 4504  [ 3F903BDD206EB3C688651048B5E304E1 ]

C:\Program Files\Microsoft Games\Purble

Place\PurblePlace.exe
16:48:55.0074 4504  C:\Program Files\Microsoft Games\Purble

Place\PurblePlace.exe - ok
16:48:55.0078 4504  [ 07302F014858D038CB93CC349505D0E6 ]

C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
16:48:55.0078 4504  C:\Program Files\Microsoft

Games\Solitaire\Solitaire.exe - ok
16:48:55.0081 4504  [ 401A203AB058DEC44BD44AA81BF2CB64 ]

C:\Program Files\Microsoft

Games\SpiderSolitaire\SpiderSolitaire.exe
16:48:55.0081 4504  C:\Program Files\Microsoft

Games\SpiderSolitaire\SpiderSolitaire.exe - ok
16:48:55.0086 4504  [ 636E36F0B786541A8086AD25C4FC5152 ]

C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe
16:48:55.0086 4504  C:\Program Files\Common

Files\Logishrd\Unifying\DJCUHost.exe - ok
16:48:55.0088 4504  [ 3141224EEBA075BC085175E60CD14782 ]

C:\Windows\System32\msra.exe
16:48:55.0088 4504  C:\Windows\System32\msra.exe - ok
16:48:55.0092 4504  [ 339DFA98DDDA7DDF735CE21C82E6F1DD ]

D:\Programs\Malware Bytes Antivirus\Malwarebytes' Anti-

Malware\mbam.exe
16:48:55.0092 4504  D:\Programs\Malware Bytes

Antivirus\Malwarebytes' Anti-Malware\mbam.exe - ok
16:48:55.0096 4504  [ B68770B9ED42428A11DE53796EC46BB0 ]

D:\Programs\Malware Bytes Antivirus\Malwarebytes' Anti-

Malware\unins000.exe
16:48:55.0096 4504  D:\Programs\Malware Bytes

Antivirus\Malwarebytes' Anti-Malware\unins000.exe - ok
16:48:55.0100 4504  [ CF48E542FAFBC85DD1EFF360D00DC70F ]

C:\Program Files\Media converter\unins000.exe
16:48:55.0100 4504  C:\Program Files\Media

converter\unins000.exe - ok
16:48:55.0104 4504  [ CEEE7276D73DB0F2CE1984A8AB9F2BA5 ]

C:\Program Files\Microsoft Games for Windows -

LIVE\Client\GFWLive.exe
16:48:55.0104 4504  C:\Program Files\Microsoft Games for

Windows - LIVE\Client\GFWLive.exe - ok
16:48:55.0108 4504  [ 08457294C7E98C5D3E5EE8CDC25FA537 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\accicons.exe
16:48:55.0108 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\accicons.exe - ok
16:48:55.0112 4504  [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\xlicons.exe
16:48:55.0112 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\xlicons.exe - ok
16:48:55.0117 4504  [ BFE69C991171F6527B5BF625ED048471 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\inficon.exe
16:48:55.0117 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\inficon.exe - ok
16:48:55.0121 4504  [ 7E2CF680C69680064D43F4FFE5831DD1 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\joticon.exe
16:48:55.0121 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\joticon.exe - ok
16:48:55.0125 4504  [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\outicon.exe
16:48:55.0125 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\outicon.exe - ok
16:48:55.0129 4504  [ C0F4A57BA5E09A28AE3D2F67ED219EEA ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\pptico.exe
16:48:55.0130 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\pptico.exe - ok
16:48:55.0134 4504  [ 6CE25A4F4F2F70EBF004C9006C647F32 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\pubs.exe
16:48:55.0134 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\pubs.exe - ok
16:48:55.0138 4504  [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\wordicon.exe
16:48:55.0138 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\wordicon.exe - ok
16:48:55.0142 4504  [ FF6669F7A1782D54E338F5C6EC806E1E ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\misc.exe
16:48:55.0142 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\misc.exe - ok
16:48:55.0147 4504  [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\cagicon.exe
16:48:55.0147 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\cagicon.exe - ok
16:48:55.0151 4504  [ 3E5AA6A816FA331E64C38A45C6FF5637 ]

C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}

\oisicon.exe
16:48:55.0151 4504  C:\Windows\Installer\{91120000-0030-

0000-0000-0000000FF1CE}\oisicon.exe - ok
16:48:55.0155 4504  [ 29431C7A28278A9EBF4FEF38DB61D86B ]

C:\Program Files\Microsoft Silverlight\4.1.10329.0

\Silverlight.Configuration.exe
16:48:55.0155 4504  C:\Program Files\Microsoft

Silverlight\4.1.10329.0\Silverlight.Configuration.exe - ok
16:48:55.0159 4504  [ EFC376FDA886DF2652B34D153D019F0C ]

C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

\ConfigIcon.dll
16:48:55.0159 4504  C:\Windows\Installer\{89F4137D-6C26-

4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - ok
16:48:55.0163 4504  [ E6CB01FA9AEDF65DF54EFC393CA4E4FB ]

C:\Program Files\NVIDIA Corporation\3D Vision\nvstview.exe
16:48:55.0163 4504  C:\Program Files\NVIDIA Corporation\3D

Vision\nvstview.exe - ok
16:48:55.0167 4504  [ 6EEE62ECBEE466C9001754B4C2C9E514 ]

C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe
16:48:55.0167 4504  C:\Program Files\NVIDIA Corporation\3D

Vision\nvstlink.exe - ok
16:48:55.0171 4504  [ BF3E5A32B6584B9599F50BB5F20D88F9 ]

D:\Games\Portal\Portal Game\Portal\uninstall.exe
16:48:55.0171 4504  D:\Games\Portal\Portal

Game\Portal\uninstall.exe - ok
16:48:55.0174 4504  [ E146785B70788E3AE7B0918B6232A59E ]

C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}

\Icon048298C92.url
16:48:55.0174 4504  C:\Windows\Installer\{048298C9-A4D3-

490B-9FF9-AB023A9238F3}\Icon048298C92.url - ok
16:48:55.0178 4504  [ 2A2F6984F2E7F92D42D6D6D142C78F29 ]

D:\Programs\VLC Media Player\VLC\vlc.exe
16:48:55.0178 4504  D:\Programs\VLC Media Player\VLC\vlc.exe

- ok
16:48:55.0182 4504  [ C135727D252E3DD18AF537ADA7D1926E ]

D:\Games\Boarderlands\Gearbox

Software\Borderlands\Binaries\Borderlands.exe
16:48:55.0182 4504  D:\Games\Boarderlands\Gearbox

Software\Borderlands\Binaries\Borderlands.exe - ok
16:48:55.0186 4504  [ 70C6489D56008D75DEDF73226FA63C11 ]

C:\Windows\System32\dimsjob.dll
16:48:55.0186 4504  C:\Windows\System32\dimsjob.dll - ok
16:48:55.0190 4504  [ 98638A4CA187245C469DA0DEC4F04A45 ]

C:\Windows\System32\pautoenr.dll
16:48:55.0190 4504  C:\Windows\System32\pautoenr.dll - ok
16:48:55.0195 4504  [ AC48FD62E22C4425879FCA5A63F50497 ]

C:\Windows\System32\certcli.dll
16:48:55.0195 4504  C:\Windows\System32\certcli.dll - ok
16:48:55.0198 4504  [ 0053319C4438CDE659AA75C19BBD22F1 ]

C:\Windows\System32\CertEnroll.dll
16:48:55.0198 4504  C:\Windows\System32\CertEnroll.dll - ok
16:48:55.0202 4504  [ BCE0EB9B784ECBE556343BA4F9608852 ]

D:\Games\Steam\Steam\steam.dll
16:48:55.0202 4504  D:\Games\Steam\Steam\steam.dll - ok
16:48:55.0206 4504  [ E7749D3E50A0504BD0AECF314D63F13D ]

D:\Games\Steam\Steam\steamui.dll
16:48:55.0206 4504  D:\Games\Steam\Steam\steamui.dll - ok
16:48:55.0210 4504  [ 2884DA0E5CE6D42F31FC4476A8947F1B ]

D:\Games\Steam\Steam\sdl.dll
16:48:55.0211 4504  D:\Games\Steam\Steam\sdl.dll - ok
16:48:55.0213 4504  [ A7532E66EA2F168A0970E829D8986423 ]

D:\Games\Steam\Steam\dbghelp.dll
16:48:55.0214 4504  D:\Games\Steam\Steam\dbghelp.dll - ok
16:48:55.0217 4504  [ 173C217E677C4B0C4F8A6D54BA13BF9B ]

D:\Games\Steam\Steam\cserhelper.dll
16:48:55.0217 4504  D:\Games\Steam\Steam\cserhelper.dll - ok
16:48:55.0222 4504  [ F094B5D99AF179C6D9ADA14312FC2C04 ]

D:\Games\Steam\Steam\bin\filesystem_steam.dll
16:48:55.0222 4504 

D:\Games\Steam\Steam\bin\filesystem_steam.dll - ok
16:48:55.0228 4504  [ 1DA46CACB5EF6A26182D4BB6A2EE547F ]

D:\Games\Steam\Steam\bin\vgui2_s.dll
16:48:55.0228 4504  D:\Games\Steam\Steam\bin\vgui2_s.dll -

ok
16:48:55.0234 4504  [ B55E77BB01E85D2CA2C4B8424E1DF345 ]

C:\Windows\System32\opengl32.dll
16:48:55.0234 4504  C:\Windows\System32\opengl32.dll - ok
16:48:55.0239 4504  [ 7A137514F4E48ECDBDD1F29CF7E8D5A4 ]

C:\Windows\System32\glu32.dll
16:48:55.0239 4504  C:\Windows\System32\glu32.dll - ok
16:48:55.0244 4504  [ 602AE632302F6EA33410FB1F6131567A ]

D:\Games\Steam\Steam\bin\chromehtml.dll
16:48:55.0244 4504  D:\Games\Steam\Steam\bin\chromehtml.dll

- ok
16:48:55.0249 4504  [ 16D075D23E7233AEAD94EE7799458938 ]

D:\Games\Steam\Steam\bin\libcef.dll
16:48:55.0249 4504  D:\Games\Steam\Steam\bin\libcef.dll - ok
16:48:55.0252 4504  [ 045D0F4F41CA53D4CB22BDC814A22B64 ]

D:\Games\Steam\Steam\bin\icudt.dll
16:48:55.0252 4504  D:\Games\Steam\Steam\bin\icudt.dll - ok
16:48:55.0255 4504  [ BBA1FE328CEA501FCCE1E5DF16276439 ]

D:\Games\Steam\Steam\bin\avcodec-53.dll
16:48:55.0255 4504  D:\Games\Steam\Steam\bin\avcodec-53.dll

- ok
16:48:55.0260 4504  [ 2A8B8A15A58EDF3B443083EC29894E54 ]

D:\Games\Steam\Steam\bin\avutil-51.dll
16:48:55.0260 4504  D:\Games\Steam\Steam\bin\avutil-51.dll -

ok
16:48:55.0265 4504  [ C5CCB86CD745746B9908031A54315F90 ]

D:\Games\Steam\Steam\bin\avformat-53.dll
16:48:55.0265 4504  D:\Games\Steam\Steam\bin\avformat-53.dll

- ok
16:48:55.0269 4504  [ 0CB145E7F339916B220154C3D788FD8D ]

D:\Games\Steam\Steam\steamclient.dll
16:48:55.0269 4504  D:\Games\Steam\Steam\steamclient.dll -

ok
16:48:55.0273 4504  [ 6FCC5D82A41C6A5057DE247B0EEF3FBC ]

C:\Program Files\Common Files\Steam\SteamService.exe
16:48:55.0274 4504  C:\Program Files\Common

Files\Steam\SteamService.exe - ok
16:48:55.0277 4504  [ 4F406E354FFC30437E76BA21728FB49E ]

D:\Games\Steam\Steam\bin\steamservice.dll
16:48:55.0277 4504 

D:\Games\Steam\Steam\bin\steamservice.dll - ok
16:48:55.0281 4504  [ 84B8827562B005C118CADBA0F25DB2C6 ]

C:\Windows\System32\dsound.dll
16:48:55.0281 4504  C:\Windows\System32\dsound.dll - ok
16:48:55.0285 4504  [ 5FA382106B145A920E2A4F7087AF1B90 ]

C:\Windows\System32\wbem\wmipcima.dll
16:48:55.0285 4504  C:\Windows\System32\wbem\wmipcima.dll -

ok
16:48:55.0290 4504  [ B5EF1DA337DB9859709A387638AC5E07 ]

C:\Windows\System32\SearchProtocolHost.exe
16:48:55.0290 4504  C:\Windows\System32

\SearchProtocolHost.exe - ok
16:48:55.0294 4504  [ 582BE479E7E286BB3B31C5A4C3DC3987 ]

C:\Windows\System32\msshooks.dll
16:48:55.0294 4504  C:\Windows\System32\msshooks.dll - ok
16:48:55.0297 4504  [ 771AF583BC58373A84496CCD52C36E33 ]

C:\Windows\System32\mssvp.dll
16:48:55.0297 4504  C:\Windows\System32\mssvp.dll - ok
16:48:55.0301 4504  [ 98C77FD99F3DB37B2C03F32B8F837B65 ]

C:\Windows\System32\mapi32.dll
16:48:55.0301 4504  C:\Windows\System32\mapi32.dll - ok
16:48:55.0305 4504  [ 351319EF11C263C95FB721AC76F436D6 ]

C:\Windows\System32\mssph.dll
16:48:55.0305 4504  C:\Windows\System32\mssph.dll - ok
16:48:55.0309 4504  [ CBC39CAD3421AB71966BDD98ABF847E0 ]

C:\Windows\System32\msfeeds.dll
16:48:55.0309 4504  C:\Windows\System32\msfeeds.dll - ok
16:48:55.0313 4504  [ A1CD5CE96F0A5426DB9A2F793854D1B8 ]

C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL
16:48:55.0313 4504  C:\Program Files\Microsoft

Office\Office12\ONFILTER.DLL - ok
16:48:55.0317 4504  [ C9EE7FF225EAC1CB9C78C413667CDB80 ]

C:\Windows\System32\SearchFilterHost.exe
16:48:55.0317 4504  C:\Windows\System32\SearchFilterHost.exe

- ok
16:48:55.0322 4504  [ C8AE490A93C3CC2E537B6E06247785A1 ]

C:\Windows\System32\wbem\NCProv.dll
16:48:55.0322 4504  C:\Windows\System32\wbem\NCProv.dll - ok
16:48:55.0327 4504  [ E3F535656B5ABF249702EB64F3CF9AF0 ]

C:\Windows\System32\wbem\wbemcons.dll
16:48:55.0327 4504  C:\Windows\System32\wbem\wbemcons.dll -

ok
16:48:55.0331 4504  [ B6AF62B267BFDC1B09096634C4058CC5 ]

D:\Games\Steam\Steam\bin\friendsui.dll
16:48:55.0331 4504  D:\Games\Steam\Steam\bin\friendsui.dll -

ok
16:48:55.0335 4504  [ 50CC0C3594E1CD2D0BFEE1C54DBA10D1 ]

D:\Games\Steam\Steam\bin\serverbrowser.dll
16:48:55.0335 4504 

D:\Games\Steam\Steam\bin\serverbrowser.dll - ok
16:48:55.0338 4504  [ 30A742FFCEA6661E501C44DC273C77B1 ]

C:\Windows\System32\dinput8.dll
16:48:55.0338 4504  C:\Windows\System32\dinput8.dll - ok
16:48:55.0342 4504  [ 77F595DEE5FFACEA72B135B1FCE1312E ]

C:\Windows\System32\xinput1_3.dll
16:48:55.0342 4504  C:\Windows\System32\xinput1_3.dll - ok
16:48:55.0345 4504  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ]

C:\Windows\System32\shfolder.dll
16:48:55.0345 4504  C:\Windows\System32\shfolder.dll - ok
16:48:55.0350 4504  [ F21F255B91CA4F04E4250DECD2067CBB ]

C:\Windows\System32\bitsperf.dll
16:48:55.0350 4504  C:\Windows\System32\bitsperf.dll - ok
16:48:55.0354 4504  [ 632557F2495931D952161465AA177B3B ]

C:\Windows\System32\bitsigd.dll
16:48:55.0354 4504  C:\Windows\System32\bitsigd.dll - ok
16:48:55.0357 4504  [ 3192ED5E2FFDF5B630541B9643AE1AA3 ]

C:\Windows\System32\upnp.dll
16:48:55.0357 4504  C:\Windows\System32\upnp.dll - ok
16:48:55.0361 4504  [ C5A75EB48E2344ABDC162BDA79E16841 ]

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:48:55.0361 4504 

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -

ok
16:48:55.0365 4504  [ E5F7C30EDF0892667933BE879F067D67 ]

C:\Windows\System32\msvcr100_clr0400.dll
16:48:55.0365 4504  C:\Windows\System32\msvcr100_clr0400.dll

- ok
16:48:55.0369 4504  [ 128DD9AF8640DBCC711940903C8B554F ]

C:\Windows\System32\mscoree.dll
16:48:55.0369 4504  C:\Windows\System32\mscoree.dll - ok
16:48:55.0373 4504  [ 35DB83C4DE9FA3889E937125D115EAA0 ]

C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll
16:48:55.0373 4504  C:\Program

Files\Google\Update\1.3.21.135\goopdateres_en.dll - ok
16:48:55.0377 4504  [ 8078F8F8F7A79E2E6B494523A828C585 ]

C:\Windows\System32\msdtckrm.dll
16:48:55.0377 4504  C:\Windows\System32\msdtckrm.dll - ok
16:48:55.0380 4504  [ 0629259E3AF6BB0534FCECA208973404 ]

C:\Program Files\NVIDIA Corporation\NVIDIA Update

Core\daemonu.exe
16:48:55.0380 4504  C:\Program Files\NVIDIA

Corporation\NVIDIA Update Core\daemonu.exe - ok
16:48:55.0384 4504  [ 1A617835452EEE5060976C9B9F5FE635 ]

C:\Windows\System32\wuapi.dll
16:48:55.0384 4504  C:\Windows\System32\wuapi.dll - ok
16:48:55.0388 4504  [ 5E41139EC6EFBCAFFD96D46925E544AB ]

C:\Windows\System32\mspatcha.dll
16:48:55.0388 4504  C:\Windows\System32\mspatcha.dll - ok
16:48:55.0391 4504  [ 3458EDA96E30FBD0477A2800D3FB1909 ]

C:\Windows\System32\wups.dll
16:48:55.0391 4504  C:\Windows\System32\wups.dll - ok
16:48:55.0394 4504  [ BDC0C99E472176C8C2C853A68ADC5073 ]

C:\Windows\System32\wups2.dll
16:48:55.0394 4504  C:\Windows\System32\wups2.dll - ok
16:48:55.0398 4504  [ D0A95E567224B4C347CBDD6541E5D928 ]

C:\Windows\System32\wscisvif.dll
16:48:55.0398 4504  C:\Windows\System32\wscisvif.dll - ok
16:48:55.0401 4504  [ 0F4871B3BF0E48664A24D2717F2117A0 ]

C:\Program Files\Internet Explorer\sqmapi.dll
16:48:55.0402 4504  C:\Program Files\Internet

Explorer\sqmapi.dll - ok
16:48:55.0405 4504  [ F8D269134EEC097B7E47C818AF4862A7 ]

C:\Windows\System32\ieui.dll
16:48:55.0405 4504  C:\Windows\System32\ieui.dll - ok
16:48:55.0408 4504  [ 7F73235D527DCF16C38578CD1CD9F7A8 ]

C:\Program Files\Internet Explorer\ieproxy.dll
16:48:55.0408 4504  C:\Program Files\Internet

Explorer\ieproxy.dll - ok
16:48:55.0412 4504  [ F7BC1D90C3A976A5259BD1A5D7D43038 ]

C:\Program Files\Internet Explorer\IEShims.dll
16:48:55.0412 4504  C:\Program Files\Internet

Explorer\IEShims.dll - ok
16:48:55.0416 4504  [ B9497C5ACAEA521663BFFBB321DD3AFA ]

C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
16:48:55.0416 4504  C:\Program Files\Google\Google

Toolbar\GoogleToolbar_32.dll - ok
16:48:55.0420 4504  [ 12D0A8895CB4DCCF28BC69DF7D4CA3BF ]

C:\Program Files\Java\jre7\bin\ssv.dll
16:48:55.0420 4504  C:\Program Files\Java\jre7\bin\ssv.dll -

ok
16:48:55.0422 4504  [ B53A732C08002F6EDA943DEB8CE91F6E ]

C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.d

ll
16:48:55.0422 4504  C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.d

ll - ok
16:48:55.0427 4504  [ D46ED7D33E847CD9E78E9F02910536B5 ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\WindowsLiveLogin.dll
16:48:55.0427 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\WindowsLiveLogin.dll - ok
16:48:55.0431 4504  [ 70BA2ED3DE9080D9ED3C65B7ADE6F653 ]

C:\Windows\System32\nvwgf2um.dll
16:48:55.0431 4504  C:\Windows\System32\nvwgf2um.dll - ok
16:48:55.0435 4504  [ BAD663957F682F95B22C4E83AB49CB52 ]

C:\Program Files\Google\Google

Toolbar\GoogleToolbarUser_32.exe
16:48:55.0435 4504  C:\Program Files\Google\Google

Toolbar\GoogleToolbarUser_32.exe - ok
16:48:55.0439 4504  [ 96F3C16777E395CF5C0E633792EA5597 ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\msidcrl40.dll
16:48:55.0439 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\msidcrl40.dll - ok
16:48:55.0443 4504  [ 02DDC8B36926A760E2D7EDCCEB828E42 ]

C:\Program Files\Java\jre7\bin\jp2ssv.dll
16:48:55.0443 4504  C:\Program Files\Java\jre7

\bin\jp2ssv.dll - ok
16:48:55.0447 4504  [ 67EC459E42D3081DD8FD34356F7CAFC1 ]

C:\Program Files\Java\jre7\bin\msvcr100.dll
16:48:55.0447 4504  C:\Program Files\Java\jre7

\bin\msvcr100.dll - ok
16:48:55.0451 4504  [ 04B0CFF85D5225ADE066C4AD233ACD89 ]

C:\Program Files\Java\jre7\bin\deploy.dll
16:48:55.0451 4504  C:\Program Files\Java\jre7

\bin\deploy.dll - ok
16:48:55.0455 4504  [ FEDC4FC3E5694BBD4FAAAFF9C4D49429 ]

C:\Program Files\Common Files\microsoft shared\Windows

Live\WLIDRES.DLL
16:48:55.0455 4504  C:\Program Files\Common Files\microsoft

shared\Windows Live\WLIDRES.DLL - ok
16:48:55.0460 4504  [ 58EC0172DA8A00597E93A072F6E7F044 ]

C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A4

51.dll
16:48:55.0460 4504  C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A4

51.dll - ok
16:48:55.0463 4504  [ 9E5C1D19851FAE2ACDBA118AB20D55AC ]

C:\Windows\System32\EhStorAPI.dll
16:48:55.0463 4504  C:\Windows\System32\EhStorAPI.dll - ok
16:48:55.0467 4504  [ CA69DB1BB9982F7422D2FCCD00965740 ]

C:\Program Files\Google\Google

Toolbar\Component\GoogleCld_69A221B9205A3D78.dll
16:48:55.0467 4504  C:\Program Files\Google\Google

Toolbar\Component\GoogleCld_69A221B9205A3D78.dll - ok
16:48:55.0471 4504  [ CDBFCB9A88E130F1138F80B01C56B680 ]

C:\Windows\System32\vbscript.dll
16:48:55.0471 4504  C:\Windows\System32\vbscript.dll - ok
16:48:55.0476 4504  [ 4895F67E1C74A855285C95741F3DA695 ]

C:\Windows\System32\Macromed\Flash\Flash32_11_6_602_171.ocx
16:48:55.0476 4504  C:\Windows\System32

\Macromed\Flash\Flash32_11_6_602_171.ocx - ok
16:48:55.0481 4504  [ 3D769F1BE09BF8E3E65012FCA909E0D2 ]

C:\Windows\System32

\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
16:48:55.0481 4504  C:\Windows\System32

\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe - ok
16:48:55.0485 4504  [ 7E38DA8C11833B99766A97CEE3F80F07 ]

C:\Windows\System32\oleaccrc.dll
16:48:55.0485 4504  C:\Windows\System32\oleaccrc.dll - ok
16:48:55.0488 4504  [ EFCA8B42DC0BC7AF10870DE3C2DCCA8F ]

C:\Windows\System32

\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.dll
16:48:55.0488 4504  C:\Windows\System32

\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.dll - ok
16:48:55.0493 4504  [ CA493A92DA9880B6F1A89C3DBD54BA5B ]

C:\Windows\System32\dxtrans.dll
16:48:55.0493 4504  C:\Windows\System32\dxtrans.dll - ok
16:48:55.0497 4504  [ 734DAA4FEAC6905BCFB30410D6C7E003 ]

C:\Windows\System32\ddrawex.dll
16:48:55.0497 4504  C:\Windows\System32\ddrawex.dll - ok
16:48:55.0501 4504  [ 4312DEBDACBE338F0B90E7F08E7672BE ]

C:\Windows\System32\dxtmsft.dll
16:48:55.0501 4504  C:\Windows\System32\dxtmsft.dll - ok
16:48:55.0504 4504  [ E74C018279BB3FB2596AA4CEEA97EC0C ]

C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll
16:48:55.0504 4504  C:\Program Files\Common Files\microsoft

shared\vgx\VGX.dll - ok
16:48:55.0509 4504  [ 0B8FE658BD033EC8B1F6FBC305CC65E7 ]

C:\Windows\System32\msrating.dll
16:48:55.0509 4504  C:\Windows\System32\msrating.dll - ok
16:48:55.0512 4504  [ 0A990AFB9F2726323D61C8ECB8B70B17 ]

C:\Windows\System32\security.dll
16:48:55.0512 4504  C:\Windows\System32\security.dll - ok
16:48:55.0516 4504  [ 012A965F34414458075EF4F0EDC11536 ]

C:\Windows\System32\WindowsCodecsExt.dll
16:48:55.0516 4504  C:\Windows\System32\WindowsCodecsExt.dll

- ok
16:48:55.0520 4504  [ F8D8BB3F6173FFF00128612F33D3197A ]

C:\Windows\System32\wbem\WMIADAP.exe
16:48:55.0520 4504  C:\Windows\System32\wbem\WMIADAP.exe -

ok
16:48:55.0524 4504  [ 8B2D61CA83825CEAD423228ACD40CFBC ]

C:\Windows\System32\loadperf.dll
16:48:55.0524 4504  C:\Windows\System32\loadperf.dll - ok
16:48:55.0528 4504  [ 10DE220BDFE330073762F89974DB8403 ]

C:\Windows\System32\wbem\wmiprov.dll
16:48:55.0528 4504  C:\Windows\System32\wbem\wmiprov.dll -

ok
16:48:55.0531 4504  [ E8B0A9ECB76AAA0C3519E16F34A49858 ]

C:\Windows\System32\wsqmcons.exe
16:48:55.0531 4504  C:\Windows\System32\wsqmcons.exe - ok
16:48:55.0535 4504  [ 801F1E963F7EEFFDA3F9EF89DB3EF133 ]

C:\Windows\System32\radardt.dll
16:48:55.0535 4504  C:\Windows\System32\radardt.dll - ok
16:48:55.0539 4504  [ 408416EB4F50DAB83625481C0B4E6692 ]

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
16:48:55.0539 4504  C:\Program Files\NVIDIA Corporation\3D

Vision\nvSCPAPI.dll - ok
16:48:55.0543 4504  [ 2424231BBD703A677D115C29983B4293 ]

C:\Program Files\Common Files\microsoft shared\OFFICE12

\MSOXMLMF.DLL
16:48:55.0543 4504  C:\Program Files\Common Files\microsoft

shared\OFFICE12\MSOXMLMF.DLL - ok
16:48:55.0546 4504  [ 68563AC389F92EE79F1C714288BA1DCE ]

C:\Windows\System32\imgutil.dll
16:48:55.0546 4504  C:\Windows\System32\imgutil.dll - ok
16:48:55.0549 4504  [ FBD6B3BB2A40478DF5434A073D571CAE ]

C:\Windows\System32\RacAgent.exe
16:48:55.0549 4504  C:\Windows\System32\RacAgent.exe - ok
16:48:55.0553 4504  [ 9EFF12E09FF0EA85D43A3AC1F1EEBCE9 ]

C:\Windows\System32\RacEngn.dll
16:48:55.0553 4504  C:\Windows\System32\RacEngn.dll - ok
16:48:55.0557 4504  [ 42B311AED708D3773C5A94F1F92F581E ]

C:\Windows\System32\lpremove.exe
16:48:55.0557 4504  C:\Windows\System32\lpremove.exe - ok
16:48:55.0560 4504  [ 01FB02762AEF28A55CF21363D3919AB4 ]

C:\Windows\System32\lpksetup.exe
16:48:55.0561 4504  C:\Windows\System32\lpksetup.exe - ok
16:48:55.0564 4504  [ BFA034AAC103D8A6F591AC9364688339 ]

C:\Windows\System32\t2embed.dll
16:48:55.0564 4504  C:\Windows\System32\t2embed.dll - ok
16:48:55.0568 4504  [ 711A2E6A55EC7BFD59B5F649D58B704B ]

C:\Program Files\Microsoft Silverlight\4.1.10329.0

\npctrl.dll
16:48:55.0568 4504  C:\Program Files\Microsoft

Silverlight\4.1.10329.0\npctrl.dll - ok
16:48:55.0572 4504  [ 7D548A7319094354AEECA5D14FEE319C ]

C:\Program Files\Microsoft Silverlight\4.1.10329.0

\agcore.dll
16:48:55.0572 4504  C:\Program Files\Microsoft

Silverlight\4.1.10329.0\agcore.dll - ok
16:48:55.0576 4504  [ 938ACF2A4F7FDAFF322FD36F0B14D45A ]

C:\Program Files\Common Files\microsoft

shared\ink\tiptsf.dll
16:48:55.0576 4504  C:\Program Files\Common Files\microsoft

shared\ink\tiptsf.dll - ok
16:48:55.0580 4504  [ 764B1831B42DB6E4F68B9AEAED433A82 ]

C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
16:48:55.0580 4504  C:\Program Files\Yahoo!

\Companion\Installs\cpn0\yt.dll - ok
16:48:55.0584 4504  [ 7043D485AEAE435312659FF1461F1491 ]

C:\Program Files\Common Files\microsoft shared\OFFICE12

\MSO.DLL
16:48:55.0584 4504  C:\Program Files\Common Files\microsoft

shared\OFFICE12\MSO.DLL - ok
16:48:55.0587 4504  [ C7D010BD8BCEF2EB3FCA8F7CD3C08D9F ]

C:\Program Files\Common Files\microsoft shared\OFFICE12

\MSORES.DLL
16:48:55.0587 4504  C:\Program Files\Common Files\microsoft

shared\OFFICE12\MSORES.DLL - ok
16:48:55.0591 4504  [ 4C5D603A632023BFDB8EDD4436882ABF ]

C:\Program Files\Common Files\microsoft shared\OFFICE12

\1033\MSOINTL.DLL
16:48:55.0591 4504  C:\Program Files\Common Files\microsoft

shared\OFFICE12\1033\MSOINTL.DLL - ok
16:48:55.0595 4504  [ D34E343BB5237FC28CAE6EC1EFB5A0CB ]

C:\Program Files\Common Files\microsoft shared\OFFICE11

\msxml5.dll
16:48:55.0595 4504  C:\Program Files\Common Files\microsoft

shared\OFFICE11\msxml5.dll - ok
16:48:55.0599 4504  [ D291FA0A37901E5E5A687813FA2AF2B5 ]

C:\Program Files\Microsoft Office\Office12\1033

\GrooveIntlResource.dll
16:48:55.0600 4504  C:\Program Files\Microsoft

Office\Office12\1033\GrooveIntlResource.dll - ok
16:48:55.0604 4504  [ 11913501760C633AC044A56FFD6A9A2E ]

C:\Program Files\Common Files\System\ado\msadox.dll
16:48:55.0604 4504  C:\Program Files\Common

Files\System\ado\msadox.dll - ok
16:48:55.0607 4504  [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ]

C:\Windows\System32\msftedit.dll
16:48:55.0607 4504  C:\Windows\System32\msftedit.dll - ok
16:48:55.0611 4504  [ 5DC423D89A927F04F7C562EEDD904012 ]

C:\Program Files\Yahoo!\Companion\Installs\cpn0

\YTSingleInstance.dll
16:48:55.0611 4504  C:\Program Files\Yahoo!

\Companion\Installs\cpn0\YTSingleInstance.dll - ok
16:48:55.0614 4504  [ 9441A231C0AA0712F7CF3B10D9CFCF76 ]

C:\Windows\System32\wmploc.DLL
16:48:55.0614 4504  C:\Windows\System32\wmploc.DLL - ok
16:48:55.0618 4504  [ 247609D2CD28A57BC1FE37FDA48AC0DB ]

C:\Windows\System32\PhotoMetadataHandler.dll
16:48:55.0618 4504  C:\Windows\System32

\PhotoMetadataHandler.dll - ok
16:48:55.0622 4504  [ EF8AE178FAE3C5F97E383753EB1DF3BA ]

C:\Windows\System32\taskmgr.exe
16:48:55.0622 4504  C:\Windows\System32\taskmgr.exe - ok
16:48:55.0625 4504  [ 691F1612558BF6B27F952C4B1073B0D1 ]

C:\Windows\System32\ntoskrnl.exe
16:48:55.0625 4504  C:\Windows\System32\ntoskrnl.exe - ok
16:48:55.0628 4504  [ 6491F188B51C7E3775B9F3F266EC9D6F ]

C:\Windows\System32\utildll.dll
16:48:55.0628 4504  C:\Windows\System32\utildll.dll - ok
16:48:55.0631 4504  [ E44C7D6F8D665DA2D9385E5E15EDEEF7 ]

C:\Windows\System32\consent.exe
16:48:55.0632 4504  C:\Windows\System32\consent.exe - ok
16:48:55.0635 4504  [ 50F77D1AFCFD9E1EE865EF9DD0D01BF0 ]

C:\Program Files\NVIDIA Corporation\NVIDIA Update

Core\ComUpdatus.exe
16:48:55.0635 4504  C:\Program Files\NVIDIA

Corporation\NVIDIA Update Core\ComUpdatus.exe - ok
16:48:55.0639 4504  [ D1C47F951EA35073C97EF2E928CF9D6F ]

C:\Windows\System32\dxdiagn.dll
16:48:55.0639 4504  C:\Windows\System32\dxdiagn.dll - ok
16:48:55.0642 4504  [ 6E895BDCB3158E3860A49662332736BA ]

C:\Windows\System32\d3d11.dll
16:48:55.0642 4504  C:\Windows\System32\d3d11.dll - ok
16:48:55.0646 4504  [ A9E419A527081E1088FF1A13FBC4690E ]

C:\Windows\System32\nvoglv32.dll
16:48:55.0646 4504  C:\Windows\System32\nvoglv32.dll - ok
16:48:55.0650 4504  [ 9942DC4CC265CDA00486504444EF521D ]

C:\Windows\System32

\Macromed\Flash\FlashPlayerUpdateService.exe
16:48:55.0650 4504  C:\Windows\System32

\Macromed\Flash\FlashPlayerUpdateService.exe - ok
16:48:55.0653 4504  [ 178A34E5554DCE485E1262DDF027960C ]

D:\Programs\Kaspersky TDSSKiller\TDSSKiller.exe
16:48:55.0653 4504  D:\Programs\Kaspersky

TDSSKiller\TDSSKiller.exe - ok
16:48:55.0657 4504  [ 9400A4BE6F7A1AD44784DDE01FC7FA95 ]

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
16:48:55.0657 4504  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12

\msoshext.dll - ok
16:48:55.0660 4504  [ 2F77DFDF77A4183A13C731503D2F3D93 ]

C:\Windows\System32\XPSViewer\XPSViewer.exe
16:48:55.0660 4504  C:\Windows\System32

\XPSViewer\XPSViewer.exe - ok
16:48:55.0664 4504  [ 4A149599A7336DF7ED588761F4A8CFA8 ]

C:\Windows\System32\XPSSHHDR.dll
16:48:55.0664 4504  C:\Windows\System32\XPSSHHDR.dll - ok
16:48:55.0668 4504  [ 3F729AE2C1900E0FF2514BD095D426D1 ]

C:\Windows\System32\xpssvcs.dll
16:48:55.0668 4504  C:\Windows\System32\xpssvcs.dll - ok
16:48:55.0670 4504  [ A9662BCF218BC76869A8D91635D5F93A ]

C:\Windows\System32\Wpc.dll
16:48:55.0670 4504  C:\Windows\System32\Wpc.dll - ok
16:48:55.0673 4504  [ 8DDFDF8A433DC09F92ACA1F3DE4DE067 ]

C:\Windows\System32\MediaMetadataHandler.dll
16:48:55.0673 4504  C:\Windows\System32

\MediaMetadataHandler.dll - ok
16:48:55.0677 4504  [ EDEB29C82E4B4671F99D68C9E0ECBD29 ]

C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
16:48:55.0677 4504  C:\Program Files\Windows Photo

Gallery\PhotoViewer.dll - ok
16:48:55.0681 4504  [ F3031F25C96F80A3297146903CEA016B ]

C:\Program Files\Windows Photo Gallery\PhotoBase.dll
16:48:55.0681 4504  C:\Program Files\Windows Photo

Gallery\PhotoBase.dll - ok
16:48:55.0684 4504  [ 780E82F54147B3D11F52D3128B727534 ]

C:\Windows\System32\FunctionDiscoveryFolder.dll
16:48:55.0684 4504  C:\Windows\System32

\FunctionDiscoveryFolder.dll - ok
16:48:55.0688 4504  [ 665790240511DF6BC40A30E01731F49F ]

C:\Windows\System32\irprops.cpl
16:48:55.0688 4504  C:\Windows\System32\irprops.cpl - ok
16:48:55.0691 4504  [ 88198AEB7F71DD2F8B6176533D70F63E ]

C:\Windows\System32\fontext.dll
16:48:55.0691 4504  C:\Windows\System32\fontext.dll - ok
16:48:55.0695 4504  [ 5CAA965A14ADBDEF4359F3D2BEA9D9F7 ]

C:\Windows\System32\devmgr.dll
16:48:55.0695 4504  C:\Windows\System32\devmgr.dll - ok
16:48:55.0699 4504  [ 1BAF5FE4C31D20CF805B2FA7A7C2B886 ]

C:\Windows\System32\hdwwiz.exe
16:48:55.0699 4504  C:\Windows\System32\hdwwiz.exe - ok
16:48:55.0702 4504  [ 2AE61DEF9112DA8948EEAB3631FF4525 ]

C:\Windows\System32\autoplay.dll
16:48:55.0702 4504  C:\Windows\System32\autoplay.dll - ok
16:48:55.0705 4504  [ 64CBA9A86165F29449916649537331DD ]

C:\Windows\System32\fvecpl.dll
16:48:55.0705 4504  C:\Windows\System32\fvecpl.dll - ok
16:48:55.0709 4504  [ E1B80644E7125231AAEF62FC2C81C8FE ]

C:\Windows\System32\newdev.dll
16:48:55.0709 4504  C:\Windows\System32\newdev.dll - ok
16:48:55.0712 4504  [ 5D2A641B9AE31D27AA2AC712D562F761 ]

C:\Windows\System32\colorcpl.exe
16:48:55.0712 4504  C:\Windows\System32\colorcpl.exe - ok
16:48:55.0715 4504  [ CE7F6F3E9C107382A72F7D33B1E2C9FA ]

C:\Windows\System32\main.cpl
16:48:55.0715 4504  C:\Windows\System32\main.cpl - ok
16:48:55.0718 4504  [ 19DF185D42AA0DE80AD78C58D4A4E936 ]

C:\Windows\System32\appwiz.cpl
16:48:55.0718 4504  C:\Windows\System32\appwiz.cpl - ok
16:48:55.0721 4504  [ 4A1FEEBF039B283258B0E479FA135DBA ]

C:\Windows\System32\osbaseln.dll
16:48:55.0721 4504  C:\Windows\System32\osbaseln.dll - ok
16:48:55.0725 4504  [ 0FA16ED337B9330489EEA2CB1D8D6956 ]

C:\Program Files\Java\jre7\bin\javacpl.exe
16:48:55.0726 4504  C:\Program Files\Java\jre7

\bin\javacpl.exe - ok
16:48:55.0729 4504  [ 28622FC22E0D46EE0A494EF084235F74 ]

C:\Windows\System32\netcenter.dll
16:48:55.0729 4504  C:\Windows\System32\netcenter.dll - ok
16:48:55.0732 4504  [ 1E7A0C804D259F758A7F38C7E5E1856B ]

C:\Program Files\NVIDIA Corporation\Control Panel

Client\nvcplui.exe
16:48:55.0732 4504  C:\Program Files\NVIDIA

Corporation\Control Panel Client\nvcplui.exe - ok
16:48:55.0736 4504  [ 1E3137F06CD92ED2654B59D010B13BE7 ]

C:\Windows\System32\wpccpl.dll
16:48:55.0736 4504  C:\Windows\System32\wpccpl.dll - ok
16:48:55.0739 4504  [ E73F6BFA83D8EF06727160E1D0ECD7CE ]

C:\Windows\System32\collab.cpl
16:48:55.0739 4504  C:\Windows\System32\collab.cpl - ok
16:48:55.0743 4504  [ 1B360BE74EEF51393234D23552AEE403 ]

C:\Windows\System32\PerfCenterCPL.dll
16:48:55.0743 4504  C:\Windows\System32\PerfCenterCPL.dll -

ok
16:48:55.0746 4504  [ 7AF5FFF227F2365B2E37C61F5DC84A01 ]

C:\Windows\System32\themecpl.dll
16:48:55.0746 4504  C:\Windows\System32\themecpl.dll - ok
16:48:55.0749 4504  [ 8DDC387167FA0234F3656EB34C78BFFB ]

C:\Windows\System32\powercpl.dll
16:48:55.0750 4504  C:\Windows\System32\powercpl.dll - ok
16:48:55.0753 4504  [ B69C9AE23C9DA430383FA311C5B0CB03 ]

C:\Program Files\Windows Photo Gallery\ImagingDevices.exe
16:48:55.0753 4504  C:\Program Files\Windows Photo

Gallery\ImagingDevices.exe - ok
16:48:55.0755 4504  [ 4138C235FE58268477237F4433D30DAC ]

C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll
16:48:55.0755 4504  C:\Windows\System32

\Speech\SpeechUX\speechuxcpl.dll - ok
16:48:55.0759 4504  [ AD5E4B3C498DDDE612465E3FA5468EC8 ]

C:\Windows\System32\FlashPlayerCPLApp.cpl
16:48:55.0759 4504  C:\Windows\System32

\FlashPlayerCPLApp.cpl - ok
16:48:55.0762 4504  [ FED96A7CA1154437416C2CD01BC5FE45 ]

C:\Windows\System32\joy.cpl
16:48:55.0762 4504  C:\Windows\System32\joy.cpl - ok
16:48:55.0766 4504  [ 470D8189D7FE9928FFFECBF55AAA3233 ]

C:\Windows\System32\inetcpl.cpl
16:48:55.0766 4504  C:\Windows\System32\inetcpl.cpl - ok
16:48:55.0769 4504  [ CC11599FCB3146B0C27F226EC2AC0791 ]

C:\Program Files\Microsoft Office\Office12\MLCFG32.CPL
16:48:55.0769 4504  C:\Program Files\Microsoft

Office\Office12\MLCFG32.CPL - ok
16:48:55.0773 4504  [ 1C06D56C732BA24F73CD03D50B92D4E4 ]

C:\Windows\System32\TabletPC.cpl
16:48:55.0773 4504  C:\Windows\System32\TabletPC.cpl - ok
16:48:55.0776 4504  [ 6848E8A26794D7D3AAB0DA86816B8E1E ]

C:\Windows\System32\telephon.cpl
16:48:55.0777 4504  C:\Windows\System32\telephon.cpl - ok
16:48:55.0780 4504  [ 490C755CD179B16E0C9EB7804BD9E578 ]

C:\Windows\System32\intl.cpl
16:48:55.0780 4504  C:\Windows\System32\intl.cpl - ok
16:48:55.0783 4504  [ 62C92BE2414AC9D0BC0196CA52D2CD2B ]

C:\Windows\System32\wscui.cpl
16:48:55.0783 4504  C:\Windows\System32\wscui.cpl - ok
16:48:55.0786 4504  [ 69405254E704895F4F519422818D35B6 ]

C:\Windows\System32\mmsys.cpl
16:48:55.0786 4504  C:\Windows\System32\mmsys.cpl - ok
16:48:55.0790 4504  [ E3CE1997725EE8E14F7B4A7CD746538E ]

C:\Windows\System32\usercpl.dll
16:48:55.0790 4504  C:\Windows\System32\usercpl.dll - ok
16:48:55.0793 4504  [ 34B7FA82A85231348C170EF39B636DB4 ]

C:\Windows\System32\icardres.dll
16:48:55.0793 4504  C:\Windows\System32\icardres.dll - ok
16:48:55.0796 4504  [ CDE9F06A3F1D7907599329561D71C8F3 ]

C:\Windows\System32\FirewallSettings.exe
16:48:55.0796 4504  C:\Windows\System32\FirewallSettings.exe

- ok
16:48:55.0799 4504  [ E926252DF5DF9775FE040D04B4C39BD9 ]

C:\Windows\System32\FirewallControlPanel.exe
16:48:55.0799 4504  C:\Windows\System32

\FirewallControlPanel.exe - ok
16:48:55.0804 4504  [ CED9F11061F3E9A19B9782860462A828 ]

D:\Programs\Ad-Aware Antivirus\SBAMWsc.exe
16:48:55.0804 4504  D:\Programs\Ad-Aware

Antivirus\SBAMWsc.exe - ok
16:48:55.0807 4504  [ F824AB6B4F32CDA2F1750D3D9F5318B7 ]

C:\Windows\System32\Firewall.cpl
16:48:55.0807 4504  C:\Windows\System32\Firewall.cpl - ok
16:48:55.0810 4504  [ 898ABECCD5F0B9A8E8F1318DDB234685 ]

C:\Windows\System32\dot3api.dll
16:48:55.0810 4504  C:\Windows\System32\dot3api.dll - ok
16:48:55.0814 4504  [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ]

C:\Windows\System32\wlanhlp.dll
16:48:55.0814 4504  C:\Windows\System32\wlanhlp.dll - ok
16:48:55.0817 4504  [ 79B0EC7806B563475A211C5B0F9A4B9C ]

C:\Windows\System32\AuxiliaryDisplayCpl.dll
16:48:55.0817 4504  C:\Windows\System32

\AuxiliaryDisplayCpl.dll - ok
16:48:55.0821 4504  [ 627AFB8E607DF6DE6E0D81FFDC5E4C4C ]

C:\Windows\System32\HelpPaneProxy.dll
16:48:55.0821 4504  C:\Windows\System32\HelpPaneProxy.dll -

ok
16:48:55.0825 4504  [ 3708CCEE4878EB0B9E7B92355A631853 ]

C:\Windows\HelpPane.exe
16:48:55.0825 4504  C:\Windows\HelpPane.exe - ok
16:48:55.0828 4504  [ AC40F8899BEC013EB1CA7CCC2D69E00C ]

C:\Windows\System32\apds.dll
16:48:55.0828 4504  C:\Windows\System32\apds.dll - ok
16:48:55.0831 4504  [ 6F4AF30005CF55F4B1DF8F4D603F7C4B ]

C:\Windows\System32\apss.dll
16:48:55.0832 4504  C:\Windows\System32\apss.dll - ok
16:48:55.0835 4504  [ 178A34E5554DCE485E1262DDF027960C ]

C:\Windows\Temp\TDSCFED.tmp
16:48:55.0835 4504  C:\Windows\Temp\TDSCFED.tmp - ok
16:48:55.0838 4504  [ 2A8681AEA24003040CA7D677BE9F1702 ]

C:\Windows\System32\drivers\30457135.sys
16:48:55.0838 4504  C:\Windows\System32\drivers\30457135.sys

- ok
16:48:55.0841 4504  [ 178A34E5554DCE485E1262DDF027960C ]

C:\Windows\Temp\TDS661E.tmp
16:48:55.0841 4504  C:\Windows\Temp\TDS661E.tmp - ok
16:48:55.0844 4504  [ 2A8681AEA24003040CA7D677BE9F1702 ]

C:\Windows\System32\drivers\39994319.sys
16:48:55.0844 4504  C:\Windows\System32\drivers\39994319.sys

- ok
16:48:55.0847 4504 

============================================================
16:48:55.0847 4504  Scan finished
16:48:55.0847 4504 

============================================================
16:48:55.0856 1292  Detected object count: 0
16:48:55.0856 1292  Actual detected object count: 0

 


aswMBR (avast)

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-02 16:52:24
-----------------------------
16:52:24.206    OS Version: Windows 6.0.6002 Service Pack 2
16:52:24.206    Number of processors: 2 586 0xF06
16:52:24.207    ComputerName: ESMITH-PC  UserName: e. Smith
16:52:39.421    Initialize success
16:56:50.983    AVAST engine defs: 13030201
16:57:45.952    Disk 0 (boot) \Device\Harddisk0\DR0 ->

\Device\Ide\IdeDeviceP0T0L0-2
16:57:45.952    Disk 0 Vendor: WDC_WD5000AAKS-65TMA0

12.01C01 Size: 476940MB BusType: 3
16:57:45.952    Disk 1  \Device\Harddisk1\DR1 ->

\Device\Ide\IdeDeviceP1T0L0-3
16:57:45.952    Disk 1 Vendor: WDC_WD1001FALS-00J7B0

05.00K05 Size: 953869MB BusType: 3
16:57:45.952    Disk 2  \Device\Harddisk2\DR2 ->

\Device\Ide\IdeDeviceP2T0L0-7
16:57:45.967    Disk 2 Vendor: WDC_WD20EADS-00R6B0 01.00A01

Size: 1907729MB BusType: 3
16:57:45.967    Disk 3  \Device\Harddisk3\DR3 ->

\Device\Ide\IdeDeviceP3T0L0-9
16:57:45.967    Disk 3 Vendor: WDC_WD20EADS-00R6B0 01.00A01

Size: 1907729MB BusType: 3
16:57:45.999    Disk 0 MBR read successfully
16:57:46.014    Disk 0 MBR scan
16:57:46.014    Disk 0 Windows VISTA default MBR code
16:57:46.014    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS

NTFS       476937 MB offset 2048
16:57:46.030    Disk 0 scanning sectors +976769024
16:57:46.108    Disk 0 scanning C:\Windows\system32\drivers
16:57:53.921    Service scanning
16:58:10.717    Modules scanning
16:58:14.061    Disk 0 trace - called modules:
16:58:14.092    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys

hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
16:58:14.108    1 nt!IofCallDriver -> \Device\Harddisk0\DR0

[0x860a3780]
16:58:14.108    3 CLASSPNP.SYS[8a5cf8b3] -> nt!IofCallDriver

-> [0x8587b918]
16:58:14.124    5 acpi.sys[8069e6bc] -> nt!IofCallDriver ->

\Device\Ide\IdeDeviceP0T0L0-2[0x85844b98]
16:58:16.452    AVAST engine scan C:\Windows
16:58:20.030    AVAST engine scan C:\Windows\system32
17:01:15.858    AVAST engine scan C:\Windows\system32

\drivers
17:01:29.561    AVAST engine scan C:\Users\e. Smith
17:07:01.694    AVAST engine scan C:\ProgramData
17:08:58.866    Scan finished successfully
17:09:49.422    Disk 0 MBR has been saved successfully to

"D:\MBR.dat"
17:09:49.422    The log file has been saved successfully to

"D:\eSmith aswMBR Scan 2013-03-02.txt"


ESET Online Scanner

C:\Program Files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL 

Win32/Toolbar.MyWebSearch.G application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3REGHK.DLL 

Win32/Toolbar.MyWebSearch.G application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL 

Win32/Toolbar.MyWebSearch.D application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE 

Win32/FunWeb application cleaned by deleting -

quarantined
C:\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL 

Win32/FunWeb application cleaned by deleting -

quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3AUXSTB.DLL 

Win32/Toolbar.MyWebSearch.H application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3DLGHK.DLL a

variant of Win32/Toolbar.MyWebSearch.I application 

cleaned by deleting - quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL 

Win32/Toolbar.MyWebSearch.P application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL a

variant of Win32/Toolbar.MyWebSearch application 

cleaned by deleting - quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE 

Win32/Toolbar.MyWebSearch.J application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\M3TPINST.DLL a

variant of Win32/Toolbar.MyWebSearch.I application 

cleaned by deleting - quarantined
C:\Program Files\MyWebSearch\bar\2.bin\MWSMLBTN.DLL 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\MWSUABTN.DLL 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\Program Files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL 

Win32/Toolbar.MyWebSearch application cleaned by deleting

- quarantined
C:\TDSSKiller_Quarantine\02.03.2013_15.14.49\susp0005

\svc0000\tsk0000.dta Win32/Toolbar.MyWebSearch

application cleaned by deleting - quarantined
C:\Users\e. Smith\AppData\Local\Temp\AskSLib.dll a

variant of Win32/Bundled.Toolbar.Ask application 

cleaned by deleting - quarantined
C:\Users\e.

Smith\AppData\LocalLow\MyWebSearch\bar\setups\mwsautSp.exe 

a variant of Win32/Toolbar.MyWebSearch.K application 

cleaned by deleting - quarantined
D:\Games\Alice - Madness Returns\Alice.Madness.Returns-

KaOs\Alice2\Binaries\Win32\rld.dll a variant of

Win32/Adware.Virtumonde.NCB application cleaned by deleting

- quarantined
D:\Programs\ARO Registry Cleaner\ARO2012_tbt.exe a

variant of Win32/Bundled.Toolbar.Ask application 

cleaned by deleting - quarantined
D:\Programs\Audacity Music Editor\Audacity_737.exe a

variant of Win32/InstallIQ application cleaned by deleting

- quarantined
D:\Programs\Driver Sweeper\DriverSweeper_3.2.0.exe 

Win32/OpenCandy application cleaned by deleting -

quarantined
D:\Programs\VOB to AVI Converter\VOB to AVI Converter.exe 

multiple threats cleaned by deleting - quarantined


 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 03 March 2013 - 01:03 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#5 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 12:29 PM

Ok, here we go. 

 

Malwarebytes Anti-Malware Quick Scan

 

Malwarebytes Anti-Malware Quick Scan

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.03.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
e. Smith :: ESMITH-PC [administrator]

3/3/2013 8:56:06 AM
mbam-log-2013-03-03 (08-56-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System |

Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 294887
Time elapsed: 4 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

 

 

 

 

Mini Tool Box by Farbar

 

MiniToolBox by Farbar  Version:01-03-2013
Ran by e. Smith (administrator) on 02-03-2013 at 23:37:57
Running from "D:\Programs\Anti-virus anti-malware\Mini Tool Box"
Windows Vista ™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
*************************************************************************

**

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings:

==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content:

=================================

::1             localhost

 


127.0.0.1       localhost

========================= IP Configuration:

================================

Linksys Wireless-G PCI Adapter = Wireless Network Connection

(Disconnected)
Realtek RTL8168/8111 Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local

Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : eSmith-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8168/8111 Family PCI-E

Gigabit Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-18-F3-63-A0-CA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1877:ec68:1c:c1e7%8

(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 02, 2013 9:55:14

PM
   Lease Expires . . . . . . . . . . : Sunday, March 03, 2013 9:55:13 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 201332979
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-F9-60-61-00-18-F3-

63-A0-CA
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{DBFC6C6D-CB29-425E-BB16-

10503935AD13}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0AD0543D-F30D-4496-90BB-

A54B83763126}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . :

2001:0:9d38:6ab8:30f3:1d17:3f57:febf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::30f3:1d17:3f57:febf%10

(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dsldevice
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4007:801::1002
   74.125.239.0
   74.125.239.1
   74.125.239.2
   74.125.239.3
   74.125.239.4
   74.125.239.5
   74.125.239.6
   74.125.239.7
   74.125.239.8
   74.125.239.9
   74.125.239.14

Pinging google.com [74.125.239.14] with 32 bytes of data:Reply from

74.125.239.14: bytes=32 time=13ms TTL=55Reply from 74.125.239.14:

bytes=32 time=13ms TTL=55Ping statistics for 74.125.239.14:    Packets:

Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times

in milli-seconds:    Minimum = 13ms, Maximum = 13ms, Average =

13msServer:  dsldevice
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from

206.190.36.45: bytes=32 time=56ms TTL=49Reply from 206.190.36.45:

bytes=32 time=87ms TTL=49Ping statistics for 206.190.36.45:    Packets:

Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times

in milli-seconds:    Minimum = 56ms, Maximum = 87ms, Average =

71msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1:

bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms

TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2,

Lost = 0 (0% loss),Approximate round trip times in milli-seconds:   

Minimum = 0ms, Maximum = 0ms, Average =

0ms======================================================================

=====
Interface List
  8 ...00 18 f3 63 a0 ca ...... Realtek RTL8168/8111 Family PCI-E Gigabit

Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback

Interface 1
 13 ...00 00 00 00 00 00 00 e0  isatap.{DBFC6C6D-CB29-425E-

BB16-10503935AD13}
 14 ...00 00 00 00 00 00 00 e0  isatap.{0AD0543D-F30D-

4496-90BB-A54B83763126}
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling

Pseudo-Interface
=========================================================================

==

IPv4 Route Table
=========================================================================

==
Active Routes:
Network Destination        Netmask          Gateway       Interface 

Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.64    

20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1   

306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1   

306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1   

306
      192.168.1.0    255.255.255.0         On-link      192.168.1.64   

276
     192.168.1.64  255.255.255.255         On-link      192.168.1.64   

276
    192.168.1.255  255.255.255.255         On-link      192.168.1.64   

276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1   

306
        224.0.0.0        240.0.0.0         On-link      192.168.1.64   

276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1   

306
  255.255.255.255  255.255.255.255         On-link      192.168.1.64   

276
=========================================================================

==
Persistent Routes:
  None

IPv6 Route Table
=========================================================================

==
Active Routes:
 If Metric Network Destination      Gateway
 10     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 10     18 2001::/32                On-link
 10    266 2001:0:9d38:6ab8:30f3:1d17:3f57:febf/128
                                    On-link
  8    276 fe80::/64                On-link
 10    266 fe80::/64                On-link
  8    276 fe80::1877:ec68:1c:c1e7/128
                                    On-link
 10    266 fe80::30f3:1d17:3f57:febf/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
  8    276 ff00::/8                 On-link
=========================================================================

==
Persistent Routes:
  None
========================= Winsock entries

=====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft

Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft

Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft

Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft

Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft

Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft

Corporation)

========================= Event log errors:

===============================

Application errors:
==================
Error: (03/02/2013 10:00:00 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (03/02/2013 10:00:00 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (03/02/2013 09:37:52 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16464 stopped

interacting with Windows and was closed. To see if more information about

the problem is available, check the problem history in the Problem

Reports and Solutions control panel.
Process ID: 6440
Start Time: 01ce17d01268e36c
Termination Time: 63

Error: (03/02/2013 09:29:26 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16464 stopped

interacting with Windows and was closed. To see if more information about

the problem is available, check the problem history in the Problem

Reports and Solutions control panel.
Process ID: 121c
Start Time: 01ce179cc23d06ad
Termination Time: 156

Error: (03/02/2013 06:35:14 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16464 stopped

interacting with Windows and was closed. To see if more information about

the problem is available, check the problem history in the Problem

Reports and Solutions control panel.
Process ID: f84
Start Time: 01ce17adb7c83af1
Termination Time: 3086

Error: (03/02/2013 03:23:33 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (03/02/2013 03:23:33 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (03/02/2013 01:17:43 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (03/02/2013 01:17:43 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (03/02/2013 00:54:19 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8


System errors:
=============
Error: (03/02/2013 09:54:49 PM) (Source: Microsoft-Windows-Kernel-

Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/02/2013 03:18:34 PM) (Source: Microsoft-Windows-Kernel-

Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/02/2013 03:14:09 PM) (Source: Microsoft-Windows-Kernel-

Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/02/2013 01:12:24 PM) (Source: Microsoft-Windows-Kernel-

Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/02/2013 01:08:04 PM) (Source: Service Control Manager) (User:

)
Description: My Web Search Service1

Error: (03/02/2013 00:48:56 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.64 for the Network Card with

network address 0018F363A0CA has been denied by the DHCP server 0.0.0.0

(The DHCP Server sent a DHCPNACK message).

Error: (03/02/2013 00:48:31 PM) (Source: Microsoft-Windows-Kernel-

Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/02/2013 00:09:30 PM) (Source: Microsoft-Windows-Kernel-

Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/02/2013 09:31:50 AM) (Source: Service Control Manager) (User:

)
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (03/02/2013 09:31:50 AM) (Source: Service Control Manager) (User:

)
Description: Network List ServiceNetwork Location Awareness%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-03-02 23:15:45.956
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume2\Programs\Ad-Aware

Antivirus\Drivers\i386\wlh\sbhips.sys because the set of per-page image

hashes could not be found on the system.

  Date: 2013-03-02 23:15:45.796
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume2\Programs\Ad-Aware

Antivirus\Drivers\i386\wlh\sbhips.sys because the set of per-page image

hashes could not be found on the system.

  Date: 2013-03-02 23:15:45.631
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume2\Programs\Ad-Aware

Antivirus\Drivers\i386\wlh\sbhips.sys because the set of per-page image

hashes could not be found on the system.

  Date: 2013-03-02 23:15:45.438
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume2\Programs\Ad-Aware

Antivirus\Drivers\i386\wlh\sbhips.sys because the set of per-page image

hashes could not be found on the system.

  Date: 2013-03-02 23:15:45.273
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume2\Programs\Ad-Aware

Antivirus\Drivers\i386\wlh\sbhips.sys because the set of per-page image

hashes could not be found on the system.

  Date: 2013-03-02 23:15:45.098
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume2\Programs\Ad-Aware

Antivirus\Drivers\i386\wlh\sbhips.sys because the set of per-page image

hashes could not be found on the system.

  Date: 2013-03-02 22:46:32.154
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-

tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63

\tcpip.sys because the set of per-page image hashes could not be found on

the system.

  Date: 2013-03-02 22:46:31.997
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-

tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63

\tcpip.sys because the set of per-page image hashes could not be found on

the system.

  Date: 2013-03-02 22:46:31.819
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-

tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63

\tcpip.sys because the set of per-page image hashes could not be found on

the system.

  Date: 2013-03-02 22:46:31.661
  Description: Code Integrity is unable to verify the image integrity of

the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-

tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63

\tcpip.sys because the set of per-page image hashes could not be found on

the system.


=========================== Installed Programs

============================


========================= Devices: ================================

Name: RAID Controller
Description: RAID Controller
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable

Device". This starts the Enable Device wizard. Follow the instructions.

Name: Linksys Wireless-G PCI Adapter
Description: Linksys Wireless-G PCI Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Linksys, A Division of Cisco Systems, Inc.
Service: rt61x86
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable

Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info:

===================================

Percentage of memory in use: 67%
Total physical RAM: 2942.5 MB
Available physical RAM: 943.4 MB
Total Pagefile: 6124.04 MB
Available Pagefile: 3438.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.43 MB

========================= Partitions:

=====================================

2 Drive c: (System) (Fixed) (Total:465.76 GB) (Free:364.33 GB) NTFS
3 Drive d: (WD 1 TB: Data) (Fixed) (Total:931.51 GB) (Free:558.73 GB)

NTFS
4 Drive e: (WD 2 TB: Shows) (Fixed) (Total:1863.01 GB) (Free:182.86 GB)

NTFS
5 Drive f: (WD 2 TB: Movies) (Fixed) (Total:1863.01 GB) (Free:64.26 GB)

NTFS

========================= Users: ========================================

User accounts for \\ESMITH-PC

Administrator            e. Smith                 Guest                  

 
UpdatusUser             


**** End of log ****


 

 

 

 

 

Farbar Service Scanner

 

Farbar Service Scanner Version: 20-02-2013
Ran by e. Smith (administrator) on 02-03-2013 at 23:41:05
Running from "D:\Programs\Anti-virus anti-malware\Farbar Service Scanner"
Windows Vista ™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is set to Demand. The default start

type is Auto.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc: "%SystemRoot%\system32\cryptsvc.dll".
Checking LEGACY_cryptsvc: ATTENTION!=====> Unable to open

LEGACY_cryptsvc\0000 registry key. The key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-12 16:51] - [2013-01-04 03:28] - 0905576 ____A (Microsoft

Corporation) 74E2D020C47BB2B2FCCBA29A518A7EB4

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

 

 

 

AdwCleaner

 

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 09:03:12
# Updated 23/02/2013 by Xplode
# Operating system : Windows Vista ™ Ultimate Service Pack 2 (32 bits)
# User : e. Smith - ESMITH-PC
# Boot Mode : Normal
# Running from : D:\Programs\Anti-virus anti-malware\07

AdwCleaner\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\GameTap Web Player
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\GameTap Web Player
Folder Deleted : C:\Users\e. Smith\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\e. Smith\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\e. Smith\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\e. Smith\AppData\LocalLow\MyWebSearch

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Microsoft\Internet

Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\SoftwareUpdUtility
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-

C3F9-4EFB-9B51-7695ECA05670}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-

5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-

44CF-8957-5838F569A31D}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-

4EFB-9B51-7695ECA05670}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-

4961-B6BB-170DE4475CCA}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-

47A3-BD87-1E41684E07BB}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-

4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-

EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-

7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-

AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-

8B03E1AA76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-

CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-

8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-

4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-

0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-

7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-

44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-

433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-

D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-

76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-

1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-

81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-

5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-

D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-

4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-

79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-

DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-

B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-

5B2A9C7C1612}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension

Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension

Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension

Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet

Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted :

HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted :

HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38

-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB

-A523-4961-B6BB-170DE4475CCA}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6

-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2

-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540

-9571-4D7B-9389-0F166788785A}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB

-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452

-B472-4954-B7AA-33069EB53906}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C

-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294

-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94

-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D

-D73B-42D5-8C85-4469CDA897AB}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104

-B030-46FC-94B8-81276E4E27DF}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA

-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86C0E2A3-1EDA-

4F01-A43D-80DA8642813C}_is1
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtili

ty
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Value Deleted : HKCU\Software\Microsoft\Internet

Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet

Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

[{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

[{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources

[F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet

Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions

[m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page]

= hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={A77CDF89-593B-11E2

-A0C2-0018F363A0CA} --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [10052 octets] - [03/03/2013 09:02:50]
AdwCleaner[S1].txt - [351 octets] - [02/03/2013 23:45:23]
AdwCleaner[S2].txt - [10071 octets] - [03/03/2013 09:03:12]

########## EOF - C:\AdwCleaner[S2].txt - [10132 octets] ##########

 

 

 

 

Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows Vista ™ Ultimate x86
Ran by e. Smith on Sun 03/03/2013 at  9:13:32.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/03/2013 at  9:15:17.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

RKill

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 09:18:48 AM in x86 mode.
Windows Version: Windows Vista ™ Ultimate Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 03/03/2013 09:18:57 AM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)

 

 

 

 

 

Autoruns

 

Autoruns


Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 09:18:48 AM in x86 mode.
Windows Version: Windows Vista ™ Ultimate Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 03/03/2013 09:18:57 AM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 03 March 2013 - 01:48 PM

Other logs?



#7 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 02:20 PM

weird.  i thought i had copied everything in there.  i'm sorry about that.  here's the farbar scanner, adwcleaner, junkware removal, and rkill logs

 

Farbar Service Scanner Version: 20-02-2013
Ran by e. Smith (administrator) on 02-03-2013 at 23:41:05
Running from "D:\Programs\Anti-virus anti-malware\Farbar Service Scanner"
Windows Vista ™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is set to Demand. The default start type is Auto.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc: "%SystemRoot%\system32\cryptsvc.dll".
Checking LEGACY_cryptsvc: ATTENTION!=====> Unable to open LEGACY_cryptsvc\0000 registry key. The key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-12 16:51] - [2013-01-04 03:28] - 0905576 ____A (Microsoft Corporation) 74E2D020C47BB2B2FCCBA29A518A7EB4

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

 


# AdwCleaner v2.113 - Logfile created 03/03/2013 at 09:03:12
# Updated 23/02/2013 by Xplode
# Operating system : Windows Vista ™ Ultimate Service Pack 2 (32 bits)
# User : e. Smith - ESMITH-PC
# Boot Mode : Normal
# Running from : D:\Programs\Anti-virus anti-malware\07 AdwCleaner\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\GameTap Web Player
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\GameTap Web Player
Folder Deleted : C:\Users\e. Smith\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\e. Smith\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\e. Smith\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\e. Smith\AppData\LocalLow\MyWebSearch

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={A77CDF89-593B-11E2-A0C2-0018F363A0CA} --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [10052 octets] - [03/03/2013 09:02:50]
AdwCleaner[S1].txt - [351 octets] - [02/03/2013 23:45:23]
AdwCleaner[S2].txt - [10071 octets] - [03/03/2013 09:03:12]

########## EOF - C:\AdwCleaner[S2].txt - [10132 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows Vista ™ Ultimate x86
Ran by e. Smith on Sun 03/03/2013 at  9:13:32.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/03/2013 at  9:15:17.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 09:18:48 AM in x86 mode.
Windows Version: Windows Vista ™ Ultimate Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 03/03/2013 09:18:57 AM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)

 

 

 


Autoruns


Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 09:18:48 AM in x86 mode.
Windows Version: Windows Vista ™ Ultimate Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 03/03/2013 09:18:57 AM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 03 March 2013 - 02:45 PM

Click on startmenu and type

 

cmd

 

Right click on it and select run as administrator and run this command

 

net start cryptsvc

 

Any errors?



#9 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 02:49 PM

I get the reply "The requested service has already been started.  More help is available by typing NET HELPMSG 2182".



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 03 March 2013 - 02:50 PM

Current issues?



#11 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 02:54 PM

I have not experienced any issues on my computer at all actually.  Nothing as far as system crashing or any other glitches.  When my wife had called that random tech support place regarding her Yahoo e-mail on Friday night, they mentioned that the computer had been infected to transmit sensitive data to whomever hacked it.  This set things in motion for me to run some spyware / malware detection & deletion programs & when I found a few Trojans it made me worried they were right about my system being compromised.

 

Thats why I'm checking with this forum.  It looks like you've been having me go through the right steps to help ensure everything is ok.

 

Is there anything else I should be doing to ensure my computer hasn't been compromised?


Edited by eSmith17, 03 March 2013 - 03:05 PM.


#12 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 03:31 PM

Something else i wanted to ask.  You mentioned earlier after running the RKILL program to not reboot as the malware programs would restart.  Is it safe to turn the computer off now, or are there still things we need to check?



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 03 March 2013 - 03:38 PM

When my wife had called that random tech support place regarding her Yahoo e-mail on Friday night, they mentioned that the computer had been infected to transmit sensitive data to whomever hacked it.

 

Beware of tech support guys especially one who calls you.They would fake you to believe that your system is infected.

 

Something else i wanted to ask.  You mentioned earlier after running the RKILL program to not reboot as the malware programs would restart.  Is
it safe to turn the computer off now, or are there still things we need to check?

 

RKILL didnot detect infections.So you're safe.

 

I would suggest you to browse for a day and come and let me know how system behaves.

 

 

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/



#14 eSmith17

eSmith17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 March 2013 - 03:48 PM

Thank you for all of your help.  I understand fully to beware of tech support companies, which is why I didnt take them up on their offer to "fix" my computer.  I figured I would be better off reading up on the situation and doing my due diligence in making sure my computer is safe.  I'm glad I found this forum, it seems to be full of many people who are willing to help, and a lot of good tips to boot.  Thank you again for your help, it was greatly appreciated.

 

I'll monitor how my system acts throughout the rest of the day and report back.  I'll also look into that list of suggestions you gave for making sure my system is running at optimum levels.

 

Thank you again & I hope you have a good day!



#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:31 PM

Posted 03 March 2013 - 03:51 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users