Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected: Unknown/Not Normal Links


  • This topic is locked This topic is locked
24 replies to this topic

#1 hattricknz

hattricknz

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 03 July 2013 - 02:45 AM

See the attached screen grab.

Basically Unknown/Not Normal Links appear in websites that I don't think that should be there. Please advise. Tks

 

 

----------------------------------

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/09/2011 1:00:34 a.m.
System Uptime: 3/07/2013 6:58:09 p.m. (1 hours ago)
.
Motherboard: Gateway          |  | NV59C           
Processor: Intel® Core™ i5 CPU       M 430  @ 2.27GHz | CPU | 2267/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 452 GiB total, 74.829 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP149: 13/06/2013 8:05:19 p.m. - Scheduled Checkpoint
RP150: 13/06/2013 9:14:20 p.m. - Windows Update
RP151: 14/06/2013 11:03:35 p.m. - Windows Update
RP152: 16/06/2013 11:23:20 a.m. - Windows Update
RP153: 23/06/2013 3:01:42 p.m. - Scheduled Checkpoint
RP154: 27/06/2013 7:16:57 p.m. - Installed Jing
RP155: 27/06/2013 9:38:39 p.m. - Removed Skype Click to Call
RP156: 28/06/2013 6:45:36 p.m. - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI
Advertising Center
Android SDK Tools
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
AVG 2013
AVS Audio Converter 7
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
Backup Manager Basic
BBC iPlayer Desktop
Bejeweled 2 Deluxe
Bing Bar
BitTorrent
Blasterball 3
Bob the Builder Can-Do-Zoo
Bonjour
Booktrack
Broadcom Gigabit NetLink Controller
BTGuard 2.4
Build-a-lot 2
CCleaner
Chicken Invaders 3 - Revenge of the Yolk
Chief Architect Premier X5 (64 bit)
Codec-V
Compatibility Pack for the 2007 Office system
CyberLink PowerDVD 9
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
Elite Proxy Switcher 1.17
Escape Rosecliff Island
Faerie Solitaire
Freecorder 5
Freecorder 8 Applications (8.0.0.97)
Freecorder extension
Freecorder extension for Firefox
Freecorder extension x64
Gateway Game Console
Gateway Games
Gateway InfoCentre
Gateway MyBackup
Gateway Power Management
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway Social Networks
Gateway Updater
GnuWin32: Wget-1.11.4-1
Google App Engine
Google Chrome
Google Earth
Google Update Helper
HMA! Pro VPN 2.8.0.8
Identity Card
ImagXpress
Insaniquarium Deluxe
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
Intel® Turbo Boost Technology Monitor
iTunes
Jewel Quest
Jewel Quest Solitaire 3
Jing
Juniper Networks Host Checker
Juniper Networks Secure Application Manager
Juniper Networks, Inc. Setup Client
Juniper Terminal Services Client
Junk Mail filter update
Launch Manager
Mahjongg Artifacts
Malwarebytes Anti-Malware version 1.75.0.1300
Mgeni Snapshot (10-22-2009)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Essentials
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
NetSpeedMonitor 2.5.4.0 x64
Node.js
Notepad++
NVIDIA Drivers
NVIDIA Updatus
ooVoo
Penguins!
PFPortChecker 1.0.39
Polar Bowler
Polar Golfer
Polar Pool
Python 3.2 pygame-1.9.2a0
Python 3.2.3
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype™ 6.5
SopCast 3.4.0
Standard ML of New Jersey
SUPERAntiSpyware
Sweet Home 3D version 3.5
swMSM
Synaptics Pointing Device Driver
TeamViewer 8
Unity Web Player
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC 9.0 Runtime
Video Web Camera
Virtual Families
Virtual Villagers - A New Home
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.7
Welcome Center
WIDCOMM Bluetooth Software
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinPcap 4.1.2
Yahtzee
ZoneAlarm Antivirus
ZoneAlarm Firewall
ZoneAlarm Free Antivirus + Firewall
ZoneAlarm Security
ZoneAlarm Security Toolbar
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
26/06/2013 5:07:41 p.m., Error: Service Control Manager [7034]  - The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
2/07/2013 9:07:42 p.m., Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
.
==== End Of File ===========================
 

 

---------------------------------------------

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611
Run by KS at 19:25:51 on 2013-07-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.64.1033.18.3959.1387 [GMT 12:00]
.
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Video Web Camera\traybar.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=208F00FFA8556F99&affID=119523&tt=250613_gr2&tsp=4926
uProxyServer = 176.58.96.37:8080
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.5.20.3\bh\zonealarm.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - <orphaned>
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Freecorder extension: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files (x86)\Freecorder extension\ScriptHost.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.5.20.3\zonealarmTlbr.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
uRun: [Google Update] "C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [Camera Assistant Software] "C:\Program Files (x86)\Video Web Camera\traybar.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vralisausydhb11.connectge.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{115BBA5D-E946-4CE4-A5AC-1E32BEEB82F2} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{115BBA5D-E946-4CE4-A5AC-1E32BEEB82F2}\24561636860284F6573756 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{115BBA5D-E946-4CE4-A5AC-1E32BEEB82F2}\F42736F6E6D275962756C6563737 : DHCPNameServer = 10.1.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= c:\progra~2\common~1\jaksta~1\audioc~1\jaudcap.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-BHO: Freecorder extension x64: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension x64\ScriptHost.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
x64-Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\KS\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Users\KS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\addon@freecorder.com\plugins\npFreeCoder.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-14 18:10; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-06-26 18:44; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-06-27 21:16; addon@freecorder.com; C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\addon@freecorder.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 208f66a500000000000000ffa8556f99
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15883
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:14:17
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119523&tt=250613_gr2&tsp=4926
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 31080]
R1 NEOFLTR_7111_21451;Juniper Networks TDI Filter Driver (NEOFLTR_7111_21451);C:\Windows\System32\drivers\NEOFLTR_7111_21451.SYS [2012-10-30 99192]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-12 140672]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-5-1 312400]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2011-9-4 866336]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-9 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-1 13336]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-4 33712]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2011-11-4 828072]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-3-9 250368]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-28 4150112]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-5-1 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-5-1 243232]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-9-4 722528]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-1 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-5-1 158720]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-21 321064]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-5-1 1098784]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-9-4 335400]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-9-4 39464]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-5-1 245280]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-13 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\WAT\WatAdminSvc.exe [2011-9-9 1255736]
.
=============== Created Last 30 ================
.
2013-06-30 08:24:42    --------    d-----w-    C:\Program Files (x86)\GnuWin32
2013-06-29 05:41:24    --------    d-----r-    C:\Users\KS\Dropbox
2013-06-29 05:39:03    --------    d-----w-    C:\Users\KS\AppData\Roaming\Dropbox
2013-06-27 09:48:42    --------    d-----w-    C:\Users\KS\AppData\Roaming\Freecorder 8 Audio
2013-06-27 09:47:36    --------    d-----w-    C:\Program Files (x86)\WinPcap
2013-06-27 09:46:58    --------    d-----w-    C:\Users\KS\AppData\Roaming\Freecorder 8 Video
2013-06-27 09:42:39    --------    d-----w-    C:\Users\KS\AppData\Roaming\Freecorder 8 Screen
2013-06-27 09:42:37    --------    d-----w-    C:\Users\KS\AppData\Local\Jaksta_Technologies_Pty_L
2013-06-27 09:20:26    --------    d-----w-    C:\Program Files (x86)\MyPC Backup
2013-06-27 09:19:03    --------    d-----w-    C:\Program Files\Common Files\Jaksta Technologies
2013-06-27 09:19:03    --------    d-----w-    C:\Program Files (x86)\Common Files\Jaksta Technologies
2013-06-27 09:19:01    --------    d-----w-    C:\Program Files (x86)\Applian Technologies
2013-06-27 09:16:28    --------    d-----w-    C:\Program Files\Freecorder extension x64
2013-06-27 09:16:00    --------    d-----w-    C:\Program Files (x86)\Freecorder extension
2013-06-27 09:14:53    --------    d-----w-    C:\ProgramData\Tarma Installer
2013-06-27 09:13:38    --------    d-----w-    C:\Users\KS\AppData\Roaming\Babylon
2013-06-27 09:13:38    --------    d-----w-    C:\ProgramData\Babylon
2013-06-27 07:18:00    --------    d-----w-    C:\Users\KS\AppData\Local\TechSmith
2013-06-25 05:27:01    --------    d-----w-    C:\Program Files\iPod
2013-06-25 05:27:00    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-25 05:27:00    --------    d-----w-    C:\Program Files\iTunes
2013-06-25 05:27:00    --------    d-----w-    C:\Program Files (x86)\iTunes
2013-06-23 03:01:44    --------    d-----w-    C:\ProgramData\boost_interprocess
2013-06-23 02:17:13    12872    ----a-w-    C:\Windows\System32\bootdelete.exe
2013-06-23 01:26:36    --------    d-----w-    C:\ProgramData\HitmanPro
2013-06-23 01:25:18    --------    d-----w-    C:\Users\KS\AppData\Local\Programs
2013-06-22 07:17:15    --------    d-----w-    C:\cygwin
2013-06-15 05:20:06    --------    d-----w-    C:\Windows\IswTmp
2013-06-14 05:43:45    --------    d-----w-    C:\de642b1ab85984b8082c0eb8b14f47
2013-06-13 06:56:01    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-06-13 06:56:00    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-06-13 06:56:00    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-06-13 06:56:00    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-06-13 06:56:00    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-06-13 06:56:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-06-13 06:56:00    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-06-13 06:56:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-06-13 06:56:00    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-06-13 06:56:00    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-06-13 06:55:50    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-06-13 06:52:52    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-06-13 06:52:52    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-06-13 06:28:24    9089416    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-07 05:17:32    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-07 05:17:32    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M  ====================
.
2013-06-08 12:28:46    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-08 11:13:19    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-05-22 20:52:32    389120    ----a-w-    C:\Windows\SysWow64\RegistryHelperLM.ocx
2013-05-17 01:25:57    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-05-17 00:58:10    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-24 09:53:52    36736    ----a-w-    C:\Windows\System32\drivers\tap0901.sys
2013-04-12 14:45:08    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53    983400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-04-05 21:23:43    4096    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
.
============= FINISH: 19:26:52.15 ===============
 

 

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:17 AM

Posted 04 July 2013 - 05:30 PM

Hello hattricknz,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  • I will be analyzing your log. I will get back to you with instructions.
1.
Download AdwCleaner
  • Double click on AdwCleaner.exe to run the tool.
    ***Note: Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select
    Run%20as%20admin.png
  • Click the Delete button.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your next reply.
  • Or you can find the logfile at C:\AdwCleaner[R1].txt.
2.
  • Download RogueKiller on the desktop
  • Close all the running processes
  • Under Vista/Seven, right click -> Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • When prompted, Click Scan
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
Things to include in your next reply::
AdwCleaner log
Roguekiller log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 06 July 2013 - 03:45 AM

Hi Bleepin' Fireman, thanks for this...

 

# AdwCleaner v2.304 - Logfile created 07/06/2013 at 20:01:54
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : KS - KS-PC
# Boot Mode : Normal
# Running from : C:\Users\KS\Downloads\adwcleaner(1).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\searchplugins\Babylon.xml
File Found : C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\searchplugins\delta.xml
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Freecorder extension
Folder Found : C:\Program Files (x86)\Freecorder extension
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\KS\AppData\Roaming\Babylon
Folder Found : C:\Users\KS\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registry] *****

Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\596d68fb23abd44
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Key Found : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-2684684423-307724796-3963157818-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=208F00FFA8556F99&affID=119523&tt=250613_gr2&tsp=4926

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\prefs.js

Found : user_pref("extensions.delta.admin", false);
Found : user_pref("extensions.delta.aflt", "babsst");
Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Found : user_pref("extensions.delta.autoRvrt", "false");
Found : user_pref("extensions.delta.dfltLng", "en");
Found : user_pref("extensions.delta.excTlbr", false);
Found : user_pref("extensions.delta.ffxUnstlRst", true);
Found : user_pref("extensions.delta.id", "208f66a500000000000000ffa8556f99");
Found : user_pref("extensions.delta.instlDay", "15883");
Found : user_pref("extensions.delta.instlRef", "sst");
Found : user_pref("extensions.delta.newTab", false);
Found : user_pref("extensions.delta.prdct", "delta");
Found : user_pref("extensions.delta.prtnrId", "delta");
Found : user_pref("extensions.delta.rvrt", "false");
Found : user_pref("extensions.delta.smplGrp", "none");
Found : user_pref("extensions.delta.tlbrId", "base");
Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Found : user_pref("extensions.delta.vrsn", "1.8.21.5");
Found : user_pref("extensions.delta.vrsnTs", "1.8.21.521:14:17");
Found : user_pref("extensions.delta.vrsni", "1.8.21.5");
Found : user_pref("extensions.delta_i.babExt", "");
Found : user_pref("extensions.delta_i.babTrack", "affID=119523&tt=250613_gr2&tsp=4926");
Found : user_pref("extensions.delta_i.srcExt", "ss");
Found : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\[...]

-\\ Google Chrome v27.0.1453.116

File : C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [57713 octets] - [16/09/2012 10:42:34]
AdwCleaner[R2].txt - [57774 octets] - [16/09/2012 10:43:31]
AdwCleaner[R3].txt - [6971 octets] - [23/06/2013 13:29:04]
AdwCleaner[R4].txt - [9357 octets] - [06/07/2013 20:01:54]
AdwCleaner[S1].txt - [59684 octets] - [16/09/2012 10:44:28]
AdwCleaner[S2].txt - [7115 octets] - [23/06/2013 13:32:12]

########## EOF - C:\AdwCleaner[R4].txt - [9538 octets] ##########
 

 

 

 

 

 

 

 

RogueKiller V8.6.2 [Jul  5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : KS [Admin rights]
Mode : Scan -- Date : 07/06/2013 20:10:25
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (176.58.96.37:8080) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) ->

FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) ->

FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][ROGUE ST] 4339 : wscript.exe - C:\Users\KS\AppData\Local\Temp\launchie.vbs //B

-> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-22A0RT0 +++++
--- User ---
[MBR] c00ef4a74d11125f6fc9a792994d885a
[BSP] 1fed31db36e48970a0dad81a7da64884 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 14339 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29366820 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29575665 | Size: 462497 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_07062013_201025.txt >>
RKreport[0]_S_07062013_200730.txt


 



#4 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 06 July 2013 - 03:51 AM

problem still exists...when I go here http://www.bbc.co.uk/sport/0/football/23201543

 I see links that should no be there...just tried chrome there and the same page does not have the links but it does for firefox. so maybe it's a firefox issue? tks again


Edited by hattricknz, 06 July 2013 - 04:53 AM.


#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:17 AM

Posted 07 July 2013 - 04:37 PM

Hello,

 

Yes you should be still infected we have done nothing yet to remove anything. We will now start that process. Make sure you read the directions carefully.

 

1.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

2.

  •    
  • Re-Run RogueKiller
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Delete 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

 

Things to include in your next reply:;

AdwCleaner[S1].txt

Roguekiller log

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:17 AM

Posted 09 July 2013 - 04:34 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 11 July 2013 - 04:24 AM

Thanks for your patience

 

see attached

 

# AdwCleaner v2.304 - Logfile created 07/11/2013 at 21:09:21
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : KS - KS-PC
# Boot Mode : Normal
# Running from : C:\Users\KS\Downloads\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\searchplugins\Babylon.xml
File Deleted : C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\searchplugins\delta.xml
Folder Deleted : C:\Program Files (x86)\Freecorder extension
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\KS\AppData\Roaming\Babylon
Folder Deleted : C:\Users\KS\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\596d68fb23abd44
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=208F00FFA8556F99&affID=119523&tt=250613_gr2&tsp=4926 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\prefs.js

C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\user.js ... Deleted !

Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.id", "208f66a500000000000000ffa8556f99");
Deleted : user_pref("extensions.delta.instlDay", "15883");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.smplGrp", "none");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.521:14:17");
Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=119523&tt=250613_gr2&tsp=4926");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Deleted : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\[...]

-\\ Google Chrome v27.0.1453.116

File : C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [57713 octets] - [16/09/2012 10:42:34]
AdwCleaner[R2].txt - [57774 octets] - [16/09/2012 10:43:31]
AdwCleaner[R3].txt - [6971 octets] - [23/06/2013 13:29:04]
AdwCleaner[R4].txt - [9559 octets] - [06/07/2013 20:01:54]
AdwCleaner[R5].txt - [9619 octets] - [11/07/2013 21:08:09]
AdwCleaner[S1].txt - [59684 octets] - [16/09/2012 10:44:28]
AdwCleaner[S2].txt - [7115 octets] - [23/06/2013 13:32:12]
AdwCleaner[S3].txt - [9730 octets] - [11/07/2013 21:09:21]

########## EOF - C:\AdwCleaner[S3].txt - [9790 octets] ##########
 

 

 

 

 

 

 

 

 

 

RogueKiller V8.6.2 [Jul  5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : KS [Admin rights]
Mode : Remove -- Date : 07/11/2013 21:18:15
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (176.58.96.37:8080) -> NOT REMOVED, USE PROXYFIX
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][ROGUE ST] 4339 : wscript.exe - C:\Users\KS\AppData\Local\Temp\launchie.vbs //B -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-22A0RT0 +++++
--- User ---
[MBR] c00ef4a74d11125f6fc9a792994d885a
[BSP] 1fed31db36e48970a0dad81a7da64884 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 14339 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29366820 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29575665 | Size: 462497 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_07112013_211815.txt >>
RKreport[0]_S_07062013_200730.txt;RKreport[0]_S_07062013_201025.txt;RKreport[0]_S_07112013_211807.txt



 

 

 

Attached Files



#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:17 AM

Posted 12 July 2013 - 03:35 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 13 July 2013 - 08:27 PM

The same. have have the links.



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:17 AM

Posted 14 July 2013 - 09:42 AM

1.

  • Re-Run RogueKiller
  • Close all the running processes
  • Under Vista/Seven, right click -> Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • When prompted, Click Proxyfix
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

2.
Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

3.


  • 1. Please download OTL from one of the following mirrors:
  • This is THE Mirror
    2. Save it to your desktop.
    3. Double click on the otlDesktopIcon.png icon on your desktop.
    4. Under the Custom Scan box paste this in

    c:\windows\*. /SL
    c:\windows\*. /RP
    netsvcs
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90

    5. Push the Quick Scan button.
    6. Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Please copy and paste all logs directly into your reply. If it takes more than one post to accomplish this it is ok.

Things to include in your next reply::

Roguekiller log

TdssKiller log

OTl.txt

Extra.txt

How is your machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 17 July 2013 - 06:16 AM

tks again. with tdsskiller i copied 2 objects to quarantine,there was not a clean option.

as before ...

problem still exists...when I go here http://www.bbc.co.uk/sport/0/football/23201543

 

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : KS [Admin rights]
Mode : ProxyFix -- Date : 07/17/2013 22:12:53
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (176.58.96.37:8080) -> DELETED

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

Finished : << RKreport[0]_PR_07172013_221253.txt >>
RKreport[0]_D_07112013_211815.txt;RKreport[0]_S_07062013_200730.txt;RKreport[0]_S_07062013_201025.txt
RKreport[0]_S_07112013_211807.txt;RKreport[0]_S_07172013_220833.txt


 



#12 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 17 July 2013 - 06:17 AM

22:34:36.0568 4564  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
22:34:38.0581 4564  ============================================================
22:34:38.0581 4564  Current date / time: 2013/07/17 22:34:38.0581
22:34:38.0581 4564  SystemInfo:
22:34:38.0581 4564  
22:34:38.0581 4564  OS Version: 6.1.7601 ServicePack: 1.0
22:34:38.0581 4564  Product type: Workstation
22:34:38.0581 4564  ComputerName: KS-PC
22:34:38.0581 4564  UserName: KS
22:34:38.0581 4564  Windows directory: C:\Windows
22:34:38.0581 4564  System windows directory: C:\Windows
22:34:38.0581 4564  Running under WOW64
22:34:38.0581 4564  Processor architecture: Intel x64
22:34:38.0581 4564  Number of processors: 4
22:34:38.0581 4564  Page size: 0x1000
22:34:38.0581 4564  Boot type: Normal boot
22:34:38.0581 4564  ============================================================
22:34:38.0581 4564  BG loaded
22:34:39.0953 4564  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:34:39.0953 4564  ============================================================
22:34:39.0953 4564  \Device\Harddisk0\DR0:
22:34:39.0953 4564  MBR partitions:
22:34:39.0953 4564  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C01A24, BlocksNum 0x32FCD
22:34:39.0953 4564  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C349F1, BlocksNum 0x38750E3F
22:34:39.0953 4564  ============================================================
22:34:40.0063 4564  C: <-> \Device\Harddisk0\DR0\Partition2
22:34:40.0063 4564  ============================================================
22:34:40.0063 4564  Initialize success
22:34:40.0063 4564  ============================================================
22:35:33.0396 3812  ============================================================
22:35:33.0396 3812  Scan started
22:35:33.0396 3812  Mode: Manual; SigCheck; TDLFS;
22:35:33.0396 3812  ============================================================
22:35:35.0783 3812  ================ Scan system memory ========================
22:35:35.0783 3812  System memory - ok
22:35:35.0783 3812  ================ Scan services =============================
22:35:36.0766 3812  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:35:39.0653 3812  !SASCORE ( UnsignedFile.Multi.Generic ) - warning
22:35:39.0653 3812  !SASCORE - detected UnsignedFile.Multi.Generic (1)
22:35:40.0246 3812  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:35:40.0417 3812  1394ohci - ok
22:35:40.0495 3812  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:35:40.0526 3812  ACPI - ok
22:35:40.0651 3812  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:35:41.0618 3812  AcpiPmi - ok
22:35:42.0133 3812  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:35:42.0164 3812  AdobeARMservice - ok
22:35:46.0720 3812  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:35:46.0751 3812  AdobeFlashPlayerUpdateSvc - ok
22:35:47.0047 3812  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:35:47.0078 3812  adp94xx - ok
22:35:47.0219 3812  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:35:47.0234 3812  adpahci - ok
22:35:47.0359 3812  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:35:47.0390 3812  adpu320 - ok
22:35:47.0546 3812  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:35:49.0886 3812  AeLookupSvc - ok
22:35:50.0323 3812  [ 36A14FD1A23F57046361733B792CA8DB ] AFD             C:\Windows\system32\drivers\afd.sys
22:35:50.0386 3812  AFD - ok
22:35:50.0479 3812  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:35:50.0510 3812  agp440 - ok
22:35:50.0666 3812  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:35:50.0698 3812  ALG - ok
22:35:50.0885 3812  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:35:50.0916 3812  aliide - ok
22:35:50.0963 3812  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:35:50.0978 3812  amdide - ok
22:35:51.0088 3812  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:35:51.0322 3812  AmdK8 - ok
22:35:51.0353 3812  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:35:51.0446 3812  AmdPPM - ok
22:35:51.0556 3812  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:35:51.0587 3812  amdsata - ok
22:35:51.0790 3812  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:35:51.0805 3812  amdsbs - ok
22:35:51.0946 3812  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:35:52.0024 3812  amdxata - ok
22:35:52.0242 3812  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:35:52.0367 3812  AppID - ok
22:35:52.0538 3812  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:35:52.0710 3812  AppIDSvc - ok
22:35:52.0913 3812  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
22:35:53.0069 3812  Appinfo - ok
22:35:53.0568 3812  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:35:53.0584 3812  Apple Mobile Device - ok
22:35:53.0802 3812  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:35:53.0833 3812  arc - ok
22:35:53.0896 3812  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:35:53.0927 3812  arcsas - ok
22:35:55.0534 3812  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:35:55.0643 3812  aspnet_state - ok
22:35:55.0768 3812  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:35:55.0892 3812  AsyncMac - ok
22:35:56.0017 3812  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:35:56.0048 3812  atapi - ok
22:35:56.0376 3812  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:35:56.0470 3812  AudioEndpointBuilder - ok
22:35:56.0798 3812  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:35:56.0861 3812  AudioSrv - ok
22:35:59.0312 3812  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
22:35:59.0405 3812  AVGIDSAgent - ok
22:35:59.0593 3812  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:35:59.0624 3812  AVGIDSDriver - ok
22:35:59.0828 3812  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
22:35:59.0859 3812  AVGIDSHA - ok
22:36:00.0062 3812  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
22:36:00.0093 3812  Avgldx64 - ok
22:36:00.0389 3812  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
22:36:00.0420 3812  Avgloga - ok
22:36:00.0483 3812  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
22:36:00.0498 3812  Avgmfx64 - ok
22:36:00.0701 3812  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
22:36:00.0779 3812  Avgrkx64 - ok
22:36:00.0936 3812  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
22:36:00.0967 3812  Avgtdia - ok
22:36:01.0186 3812  [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
22:36:01.0201 3812  avgtp - ok
22:36:01.0295 3812  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
22:36:01.0326 3812  avgwd - ok
22:36:01.0529 3812  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:36:01.0732 3812  AxInstSV - ok
22:36:01.0998 3812  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:36:02.0092 3812  b06bdrv - ok
22:36:02.0372 3812  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:36:02.0685 3812  b57nd60a - ok
22:36:03.0029 3812  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
22:36:03.0044 3812  BBSvc - ok
22:36:03.0185 3812  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
22:36:03.0216 3812  BBUpdate - ok
22:36:03.0294 3812  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:36:03.0325 3812  BDESVC - ok
22:36:03.0434 3812  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:36:03.0887 3812  Beep - ok
22:36:04.0152 3812  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:36:04.0214 3812  BFE - ok
22:36:04.0526 3812  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
22:36:04.0713 3812  BITS - ok
22:36:04.0838 3812  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:36:04.0916 3812  blbdrive - ok
22:36:05.0259 3812  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:36:05.0275 3812  Bonjour Service - ok
22:36:05.0400 3812  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:36:05.0447 3812  bowser - ok
22:36:05.0571 3812  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:36:07.0038 3812  BrFiltLo - ok
22:36:07.0131 3812  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:36:07.0163 3812  BrFiltUp - ok
22:36:07.0303 3812  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:36:07.0506 3812  BridgeMP - ok
22:36:07.0615 3812  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:36:07.0724 3812  Browser - ok
22:36:07.0958 3812  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:36:08.0426 3812  Brserid - ok
22:36:08.0520 3812  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:36:08.0645 3812  BrSerWdm - ok
22:36:08.0738 3812  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:36:08.0847 3812  BrUsbMdm - ok
22:36:08.0941 3812  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:36:09.0035 3812  BrUsbSer - ok
22:36:09.0159 3812  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:36:09.0222 3812  BthEnum - ok
22:36:09.0347 3812  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:36:09.0518 3812  BTHMODEM - ok
22:36:09.0627 3812  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:36:09.0768 3812  BthPan - ok
22:36:09.0939 3812  [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:36:10.0002 3812  BTHPORT - ok
22:36:10.0095 3812  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:36:10.0205 3812  bthserv - ok
22:36:10.0236 3812  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:36:10.0314 3812  BTHUSB - ok
22:36:10.0548 3812  [ 380B798D30C56EDE4AF58619D0E86CCB ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
22:36:10.0673 3812  btwampfl - ok
22:36:10.0829 3812  [ BA5622F5544C6C445DFF1A05ACC8B19D ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:36:10.0922 3812  btwaudio - ok
22:36:11.0047 3812  [ A11905D0F4BD34771F195217B6AA5AE0 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
22:36:11.0063 3812  btwavdt - ok
22:36:11.0375 3812  [ 3930E53EE0BED9DFF9AFA09F505D0CAE ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:36:11.0406 3812  btwdins - ok
22:36:11.0577 3812  [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
22:36:11.0609 3812  btwl2cap - ok
22:36:11.0624 3812  [ BD776F32D64EC615BE4563DC2747224E ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:36:11.0655 3812  btwrchid - ok
22:36:11.0718 3812  catchme - ok
22:36:11.0889 3812  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:36:11.0983 3812  cdfs - ok
22:36:12.0123 3812  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:36:12.0201 3812  cdrom - ok
22:36:12.0357 3812  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:36:12.0576 3812  CertPropSvc - ok
22:36:12.0981 3812  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:36:13.0091 3812  circlass - ok
22:36:13.0340 3812  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:36:13.0356 3812  CLFS - ok
22:36:13.0621 3812  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:36:13.0668 3812  clr_optimization_v2.0.50727_32 - ok
22:36:13.0824 3812  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:36:14.0151 3812  clr_optimization_v2.0.50727_64 - ok
22:36:14.0541 3812  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:36:14.0869 3812  clr_optimization_v4.0.30319_32 - ok
22:36:14.0994 3812  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:36:15.0228 3812  clr_optimization_v4.0.30319_64 - ok
22:36:15.0306 3812  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:36:15.0540 3812  CmBatt - ok
22:36:15.0633 3812  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:36:15.0665 3812  cmdide - ok
22:36:15.0789 3812  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:36:15.0836 3812  CNG - ok
22:36:15.0930 3812  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:36:15.0945 3812  Compbatt - ok
22:36:16.0179 3812  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:36:16.0257 3812  CompositeBus - ok
22:36:16.0304 3812  COMSysApp - ok
22:36:16.0367 3812  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:36:16.0398 3812  crcdisk - ok
22:36:16.0601 3812  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:36:16.0663 3812  CryptSvc - ok
22:36:16.0928 3812  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:36:17.0084 3812  DcomLaunch - ok
22:36:17.0147 3812  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:36:17.0381 3812  defragsvc - ok
22:36:17.0443 3812  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:36:17.0552 3812  DfsC - ok
22:36:17.0693 3812  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:36:17.0834 3812  Dhcp - ok
22:36:17.0896 3812  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:36:17.0974 3812  discache - ok
22:36:18.0131 3812  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:36:18.0163 3812  Disk - ok
22:36:18.0272 3812  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:36:18.0412 3812  Dnscache - ok
22:36:18.0475 3812  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:36:18.0568 3812  dot3svc - ok
22:36:18.0646 3812  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:36:19.0005 3812  DPS - ok
22:36:19.0145 3812  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:36:19.0208 3812  drmkaud - ok
22:36:19.0676 3812  [ E2B2853A0210D6EDAB2261870BD80C1A ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:36:19.0707 3812  DsiWMIService - ok
22:36:19.0832 3812  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:36:19.0863 3812  DXGKrnl - ok
22:36:19.0972 3812  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:36:20.0066 3812  EapHost - ok
22:36:20.0893 3812  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:36:21.0173 3812  ebdrv - ok
22:36:21.0251 3812  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:36:21.0423 3812  EFS - ok
22:36:21.0751 3812  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:36:21.0860 3812  ehRecvr - ok
22:36:21.0938 3812  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:36:22.0016 3812  ehSched - ok
22:36:22.0219 3812  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:36:22.0421 3812  elxstor - ok
22:36:22.0781 3812  [ 91C2E6234F6884C6FEEF9658D8EDE6B6 ] ePowerSvc       C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
22:36:22.0828 3812  ePowerSvc - ok
22:36:22.0890 3812  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:36:22.0937 3812  ErrDev - ok
22:36:23.0171 3812  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:36:23.0280 3812  EventSystem - ok
22:36:23.0343 3812  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:36:23.0499 3812  exfat - ok
22:36:23.0842 3812  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:36:24.0045 3812  fastfat - ok
22:36:24.0404 3812  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
22:36:24.0497 3812  Fax - ok
22:36:24.0669 3812  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:36:24.0747 3812  fdc - ok
22:36:24.0809 3812  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:36:25.0854 3812  fdPHost - ok
22:36:25.0948 3812  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:36:26.0073 3812  FDResPub - ok
22:36:26.0151 3812  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:36:26.0166 3812  FileInfo - ok
22:36:26.0213 3812  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:36:26.0322 3812  Filetrace - ok
22:36:26.0385 3812  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:36:26.0416 3812  flpydisk - ok
22:36:26.0494 3812  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:36:26.0510 3812  FltMgr - ok
22:36:26.0728 3812  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
22:36:26.0806 3812  FontCache - ok
22:36:26.0915 3812  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:36:26.0946 3812  FontCache3.0.0.0 - ok
22:36:27.0024 3812  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:36:27.0040 3812  FsDepends - ok
22:36:27.0087 3812  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:36:27.0118 3812  Fs_Rec - ok
22:36:27.0212 3812  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:36:27.0243 3812  fvevol - ok
22:36:27.0336 3812  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:36:27.0352 3812  gagp30kx - ok
22:36:27.0758 3812  [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
22:36:27.0961 3812  GameConsoleService - ok
22:36:28.0008 3812  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:36:28.0024 3812  GEARAspiWDM - ok
22:36:28.0164 3812  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:36:28.0227 3812  gpsvc - ok
22:36:28.0336 3812  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
22:36:28.0367 3812  GREGService - ok
22:36:28.0507 3812  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:36:28.0523 3812  gupdate - ok
22:36:28.0601 3812  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:36:28.0632 3812  gupdatem - ok
22:36:28.0663 3812  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:36:28.0726 3812  hcw85cir - ok
22:36:28.0913 3812  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:36:29.0007 3812  HdAudAddService - ok
22:36:29.0100 3812  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:36:29.0178 3812  HDAudBus - ok
22:36:29.0225 3812  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
22:36:29.0241 3812  HECIx64 - ok
22:36:29.0303 3812  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:36:29.0412 3812  HidBatt - ok
22:36:29.0475 3812  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:36:29.0631 3812  HidBth - ok
22:36:29.0740 3812  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:36:29.0865 3812  HidIr - ok
22:36:29.0911 3812  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
22:36:30.0021 3812  hidserv - ok
22:36:30.0208 3812  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:36:30.0239 3812  HidUsb - ok
22:36:30.0317 3812  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:36:30.0489 3812  hkmsvc - ok
22:36:30.0551 3812  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:36:30.0613 3812  HomeGroupListener - ok
22:36:30.0676 3812  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:36:30.0801 3812  HomeGroupProvider - ok
22:36:30.0910 3812  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:36:30.0957 3812  HpSAMD - ok
22:36:31.0066 3812  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:36:31.0191 3812  HTTP - ok
22:36:31.0269 3812  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:36:31.0300 3812  hwpolicy - ok
22:36:31.0378 3812  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:36:31.0409 3812  i8042prt - ok
22:36:31.0705 3812  [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:36:31.0737 3812  iaStor - ok
22:36:31.0877 3812  [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
22:36:31.0908 3812  IAStorDataMgrSvc - ok
22:36:32.0158 3812  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:36:32.0220 3812  iaStorV - ok
22:36:32.0376 3812  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:36:32.0485 3812  idsvc - ok
22:36:32.0548 3812  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:36:32.0563 3812  iirsp - ok
22:36:32.0673 3812  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:36:32.0766 3812  IKEEXT - ok
22:36:32.0908 3812  [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
22:36:33.0110 3812  Impcd - ok
22:36:33.0313 3812  [ 51C98815721B44BF70E8AEB3FF3F57D6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:36:33.0360 3812  IntcAzAudAddService - ok
22:36:33.0485 3812  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:36:33.0516 3812  intelide - ok
22:36:33.0578 3812  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:36:33.0656 3812  intelppm - ok
22:36:33.0719 3812  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:36:33.0812 3812  IPBusEnum - ok
22:36:33.0859 3812  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:36:33.0968 3812  IpFilterDriver - ok
22:36:34.0046 3812  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:36:34.0124 3812  iphlpsvc - ok
22:36:34.0202 3812  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:36:34.0280 3812  IPMIDRV - ok
22:36:34.0327 3812  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:36:34.0390 3812  IPNAT - ok
22:36:34.0826 3812  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:36:34.0858 3812  iPod Service - ok
22:36:35.0045 3812  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:36:36.0308 3812  IRENUM - ok
22:36:36.0418 3812  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:36:36.0449 3812  isapnp - ok
22:36:36.0667 3812  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:36:36.0683 3812  iScsiPrt - ok
22:36:36.0886 3812  [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
22:36:36.0917 3812  ISWKL - ok
22:36:37.0057 3812  [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
22:36:37.0104 3812  IswSvc - ok
22:36:37.0182 3812  [ C9B4ECC187581E5BF3F76648884B7829 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
22:36:37.0198 3812  k57nd60a - ok
22:36:37.0307 3812  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
22:36:37.0322 3812  kbdclass - ok
22:36:37.0432 3812  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:36:37.0556 3812  kbdhid - ok
22:36:37.0588 3812  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:36:37.0603 3812  KeyIso - ok
22:36:37.0697 3812  [ 18DCDF2DFDCCEB2EEF9E641F39D17BC7 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
22:36:37.0728 3812  KL1 - ok
22:36:37.0868 3812  [ 2CB6342329B118D9C2CD7551B1CF7002 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
22:36:37.0900 3812  KLIF - ok
22:36:37.0963 3812  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:36:37.0979 3812  KSecDD - ok
22:36:38.0010 3812  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:36:38.0025 3812  KSecPkg - ok
22:36:38.0072 3812  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:36:38.0197 3812  ksthunk - ok
22:36:38.0353 3812  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:36:38.0462 3812  KtmRm - ok
22:36:38.0634 3812  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:36:38.0727 3812  LanmanServer - ok
22:36:38.0790 3812  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:36:38.0930 3812  LanmanWorkstation - ok
22:36:39.0055 3812  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:36:39.0117 3812  lltdio - ok
22:36:39.0227 3812  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:36:39.0320 3812  lltdsvc - ok
22:36:39.0367 3812  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:36:39.0414 3812  lmhosts - ok
22:36:39.0601 3812  [ DBC1136A62BD4DECC3632DF650284C2E ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:36:39.0632 3812  LMS - ok
22:36:39.0695 3812  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:36:39.0726 3812  LSI_FC - ok
22:36:39.0804 3812  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:36:39.0819 3812  LSI_SAS - ok
22:36:39.0866 3812  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:36:39.0882 3812  LSI_SAS2 - ok
22:36:40.0022 3812  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:36:40.0053 3812  LSI_SCSI - ok
22:36:40.0163 3812  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:36:40.0303 3812  luafv - ok
22:36:40.0397 3812  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:36:40.0428 3812  Mcx2Svc - ok
22:36:40.0521 3812  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:36:40.0599 3812  megasas - ok
22:36:40.0724 3812  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:36:40.0755 3812  MegaSR - ok
22:36:40.0865 3812  Microsoft SharePoint Workspace Audit Service - ok
22:36:40.0896 3812  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:36:41.0005 3812  MMCSS - ok
22:36:41.0052 3812  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:36:41.0192 3812  Modem - ok
22:36:41.0270 3812  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:36:41.0411 3812  monitor - ok
22:36:41.0504 3812  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:36:41.0535 3812  mouclass - ok
22:36:41.0723 3812  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:36:41.0801 3812  mouhid - ok
22:36:41.0879 3812  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:36:41.0910 3812  mountmgr - ok
22:36:42.0066 3812  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:36:42.0081 3812  MozillaMaintenance - ok
22:36:42.0144 3812  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:36:42.0175 3812  mpio - ok
22:36:42.0237 3812  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:36:42.0284 3812  mpsdrv - ok
22:36:42.0503 3812  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:36:42.0659 3812  MpsSvc - ok
22:36:42.0737 3812  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:36:42.0815 3812  MRxDAV - ok
22:36:42.0893 3812  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:36:43.0096 3812  mrxsmb - ok
22:36:43.0174 3812  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:36:43.0252 3812  mrxsmb10 - ok
22:36:43.0299 3812  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:36:43.0315 3812  mrxsmb20 - ok
22:36:43.0394 3812  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:36:43.0409 3812  msahci - ok
22:36:43.0472 3812  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:36:43.0503 3812  msdsm - ok
22:36:43.0565 3812  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:36:43.0737 3812  MSDTC - ok
22:36:43.0862 3812  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:36:43.0924 3812  Msfs - ok
22:36:43.0955 3812  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:36:44.0002 3812  mshidkmdf - ok
22:36:44.0127 3812  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:36:44.0158 3812  msisadrv - ok
22:36:44.0314 3812  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:36:44.0440 3812  MSiSCSI - ok
22:36:44.0440 3812  msiserver - ok
22:36:44.0627 3812  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:36:44.0721 3812  MSKSSRV - ok
22:36:44.0768 3812  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:36:44.0846 3812  MSPCLOCK - ok
22:36:44.0892 3812  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:36:45.0048 3812  MSPQM - ok
22:36:45.0158 3812  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:36:45.0204 3812  MsRPC - ok
22:36:45.0282 3812  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:36:45.0314 3812  mssmbios - ok
22:36:45.0376 3812  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:36:45.0485 3812  MSTEE - ok
22:36:45.0657 3812  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:36:45.0750 3812  MTConfig - ok
22:36:45.0797 3812  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:36:45.0828 3812  Mup - ok
22:36:46.0000 3812  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:36:46.0109 3812  napagent - ok
22:36:46.0390 3812  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:36:46.0452 3812  NativeWifiP - ok
22:36:46.0842 3812  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:36:46.0920 3812  NDIS - ok
22:36:47.0030 3812  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:36:47.0123 3812  NdisCap - ok
22:36:47.0186 3812  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:36:47.0295 3812  NdisTapi - ok
22:36:47.0388 3812  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:36:47.0498 3812  Ndisuio - ok
22:36:47.0607 3812  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:47.0716 3812  NdisWan - ok
22:36:47.0810 3812  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:36:47.0856 3812  NDProxy - ok
22:36:48.0169 3812  [ 4AFD6A41AAA3806893F281551BFFDED8 ] NEOFLTR_7111_21451 C:\Windows\system32\Drivers\NEOFLTR_7111_21451.SYS
22:36:48.0201 3812  NEOFLTR_7111_21451 - ok
22:36:48.0856 3812  [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
22:36:49.0121 3812  Nero BackItUp Scheduler 4.0 - ok
22:36:49.0246 3812  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:36:49.0324 3812  NetBIOS - ok
22:36:49.0402 3812  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:36:49.0449 3812  NetBT - ok
22:36:49.0511 3812  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:36:49.0542 3812  Netlogon - ok
22:36:49.0714 3812  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:36:49.0901 3812  Netman - ok
22:36:50.0041 3812  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:50.0275 3812  NetMsmqActivator - ok
22:36:50.0338 3812  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:50.0353 3812  NetPipeActivator - ok
22:36:50.0463 3812  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:36:50.0556 3812  netprofm - ok
22:36:50.0759 3812  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:50.0790 3812  NetTcpActivator - ok
22:36:50.0790 3812  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:50.0806 3812  NetTcpPortSharing - ok
22:36:50.0899 3812  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:36:50.0931 3812  nfrd960 - ok
22:36:51.0009 3812  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:36:51.0118 3812  NlaSvc - ok
22:36:51.0180 3812  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
22:36:51.0196 3812  NPF - ok
22:36:51.0227 3812  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:36:51.0274 3812  Npfs - ok
22:36:51.0383 3812  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:36:51.0477 3812  nsi - ok
22:36:51.0555 3812  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:36:51.0601 3812  nsiproxy - ok
22:36:51.0835 3812  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:36:52.0179 3812  Ntfs - ok
22:36:52.0381 3812  [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
22:36:52.0428 3812  NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - warning
22:36:52.0428 3812  NTI IScheduleSvc - detected UnsignedFile.Multi.Generic (1)
22:36:52.0615 3812  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
22:36:52.0647 3812  NTIDrvr - ok
22:36:52.0678 3812  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:36:52.0771 3812  Null - ok
22:36:52.0881 3812  [ CDDD4478757288DF4BB1494BFD084259 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
22:36:52.0912 3812  NVHDA - ok
22:36:53.0957 3812  [ 9F6ADE7EC1D5480AD1EF370859B26D5A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:36:54.0144 3812  nvlddmkm - ok
22:36:54.0300 3812  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:36:54.0331 3812  nvraid - ok
22:36:54.0472 3812  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:36:54.0503 3812  nvstor - ok
22:36:54.0659 3812  [ 628167D7E894807EF883A13E34172C3C ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:36:54.0690 3812  nvsvc - ok
22:36:54.0768 3812  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:36:54.0799 3812  nv_agp - ok
22:36:54.0862 3812  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:36:54.0893 3812  ohci1394 - ok
22:36:55.0174 3812  [ 5A7BCFB4A13615F23E7D9D06D10AEDA8 ] OpenVPNService  C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
22:36:55.0189 3812  OpenVPNService - ok
22:36:55.0345 3812  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:36:55.0377 3812  ose - ok
22:36:56.0110 3812  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:36:56.0313 3812  osppsvc - ok
22:36:56.0375 3812  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:36:56.0453 3812  p2pimsvc - ok
22:36:56.0515 3812  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:36:56.0562 3812  p2psvc - ok
22:36:56.0671 3812  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:36:56.0687 3812  Parport - ok
22:36:56.0781 3812  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:36:56.0812 3812  partmgr - ok
22:36:56.0890 3812  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:36:56.0968 3812  PcaSvc - ok
22:36:57.0108 3812  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:36:58.0263 3812  pci - ok
22:36:58.0309 3812  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:36:58.0325 3812  pciide - ok
22:36:58.0419 3812  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:36:58.0450 3812  pcmcia - ok
22:36:58.0481 3812  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:36:58.0497 3812  pcw - ok
22:36:58.0543 3812  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:36:58.0621 3812  PEAUTH - ok
22:36:58.0918 3812  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:36:58.0980 3812  PerfHost - ok
22:36:59.0245 3812  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:36:59.0386 3812  pla - ok
22:36:59.0526 3812  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:36:59.0635 3812  PlugPlay - ok
22:36:59.0682 3812  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:36:59.0745 3812  PNRPAutoReg - ok
22:36:59.0901 3812  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:36:59.0916 3812  PNRPsvc - ok
22:37:00.0041 3812  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:37:00.0135 3812  PolicyAgent - ok
22:37:00.0244 3812  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:37:00.0322 3812  Power - ok
22:37:00.0447 3812  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:37:00.0540 3812  PptpMiniport - ok
22:37:00.0634 3812  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:37:00.0712 3812  Processor - ok
22:37:00.0774 3812  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
22:37:00.0883 3812  ProfSvc - ok
22:37:00.0915 3812  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:37:00.0930 3812  ProtectedStorage - ok
22:37:01.0102 3812  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:37:01.0227 3812  Psched - ok
22:37:01.0351 3812  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:37:01.0429 3812  ql2300 - ok
22:37:01.0648 3812  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:37:01.0710 3812  ql40xx - ok
22:37:01.0788 3812  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:37:01.0819 3812  QWAVE - ok
22:37:01.0897 3812  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:37:01.0975 3812  QWAVEdrv - ok
22:37:02.0022 3812  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:37:02.0147 3812  RasAcd - ok
22:37:02.0287 3812  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:37:02.0350 3812  RasAgileVpn - ok
22:37:02.0412 3812  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:37:02.0506 3812  RasAuto - ok
22:37:02.0677 3812  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:37:02.0787 3812  Rasl2tp - ok
22:37:02.0958 3812  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:37:03.0036 3812  RasMan - ok
22:37:03.0130 3812  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:37:03.0239 3812  RasPppoe - ok
22:37:03.0317 3812  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:37:03.0442 3812  RasSstp - ok
22:37:03.0582 3812  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:37:03.0707 3812  rdbss - ok
22:37:03.0785 3812  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:37:03.0832 3812  rdpbus - ok
22:37:03.0910 3812  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:37:04.0003 3812  RDPCDD - ok
22:37:04.0144 3812  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:37:04.0206 3812  RDPENCDD - ok
22:37:04.0284 3812  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:37:04.0331 3812  RDPREFMP - ok
22:37:04.0456 3812  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:37:04.0487 3812  RDPWD - ok
22:37:04.0581 3812  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:37:04.0612 3812  rdyboost - ok
22:37:04.0815 3812  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
22:37:04.0830 3812  RealNetworks Downloader Resolver Service - ok
22:37:04.0893 3812  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:37:04.0939 3812  RemoteAccess - ok
22:37:05.0002 3812  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:37:05.0049 3812  RemoteRegistry - ok
22:37:05.0173 3812  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:37:05.0267 3812  RFCOMM - ok
22:37:05.0563 3812  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
22:37:05.0579 3812  rpcapd - ok
22:37:05.0657 3812  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:37:05.0766 3812  RpcEptMapper - ok
22:37:05.0813 3812  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:37:05.0875 3812  RpcLocator - ok
22:37:06.0000 3812  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:37:06.0047 3812  RpcSs - ok
22:37:06.0125 3812  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:37:06.0172 3812  rspndr - ok
22:37:06.0328 3812  [ CE2EF8030932B98832EB2F9580C5B1DD ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
22:37:06.0359 3812  RSUSBSTOR - ok
22:37:06.0499 3812  [ A5986B46C4348CB35EBB98F220948DF7 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
22:37:06.0531 3812  rtl8192se - ok
22:37:06.0562 3812  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:37:06.0577 3812  SamSs - ok
22:37:06.0671 3812  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:37:06.0702 3812  SASDIFSV - ok
22:37:06.0827 3812  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:37:06.0858 3812  SASKUTIL - ok
22:37:06.0952 3812  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:37:06.0983 3812  sbp2port - ok
22:37:07.0092 3812  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:37:07.0170 3812  SCardSvr - ok
22:37:07.0233 3812  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:37:07.0357 3812  scfilter - ok
22:37:07.0763 3812  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:37:07.0872 3812  Schedule - ok
22:37:07.0981 3812  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:37:08.0028 3812  SCPolicySvc - ok
22:37:08.0169 3812  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:37:08.0247 3812  SDRSVC - ok
22:37:08.0404 3812  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:37:08.0528 3812  secdrv - ok
22:37:08.0638 3812  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:37:08.0747 3812  seclogon - ok
22:37:08.0918 3812  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
22:37:09.0886 3812  SENS - ok
22:37:09.0964 3812  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:37:09.0979 3812  SensrSvc - ok
22:37:10.0057 3812  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:37:10.0104 3812  Serenum - ok
22:37:10.0182 3812  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:37:10.0213 3812  Serial - ok
22:37:10.0307 3812  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:37:10.0369 3812  sermouse - ok
22:37:10.0416 3812  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:37:10.0510 3812  SessionEnv - ok
22:37:10.0588 3812  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:37:10.0634 3812  sffdisk - ok
22:37:10.0666 3812  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:37:10.0744 3812  sffp_mmc - ok
22:37:10.0775 3812  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:37:10.0868 3812  sffp_sd - ok
22:37:11.0024 3812  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:37:11.0056 3812  sfloppy - ok
22:37:11.0165 3812  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:37:11.0290 3812  SharedAccess - ok
22:37:11.0368 3812  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:37:11.0477 3812  ShellHWDetection - ok
22:37:11.0602 3812  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:37:11.0633 3812  SiSRaid2 - ok
22:37:11.0664 3812  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:37:11.0680 3812  SiSRaid4 - ok
22:37:11.0945 3812  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:37:11.0960 3812  SkypeUpdate - ok
22:37:12.0085 3812  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:37:12.0241 3812  Smb - ok
22:37:12.0335 3812  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:37:12.0413 3812  SNMPTRAP - ok
22:37:12.0475 3812  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:37:12.0491 3812  spldr - ok
22:37:12.0647 3812  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
22:37:12.0709 3812  Spooler - ok
22:37:13.0021 3812  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:37:13.0162 3812  sppsvc - ok
22:37:13.0286 3812  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:37:13.0340 3812  sppuinotify - ok
22:37:13.0449 3812  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:37:13.0574 3812  srv - ok
22:37:13.0683 3812  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:37:13.0715 3812  srv2 - ok
22:37:13.0746 3812  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:37:13.0808 3812  srvnet - ok
22:37:13.0917 3812  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:37:14.0011 3812  SSDPSRV - ok
22:37:14.0136 3812  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:37:14.0198 3812  SstpSvc - ok
22:37:14.0276 3812  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:37:14.0307 3812  stexstor - ok
22:37:14.0385 3812  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:37:14.0495 3812  stisvc - ok
22:37:14.0557 3812  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:37:14.0588 3812  swenum - ok
22:37:14.0697 3812  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:37:14.0807 3812  swprv - ok
22:37:14.0978 3812  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:37:15.0009 3812  SynTP - ok
22:37:15.0228 3812  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:37:15.0353 3812  SysMain - ok
22:37:15.0431 3812  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:37:15.0524 3812  TabletInputService - ok
22:37:15.0633 3812  [ D0B07EED9DDEC5C69521C689B7BF455F ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
22:37:15.0665 3812  tap0901 - ok
22:37:15.0680 3812  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:37:15.0805 3812  TapiSrv - ok
22:37:15.0852 3812  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:37:15.0977 3812  TBS - ok
22:37:16.0195 3812  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:37:16.0304 3812  Tcpip - ok
22:37:16.0523 3812  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:37:16.0569 3812  TCPIP6 - ok
22:37:16.0647 3812  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:37:16.0741 3812  tcpipreg - ok
22:37:16.0803 3812  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:37:16.0866 3812  TDPIPE - ok
22:37:16.0928 3812  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:37:17.0006 3812  TDTCP - ok
22:37:17.0069 3812  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:37:17.0131 3812  tdx - ok
22:37:17.0833 3812  [ 402794A75A899E296AB3EDEC4ECCB9A8 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:37:17.0911 3812  TeamViewer8 - ok
22:37:17.0973 3812  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:37:17.0989 3812  TermDD - ok
22:37:18.0129 3812  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:37:18.0207 3812  TermService - ok
22:37:18.0285 3812  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:37:18.0379 3812  Themes - ok
22:37:18.0473 3812  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:37:18.0519 3812  THREADORDER - ok
22:37:18.0597 3812  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:37:18.0707 3812  TrkWks - ok
22:37:18.0863 3812  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:37:18.0987 3812  TrustedInstaller - ok
22:37:19.0065 3812  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:37:19.0175 3812  tssecsrv - ok
22:37:19.0315 3812  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:37:19.0346 3812  TsUsbFlt - ok
22:37:19.0409 3812  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:37:19.0533 3812  tunnel - ok
22:37:19.0627 3812  [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
22:37:19.0643 3812  TurboB - ok
22:37:19.0705 3812  [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:37:19.0736 3812  TurboBoost - ok
22:37:19.0783 3812  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:37:19.0799 3812  uagp35 - ok
22:37:19.0814 3812  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
22:37:19.0830 3812  UBHelper - ok
22:37:19.0970 3812  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:37:20.0064 3812  udfs - ok
22:37:20.0142 3812  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:37:20.0173 3812  UI0Detect - ok
22:37:20.0220 3812  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:37:20.0235 3812  uliagpkx - ok
22:37:20.0329 3812  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:37:20.0391 3812  umbus - ok
22:37:20.0485 3812  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:37:20.0547 3812  UmPass - ok
22:37:20.0937 3812  [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:37:21.0000 3812  UNS - ok
22:37:21.0312 3812  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
22:37:21.0327 3812  Updater Service - ok
22:37:21.0546 3812  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:37:21.0858 3812  upnphost - ok
22:37:22.0014 3812  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:37:22.0045 3812  USBAAPL64 - ok
22:37:22.0123 3812  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
22:37:22.0139 3812  usbccgp - ok
22:37:22.0217 3812  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:37:22.0248 3812  usbcir - ok
22:37:22.0295 3812  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:37:22.0310 3812  usbehci - ok
22:37:22.0404 3812  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
22:37:22.0451 3812  usbhub - ok
22:37:22.0497 3812  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:37:22.0529 3812  usbohci - ok
22:37:22.0560 3812  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:37:22.0607 3812  usbprint - ok
22:37:22.0685 3812  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:37:22.0731 3812  USBSTOR - ok
22:37:22.0763 3812  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:37:22.0794 3812  usbuhci - ok
22:37:22.0965 3812  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:37:22.0981 3812  usbvideo - ok
22:37:23.0059 3812  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:37:23.0137 3812  UxSms - ok
22:37:23.0153 3812  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:37:23.0168 3812  VaultSvc - ok
22:37:23.0231 3812  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:37:23.0246 3812  vdrvroot - ok
22:37:23.0277 3812  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:37:23.0340 3812  vds - ok
22:37:23.0418 3812  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:37:23.0457 3812  vga - ok
22:37:23.0475 3812  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:37:23.0553 3812  VgaSave - ok
22:37:23.0677 3812  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:37:23.0693 3812  vhdmp - ok
22:37:23.0771 3812  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:37:23.0787 3812  viaide - ok
22:37:23.0818 3812  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:37:23.0833 3812  volmgr - ok
22:37:24.0021 3812  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:37:24.0052 3812  volmgrx - ok
22:37:24.0114 3812  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:37:24.0130 3812  volsnap - ok
22:37:24.0333 3812  [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
22:37:24.0364 3812  Vsdatant - ok
22:37:24.0660 3812  vsmon - ok
22:37:24.0816 3812  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:37:24.0847 3812  vsmraid - ok
22:37:25.0393 3812  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:37:25.0581 3812  VSS - ok
22:37:25.0955 3812  [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
22:37:25.0971 3812  vToolbarUpdater12.2.6 - ok
22:37:26.0017 3812  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:37:26.0064 3812  vwifibus - ok
22:37:26.0127 3812  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:37:26.0189 3812  vwififlt - ok
22:37:26.0423 3812  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:37:26.0563 3812  W32Time - ok
22:37:26.0610 3812  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:37:26.0673 3812  WacomPen - ok
22:37:26.0719 3812  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:37:26.0797 3812  WANARP - ok
22:37:26.0813 3812  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:37:26.0860 3812  Wanarpv6 - ok
22:37:27.0359 3812  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:37:27.0390 3812  WatAdminSvc - ok
22:37:27.0796 3812  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:37:27.0858 3812  wbengine - ok
22:37:27.0999 3812  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:37:28.0014 3812  WbioSrvc - ok
22:37:28.0155 3812  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:37:28.0217 3812  wcncsvc - ok
22:37:28.0264 3812  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:37:28.0311 3812  WcsPlugInService - ok
22:37:28.0373 3812  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:37:28.0404 3812  Wd - ok
22:37:28.0577 3812  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:37:28.0608 3812  Wdf01000 - ok
22:37:28.0670 3812  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:37:28.0780 3812  WdiServiceHost - ok
22:37:28.0795 3812  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:37:28.0811 3812  WdiSystemHost - ok
22:37:28.0905 3812  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:37:28.0952 3812  WebClient - ok
22:37:29.0061 3812  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:37:29.0155 3812  Wecsvc - ok
22:37:29.0249 3812  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:37:29.0311 3812  wercplsupport - ok
22:37:29.0420 3812  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:37:29.0498 3812  WerSvc - ok
22:37:29.0576 3812  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:37:29.0639 3812  WfpLwf - ok
22:37:29.0670 3812  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:37:29.0685 3812  WIMMount - ok
22:37:29.0779 3812  WinDefend - ok
22:37:29.0826 3812  WinHttpAutoProxySvc - ok
22:37:29.0997 3812  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:37:30.0107 3812  Winmgmt - ok
22:37:30.0356 3812  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:37:30.0481 3812  WinRM - ok
22:37:30.0637 3812  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:37:30.0699 3812  Wlansvc - ok
22:37:30.0746 3812  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:37:30.0777 3812  WmiAcpi - ok
22:37:30.0902 3812  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:37:30.0949 3812  wmiApSrv - ok
22:37:30.0996 3812  WMPNetworkSvc - ok
22:37:31.0058 3812  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:37:31.0074 3812  WPCSvc - ok
22:37:31.0121 3812  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:37:31.0152 3812  WPDBusEnum - ok
22:37:31.0230 3812  [ A3C13A0135BEAE18C7E2310D95F0D605 ] WS2IFSL         C:\Windows\system32\drivers\ws2ifsl.sys
22:37:31.0245 3812  WS2IFSL - ok
22:37:31.0495 3812  [ E8B1FE6669397D1772D8196DF0E57A9E ] WSCSVC          C:\Windows\system32\wscsvc.dll
22:37:31.0557 3812  WSCSVC - ok
22:37:31.0557 3812  WSearch - ok
22:37:31.0745 3812  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:37:31.0807 3812  wuauserv - ok
22:37:31.0838 3812  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:37:31.0901 3812  WudfPf - ok
22:37:32.0119 3812  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:37:32.0197 3812  WUDFRd - ok
22:37:32.0275 3812  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:37:32.0338 3812  wudfsvc - ok
22:37:32.0462 3812  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:37:32.0509 3812  WwanSvc - ok
22:37:32.0696 3812  ================ Scan global ===============================
22:37:32.0759 3812  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:37:32.0821 3812  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:37:32.0821 3812  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:37:32.0884 3812  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:37:33.0055 3812  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:37:33.0071 3812  [Global] - ok
22:37:33.0071 3812  ================ Scan MBR ==================================
22:37:33.0086 3812  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:37:33.0820 3812  \Device\Harddisk0\DR0 - ok
22:37:33.0835 3812  ================ Scan VBR ==================================
22:37:33.0866 3812  [ CE4593EF1DC9A8B93A66C38C6990EBC5 ] \Device\Harddisk0\DR0\Partition1
22:37:33.0882 3812  \Device\Harddisk0\DR0\Partition1 - ok
22:37:33.0913 3812  [ 857B730BFD0E853FBC4C60E1466E0284 ] \Device\Harddisk0\DR0\Partition2
22:37:33.0913 3812  \Device\Harddisk0\DR0\Partition2 - ok
22:37:33.0913 3812  ================ Scan active images ========================
22:37:33.0929 3812  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
22:37:33.0929 3812  C:\Windows\System32\drivers\crashdmp.sys - ok
22:37:33.0929 3812  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
22:37:33.0929 3812  C:\Windows\System32\drivers\dumpfve.sys - ok
22:37:33.0944 3812  [ 42E00996DFC13C46366689C0EA8ABC5E ] C:\Windows\System32\drivers\iaStor.sys
22:37:33.0944 3812  C:\Windows\System32\drivers\iaStor.sys - ok
22:37:33.0944 3812  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
22:37:33.0944 3812  C:\Windows\System32\drivers\cdrom.sys - ok
22:37:33.0960 3812  [ F388EA341C6CBC881475D7F1482C6B01 ] C:\Windows\System32\drivers\klflt.sys
22:37:33.0960 3812  C:\Windows\System32\drivers\klflt.sys - ok
22:37:33.0960 3812  [ 2CB6342329B118D9C2CD7551B1CF7002 ] C:\Windows\System32\drivers\klif.sys
22:37:33.0960 3812  C:\Windows\System32\drivers\klif.sys - ok
22:37:33.0960 3812  [ A313C4AE276E3C975A1BC27170AA23C6 ] C:\Windows\System32\drivers\avgtpx64.sys
22:37:33.0960 3812  C:\Windows\System32\drivers\avgtpx64.sys - ok
22:37:33.0960 3812  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
22:37:33.0960 3812  C:\Windows\System32\drivers\beep.sys - ok
22:37:33.0976 3812  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
22:37:33.0976 3812  C:\Windows\System32\drivers\null.sys - ok
22:37:33.0991 3812  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
22:37:33.0991 3812  C:\Windows\System32\drivers\RDPCDD.sys - ok
22:37:33.0991 3812  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
22:37:33.0991 3812  C:\Windows\System32\drivers\vga.sys - ok
22:37:33.0991 3812  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
22:37:33.0991 3812  C:\Windows\System32\drivers\videoprt.sys - ok
22:37:34.0007 3812  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
22:37:34.0007 3812  C:\Windows\System32\drivers\watchdog.sys - ok
22:37:34.0007 3812  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
22:37:34.0007 3812  C:\Windows\System32\drivers\RDPENCDD.sys - ok
22:37:34.0007 3812  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
22:37:34.0007 3812  C:\Windows\System32\drivers\RDPREFMP.sys - ok
22:37:34.0022 3812  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
22:37:34.0022 3812  C:\Windows\System32\drivers\msfs.sys - ok
22:37:34.0022 3812  [ 4AFD6A41AAA3806893F281551BFFDED8 ] C:\Windows\System32\drivers\NEOFLTR_7111_21451.SYS
22:37:34.0022 3812  C:\Windows\System32\drivers\NEOFLTR_7111_21451.SYS - ok
22:37:34.0022 3812  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
22:37:34.0022 3812  C:\Windows\System32\drivers\npfs.sys - ok
22:37:34.0038 3812  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
22:37:34.0038 3812  C:\Windows\System32\drivers\tdi.sys - ok
22:37:34.0038 3812  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
22:37:34.0038 3812  C:\Windows\System32\drivers\tdx.sys - ok
22:37:34.0038 3812  [ 36A14FD1A23F57046361733B792CA8DB ] C:\Windows\System32\drivers\AFD.SYS
22:37:34.0038 3812  C:\Windows\System32\drivers\AFD.SYS - ok
22:37:34.0054 3812  [ 69BD90E337625F96C718CACE7A9C9E29 ] C:\Windows\System32\drivers\avgtdia.sys
22:37:34.0054 3812  C:\Windows\System32\drivers\avgtdia.sys - ok
22:37:34.0054 3812  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
22:37:34.0054 3812  C:\Windows\System32\drivers\netbt.sys - ok
22:37:34.0054 3812  [ 1065A957523ED51AAFFF737CC63010A6 ] C:\Windows\System32\drivers\vsdatant.sys
22:37:34.0054 3812  C:\Windows\System32\drivers\vsdatant.sys - ok
22:37:34.0069 3812  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
22:37:34.0069 3812  C:\Windows\System32\drivers\netbios.sys - ok
22:37:34.0069 3812  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
22:37:34.0069 3812  C:\Windows\System32\drivers\pacer.sys - ok
22:37:34.0085 3812  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
22:37:34.0085 3812  C:\Windows\System32\drivers\vwififlt.sys - ok
22:37:34.0085 3812  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
22:37:34.0085 3812  C:\Windows\System32\drivers\wanarp.sys - ok
22:37:34.0085 3812  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
22:37:34.0085 3812  C:\Windows\System32\drivers\wfplwf.sys - ok
22:37:34.0100 3812  [ A3C13A0135BEAE18C7E2310D95F0D605 ] C:\Windows\System32\drivers\WS2IFSL.SYS
22:37:34.0100 3812  C:\Windows\System32\drivers\WS2IFSL.SYS - ok
22:37:34.0100 3812  [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
22:37:34.0100 3812  C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
22:37:34.0100 3812  [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
22:37:34.0100 3812  C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
22:37:34.0100 3812  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
22:37:34.0100 3812  C:\Windows\System32\drivers\mssmbios.sys - ok
22:37:34.0116 3812  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
22:37:34.0116 3812  C:\Windows\System32\drivers\nsiproxy.sys - ok
22:37:34.0116 3812  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
22:37:34.0116 3812  C:\Windows\System32\drivers\rdbss.sys - ok
22:37:34.0116 3812  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
22:37:34.0116 3812  C:\Windows\System32\drivers\termdd.sys - ok
22:37:34.0132 3812  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] C:\Windows\System32\drivers\avgldx64.sys
22:37:34.0132 3812  C:\Windows\System32\drivers\avgldx64.sys - ok
22:37:34.0132 3812  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
22:37:34.0132 3812  C:\Windows\System32\drivers\blbdrive.sys - ok
22:37:34.0132 3812  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
22:37:34.0132 3812  C:\Windows\System32\drivers\dfsc.sys - ok
22:37:34.0147 3812  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
22:37:34.0147 3812  C:\Windows\System32\drivers\discache.sys - ok
22:37:34.0147 3812  [ 139BD30C32BEE830D0CF39C5324D79DE ] C:\Windows\System32\drivers\avgidsdrivera.sys
22:37:34.0147 3812  C:\Windows\System32\drivers\avgidsdrivera.sys - ok
22:37:34.0147 3812  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
22:37:34.0147 3812  C:\Windows\System32\drivers\tunnel.sys - ok
22:37:34.0163 3812  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
22:37:34.0163 3812  C:\Windows\System32\ntdll.dll - ok
22:37:34.0163 3812  [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
22:37:34.0163 3812  C:\Windows\System32\smss.exe - ok
22:37:34.0163 3812  [ 5F64B04C8342352FAFEAEEBAAABA9EDA ] C:\Windows\System32\drivers\nvBridge.kmd
22:37:34.0163 3812  C:\Windows\System32\drivers\nvBridge.kmd - ok
22:37:34.0163 3812  [ 9F6ADE7EC1D5480AD1EF370859B26D5A ] C:\Windows\System32\drivers\nvlddmkm.sys
22:37:34.0163 3812  C:\Windows\System32\drivers\nvlddmkm.sys - ok
22:37:34.0178 3812  [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
22:37:34.0178 3812  C:\Windows\System32\drivers\dxgkrnl.sys - ok
22:37:34.0178 3812  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
22:37:34.0178 3812  C:\Windows\System32\drivers\dxgmms1.sys - ok
22:37:34.0178 3812  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
22:37:34.0178 3812  C:\Windows\System32\drivers\hdaudbus.sys - ok
22:37:34.0194 3812  [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
22:37:34.0194 3812  C:\Windows\System32\drivers\HECIx64.sys - ok
22:37:34.0194 3812  [ 74EE782B1D9C241EFE425565854C661C ] C:\Windows\System32\drivers\usbehci.sys
22:37:34.0194 3812  C:\Windows\System32\drivers\usbehci.sys - ok
22:37:34.0194 3812  [ B6D64EE607637301FF8C33139B4950DE ] C:\Windows\System32\drivers\usbport.sys
22:37:34.0194 3812  C:\Windows\System32\drivers\usbport.sys - ok
22:37:34.0194 3812  [ C9B4ECC187581E5BF3F76648884B7829 ] C:\Windows\System32\drivers\k57nd60a.sys
22:37:34.0194 3812  C:\Windows\System32\drivers\k57nd60a.sys - ok
22:37:34.0210 3812  [ A5986B46C4348CB35EBB98F220948DF7 ] C:\Windows\System32\drivers\rtl8192se.sys
22:37:34.0210 3812  C:\Windows\System32\drivers\rtl8192se.sys - ok
22:37:34.0210 3812  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
22:37:34.0210 3812  C:\Windows\System32\drivers\vwifibus.sys - ok
22:37:34.0210 3812  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
22:37:34.0210 3812  C:\Windows\System32\drivers\CmBatt.sys - ok
22:37:34.0210 3812  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
22:37:34.0210 3812  C:\Windows\System32\drivers\i8042prt.sys - ok
22:37:34.0225 3812  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
22:37:34.0225 3812  C:\Windows\System32\drivers\kbdclass.sys - ok
22:37:34.0225 3812  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] C:\Windows\System32\drivers\SynTP.sys
22:37:34.0225 3812  C:\Windows\System32\drivers\SynTP.sys - ok
22:37:34.0225 3812  [ 63C8D74BED9F80F4DD0AA7A3101EB639 ] C:\Windows\System32\drivers\usbd.sys
22:37:34.0225 3812  C:\Windows\System32\drivers\usbd.sys - ok
22:37:34.0241 3812  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
22:37:34.0241 3812  C:\Windows\System32\drivers\mouclass.sys - ok
22:37:34.0241 3812  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] C:\Windows\System32\drivers\NTIDrvr.sys
22:37:34.0241 3812  C:\Windows\System32\drivers\NTIDrvr.sys - ok
22:37:34.0241 3812  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] C:\Windows\System32\drivers\UBHelper.sys
22:37:34.0241 3812  C:\Windows\System32\drivers\UBHelper.sys - ok
22:37:34.0241 3812  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
22:37:34.0241 3812  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
22:37:34.0256 3812  [ 4B6363CD4610BB848531BB260B15DFCC ] C:\Windows\System32\drivers\Impcd.sys
22:37:34.0256 3812  C:\Windows\System32\drivers\Impcd.sys - ok
22:37:34.0256 3812  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
22:37:34.0256 3812  C:\Windows\System32\drivers\intelppm.sys - ok
22:37:34.0256 3812  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
22:37:34.0256 3812  C:\Windows\System32\drivers\wmiacpi.sys - ok
22:37:34.0272 3812  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
22:37:34.0272 3812  C:\Windows\System32\drivers\CompositeBus.sys - ok
22:37:34.0272 3812  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
22:37:34.0272 3812  C:\Windows\System32\drivers\agilevpn.sys - ok
22:37:34.0272 3812  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
22:37:34.0272 3812  C:\Windows\System32\drivers\rasl2tp.sys - ok
22:37:34.0288 3812  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
22:37:34.0288 3812  C:\Windows\System32\drivers\ndistapi.sys - ok
22:37:34.0288 3812  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
22:37:34.0288 3812  C:\Windows\System32\drivers\ndiswan.sys - ok
22:37:34.0288 3812  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
22:37:34.0288 3812  C:\Windows\System32\drivers\raspppoe.sys - ok
22:37:34.0288 3812  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
22:37:34.0288 3812  C:\Windows\System32\drivers\raspptp.sys - ok
22:37:34.0288 3812  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
22:37:34.0288 3812  C:\Windows\System32\drivers\rassstp.sys - ok
22:37:34.0303 3812  [ D0B07EED9DDEC5C69521C689B7BF455F ] C:\Windows\System32\drivers\tap0901.sys
22:37:34.0303 3812  C:\Windows\System32\drivers\tap0901.sys - ok
22:37:34.0303 3812  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
22:37:34.0303 3812  C:\Windows\System32\drivers\ks.sys - ok
22:37:34.0303 3812  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
22:37:34.0303 3812  C:\Windows\System32\drivers\swenum.sys - ok
22:37:34.0303 3812  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
22:37:34.0303 3812  C:\Windows\System32\drivers\umbus.sys - ok
22:37:34.0319 3812  [ DC96BD9CCB8403251BCF25047573558E ] C:\Windows\System32\drivers\usbhub.sys
22:37:34.0319 3812  C:\Windows\System32\drivers\usbhub.sys - ok
22:37:34.0319 3812  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
22:37:34.0319 3812  C:\Windows\System32\drivers\ndproxy.sys - ok
22:37:34.0319 3812  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
22:37:34.0319 3812  C:\Windows\System32\drivers\drmk.sys - ok
22:37:34.0319 3812  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
22:37:34.0319 3812  C:\Windows\System32\drivers\portcls.sys - ok
22:37:34.0334 3812  [ CDDD4478757288DF4BB1494BFD084259 ] C:\Windows\System32\drivers\nvhda64v.sys
22:37:34.0334 3812  C:\Windows\System32\drivers\nvhda64v.sys - ok
22:37:34.0334 3812  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
22:37:34.0334 3812  C:\Windows\System32\drivers\ksthunk.sys - ok
22:37:34.0334 3812  [ 51C98815721B44BF70E8AEB3FF3F57D6 ] C:\Windows\System32\drivers\RTKVHD64.sys
22:37:34.0334 3812  C:\Windows\System32\drivers\RTKVHD64.sys - ok
22:37:34.0350 3812  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
22:37:34.0350 3812  C:\Windows\System32\autochk.exe - ok
22:37:34.0350 3812  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] C:\Windows\System32\drivers\usbccgp.sys
22:37:34.0350 3812  C:\Windows\System32\drivers\usbccgp.sys - ok
22:37:34.0350 3812  [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
22:37:34.0350 3812  C:\Windows\System32\kernel32.dll - ok
22:37:34.0366 3812  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
22:37:34.0366 3812  C:\Windows\System32\drivers\usbvideo.sys - ok
22:37:34.0366 3812  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
22:37:34.0366 3812  C:\Windows\System32\imm32.dll - ok
22:37:34.0366 3812  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
22:37:34.0366 3812  C:\Windows\System32\ole32.dll - ok
22:37:34.0381 3812  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
22:37:34.0381 3812  C:\Windows\System32\sechost.dll - ok
22:37:34.0381 3812  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
22:37:34.0381 3812  C:\Windows\System32\difxapi.dll - ok
22:37:34.0381 3812  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
22:37:34.0381 3812  C:\Windows\System32\ws2_32.dll - ok
22:37:34.0381 3812  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
22:37:34.0381 3812  C:\Windows\System32\clbcatq.dll - ok
22:37:34.0397 3812  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
22:37:34.0397 3812  C:\Windows\System32\user32.dll - ok
22:37:34.0397 3812  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
22:37:34.0397 3812  C:\Windows\System32\comdlg32.dll - ok
22:37:34.0397 3812  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
22:37:34.0397 3812  C:\Windows\System32\Wldap32.dll - ok
22:37:34.0397 3812  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
22:37:34.0397 3812  C:\Windows\System32\shlwapi.dll - ok
22:37:34.0412 3812  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
22:37:34.0412 3812  C:\Windows\System32\msctf.dll - ok
22:37:34.0412 3812  [ 792685A9538424CC1F3FA6A816FE147C ] C:\Windows\System32\urlmon.dll
22:37:34.0412 3812  C:\Windows\System32\urlmon.dll - ok
22:37:34.0412 3812  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
22:37:34.0412 3812  C:\Windows\System32\setupapi.dll - ok
22:37:34.0412 3812  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
22:37:34.0428 3812  C:\Windows\System32\imagehlp.dll - ok
22:37:34.0428 3812  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
22:37:34.0428 3812  C:\Windows\System32\oleaut32.dll - ok
22:37:34.0428 3812  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
22:37:34.0428 3812  C:\Windows\System32\rpcrt4.dll - ok
22:37:34.0428 3812  [ FAF6EC2460AD5FBBD38D8E1AE28B0D77 ] C:\Windows\System32\wininet.dll
22:37:34.0428 3812  C:\Windows\System32\wininet.dll - ok
22:37:34.0428 3812  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
22:37:34.0428 3812  C:\Windows\System32\lpk.dll - ok
22:37:34.0444 3812  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
22:37:34.0444 3812  C:\Windows\System32\nsi.dll - ok
22:37:34.0444 3812  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
22:37:34.0444 3812  C:\Windows\System32\advapi32.dll - ok
22:37:34.0444 3812  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
22:37:34.0444 3812  C:\Windows\System32\psapi.dll - ok
22:37:34.0444 3812  [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
22:37:34.0444 3812  C:\Windows\System32\shell32.dll - ok
22:37:34.0459 3812  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
22:37:34.0459 3812  C:\Windows\System32\gdi32.dll - ok
22:37:34.0459 3812  [ 9E0D8010D7368856617D3FE0FA5DA58F ] C:\Windows\System32\iertutil.dll
22:37:34.0459 3812  C:\Windows\System32\iertutil.dll - ok
22:37:34.0459 3812  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
22:37:34.0459 3812  C:\Windows\System32\msvcrt.dll - ok
22:37:34.0475 3812  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
22:37:34.0475 3812  C:\Windows\System32\usp10.dll - ok
22:37:34.0475 3812  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
22:37:34.0475 3812  C:\Windows\System32\normaliz.dll - ok
22:37:34.0475 3812  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
22:37:34.0475 3812  C:\Windows\System32\comctl32.dll - ok
22:37:34.0490 3812  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
22:37:34.0490 3812  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
22:37:34.0490 3812  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
22:37:34.0490 3812  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
22:37:34.0490 3812  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
22:37:34.0490 3812  C:\Windows\System32\devobj.dll - ok
22:37:34.0506 3812  [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
22:37:34.0506 3812  C:\Windows\System32\KernelBase.dll - ok
22:37:34.0506 3812  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
22:37:34.0506 3812  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
22:37:34.0506 3812  [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
22:37:34.0506 3812  C:\Windows\System32\crypt32.dll - ok
22:37:34.0522 3812  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
22:37:34.0522 3812  C:\Windows\System32\wintrust.dll - ok
22:37:34.0522 3812  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
22:37:34.0522 3812  C:\Windows\System32\cfgmgr32.dll - ok
22:37:34.0522 3812  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
22:37:34.0522 3812  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
22:37:34.0537 3812  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
22:37:34.0537 3812  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
22:37:34.0537 3812  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
22:37:34.0537 3812  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
22:37:34.0537 3812  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
22:37:34.0537 3812  C:\Windows\System32\msasn1.dll - ok
22:37:34.0537 3812  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
22:37:34.0537 3812  C:\Windows\SysWOW64\normaliz.dll - ok
22:37:34.0553 3812  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
22:37:34.0553 3812  C:\Windows\System32\drivers\dxapi.sys - ok
22:37:34.0553 3812  [ 73601028E7C44154318AE91D2EB2EDB3 ] C:\Windows\System32\win32k.sys
22:37:34.0553 3812  C:\Windows\System32\win32k.sys - ok
22:37:34.0553 3812  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
22:37:34.0553 3812  C:\Windows\System32\csrss.exe - ok
22:37:34.0568 3812  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
22:37:34.0568 3812  C:\Windows\System32\csrsrv.dll - ok
22:37:34.0568 3812  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
22:37:34.0568 3812  C:\Windows\System32\basesrv.dll - ok
22:37:34.0568 3812  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
22:37:34.0568 3812  C:\Windows\System32\winsrv.dll - ok
22:37:34.0568 3812  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
22:37:34.0568 3812  C:\Windows\System32\drivers\monitor.sys - ok
22:37:34.0584 3812  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
22:37:34.0584 3812  C:\Windows\System32\tsddd.dll - ok
22:37:34.0584 3812  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
22:37:34.0584 3812  C:\Windows\System32\sxssrv.dll - ok
22:37:34.0584 3812  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
22:37:34.0584 3812  C:\Windows\System32\wininit.exe - ok
22:37:34.0584 3812  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
22:37:34.0584 3812  C:\Windows\System32\profapi.dll - ok
22:37:34.0600 3812  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
22:37:34.0600 3812  C:\Windows\System32\RpcRtRemote.dll - ok
22:37:34.0600 3812  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
22:37:34.0600 3812  C:\Windows\System32\KBDUS.DLL - ok
22:37:34.0600 3812  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
22:37:34.0600 3812  C:\Windows\System32\cdd.dll - ok
22:37:34.0600 3812  [ 3336F8943C6A4882A6D40359E8399CCF ] C:\Windows\System32\KBDIR.DLL
22:37:34.0600 3812  C:\Windows\System32\KBDIR.DLL - ok
22:37:34.0615 3812  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
22:37:34.0615 3812  C:\Windows\System32\WlS0WndH.dll - ok
22:37:34.0615 3812  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
22:37:34.0615 3812  C:\Windows\System32\sxs.dll - ok
22:37:34.0615 3812  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
22:37:34.0615 3812  C:\Windows\System32\cryptbase.dll - ok
22:37:34.0615 3812  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
22:37:34.0615 3812  C:\Windows\System32\apphelp.dll - ok
22:37:34.0631 3812  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
22:37:34.0631 3812  C:\Windows\System32\services.exe - ok
22:37:34.0631 3812  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
22:37:34.0631 3812  C:\Windows\System32\lsass.exe - ok
22:37:34.0631 3812  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
22:37:34.0631 3812  C:\Windows\System32\sspicli.dll - ok
22:37:34.0646 3812  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
22:37:34.0646 3812  C:\Windows\System32\lsm.exe - ok
22:37:34.0646 3812  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
22:37:34.0646 3812  C:\Windows\System32\sspisrv.dll - ok
22:37:34.0646 3812  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
22:37:34.0646 3812  C:\Windows\System32\sysntfy.dll - ok
22:37:34.0646 3812  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
22:37:34.0646 3812  C:\Windows\System32\wmsgapi.dll - ok
22:37:34.0662 3812  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
22:37:34.0662 3812  C:\Windows\System32\scext.dll - ok
22:37:34.0662 3812  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
22:37:34.0662 3812  C:\Windows\System32\lsasrv.dll - ok
22:37:34.0662 3812  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
22:37:34.0662 3812  C:\Windows\System32\secur32.dll - ok
22:37:34.0662 3812  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
22:37:34.0662 3812  C:\Windows\System32\scesrv.dll - ok
22:37:34.0678 3812  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
22:37:34.0678 3812  C:\Windows\System32\srvcli.dll - ok
22:37:34.0678 3812  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
22:37:34.0678 3812  C:\Windows\System32\samsrv.dll - ok
22:37:34.0678 3812  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
22:37:34.0678 3812  C:\Windows\System32\cryptdll.dll - ok
22:37:34.0678 3812  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
22:37:34.0678 3812  C:\Windows\System32\wevtapi.dll - ok
22:37:34.0693 3812  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
22:37:34.0693 3812  C:\Windows\System32\cngaudit.dll - ok
22:37:34.0693 3812  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
22:37:34.0693 3812  C:\Windows\System32\authz.dll - ok
22:37:34.0693 3812  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
22:37:34.0693 3812  C:\Windows\System32\ncrypt.dll - ok
22:37:34.0693 3812  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
22:37:34.0693 3812  C:\Windows\System32\bcrypt.dll - ok
22:37:34.0709 3812  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
22:37:34.0709 3812  C:\Windows\System32\msprivs.dll - ok
22:37:34.0709 3812  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
22:37:34.0709 3812  C:\Windows\System32\winlogon.exe - ok
22:37:34.0709 3812  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
22:37:34.0709 3812  C:\Windows\System32\winsta.dll - ok
22:37:34.0724 3812  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
22:37:34.0724 3812  C:\Windows\System32\netjoin.dll - ok
22:37:34.0724 3812  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
22:37:34.0724 3812  C:\Windows\System32\negoexts.dll - ok
22:37:34.0724 3812  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
22:37:34.0724 3812  C:\Windows\System32\kerberos.dll - ok
22:37:34.0740 3812  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
22:37:34.0740 3812  C:\Windows\System32\cryptsp.dll - ok
22:37:34.0740 3812  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
22:37:34.0740 3812  C:\Windows\System32\mswsock.dll - ok
22:37:34.0740 3812  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
22:37:34.0740 3812  C:\Windows\System32\wship6.dll - ok
22:37:34.0740 3812  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
22:37:34.0740 3812  C:\Windows\System32\msv1_0.dll - ok
22:37:34.0756 3812  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
22:37:34.0756 3812  C:\Windows\System32\netlogon.dll - ok
22:37:34.0756 3812  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
22:37:34.0756 3812  C:\Windows\System32\dnsapi.dll - ok
22:37:34.0756 3812  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
22:37:34.0756 3812  C:\Windows\System32\logoncli.dll - ok
22:37:34.0771 3812  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
22:37:34.0771 3812  C:\Windows\System32\schannel.dll - ok
22:37:34.0771 3812  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
22:37:34.0771 3812  C:\Windows\System32\wdigest.dll - ok
22:37:34.0771 3812  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
22:37:34.0771 3812  C:\Windows\System32\rsaenh.dll - ok
22:37:34.0771 3812  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
22:37:34.0771 3812  C:\Windows\System32\TSpkg.dll - ok
22:37:34.0787 3812  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
22:37:34.0787 3812  C:\Windows\System32\pku2u.dll - ok
22:37:34.0787 3812  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
22:37:34.0787 3812  C:\Windows\System32\bcryptprimitives.dll - ok
22:37:34.0787 3812  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
22:37:34.0787 3812  C:\Windows\System32\efslsaext.dll - ok
22:37:34.0802 3812  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
22:37:34.0802 3812  C:\Windows\System32\credssp.dll - ok
22:37:34.0802 3812  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
22:37:34.0802 3812  C:\Windows\System32\scecli.dll - ok
22:37:34.0802 3812  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
22:37:34.0802 3812  C:\Windows\System32\ubpm.dll - ok
22:37:34.0802 3812  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
22:37:34.0802 3812  C:\Windows\System32\svchost.exe - ok
22:37:34.0818 3812  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
22:37:34.0818 3812  C:\Windows\System32\umpnpmgr.dll - ok
22:37:34.0818 3812  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
22:37:34.0818 3812  C:\Windows\System32\SPInf.dll - ok
22:37:34.0818 3812  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
22:37:34.0818 3812  C:\Windows\System32\devrtl.dll - ok
22:37:34.0818 3812  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
22:37:34.0818 3812  C:\Windows\System32\userenv.dll - ok
22:37:34.0834 3812  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
22:37:34.0834 3812  C:\Windows\System32\gpapi.dll - ok
22:37:34.0834 3812  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
22:37:34.0834 3812  C:\Windows\System32\umpo.dll - ok
22:37:34.0834 3812  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
22:37:34.0834 3812  C:\Windows\System32\pcwum.dll - ok
22:37:34.0849 3812  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
22:37:34.0849 3812  C:\Windows\System32\powrprof.dll - ok
22:37:34.0849 3812  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
22:37:34.0849 3812  C:\Windows\System32\drivers\luafv.sys - ok
22:37:34.0849 3812  [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
22:37:34.0849 3812  C:\Windows\System32\drivers\WUDFPf.sys - ok
22:37:34.0849 3812  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
22:37:34.0849 3812  C:\Windows\System32\atmfd.dll - ok
22:37:34.0865 3812  [ 628167D7E894807EF883A13E34172C3C ] C:\Windows\System32\nvvsvc.exe
22:37:34.0865 3812  C:\Windows\System32\nvvsvc.exe - ok
22:37:34.0865 3812  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
22:37:34.0865 3812  C:\Windows\System32\rpcss.dll - ok
22:37:34.0865 3812  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
22:37:34.0865 3812  C:\Windows\System32\RpcEpMap.dll - ok
22:37:34.0880 3812  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
22:37:34.0880 3812  C:\Windows\System32\WSHTCPIP.DLL - ok
22:37:34.0880 3812  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
22:37:34.0880 3812  C:\Windows\System32\wshqos.dll - ok
22:37:34.0880 3812  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
22:37:34.0880 3812  C:\Windows\System32\FirewallAPI.dll - ok
22:37:34.0896 3812  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
22:37:34.0896 3812  C:\Windows\System32\LogonUI.exe - ok
22:37:34.0896 3812  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
22:37:34.0896 3812  C:\Windows\System32\authui.dll - ok
22:37:34.0896 3812  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
22:37:34.0896 3812  C:\Windows\System32\version.dll - ok
22:37:34.0896 3812  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
22:37:34.0912 3812  C:\Windows\System32\wevtsvc.dll - ok
22:37:34.0912 3812  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
22:37:34.0912 3812  C:\Windows\System32\cryptui.dll - ok
22:37:34.0912 3812  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
22:37:34.0912 3812  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
22:37:34.0927 3812  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
22:37:34.0927 3812  C:\Windows\System32\audiosrv.dll - ok
22:37:34.0927 3812  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
22:37:34.0927 3812  C:\Windows\System32\MMDevAPI.dll - ok
22:37:34.0927 3812  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
22:37:34.0927 3812  C:\Windows\System32\ntmarta.dll - ok
22:37:34.0943 3812  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
22:37:34.0943 3812  C:\Windows\System32\FntCache.dll - ok
22:37:34.0943 3812  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
22:37:34.0943 3812  C:\Windows\System32\propsys.dll - ok
22:37:34.0943 3812  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
22:37:34.0943 3812  C:\Windows\System32\shacct.dll - ok
22:37:34.0943 3812  [ 5C78838B4D166D1A27DB3A8A820C799A ] C:\Windows\System32\profsvc.dll
22:37:34.0943 3812  C:\Windows\System32\profsvc.dll - ok
22:37:34.0958 3812  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
22:37:34.0958 3812  C:\Windows\System32\samlib.dll - ok
22:37:34.0958 3812  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
22:37:34.0958 3812  C:\Windows\System32\mmcss.dll - ok
22:37:34.0958 3812  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
22:37:34.0958 3812  C:\Windows\System32\avrt.dll - ok
22:37:34.0974 3812  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
22:37:34.0974 3812  C:\Windows\System32\uxtheme.dll - ok
22:37:34.0974 3812  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
22:37:34.0974 3812  C:\Windows\System32\radardt.dll - ok
22:37:34.0974 3812  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
22:37:34.0974 3812  C:\Windows\System32\audiodg.exe - ok
22:37:34.0990 3812  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
22:37:34.0990 3812  C:\Windows\System32\adtschema.dll - ok
22:37:34.0990 3812  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
22:37:34.0990 3812  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
22:37:34.0990 3812  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
22:37:34.0990 3812  C:\Windows\System32\netprofm.dll - ok
22:37:35.0005 3812  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
22:37:35.0005 3812  C:\Windows\System32\gpsvc.dll - ok
22:37:35.0006 3812  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
22:37:35.0006 3812  C:\Windows\System32\wlansvc.dll - ok
22:37:35.0006 3812  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
22:37:35.0006 3812  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
22:37:35.0006 3812  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
22:37:35.0006 3812  C:\Windows\System32\dui70.dll - ok
22:37:35.0022 3812  [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
22:37:35.0022 3812  C:\Windows\System32\nlaapi.dll - ok
22:37:35.0022 3812  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
22:37:35.0022 3812  C:\Windows\System32\MPSSVC.dll - ok
22:37:35.0022 3812  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
22:37:35.0022 3812  C:\Windows\System32\duser.dll - ok
22:37:35.0037 3812  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
22:37:35.0037 3812  C:\Windows\System32\atl.dll - ok
22:37:35.0037 3812  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
22:37:35.0037 3812  C:\Windows\System32\themeservice.dll - ok
22:37:35.0037 3812  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
22:37:35.0037 3812  C:\Windows\System32\dsrole.dll - ok
22:37:35.0053 3812  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
22:37:35.0053 3812  C:\Windows\System32\es.dll - ok
22:37:35.0053 3812  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
22:37:35.0053 3812  C:\Windows\System32\SndVolSSO.dll - ok
22:37:35.0053 3812  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
22:37:35.0053 3812  C:\Windows\System32\hid.dll - ok
22:37:35.0053 3812  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
22:37:35.0053 3812  C:\Windows\System32\slc.dll - ok
22:37:35.0069 3812  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
22:37:35.0069 3812  C:\Windows\System32\comres.dll - ok
22:37:35.0069 3812  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
22:37:35.0069 3812  C:\Windows\System32\Sens.dll - ok
22:37:35.0069 3812  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
22:37:35.0069 3812  C:\Windows\System32\uxsms.dll - ok
22:37:35.0069 3812  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
22:37:35.0069 3812  C:\Windows\System32\dwmapi.dll - ok
22:37:35.0084 3812  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
22:37:35.0084 3812  C:\Windows\System32\wtsapi32.dll - ok
22:37:35.0084 3812  [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
22:37:35.0084 3812  C:\Windows\System32\WUDFSvc.dll - ok
22:37:35.0084 3812  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
22:37:35.0084 3812  C:\Windows\System32\winmm.dll - ok
22:37:35.0084 3812  [ D6F630C1FD7F436316093AE500363B19 ] C:\Windows\System32\xmllite.dll
22:37:35.0084 3812  C:\Windows\System32\xmllite.dll - ok
22:37:35.0084 3812  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
22:37:35.0084 3812  C:\Windows\System32\drivers\fltMgr.sys - ok
22:37:35.0100 3812  [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
22:37:35.0100 3812  C:\Windows\System32\WUDFPlatform.dll - ok
22:37:35.0100 3812  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
22:37:35.0100 3812  C:\Windows\System32\wdmaud.drv - ok
22:37:35.0100 3812  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
22:37:35.0100 3812  C:\Windows\System32\PSHED.DLL - ok
22:37:35.0100 3812  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
22:37:35.0100 3812  C:\Windows\System32\ksuser.dll - ok
22:37:35.0115 3812  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
22:37:35.0115 3812  C:\Windows\System32\drivers\lltdio.sys - ok

 



#13 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 17 July 2013 - 06:20 AM

22:37:35.0115 3812  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
22:37:35.0115 3812  C:\Windows\System32\drivers\lltdio.sys - ok
22:37:35.0115 3812  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
22:37:35.0115 3812  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
22:37:35.0115 3812  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
22:37:35.0115 3812  C:\Windows\System32\drivers\nwifi.sys - ok
22:37:35.0131 3812  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
22:37:35.0131 3812  C:\Windows\System32\drivers\ndisuio.sys - ok
22:37:35.0131 3812  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
22:37:35.0131 3812  C:\Windows\System32\drivers\rspndr.sys - ok
22:37:35.0131 3812  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
22:37:35.0131 3812  C:\Windows\System32\AudioSes.dll - ok
22:37:35.0131 3812  [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] C:\Windows\System32\drivers\TurboB.sys
22:37:35.0131 3812  C:\Windows\System32\drivers\TurboB.sys - ok
22:37:35.0147 3812  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
22:37:35.0147 3812  C:\Windows\System32\nsisvc.dll - ok
22:37:35.0147 3812  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
22:37:35.0147 3812  C:\Windows\System32\lmhsvc.dll - ok
22:37:35.0147 3812  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
22:37:35.0147 3812  C:\Windows\System32\keyiso.dll - ok
22:37:35.0147 3812  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
22:37:35.0147 3812  C:\Windows\System32\cryptsvc.dll - ok
22:37:35.0162 3812  [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
22:37:35.0162 3812  C:\Windows\System32\cryptnet.dll - ok
22:37:35.0162 3812  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
22:37:35.0162 3812  C:\Windows\System32\eapsvc.dll - ok
22:37:35.0162 3812  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
22:37:35.0162 3812  C:\Windows\System32\IPHLPAPI.DLL - ok
22:37:35.0178 3812  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
22:37:35.0178 3812  C:\Windows\System32\msacm32.drv - ok
22:37:35.0178 3812  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
22:37:35.0178 3812  C:\Windows\System32\nrpsrv.dll - ok
22:37:35.0178 3812  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
22:37:35.0178 3812  C:\Windows\System32\winnsi.dll - ok
22:37:35.0178 3812  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
22:37:35.0178 3812  C:\Windows\System32\dnsrslvr.dll - ok
22:37:35.0178 3812  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
22:37:35.0178 3812  C:\Windows\System32\msacm32.dll - ok
22:37:35.0193 3812  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
22:37:35.0193 3812  C:\Windows\System32\eapphost.dll - ok
22:37:35.0193 3812  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
22:37:35.0193 3812  C:\Windows\System32\midimap.dll - ok
22:37:35.0193 3812  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
22:37:35.0193 3812  C:\Windows\System32\dhcpcore.dll - ok
22:37:35.0193 3812  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
22:37:35.0193 3812  C:\Windows\System32\FWPUCLNT.DLL - ok
22:37:35.0209 3812  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
22:37:35.0209 3812  C:\Windows\System32\WindowsCodecs.dll - ok
22:37:35.0209 3812  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
22:37:35.0209 3812  C:\Windows\System32\vssapi.dll - ok
22:37:35.0209 3812  [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
22:37:35.0209 3812  C:\Windows\System32\dhcpcore6.dll - ok
22:37:35.0209 3812  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
22:37:35.0209 3812  C:\Windows\System32\umb.dll - ok
22:37:35.0225 3812  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
22:37:35.0225 3812  C:\Windows\System32\AudioEng.dll - ok
22:37:35.0225 3812  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
22:37:35.0225 3812  C:\Windows\System32\winbrand.dll - ok
22:37:35.0225 3812  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
22:37:35.0225 3812  C:\Windows\System32\vsstrace.dll - ok
22:37:35.0240 3812  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
22:37:35.0240 3812  C:\Windows\System32\dnsext.dll - ok
22:37:35.0240 3812  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
22:37:35.0240 3812  C:\Windows\System32\AUDIOKSE.dll - ok
22:37:35.0240 3812  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
22:37:35.0240 3812  C:\Windows\System32\samcli.dll - ok
22:37:35.0240 3812  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
22:37:35.0240 3812  C:\Windows\System32\dhcpcsvc.dll - ok
22:37:35.0256 3812  [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
22:37:35.0256 3812  C:\Windows\System32\dhcpcsvc6.dll - ok
22:37:35.0256 3812  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
22:37:35.0256 3812  C:\Windows\System32\VaultCredProvider.dll - ok
22:37:35.0256 3812  [ D5854D04B24CB20644AD926A37BBB6AF ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
22:37:35.0256 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
22:37:35.0256 3812  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
22:37:35.0256 3812  C:\Windows\System32\netutils.dll - ok
22:37:35.0271 3812  [ 2313A18382B038AAF6EB5DD750CC65E5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
22:37:35.0271 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe - ok
22:37:35.0271 3812  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
22:37:35.0271 3812  C:\Windows\SysWOW64\ntdll.dll - ok
22:37:35.0271 3812  [ E469DD39E7D8B86533D501888ACE3A7E ] C:\Windows\System32\RtkAPO64.dll
22:37:35.0271 3812  C:\Windows\System32\RtkAPO64.dll - ok
22:37:35.0287 3812  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
22:37:35.0287 3812  C:\Windows\System32\winspool.drv - ok
22:37:35.0287 3812  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
22:37:35.0287 3812  C:\Windows\System32\bthprops.cpl - ok
22:37:35.0287 3812  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
22:37:35.0287 3812  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
22:37:35.0303 3812  [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
22:37:35.0303 3812  C:\Windows\System32\wow64.dll - ok
22:37:35.0303 3812  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
22:37:35.0303 3812  C:\Windows\System32\BioCredProv.dll - ok
22:37:35.0318 3812  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
22:37:35.0318 3812  C:\Windows\System32\winbio.dll - ok
22:37:35.0318 3812  [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
22:37:35.0318 3812  C:\Windows\System32\wow64win.dll - ok
22:37:35.0318 3812  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
22:37:35.0318 3812  C:\Windows\System32\credui.dll - ok
22:37:35.0334 3812  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
22:37:35.0334 3812  C:\Windows\System32\vaultcli.dll - ok
22:37:35.0334 3812  [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
22:37:35.0334 3812  C:\Windows\System32\wow64cpu.dll - ok
22:37:35.0334 3812  [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
22:37:35.0334 3812  C:\Windows\SysWOW64\kernel32.dll - ok
22:37:35.0334 3812  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
22:37:35.0334 3812  C:\Windows\System32\WMALFXGFXDSP.dll - ok
22:37:35.0349 3812  [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
22:37:35.0349 3812  C:\Windows\SysWOW64\KernelBase.dll - ok
22:37:35.0349 3812  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
22:37:35.0349 3812  C:\Windows\System32\netapi32.dll - ok
22:37:35.0349 3812  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
22:37:35.0349 3812  C:\Windows\System32\wkscli.dll - ok
22:37:35.0365 3812  [ 891B7D36F862050394A2AC4FA56B1E2D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll
22:37:35.0365 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll - ok
22:37:35.0365 3812  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
22:37:35.0365 3812  C:\Windows\System32\mfplat.dll - ok
22:37:35.0365 3812  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
22:37:35.0365 3812  C:\Windows\System32\certCredProvider.dll - ok
22:37:35.0381 3812  [ 900BC68BB9EDB22CCBE3B4A99E80B644 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll
22:37:35.0381 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll - ok
22:37:35.0381 3812  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
22:37:35.0381 3812  C:\Windows\SysWOW64\advapi32.dll - ok
22:37:35.0381 3812  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
22:37:35.0381 3812  C:\Windows\System32\rasplap.dll - ok
22:37:35.0396 3812  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
22:37:35.0396 3812  C:\Windows\System32\rasapi32.dll - ok
22:37:35.0396 3812  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
22:37:35.0396 3812  C:\Windows\System32\rasman.dll - ok
22:37:35.0396 3812  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
22:37:35.0396 3812  C:\Windows\SysWOW64\msvcrt.dll - ok
22:37:35.0412 3812  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
22:37:35.0412 3812  C:\Windows\System32\rtutils.dll - ok
22:37:35.0412 3812  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
22:37:35.0412 3812  C:\Windows\SysWOW64\sechost.dll - ok
22:37:35.0412 3812  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
22:37:35.0412 3812  C:\Windows\SysWOW64\rpcrt4.dll - ok
22:37:35.0412 3812  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
22:37:35.0412 3812  C:\Windows\SysWOW64\sspicli.dll - ok
22:37:35.0427 3812  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
22:37:35.0427 3812  C:\Windows\SysWOW64\cryptbase.dll - ok
22:37:35.0427 3812  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
22:37:35.0427 3812  C:\Windows\SysWOW64\user32.dll - ok
22:37:35.0427 3812  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
22:37:35.0427 3812  C:\Windows\SysWOW64\gdi32.dll - ok
22:37:35.0427 3812  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
22:37:35.0427 3812  C:\Windows\SysWOW64\lpk.dll - ok
22:37:35.0443 3812  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
22:37:35.0443 3812  C:\Windows\System32\UXInit.dll - ok
22:37:35.0443 3812  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
22:37:35.0443 3812  C:\Windows\SysWOW64\usp10.dll - ok
22:37:35.0443 3812  [ 683DD14B876F3B5A9BBAB4CA111F9676 ] C:\Windows\System32\nvsvc64.dll
22:37:35.0443 3812  C:\Windows\System32\nvsvc64.dll - ok
22:37:35.0443 3812  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
22:37:35.0443 3812  C:\Windows\SysWOW64\psapi.dll - ok
22:37:35.0459 3812  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
22:37:35.0459 3812  C:\Windows\SysWOW64\version.dll - ok
22:37:35.0459 3812  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
22:37:35.0459 3812  C:\Windows\SysWOW64\oleaut32.dll - ok
22:37:35.0459 3812  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
22:37:35.0459 3812  C:\Windows\System32\wbem\wbemprox.dll - ok
22:37:35.0474 3812  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
22:37:35.0474 3812  C:\Windows\System32\msimg32.dll - ok
22:37:35.0474 3812  [ 17AEF523353E9A5622C98638E365AE1D ] C:\Windows\System32\nvapi64.dll
22:37:35.0474 3812  C:\Windows\System32\nvapi64.dll - ok
22:37:35.0474 3812  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
22:37:35.0474 3812  C:\Windows\SysWOW64\ole32.dll - ok
22:37:35.0474 3812  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
22:37:35.0474 3812  C:\Windows\System32\wbemcomn.dll - ok
22:37:35.0490 3812  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
22:37:35.0490 3812  C:\Windows\System32\oleacc.dll - ok
22:37:35.0490 3812  [ 4C23AD8EEF174097663CDB69E6C759BB ] C:\Windows\System32\nvsvcr.dll
22:37:35.0490 3812  C:\Windows\System32\nvsvcr.dll - ok
22:37:35.0490 3812  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
22:37:35.0490 3812  C:\Windows\System32\UIAutomationCore.dll - ok
22:37:35.0505 3812  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
22:37:35.0505 3812  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
22:37:35.0505 3812  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
22:37:35.0505 3812  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
22:37:35.0505 3812  [ 47F9BD21C9B90EC39B63F6199D221092 ] C:\Windows\System32\nvcpl.dll
22:37:35.0505 3812  C:\Windows\System32\nvcpl.dll - ok
22:37:35.0521 3812  [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
22:37:35.0521 3812  C:\Windows\SysWOW64\crypt32.dll - ok
22:37:35.0521 3812  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
22:37:35.0521 3812  C:\Windows\System32\imageres.dll - ok
22:37:35.0521 3812  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
22:37:35.0521 3812  C:\Windows\SysWOW64\msasn1.dll - ok
22:37:35.0537 3812  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
22:37:35.0537 3812  C:\Windows\SysWOW64\ws2_32.dll - ok
22:37:35.0537 3812  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
22:37:35.0537 3812  C:\Windows\SysWOW64\wsock32.dll - ok
22:37:35.0537 3812  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
22:37:35.0537 3812  C:\Windows\SysWOW64\nsi.dll - ok
22:37:35.0552 3812  [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
22:37:35.0552 3812  C:\Windows\SysWOW64\shell32.dll - ok
22:37:35.0552 3812  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
22:37:35.0552 3812  C:\Windows\SysWOW64\shlwapi.dll - ok
22:37:35.0552 3812  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
22:37:35.0552 3812  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
22:37:35.0568 3812  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
22:37:35.0568 3812  C:\Windows\SysWOW64\winnsi.dll - ok
22:37:35.0568 3812  [ 68981C522DFA676E4DFB062232F4BC40 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll
22:37:35.0568 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll - ok
22:37:35.0568 3812  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
22:37:35.0568 3812  C:\Windows\SysWOW64\winmm.dll - ok
22:37:35.0583 3812  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
22:37:35.0583 3812  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
22:37:35.0583 3812  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
22:37:35.0583 3812  C:\Windows\SysWOW64\netapi32.dll - ok
22:37:35.0583 3812  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
22:37:35.0583 3812  C:\Windows\SysWOW64\netutils.dll - ok
22:37:35.0599 3812  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
22:37:35.0599 3812  C:\Windows\SysWOW64\srvcli.dll - ok
22:37:35.0599 3812  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
22:37:35.0599 3812  C:\Windows\SysWOW64\wkscli.dll - ok
22:37:35.0599 3812  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
22:37:35.0599 3812  C:\Windows\SysWOW64\samcli.dll - ok
22:37:35.0599 3812  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
22:37:35.0599 3812  C:\Windows\SysWOW64\imm32.dll - ok
22:37:35.0599 3812  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
22:37:35.0599 3812  C:\Windows\SysWOW64\msctf.dll - ok
22:37:35.0615 3812  [ 90FA0B999067C8E8DBEB0E0F3E5C847B ] C:\PROGRA~2\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll
22:37:35.0615 3812  C:\PROGRA~2\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll - ok
22:37:35.0615 3812  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
22:37:35.0615 3812  C:\Windows\SysWOW64\ntmarta.dll - ok
22:37:35.0615 3812  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
22:37:35.0615 3812  C:\Windows\SysWOW64\Wldap32.dll - ok
22:37:35.0615 3812  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
22:37:35.0615 3812  C:\Windows\SysWOW64\cryptsp.dll - ok
22:37:35.0630 3812  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
22:37:35.0630 3812  C:\Windows\SysWOW64\rsaenh.dll - ok
22:37:35.0630 3812  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
22:37:35.0630 3812  C:\Windows\SysWOW64\ncrypt.dll - ok
22:37:35.0630 3812  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
22:37:35.0630 3812  C:\Windows\SysWOW64\bcrypt.dll - ok
22:37:35.0630 3812  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
22:37:35.0630 3812  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
22:37:35.0646 3812  [ DD072705435259D5ABB5D7E0C348EB35 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
22:37:35.0646 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll - ok
22:37:35.0646 3812  [ 66F67AA5A830BAED4CBBB00032AB0514 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll
22:37:35.0646 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll - ok
22:37:35.0646 3812  [ ADCC01C3D23BEAA3932239A541122F13 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32.dll
22:37:35.0646 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32.dll - ok
22:37:35.0661 3812  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
22:37:35.0661 3812  C:\Windows\System32\wlanmsm.dll - ok
22:37:35.0661 3812  [ C84F844481A4C62C3FEF079A93DFC2D6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll
22:37:35.0661 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll - ok
22:37:35.0661 3812  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
22:37:35.0661 3812  C:\Windows\System32\wlansec.dll - ok
22:37:35.0661 3812  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
22:37:35.0661 3812  C:\Windows\System32\onex.dll - ok
22:37:35.0677 3812  [ 60DF97F197BE61E3139CF9A943D89D81 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll
22:37:35.0677 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll - ok
22:37:35.0677 3812  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
22:37:35.0677 3812  C:\Windows\System32\eappprxy.dll - ok
22:37:35.0677 3812  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
22:37:35.0677 3812  C:\Windows\System32\eappcfg.dll - ok
22:37:35.0693 3812  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
22:37:35.0693 3812  C:\Windows\System32\wlgpclnt.dll - ok
22:37:35.0693 3812  [ C839E53BC6B8B660440488C2D8994B93 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll
22:37:35.0693 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll - ok
22:37:35.0693 3812  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
22:37:35.0693 3812  C:\Windows\System32\l2gpstore.dll - ok
22:37:35.0693 3812  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
22:37:35.0693 3812  C:\Windows\System32\wlanutil.dll - ok
22:37:35.0708 3812  [ 80C6A96E90CCB1D6FEFB54AF7BD46B3E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll
22:37:35.0708 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll - ok
22:37:35.0708 3812  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
22:37:35.0708 3812  C:\Windows\System32\WinSCard.dll - ok
22:37:35.0708 3812  [ 3BC40BF58D43DF4C76117358EFC9EEB3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll
22:37:35.0708 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll - ok
22:37:35.0708 3812  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
22:37:35.0708 3812  C:\Windows\System32\msxml6.dll - ok
22:37:35.0724 3812  [ 9B2B37C7512C7FCCBDA0E6A4106305E7 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll
22:37:35.0724 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll - ok
22:37:35.0724 3812  [ F12AADE27EBA7C4207E7CFC7F70A624C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll
22:37:35.0724 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll - ok
22:37:35.0724 3812  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
22:37:35.0724 3812  C:\Windows\System32\netcfgx.dll - ok
22:37:35.0724 3812  [ E9365427EAE2BB2EAD877E513751C341 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll
22:37:35.0724 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll - ok
22:37:35.0739 3812  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
22:37:35.0739 3812  C:\Windows\SysWOW64\wtsapi32.dll - ok
22:37:35.0739 3812  [ 9EF8A0E1A9E3C66D074025D013224551 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll
22:37:35.0739 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll - ok
22:37:35.0739 3812  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
22:37:35.0739 3812  C:\Windows\SysWOW64\clbcatq.dll - ok
22:37:35.0755 3812  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\SysWOW64\msxml4.dll
22:37:35.0755 3812  C:\Windows\SysWOW64\msxml4.dll - ok
22:37:35.0755 3812  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
22:37:35.0755 3812  C:\Windows\SysWOW64\rasapi32.dll - ok
22:37:35.0755 3812  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
22:37:35.0755 3812  C:\Windows\SysWOW64\rasman.dll - ok
22:37:35.0771 3812  [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\SysWOW64\wininet.dll
22:37:35.0771 3812  C:\Windows\SysWOW64\wininet.dll - ok
22:37:35.0771 3812  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
22:37:35.0771 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
22:37:35.0771 3812  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
22:37:35.0771 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
22:37:35.0771 3812  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
22:37:35.0771 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
22:37:35.0786 3812  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
22:37:35.0786 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
22:37:35.0786 3812  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
22:37:35.0786 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
22:37:35.0786 3812  [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\SysWOW64\iertutil.dll
22:37:35.0786 3812  C:\Windows\SysWOW64\iertutil.dll - ok
22:37:35.0802 3812  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
22:37:35.0802 3812  C:\Windows\SysWOW64\rtutils.dll - ok
22:37:35.0802 3812  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
22:37:35.0802 3812  C:\Windows\SysWOW64\profapi.dll - ok
22:37:35.0802 3812  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
22:37:35.0802 3812  C:\Windows\SysWOW64\dsrole.dll - ok
22:37:35.0817 3812  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
22:37:35.0817 3812  C:\Windows\SysWOW64\wintrust.dll - ok
22:37:35.0817 3812  [ D63F0353F632FB1EDE724173BE6DB5B5 ] C:\Windows\System32\esent.dll
22:37:35.0817 3812  C:\Windows\System32\esent.dll - ok
22:37:35.0817 3812  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
22:37:35.0817 3812  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
22:37:35.0833 3812  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
22:37:35.0833 3812  C:\Windows\SysWOW64\userenv.dll - ok
22:37:35.0833 3812  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
22:37:35.0833 3812  C:\Windows\SysWOW64\gpapi.dll - ok
22:37:35.0833 3812  [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
22:37:35.0833 3812  C:\Windows\SysWOW64\cryptnet.dll - ok
22:37:35.0833 3812  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
22:37:35.0833 3812  C:\Windows\SysWOW64\mswsock.dll - ok
22:37:35.0849 3812  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
22:37:35.0849 3812  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
22:37:35.0849 3812  [ 78177B822D6B355F9FC5FF1913785598 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\av.dll
22:37:35.0849 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\av.dll - ok
22:37:35.0849 3812  [ A4FE185975867204ED515B8980D96AA4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kave8.dll
22:37:35.0849 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kave8.dll - ok
22:37:35.0849 3812  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcp100.dll
22:37:35.0849 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcp100.dll - ok
22:37:35.0864 3812  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcr100.dll
22:37:35.0864 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcr100.dll - ok
22:37:35.0864 3812  [ B1F4CDFCB46E56B954551C580D33A75E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fssync.dll
22:37:35.0864 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fssync.dll - ok
22:37:35.0864 3812  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
22:37:35.0864 3812  C:\Windows\SysWOW64\fltLib.dll - ok
22:37:35.0864 3812  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
22:37:35.0864 3812  C:\Windows\SysWOW64\wscisvif.dll - ok
22:37:35.0880 3812  [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\SysWOW64\urlmon.dll
22:37:35.0880 3812  C:\Windows\SysWOW64\urlmon.dll - ok
22:37:35.0880 3812  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
22:37:35.0880 3812  C:\Windows\SysWOW64\wscapi.dll - ok
22:37:35.0880 3812  [ 930A325A05E0508D33551E4CFCB78C4D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll
22:37:35.0880 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll - ok
22:37:35.0880 3812  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
22:37:35.0880 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
22:37:35.0895 3812  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
22:37:35.0895 3812  C:\Windows\SysWOW64\logoncli.dll - ok
22:37:35.0895 3812  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
22:37:35.0895 3812  C:\Windows\SysWOW64\secur32.dll - ok
22:37:35.0895 3812  [ 37075DC0F641C669161CCBF6D72899FA ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kavess.dll
22:37:35.0895 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kavess.dll - ok
22:37:35.0911 3812  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
22:37:35.0911 3812  C:\Windows\SysWOW64\mpr.dll - ok
22:37:35.0911 3812  [ 8531581F008371058F3C2D347546B2AA ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msoe.ppl
22:37:35.0911 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msoe.ppl - ok
22:37:35.0911 3812  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
22:37:35.0911 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
22:37:35.0911 3812  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
22:37:35.0911 3812  C:\Windows\SysWOW64\mapi32.dll - ok
22:37:35.0927 3812  [ 8638F39A610B6ECBB91BD9045E147DF7 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll
22:37:35.0927 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll - ok
22:37:35.0927 3812  [ 7989AFF9D72E4FD6EB730C37DE6FEC11 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\prloader.dll
22:37:35.0927 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\prloader.dll - ok
22:37:35.0927 3812  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
22:37:35.0927 3812  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
22:37:35.0927 3812  [ 5D123E986F6E73EB6984F0FB7312CE75 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fsdrvplg.ppl
22:37:35.0927 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fsdrvplg.ppl - ok
22:37:35.0942 3812  [ D5E7C608861139D3087F648E3EECEA5F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\nfio.ppl
22:37:35.0942 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\nfio.ppl - ok
22:37:35.0942 3812  [ 9D36D1EF66CD51196EEF8ECAFCBD7F7C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\service.dll
22:37:35.0942 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\service.dll - ok
22:37:35.0942 3812  [ CC164512CA0963DB70B5D914A9CBCF49 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\eka_meta.dll
22:37:35.0942 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\eka_meta.dll - ok
22:37:35.0958 3812  [ 0F1775EC301CC26AC1713B2F2AD474B8 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll
22:37:35.0958 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll - ok
22:37:35.0958 3812  [ BE72D2B3A99615F84E270C80F0A18448 ] C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
22:37:35.0958 3812  C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ok
22:37:35.0958 3812  [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
22:37:35.0958 3812  C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe - ok
22:37:35.0958 3812  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
22:37:35.0958 3812  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
22:37:35.0973 3812  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
22:37:35.0973 3812  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
22:37:35.0973 3812  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
22:37:35.0973 3812  C:\Windows\SysWOW64\winhttp.dll - ok
22:37:35.0973 3812  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
22:37:35.0973 3812  C:\Windows\SysWOW64\webio.dll - ok
22:37:35.0989 3812  [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
22:37:35.0989 3812  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
22:37:35.0989 3812  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
22:37:35.0989 3812  C:\Windows\SysWOW64\wship6.dll - ok
22:37:35.0989 3812  [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
22:37:35.0989 3812  C:\Windows\SysWOW64\nlaapi.dll - ok
22:37:36.0005 3812  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
22:37:36.0005 3812  C:\Windows\System32\shsvcs.dll - ok
22:37:36.0005 3812  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
22:37:36.0005 3812  C:\Windows\SysWOW64\NapiNSP.dll - ok
22:37:36.0005 3812  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
22:37:36.0005 3812  C:\Windows\System32\schedsvc.dll - ok
22:37:36.0005 3812  [ 3556A74E424DE463D3FA646612E3B520 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_legacy.dll
22:37:36.0005 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_legacy.dll - ok
22:37:36.0021 3812  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
22:37:36.0021 3812  C:\Windows\System32\ktmw32.dll - ok
22:37:36.0021 3812  [ 2B5B17171632F1A3369E35A898114FFF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\key_value_storage.dll
22:37:36.0021 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\key_value_storage.dll - ok
22:37:36.0021 3812  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
22:37:36.0021 3812  C:\Windows\SysWOW64\pnrpnsp.dll - ok
22:37:36.0037 3812  [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
22:37:36.0037 3812  C:\Windows\SysWOW64\wshbth.dll - ok
22:37:36.0037 3812  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
22:37:36.0037 3812  C:\Windows\SysWOW64\dnsapi.dll - ok
22:37:36.0037 3812  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
22:37:36.0037 3812  C:\Windows\SysWOW64\winrnr.dll - ok
22:37:36.0052 3812  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
22:37:36.0052 3812  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
22:37:36.0052 3812  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
22:37:36.0052 3812  C:\Windows\System32\taskcomp.dll - ok
22:37:36.0052 3812  [ D23D906A9339E2F23E12516A6B9F7189 ] C:\Program Files\CheckPoint\ZAForceField\ZDXUI.dll
22:37:36.0052 3812  C:\Program Files\CheckPoint\ZAForceField\ZDXUI.dll - ok
22:37:36.0068 3812  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
22:37:36.0068 3812  C:\Windows\System32\fveapi.dll - ok
22:37:36.0068 3812  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
22:37:36.0068 3812  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
22:37:36.0068 3812  [ E36D4CFABB9345B45A86AC0C62DE9A39 ] C:\Program Files\CheckPoint\ZAForceField\Zdx.dll
22:37:36.0068 3812  C:\Program Files\CheckPoint\ZAForceField\Zdx.dll - ok
22:37:36.0084 3812  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
22:37:36.0084 3812  C:\Windows\SysWOW64\rasadhlp.dll - ok
22:37:36.0084 3812  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
22:37:36.0084 3812  C:\Windows\System32\fvecerts.dll - ok
22:37:36.0084 3812  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
22:37:36.0084 3812  C:\Windows\System32\tbs.dll - ok
22:37:36.0099 3812  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
22:37:36.0099 3812  C:\Windows\System32\wiarpc.dll - ok
22:37:36.0099 3812  [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
22:37:36.0099 3812  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
22:37:36.0099 3812  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
22:37:36.0099 3812  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
22:37:36.0099 3812  [ D97B5EAE263304486002000F90FA3EA0 ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
22:37:36.0099 3812  C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok
22:37:36.0115 3812  [ A856C2D6B3E9BF84E7DA542D91A0EEF0 ] C:\Program Files\CheckPoint\ZAForceField\FFApi.dll
22:37:36.0115 3812  C:\Program Files\CheckPoint\ZAForceField\FFApi.dll - ok
22:37:36.0115 3812  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
22:37:36.0115 3812  C:\Windows\System32\drivers\http.sys - ok
22:37:36.0115 3812  [ 1B4EBC23B5C25BF579431579EFF95889 ] C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll
22:37:36.0115 3812  C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll - ok
22:37:36.0115 3812  [ 7272B961392C863DD705E8E198265C03 ] C:\Program Files\CheckPoint\ZAForceField\iswrcs.dll
22:37:36.0115 3812  C:\Program Files\CheckPoint\ZAForceField\iswrcs.dll - ok
22:37:36.0130 3812  [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
22:37:36.0130 3812  C:\Windows\System32\spoolsv.exe - ok
22:37:36.0130 3812  [ F6877C72CA6148E60E2943AC05738C53 ] C:\Program Files\CheckPoint\ZAForceField\ISWUILib.dll
22:37:36.0130 3812  C:\Program Files\CheckPoint\ZAForceField\ISWUILib.dll - ok
22:37:36.0130 3812  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
22:37:36.0130 3812  C:\Windows\System32\BFE.DLL - ok
22:37:36.0130 3812  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
22:37:36.0146 3812  C:\Windows\System32\drivers\bowser.sys - ok
22:37:36.0146 3812  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
22:37:36.0146 3812  C:\Windows\System32\drivers\mpsdrv.sys - ok
22:37:36.0146 3812  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
22:37:36.0146 3812  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
22:37:36.0146 3812  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
22:37:36.0146 3812  C:\Windows\System32\drivers\mrxsmb.sys - ok
22:37:36.0162 3812  [ 46927B8A7C265D1D5E2B6115285CE066 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll
22:37:36.0162 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll - ok
22:37:36.0162 3812  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
22:37:36.0162 3812  C:\Windows\System32\drivers\mrxsmb10.sys - ok
22:37:36.0177 3812  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
22:37:36.0177 3812  C:\Windows\System32\wfapigp.dll - ok
22:37:36.0177 3812  [ DC6068E29FEEBE08EFD948080D7DD05C ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll
22:37:36.0177 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll - ok
22:37:36.0177 3812  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
22:37:36.0177 3812  C:\Windows\System32\drivers\mrxsmb20.sys - ok
22:37:36.0177 3812  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
22:37:36.0177 3812  C:\Windows\System32\wkssvc.dll - ok
22:37:36.0193 3812  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
22:37:36.0193 3812  C:\Windows\System32\mscms.dll - ok
22:37:36.0193 3812  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
22:37:36.0193 3812  C:\Windows\System32\pcasvc.dll - ok
22:37:36.0193 3812  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
22:37:36.0193 3812  C:\Windows\System32\snmptrap.exe - ok
22:37:36.0208 3812  [ B1048BE9D8B152210BF490616C370C91 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll
22:37:36.0208 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll - ok
22:37:36.0208 3812  [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:37:36.0208 3812  C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE - ok
22:37:36.0208 3812  [ D97C805A092172344329B3058D7A5862 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll
22:37:36.0208 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll - ok
22:37:36.0208 3812  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
22:37:36.0208 3812  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
22:37:36.0224 3812  [ D2750CFACA2A9975D062E18E8B2E7A61 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\am_meta.dll
22:37:36.0224 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\am_meta.dll - ok
22:37:36.0224 3812  [ B1EA9681502EE57F87DB71D726288A5B ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:37:36.0224 3812  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
22:37:36.0224 3812  [ 1E7BA1CDD7B75A95A248B6CCBD634505 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll
22:37:36.0224 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll - ok
22:37:36.0240 3812  [ F16B6D0F0F38A93F2007A2B8D850B1A0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ac_meta.dll
22:37:36.0240 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ac_meta.dll - ok
22:37:36.0240 3812  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
22:37:36.0240 3812  C:\Windows\System32\provsvc.dll - ok
22:37:36.0240 3812  [ 8B912FCACEA924635ED81520E7EA7C7A ] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
22:37:36.0240 3812  C:\Program Files\CheckPoint\ZAForceField\ForceField.exe - ok
22:37:36.0240 3812  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:37:36.0240 3812  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
22:37:36.0255 3812  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
22:37:36.0255 3812  C:\Windows\System32\sstpsvc.dll - ok
22:37:36.0255 3812  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
22:37:36.0255 3812  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
22:37:36.0255 3812  [ 0781CD54DD326501723F3E94A82BDD19 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_meta.dll
22:37:36.0255 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_meta.dll - ok
22:37:36.0271 3812  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
22:37:36.0271 3812  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
22:37:36.0271 3812  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
22:37:36.0271 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
22:37:36.0271 3812  [ 6D41F6AA35220E7A54543075B27E8F83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
22:37:36.0271 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
22:37:36.0286 3812  [ 04AF5E74987D91331054B5F5AB860D20 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp_meta.dll
22:37:36.0286 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp_meta.dll - ok
22:37:36.0286 3812  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
22:37:36.0286 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
22:37:36.0302 3812  [ 320BB9F654D992BFFDB824EC5A04DEA8 ] C:\Program Files (x86)\AVG\AVG2013\avgapix.dll
22:37:36.0302 3812  C:\Program Files (x86)\AVG\AVG2013\avgapix.dll - ok
22:37:36.0302 3812  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
22:37:36.0302 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
22:37:36.0302 3812  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
22:37:36.0302 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
22:37:36.0318 3812  [ 3B3D5E94A5F24417BE2C179DDD883702 ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
22:37:36.0318 3812  C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
22:37:36.0318 3812  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
22:37:36.0318 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
22:37:36.0318 3812  [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
22:37:36.0318 3812  C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
22:37:36.0318 3812  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
22:37:36.0318 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
22:37:36.0333 3812  [ 655BDD9D3306A2BD221E78F2DAB4A254 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\instrumental_meta.dll
22:37:36.0333 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\instrumental_meta.dll - ok
22:37:36.0333 3812  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
22:37:36.0333 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
22:37:36.0333 3812  [ 7F9BD6599CFF76840959A62F92B08FF4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\storage.dll
22:37:36.0333 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\storage.dll - ok
22:37:36.0349 3812  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
22:37:36.0349 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
22:37:36.0349 3812  [ F2C5296A2A4EF6FDB2C268C837B78F52 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ichecker.dll
22:37:36.0349 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ichecker.dll - ok
22:37:36.0349 3812  [ A293017153160D509D9E337D36E4F0C9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threats_disinfection.dll
22:37:36.0349 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threats_disinfection.dll - ok
22:37:36.0364 3812  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
22:37:36.0364 3812  C:\Windows\System32\dllhost.exe - ok
22:37:36.0364 3812  [ 6D9A7D201CB7A8EA88C456E0F2CE3572 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\winreg.ppl
22:37:36.0364 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\winreg.ppl - ok
22:37:36.0364 3812  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
22:37:36.0364 3812  C:\Windows\System32\IDStore.dll - ok
22:37:36.0364 3812  [ A25AFC2BE33112B38DFBF373564B86A8 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_sync.dll
22:37:36.0364 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_sync.dll - ok
22:37:36.0380 3812  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
22:37:36.0380 3812  C:\Windows\System32\taskhost.exe - ok
22:37:36.0380 3812  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
22:37:36.0380 3812  C:\Windows\System32\HotStartUserAgent.dll - ok
22:37:36.0380 3812  [ 19C4E9325FE8BAE7E730DD603E1156E4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_adaptor.dll
22:37:36.0380 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_adaptor.dll - ok
22:37:36.0396 3812  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
22:37:36.0396 3812  C:\Program Files\Bonjour\mdnsNSP.dll - ok
22:37:36.0396 3812  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
22:37:36.0396 3812  C:\Windows\System32\taskeng.exe - ok
22:37:36.0396 3812  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
22:37:36.0396 3812  C:\Windows\System32\AtBroker.exe - ok
22:37:36.0396 3812  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
22:37:36.0396 3812  C:\Windows\System32\PlaySndSrv.dll - ok
22:37:36.0411 3812  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
22:37:36.0411 3812  C:\Windows\System32\rasadhlp.dll - ok
22:37:36.0411 3812  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
22:37:36.0411 3812  C:\Windows\System32\localspl.dll - ok
22:37:36.0411 3812  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
22:37:36.0411 3812  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
22:37:36.0411 3812  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
22:37:36.0411 3812  C:\Windows\System32\TSChannel.dll - ok
22:37:36.0427 3812  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
22:37:36.0427 3812  C:\Windows\System32\MsCtfMonitor.dll - ok
22:37:36.0427 3812  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
22:37:36.0427 3812  C:\Windows\System32\spoolss.dll - ok
22:37:36.0427 3812  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
22:37:36.0427 3812  C:\Windows\System32\mpr.dll - ok
22:37:36.0442 3812  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
22:37:36.0442 3812  C:\Windows\System32\msutb.dll - ok
22:37:36.0442 3812  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
22:37:36.0442 3812  C:\Windows\System32\PrintIsolationProxy.dll - ok
22:37:36.0442 3812  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
22:37:36.0442 3812  C:\Windows\System32\userinit.exe - ok
22:37:36.0442 3812  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:37:36.0442 3812  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
22:37:36.0458 3812  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
22:37:36.0458 3812  C:\Windows\System32\FXSMON.dll - ok
22:37:36.0458 3812  [ E08281DCDE69DD9E5EBBF9B3F0454D42 ] C:\Users\KS\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
22:37:36.0458 3812  C:\Users\KS\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe - ok
22:37:36.0458 3812  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
22:37:36.0458 3812  C:\Windows\SysWOW64\msimg32.dll - ok
22:37:36.0474 3812  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
22:37:36.0474 3812  C:\Windows\SysWOW64\uxtheme.dll - ok
22:37:36.0474 3812  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
22:37:36.0474 3812  C:\Windows\System32\dwm.exe - ok
22:37:36.0474 3812  [ 9A7F1691F76E019C11481B6355125072 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
22:37:36.0474 3812  C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
22:37:36.0474 3812  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
22:37:36.0474 3812  C:\Windows\System32\dwmredir.dll - ok
22:37:36.0489 3812  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
22:37:36.0489 3812  C:\Windows\System32\tcpmon.dll - ok
22:37:36.0489 3812  [ 98C6F2A9A981A54222602B87C6310BDE ] C:\Program Files\Internet Explorer\iexplore.exe
22:37:36.0489 3812  C:\Program Files\Internet Explorer\iexplore.exe - ok
22:37:36.0489 3812  [ C0F67D470CFBE6EAA0DCD451B0A8128E ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustChecker.dll
22:37:36.0489 3812  C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustChecker.dll - ok
22:37:36.0505 3812  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
22:37:36.0505 3812  C:\Windows\System32\dwmcore.dll - ok
22:37:36.0505 3812  [ B7D0F1FA8926F0D58B7A000E5DAB4B3E ] C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
22:37:36.0505 3812  C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe - ok
22:37:36.0505 3812  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
22:37:36.0505 3812  C:\Windows\System32\snmpapi.dll - ok
22:37:36.0520 3812  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
22:37:36.0520 3812  C:\Windows\SysWOW64\msvcr100.dll - ok
22:37:36.0520 3812  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
22:37:36.0630 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
22:37:36.0630 3812  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
22:37:36.0630 3812  C:\Windows\System32\wsnmp32.dll - ok
22:37:36.0630 3812  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
22:37:36.0630 3812  C:\Windows\System32\usbmon.dll - ok
22:37:36.0645 3812  [ 5B05319C7525F48454D15694F15307C6 ] C:\Program Files\CheckPoint\ZAForceField\ISWUL_MIN\ISWUL.dll
22:37:36.0645 3812  C:\Program Files\CheckPoint\ZAForceField\ISWUL_MIN\ISWUL.dll - ok
22:37:36.0645 3812  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
22:37:36.0645 3812  C:\Windows\System32\dbghelp.dll - ok
22:37:36.0645 3812  [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
22:37:36.0645 3812  C:\Windows\SysWOW64\msvcp100.dll - ok
22:37:36.0645 3812  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
22:37:36.0645 3812  C:\Windows\System32\WSDMon.dll - ok
22:37:36.0645 3812  [ AC4C51EB24AA95B77F705AB159189E24 ] C:\Windows\explorer.exe
22:37:36.0645 3812  C:\Windows\explorer.exe - ok
22:37:36.0661 3812  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
22:37:36.0661 3812  C:\Windows\System32\d3d10_1.dll - ok
22:37:36.0661 3812  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
22:37:36.0661 3812  C:\Windows\System32\WSDApi.dll - ok
22:37:36.0661 3812  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
22:37:36.0661 3812  C:\Windows\System32\ExplorerFrame.dll - ok
22:37:36.0676 3812  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
22:37:36.0676 3812  C:\Windows\System32\d3d10_1core.dll - ok
22:37:36.0676 3812  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
22:37:36.0676 3812  C:\Windows\System32\dxgi.dll - ok
22:37:36.0676 3812  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
22:37:36.0676 3812  C:\Windows\System32\webservices.dll - ok
22:37:36.0676 3812  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
22:37:36.0676 3812  C:\Windows\System32\d3d11.dll - ok
22:37:36.0692 3812  [ BA5A602E1FE80404EBA7AD881B44934E ] C:\Program Files\CheckPoint\ZAForceField\Plugins\updating.dll
22:37:36.0692 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\updating.dll - ok
22:37:36.0692 3812  [ 8F9D6B4AB86A39319078814ABBDD40BC ] C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll
22:37:36.0692 3812  C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
22:37:36.0692 3812  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
22:37:36.0692 3812  C:\Windows\System32\fundisc.dll - ok
22:37:36.0708 3812  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
22:37:36.0708 3812  C:\Windows\System32\fdPnp.dll - ok
22:37:36.0708 3812  [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll
22:37:36.0708 3812  C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll - ok
22:37:36.0708 3812  [ B9FBA1ED752877DCAEB15C525583AEFE ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
22:37:36.0708 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll - ok
22:37:36.0723 3812  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
22:37:36.0723 3812  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
22:37:36.0723 3812  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
22:37:36.0723 3812  C:\Windows\System32\win32spl.dll - ok
22:37:36.0723 3812  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
22:37:36.0723 3812  C:\Windows\System32\inetpp.dll - ok
22:37:36.0723 3812  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
22:37:36.0723 3812  C:\Windows\SysWOW64\imagehlp.dll - ok
22:37:36.0739 3812  [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\SysWOW64\msi.dll
22:37:36.0739 3812  C:\Windows\SysWOW64\msi.dll - ok
22:37:36.0739 3812  [ 6A1091FEE1DAD166CB5FA36688978DA0 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\SiteChecker.dll
22:37:36.0739 3812  C:\Program Files\CheckPoint\ZAForceField\Plugins\SiteChecker.dll - ok
22:37:36.0739 3812  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
22:37:36.0739 3812  C:\Windows\System32\cscapi.dll - ok
22:37:36.0754 3812  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
22:37:36.0754 3812  C:\Windows\System32\winhttp.dll - ok
22:37:36.0754 3812  [ A6E69E7ABAF9815390C4E3F45836CE5B ] C:\Program Files\Internet Explorer\sqmapi.dll
22:37:36.0754 3812  C:\Program Files\Internet Explorer\sqmapi.dll - ok
22:37:36.0754 3812  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
22:37:36.0754 3812  C:\Windows\System32\webio.dll - ok
22:37:36.0770 3812  [ 6BA7ABA5DAA545C9E0FE31F27CCAA94F ] C:\Windows\System32\nvwgf2umx.dll
22:37:36.0770 3812  C:\Windows\System32\nvwgf2umx.dll - ok
22:37:36.0770 3812  [ 5C817C90E6E5C5B8DEC46C1225DA9A24 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\samplesites.dll
22:37:36.0770 3812  C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\samplesites.dll - ok
22:37:36.0770 3812  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
22:37:36.0770 3812  C:\Windows\SysWOW64\cscapi.dll - ok
22:37:36.0770 3812  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
22:37:36.0770 3812  C:\Windows\SysWOW64\dbghelp.dll - ok
22:37:36.0786 3812  [ C6F5734986A77068A8F1A44FC1752253 ] C:\Users\KS\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
22:37:36.0786 3812  C:\Users\KS\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll - ok
22:37:36.0786 3812  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
22:37:36.0786 3812  C:\Windows\SysWOW64\setupapi.dll - ok
22:37:36.0786 3812  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
22:37:36.0786 3812  C:\Windows\System32\EhStorShell.dll - ok
22:37:36.0801 3812  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
22:37:36.0801 3812  C:\Windows\System32\uDWM.dll - ok
22:37:36.0801 3812  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
22:37:36.0801 3812  C:\Windows\SysWOW64\cfgmgr32.dll - ok
22:37:36.0801 3812  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
22:37:36.0801 3812  C:\Windows\SysWOW64\devobj.dll - ok
22:37:36.0817 3812  [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
22:37:36.0817 3812  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
22:37:36.0817 3812  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
22:37:36.0817 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
22:37:36.0817 3812  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
22:37:36.0817 3812  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
22:37:36.0817 3812  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
22:37:36.0817 3812  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
22:37:36.0832 3812  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
22:37:36.0832 3812  C:\Windows\System32\NapiNSP.dll - ok
22:37:36.0832 3812  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
22:37:36.0832 3812  C:\Windows\SysWOW64\dnssd.dll - ok
22:37:36.0832 3812  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
22:37:36.0832 3812  C:\Windows\System32\pnrpnsp.dll - ok
22:37:36.0832 3812  [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
22:37:36.0832 3812  C:\Windows\System32\wshbth.dll - ok
22:37:36.0848 3812  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
22:37:36.0848 3812  C:\Windows\System32\winrnr.dll - ok
22:37:36.0848 3812  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
22:37:36.0848 3812  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
22:37:36.0848 3812  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
22:37:36.0848 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
22:37:36.0864 3812  [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
22:37:36.0864 3812  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
22:37:36.0864 3812  [ A7DDDDE163F16AB49DF3DE9EEC715495 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
22:37:36.0864 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
22:37:36.0864 3812  [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
22:37:36.0864 3812  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
22:37:36.0879 3812  [ 47188B0092466FD476E23DEA70CC1D4F ] C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll
22:37:36.0879 3812  C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll - ok
22:37:36.0879 3812  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
22:37:36.0879 3812  C:\Windows\SysWOW64\dwmapi.dll - ok
22:37:36.0879 3812  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
22:37:36.0879 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
22:37:36.0879 3812  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
22:37:36.0879 3812  C:\Windows\System32\SensApi.dll - ok
22:37:36.0895 3812  [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
22:37:36.0895 3812  C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
22:37:36.0895 3812  [ AF31E7D2C385F647ADFD5F5736B3BA64 ] C:\Windows\SysWOW64\mshtml.dll
22:37:36.0895 3812  C:\Windows\SysWOW64\mshtml.dll - ok
22:37:36.0895 3812  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
22:37:36.0895 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
22:37:36.0895 3812  [ E7E25D10B83264F67D5D2120ECE42FDB ] C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
22:37:36.0910 3812  C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll - ok
22:37:36.0910 3812  [ 50185186719134FA8F307D269106A51C ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
22:37:36.0910 3812  C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok
22:37:36.0910 3812  [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
22:37:36.0910 3812  C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
22:37:36.0926 3812  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
22:37:36.0926 3812  C:\Windows\SysWOW64\apphelp.dll - ok
22:37:36.0926 3812  [ A2BA6F3245E09702CF724CDB465EA4FA ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\liblua.dll
22:37:36.0926 3812  C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\liblua.dll - ok
22:37:36.0926 3812  [ 823CD775B373912F0018534EF5C51A66 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\libtextcat.dll
22:37:36.0926 3812  C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\libtextcat.dll - ok
22:37:36.0926 3812  [ 6D503A007F30E4F079CABC9890B04A38 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TCData.dll
22:37:36.0926 3812  C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TCData.dll - ok
22:37:36.0942 3812  [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
22:37:36.0942 3812  C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok
22:37:36.0942 3812  [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
22:37:36.0942 3812  C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
22:37:36.0957 3812  [ EC70AFEE4E70DE5F16933F934E44EF10 ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
22:37:36.0957 3812  C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
22:37:36.0957 3812  [ 3A0977CB68AF13E2579E47EB8984056B ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
22:37:36.0957 3812  C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
22:37:36.0957 3812  [ D9A08472D8D0218A0AE2C9D9F63EA531 ] C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
22:37:36.0957 3812  C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe - ok
22:37:36.0957 3812  [ 71EA9078F6E1246B0BBD746C2999723F ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
22:37:36.0957 3812  C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
22:37:36.0973 3812  [ 7BBF670114373CE6A203FA155A9E0D0A ] C:\Windows\System32\ntshrui.dll
22:37:36.0973 3812  C:\Windows\System32\ntshrui.dll - ok
22:37:36.0973 3812  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
22:37:36.0973 3812  C:\Windows\System32\IconCodecService.dll - ok
22:37:36.0973 3812  [ 414F57444511B818DB23FA5CF89F3205 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
22:37:36.0973 3812  C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok
22:37:36.0988 3812  [ 1FF6400CE6C54790B17E20C0B456799F ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
22:37:36.0988 3812  C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
22:37:36.0988 3812  [ E365153089457720A70B19811D1F3B19 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
22:37:36.0988 3812  C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok
22:37:36.0988 3812  [ F48FEB7DA35821DA15E0B006DCB9A169 ] C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
22:37:36.0988 3812  C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE - ok
22:37:37.0004 3812  [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
22:37:37.0004 3812  C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok
22:37:37.0004 3812  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
22:37:37.0004 3812  C:\Windows\SysWOW64\mstask.dll - ok
22:37:37.0004 3812  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
22:37:37.0004 3812  C:\Windows\SysWOW64\sfc.dll - ok
22:37:37.0020 3812  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
22:37:37.0020 3812  C:\Windows\SysWOW64\sfc_os.dll - ok
22:37:37.0020 3812  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
22:37:37.0020 3812  C:\Windows\SysWOW64\SensApi.dll - ok
22:37:37.0035 3812  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
22:37:37.0035 3812  C:\Program Files\Bonjour\mDNSResponder.exe - ok
22:37:37.0035 3812  [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
22:37:37.0035 3812  C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok
22:37:37.0035 3812  [ 67DABFB8EB4AFA87C558504D5FCD43C8 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
22:37:37.0035 3812  C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok
22:37:37.0051 3812  [ 3930E53EE0BED9DFF9AFA09F505D0CAE ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:37:37.0051 3812  C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
22:37:37.0051 3812  [ 212EC400F6EC21377DB037BEA4B57D1C ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
22:37:37.0051 3812  C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
22:37:37.0051 3812  [ E2B2853A0210D6EDAB2261870BD80C1A ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:37:37.0051 3812  C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok
22:37:37.0066 3812  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
22:37:37.0066 3812  C:\Windows\System32\dps.dll - ok
22:37:37.0066 3812  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
22:37:37.0066 3812  C:\Windows\System32\efssvc.dll - ok
22:37:37.0066 3812  [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
22:37:37.0066 3812  C:\Windows\System32\efscore.dll - ok
22:37:37.0066 3812  [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
22:37:37.0066 3812  C:\Windows\System32\efsutil.dll - ok
22:37:37.0082 3812  [ 91C2E6234F6884C6FEEF9658D8EDE6B6 ] C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
22:37:37.0082 3812  C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe - ok
22:37:37.0082 3812  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
22:37:37.0082 3812  C:\Windows\System32\taskschd.dll - ok
22:37:37.0082 3812  [ D89FA63C67D8BB342214BFC35FC76735 ] C:\Program Files\Gateway\Gateway Power Management\PowerSettingControl.dll
22:37:37.0082 3812  C:\Program Files\Gateway\Gateway Power Management\PowerSettingControl.dll - ok
22:37:37.0098 3812  [ 6A16BCE3C09496650BE881C467611653 ] C:\Windows\System32\msi.dll
22:37:37.0098 3812  C:\Windows\System32\msi.dll - ok
22:37:37.0098 3812  [ 0191DEE9B9EB7902AF2CF4F67301095D ] C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
22:37:37.0098 3812  C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe - ok
22:37:37.0098 3812  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
22:37:37.0098 3812  C:\Windows\System32\IKEEXT.DLL - ok
22:37:37.0098 3812  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
22:37:37.0098 3812  C:\Windows\System32\vpnikeapi.dll - ok
22:37:37.0113 3812  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
22:37:37.0113 3812  C:\Windows\SysWOW64\wevtapi.dll - ok
22:37:37.0113 3812  [ DBC1136A62BD4DECC3632DF650284C2E ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:37:37.0113 3812  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
22:37:37.0113 3812  [ F9A2273BCDD8894CBC193EB5B6AF3BDD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\params.ppl
22:37:37.0113 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\params.ppl - ok
22:37:37.0129 3812  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
22:37:37.0129 3812  C:\Windows\System32\netman.dll - ok
22:37:37.0129 3812  [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
22:37:37.0129 3812  C:\Windows\System32\nlasvc.dll - ok
22:37:37.0129 3812  [ 351533ACC2A069B94E80BBFC177E8FDF ] C:\Windows\System32\drivers\npf.sys
22:37:37.0129 3812  C:\Windows\System32\drivers\npf.sys - ok
22:37:37.0129 3812  [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
22:37:37.0129 3812  C:\Windows\System32\ncsi.dll - ok
22:37:37.0144 3812  [ 828153456CCBA2DCBD00050F201E72E5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\tm.ppl
22:37:37.0144 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\tm.ppl - ok
22:37:37.0144 3812  [ F65BEBE969C232F60C7A13B0F00FB52C ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
22:37:37.0144 3812  C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok
22:37:37.0144 3812  [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
22:37:37.0144 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe - ok
22:37:37.0144 3812  [ 2EF8035D1B0587CE266456292C424C48 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\schedule.ppl
22:37:37.0144 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\schedule.ppl - ok
22:37:37.0160 3812  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
22:37:37.0160 3812  C:\Windows\System32\ssdpapi.dll - ok
22:37:37.0160 3812  [ 9855C227CCE2292316B8F087F7BDED85 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\regmap.ppl
22:37:37.0160 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\regmap.ppl - ok
22:37:37.0160 3812  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
22:37:37.0160 3812  C:\Windows\SysWOW64\oleacc.dll - ok
22:37:37.0160 3812  [ 101866C1CBA5FAD4C1C19F9B4A78D928 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\timer.ppl
22:37:37.0160 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\timer.ppl - ok
22:37:37.0176 3812  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
22:37:37.0176 3812  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
22:37:37.0176 3812  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
22:37:37.0176 3812  C:\Windows\System32\tapi32.dll - ok
22:37:37.0176 3812  [ 866CC7A87DCFE3E54F23DB15DF16EDF2 ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
22:37:37.0176 3812  C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok
22:37:37.0191 3812  [ A7F81986C063E17AC6AC1931E439FAD9 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
22:37:37.0191 3812  C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
22:37:37.0191 3812  [ 7681AA29DD873637FBA618DDAE12FF8D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\thpimpl.ppl
22:37:37.0191 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\thpimpl.ppl - ok
22:37:37.0207 3812  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
22:37:37.0207 3812  C:\Windows\SysWOW64\winspool.drv - ok
22:37:37.0207 3812  [ 7AE951F367834174FFD0BE01885A2E8A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\report.ppl
22:37:37.0207 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\report.ppl - ok
22:37:37.0207 3812  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
22:37:37.0207 3812  C:\Windows\SysWOW64\wbemcomn.dll - ok
22:37:37.0222 3812  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
22:37:37.0222 3812  C:\Windows\System32\drivers\PEAuth.sys - ok
22:37:37.0222 3812  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
22:37:37.0222 3812  C:\Windows\System32\aepic.dll - ok
22:37:37.0222 3812  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
22:37:37.0222 3812  C:\Windows\System32\sfc.dll - ok
22:37:37.0222 3812  [ C3C89ADB418317A548AA4C0B0170EA33 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\Pehook.dll
22:37:37.0222 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\Pehook.dll - ok
22:37:37.0238 3812  [ 93AC8012D1BCD9E20A090803F0D7DAF6 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ISchedule.dll
22:37:37.0238 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ISchedule.dll - ok
22:37:37.0238 3812  [ 64453CC9A9C6F9ECC7F0461365A47356 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\SyncDll.dll
22:37:37.0238 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\SyncDll.dll - ok
22:37:37.0238 3812  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
22:37:37.0238 3812  C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
22:37:37.0254 3812  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
22:37:37.0254 3812  C:\Windows\System32\sfc_os.dll - ok
22:37:37.0254 3812  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
22:37:37.0254 3812  C:\Windows\System32\drivers\secdrv.sys - ok
22:37:37.0254 3812  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
22:37:37.0254 3812  C:\Windows\System32\seclogon.dll - ok
22:37:37.0254 3812  [ 96BE845C8650A2B59B9BC4D798952969 ] C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
22:37:37.0254 3812  C:\Program Files (x86)\AVG\AVG2013\avgemca.exe - ok
22:37:37.0269 3812  [ 01761D2CA25DBC78B7D9AF18AC1389E4 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
22:37:37.0269 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll - ok
22:37:37.0269 3812  [ 3D084E8CE612C0CD86CDE2A34B65178A ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll
22:37:37.0269 3812  C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok
22:37:37.0269 3812  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] C:\Program Files (x86)\Skype\Updater\Updater.exe
22:37:37.0269 3812  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
22:37:37.0269 3812  [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
22:37:37.0269 3812  C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok
22:37:37.0285 3812  [ 6E8B025164079D78DAC2047B76994A02 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\reportdb.ppl
22:37:37.0285 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\reportdb.ppl - ok
22:37:37.0285 3812  [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
22:37:37.0285 3812  C:\Windows\System32\msvcr100.dll - ok
22:37:37.0285 3812  [ 78393E71EEF3D77E7BFB6449A4728B94 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\agent_stub.dll
22:37:37.0285 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\agent_stub.dll - ok
22:37:37.0300 3812  [ 3A10BE1693E89D0667437A4E8698A341 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll
22:37:37.0300 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll - ok
22:37:37.0300 3812  [ A6639BC625634614DC30392BD81C4001 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
22:37:37.0300 3812  C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok
22:37:37.0300 3812  [ B988968C8E5A6832CDDF05A74601CF7C ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll
22:37:37.0300 3812  C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok
22:37:37.0316 3812  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
22:37:37.0316 3812  C:\Windows\System32\drivers\srvnet.sys - ok
22:37:37.0316 3812  [ 323336FB1DA273A0715844BC695951A0 ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll
22:37:37.0316 3812  C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok
22:37:37.0316 3812  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
22:37:37.0316 3812  C:\Windows\System32\httpapi.dll - ok
22:37:37.0316 3812  [ C0148266689B5CE89E524948FD525CDD ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll
22:37:37.0316 3812  C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok
22:37:37.0332 3812  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
22:37:37.0332 3812  C:\Windows\System32\wiaservc.dll - ok
22:37:37.0332 3812  [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
22:37:37.0332 3812  C:\Windows\System32\drivers\tcpipreg.sys - ok
22:37:37.0332 3812  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
22:37:37.0332 3812  C:\Windows\System32\wiatrace.dll - ok
22:37:37.0347 3812  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
22:37:37.0347 3812  C:\Windows\System32\tapisrv.dll - ok
22:37:37.0347 3812  [ EFE65035A9866E832CF37E8322F350BE ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\procmon.ppl
22:37:37.0347 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\procmon.ppl - ok
22:37:37.0347 3812  [ D25E3B6B7464D79D68D2381624F0EEB2 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp.dll
22:37:37.0347 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp.dll - ok
22:37:37.0363 3812  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
22:37:37.0363 3812  C:\Windows\System32\sysmain.dll - ok
22:37:37.0363 3812  [ 02E24561ABDB008E22C98199903C119B ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll
22:37:37.0363 3812  C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok
22:37:37.0363 3812  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
22:37:37.0363 3812  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
22:37:37.0363 3812  [ 8B26ADA9835055103934D1C90A43BDA8 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\packed_io.dll
22:37:37.0363 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\packed_io.dll - ok
22:37:37.0378 3812  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
22:37:37.0378 3812  C:\Windows\System32\aeevts.dll - ok
22:37:37.0378 3812  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
22:37:37.0378 3812  C:\Windows\SysWOW64\taskschd.dll - ok
22:37:37.0378 3812  [ B15161C1E0BEBB324CD2D15B5A79ADBD ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll
22:37:37.0378 3812  C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll - ok
22:37:37.0394 3812  [ 55DED6BDA026AEBEAB1FDA6E32D9F5B5 ] C:\Program Files (x86)\AVG\AVG2013\avgclita.dll
22:37:37.0394 3812  C:\Program Files (x86)\AVG\AVG2013\avgclita.dll - ok
22:37:37.0394 3812  [ D2BB82DF91F4D8495235F954D346C4F5 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\VssAgent.dll
22:37:37.0394 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\VssAgent.dll - ok
22:37:37.0394 3812  [ 81C5672B4CD3B9C8531DB70CE9B2DB80 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\hashmd5.ppl
22:37:37.0394 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\hashmd5.ppl - ok
22:37:37.0394 3812  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
22:37:37.0394 3812  C:\Windows\SysWOW64\vssapi.dll - ok
22:37:37.0410 3812  [ 289CA818FBC9CA18D832AB1D3982950B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\crpthlpr.ppl
22:37:37.0410 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\crpthlpr.ppl - ok
22:37:37.0410 3812  [ 9F4992C3061FA2D77D3AC85A36179E7E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dtreg.ppl
22:37:37.0410 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dtreg.ppl - ok
22:37:37.0410 3812  [ 27ECAD1CB877D5F88548B52D9FDD62A7 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\excludemanager.dll
22:37:37.0410 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\excludemanager.dll - ok
22:37:37.0425 3812  [ 7D0A2502B733C848BC6B8E5D0054AD22 ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll
22:37:37.0425 3812  C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok
22:37:37.0425 3812  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
22:37:37.0425 3812  C:\Windows\SysWOW64\atl.dll - ok
22:37:37.0425 3812  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
22:37:37.0425 3812  C:\Windows\SysWOW64\vsstrace.dll - ok
22:37:37.0441 3812  [ BBA7B45244D28C800E4B28A9997EECE1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\acassembler.dll
22:37:37.0441 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\acassembler.dll - ok
22:37:37.0441 3812  [ 9B2CA1E7A69CD722E933FB327D3301FD ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IShadowS3.dll
22:37:37.0441 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IShadowS3.dll - ok
22:37:37.0441 3812  [ 0F0EF9FB102F8224F2CF1DBB923CC85B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\format_recognizer.dll
22:37:37.0441 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\format_recognizer.dll - ok
22:37:37.0456 3812  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
22:37:37.0456 3812  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
22:37:37.0456 3812  [ 41A4B8BA8F1346F9A502C9BE01F03CF0 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll
22:37:37.0456 3812  C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll - ok
22:37:37.0456 3812  [ 9A94644E2A9890FC9A7EE961057FFBA1 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll
22:37:37.0456 3812  C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok
22:37:37.0472 3812  [ 402794A75A899E296AB3EDEC4ECCB9A8 ] C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:37:37.0472 3812  C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe - ok
22:37:37.0472 3812  [ 7BF5EA753D4CC056B9462A02AC51B160 ] C:\Windows\SysWOW64\xmllite.dll
22:37:37.0472 3812  C:\Windows\SysWOW64\xmllite.dll - ok
22:37:37.0488 3812  [ 72D37545BC03B38537C3ACC7FA8FCA3A ] C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
22:37:37.0488 3812  C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll - ok
22:37:37.0488 3812  [ 7978B487E3FBBC666A494EBECBFB26A9 ] C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
22:37:37.0488 3812  C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll - ok
22:37:37.0488 3812  [ B4FCCE5BA0990AE78809379CB0C3873C ] C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
22:37:37.0488 3812  C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll - ok
22:37:37.0503 3812  [ 63416D211D4B15FD841A21E508081F4C ] C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
22:37:37.0503 3812  C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll - ok
22:37:37.0503 3812  [ 139590E1C420A439F23F261979A59BC4 ] C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
22:37:37.0503 3812  C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll - ok
22:37:37.0503 3812  [ 1697959965BC58308D046048A69E6C1E ] C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
22:37:37.0503 3812  C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll - ok
22:37:37.0503 3812  [ 50A078C76D94014B61238F1118B6E02C ] C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
22:37:37.0503 3812  C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll - ok
22:37:37.0519 3812  [ 1818CCEE5CFC3FCC876F42643109F2C0 ] C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
22:37:37.0519 3812  C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll - ok
22:37:37.0519 3812  [ EC0A0E7B3537BB2912221D4933216727 ] C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
22:37:37.0519 3812  C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll - ok
22:37:37.0519 3812  [ 3B319CC2334AC0D15BE25A5994065F13 ] C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
22:37:37.0519 3812  C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll - ok
22:37:37.0534 3812  [ 0E3CEB4FCE14AF72FBAAAE754A7C136A ] C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
22:37:37.0534 3812  C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll - ok
22:37:37.0534 3812  [ 6B28D57A511929227FF1C8F412C1A3F9 ] C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
22:37:37.0534 3812  C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll - ok
22:37:37.0534 3812  [ 6F08CABF92AF8FAB3509DD9F313B83F9 ] C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
22:37:37.0534 3812  C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll - ok
22:37:37.0534 3812  [ 3C3685C29EEF909266F124A184F849E6 ] C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
22:37:37.0534 3812  C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll - ok
22:37:37.0550 3812  [ A2C23B02DC32AA8D3801B84FB54137A6 ] C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
22:37:37.0550 3812  C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll - ok
22:37:37.0550 3812  [ CAF11064A276247FE9F30AB06C4F2F2C ] C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
22:37:37.0550 3812  C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll - ok
22:37:37.0550 3812  [ D433E08B64837534AFB786E454BAB61E ] C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
22:37:37.0550 3812  C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll - ok
22:37:37.0566 3812  [ CBE6C675D3B10E48EF7B25A5FF07B46D ] C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
22:37:37.0566 3812  C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll - ok
22:37:37.0566 3812  [ C1FA7D1A6548037873C90D4EEE34DF2B ] C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
22:37:37.0566 3812  C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll - ok
22:37:37.0566 3812  [ BC24199038F4BE63A1825CF168408120 ] C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
22:37:37.0566 3812  C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll - ok
22:37:37.0581 3812  [ 97188F405255248AC8316001411D9CC5 ] C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
22:37:37.0581 3812  C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll - ok
22:37:37.0581 3812  [ 73AF314C216F08A1C97BC03ECAD3A423 ] C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
22:37:37.0581 3812  C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll - ok
22:37:37.0581 3812  [ 1A208F0CEB6DE90A7EE3D4469B3A88BA ] C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
22:37:37.0581 3812  C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll - ok
22:37:37.0597 3812  [ 2A1A2C962BB789EF8EE8CF8CB8F100C0 ] C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
22:37:37.0597 3812  C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll - ok
22:37:37.0597 3812  [ 2330B3912A579F8A3FEEA001B79F6A11 ] C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
22:37:37.0597 3812  C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll - ok
22:37:37.0597 3812  [ D7573A8D927B68F962BD0B5DA6603EEF ] C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
22:37:37.0597 3812  C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll - ok
22:37:37.0612 3812  [ 4A01572D2030D49CEB0A319DE0BFF53C ] C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
22:37:37.0612 3812  C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll - ok
22:37:37.0612 3812  [ 993473C994254709A7E6DC20C9981F0D ] C:\Windows\SysWOW64\api-ms-win-service-core-l1-1-0.dll
22:37:37.0612 3812  C:\Windows\SysWOW64\api-ms-win-service-core-l1-1-0.dll - ok
22:37:37.0612 3812  [ 35215454C753D42BBD161BAF14DF7408 ] C:\Windows\SysWOW64\api-ms-win-service-management-l1-1-0.dll
22:37:37.0612 3812  C:\Windows\SysWOW64\api-ms-win-service-management-l1-1-0.dll - ok
22:37:37.0628 3812  [ 4A44C3838CB7724019E18593FE97686A ] C:\Windows\SysWOW64\api-ms-win-service-management-l2-1-0.dll
22:37:37.0628 3812  C:\Windows\SysWOW64\api-ms-win-service-management-l2-1-0.dll - ok
22:37:37.0628 3812  [ EA03D6CB2A8974DD1360861E06AF688A ] C:\Windows\SysWOW64\api-ms-win-service-winsvc-l1-1-0.dll
22:37:37.0628 3812  C:\Windows\SysWOW64\api-ms-win-service-winsvc-l1-1-0.dll - ok
22:37:37.0628 3812  [ C38E38A59F0BAF05E7268EC8A9ACC44A ] C:\Windows\SysWOW64\api-ms-win-security-lsalookup-l1-1-0.dll
22:37:37.0628 3812  C:\Windows\SysWOW64\api-ms-win-security-lsalookup-l1-1-0.dll - ok
22:37:37.0628 3812  [ 808AABDF9337312195CAFF76D1804786 ] C:\Windows\SysWOW64\ws2help.dll
22:37:37.0628 3812  C:\Windows\SysWOW64\ws2help.dll - ok
22:37:37.0628 3812  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
22:37:37.0628 3812  C:\Windows\SysWOW64\winsta.dll - ok
22:37:37.0644 3812  [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
22:37:37.0644 3812  C:\Windows\SysWOW64\dxgi.dll - ok
22:37:37.0644 3812  [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
22:37:37.0644 3812  C:\Windows\SysWOW64\d3d11.dll - ok
22:37:37.0644 3812  [ 2BFD300BE9C24D167092DF0B34C3EE88 ] C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
22:37:37.0644 3812  C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe - ok
22:37:37.0644 3812  [ 804AD3E54AD2C11BA91C28F73ADE90DA ] C:\Windows\SysWOW64\api-ms-win-security-sddl-l1-1-0.dll
22:37:37.0644 3812  C:\Windows\SysWOW64\api-ms-win-security-sddl-l1-1-0.dll - ok
22:37:37.0659 3812  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
22:37:37.0659 3812  C:\Windows\SysWOW64\dciman32.dll - ok
22:37:37.0659 3812  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
22:37:37.0659 3812  C:\Windows\SysWOW64\ddraw.dll - ok
22:37:37.0659 3812  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
22:37:37.0659 3812  C:\Windows\SysWOW64\d3d8thk.dll - ok
22:37:37.0659 3812  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
22:37:37.0659 3812  C:\Windows\SysWOW64\d3d9.dll - ok
22:37:37.0675 3812  [ 10BC927A9035AA6B244706D9C1641F16 ] C:\Program Files (x86)\AVG\AVG2013\avgchjwa.dll
22:37:37.0675 3812  C:\Program Files (x86)\AVG\AVG2013\avgchjwa.dll - ok
22:37:37.0675 3812  [ F3F571288CDE445881102E385BF3471F ] C:\Windows\SysWOW64\Magnification.dll
22:37:37.0675 3812  C:\Windows\SysWOW64\Magnification.dll - ok
22:37:37.0675 3812  [ 4B969AA85CDE4FB9FBCA5F99A66C507B ] C:\Program Files (x86)\AVG\AVG2013\avgcclia.dll
22:37:37.0675 3812  C:\Program Files (x86)\AVG\AVG2013\avgcclia.dll - ok
22:37:37.0690 3812  [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
22:37:37.0690 3812  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
22:37:37.0690 3812  [ 2B6E0DA1EC603AD25325BA8AFBA30114 ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
22:37:37.0690 3812  C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok
22:37:37.0690 3812  [ 766E937C55AF6580ACF7CDBB25096FED ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll
22:37:37.0690 3812  C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok
22:37:37.0706 3812  [ 84A4EE57462C8483AAE3F1DF2D82F4ED ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll
22:37:37.0706 3812  C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok
22:37:37.0706 3812  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
22:37:37.0706 3812  C:\Windows\SysWOW64\samlib.dll - ok
22:37:37.0706 3812  [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\SysWOW64\comres.dll
22:37:37.0706 3812  C:\Windows\SysWOW64\comres.dll - ok
22:37:37.0722 3812  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
22:37:37.0722 3812  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
22:37:37.0722 3812  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
22:37:37.0722 3812  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
22:37:37.0722 3812  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
22:37:37.0722 3812  C:\Windows\SysWOW64\ntdsapi.dll - ok
22:37:37.0737 3812  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
22:37:37.0737 3812  C:\Windows\SysWOW64\propsys.dll - ok
22:37:37.0737 3812  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
22:37:37.0737 3812  C:\Windows\SysWOW64\netprofm.dll - ok
22:37:37.0737 3812  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
22:37:37.0737 3812  C:\Windows\SysWOW64\npmproxy.dll - ok
22:37:37.0737 3812  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
22:37:37.0737 3812  C:\Windows\SysWOW64\sxs.dll - ok
22:37:37.0753 3812  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
22:37:37.0753 3812  C:\Windows\System32\trkwks.dll - ok
22:37:37.0753 3812  [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
22:37:37.0753 3812  C:\Windows\SysWOW64\msvfw32.dll - ok
22:37:37.0753 3812  [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
22:37:37.0753 3812  C:\Windows\SysWOW64\avicap32.dll - ok
22:37:37.0768 3812  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
22:37:37.0768 3812  C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe - ok
22:37:37.0768 3812  [ CBA3F6EF1E70167DB376B4013F71A62B ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
22:37:37.0768 3812  C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe - ok
22:37:37.0768 3812  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
22:37:37.0768 3812  C:\Windows\System32\wbem\WMIsvc.dll - ok
22:37:37.0784 3812  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
22:37:37.0784 3812  C:\Windows\System32\drivers\srv2.sys - ok
22:37:37.0784 3812  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
22:37:37.0784 3812  C:\Windows\System32\drivers\srv.sys - ok
22:37:37.0784 3812  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
22:37:37.0784 3812  C:\Windows\System32\rasmans.dll - ok
22:37:37.0800 3812  [ 48362E5DB5CB2C000C514EE1F3890ACD ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
22:37:37.0800 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
22:37:37.0800 3812  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
22:37:37.0800 3812  C:\Windows\System32\rastapi.dll - ok
22:37:37.0800 3812  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
22:37:37.0800 3812  C:\Windows\System32\wbem\WinMgmtR.dll - ok
22:37:37.0815 3812  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
22:37:37.0815 3812  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
22:37:37.0815 3812  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
22:37:37.0815 3812  C:\Windows\System32\wbem\wbemcore.dll - ok
22:37:37.0815 3812  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
22:37:37.0815 3812  C:\Windows\System32\wbem\fastprox.dll - ok
22:37:37.0815 3812  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
22:37:37.0815 3812  C:\Windows\System32\unimdm.tsp - ok
22:37:37.0831 3812  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
22:37:37.0831 3812  C:\Windows\System32\ntdsapi.dll - ok
22:37:37.0831 3812  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
22:37:37.0831 3812  C:\Windows\System32\uniplat.dll - ok
22:37:37.0831 3812  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
22:37:37.0831 3812  C:\Windows\System32\kmddsp.tsp - ok
22:37:37.0846 3812  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
22:37:37.0846 3812  C:\Windows\System32\ndptsp.tsp - ok
22:37:37.0846 3812  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
22:37:37.0846 3812  C:\Windows\System32\hidphone.tsp - ok
22:37:37.0846 3812  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
22:37:37.0846 3812  C:\Windows\SysWOW64\mscoree.dll - ok
22:37:37.0862 3812  [ 83BA5E873164A3711B44052F58C8FE9F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
22:37:37.0862 3812  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
22:37:37.0862 3812  [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
22:37:37.0862 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
22:37:37.0862 3812  [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
22:37:37.0862 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
22:37:37.0878 3812  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
22:37:37.0878 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
22:37:37.0878 3812  [ 96FAF00A7ADC61AF68192445623402FA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
22:37:37.0878 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll - ok
22:37:37.0893 3812  [ 91EA5FF9F105D373216E8C96F57E88E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll
22:37:37.0893 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll - ok
22:37:37.0893 3812  [ 40B899C989A2950CEED7BCDBF4FAD419 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
22:37:37.0893 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
22:37:37.0893 3812  [ FB12F7171920E05F40A239A6D646343F ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
22:37:37.0893 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
22:37:37.0909 3812  [ 05A321CF65AB46D8E29E717D13662519 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
22:37:37.0909 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll - ok
22:37:37.0909 3812  [ A3484A0159763330160FD820DE8C4624 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
22:37:37.0909 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll - ok
22:37:37.0909 3812  [ D9C5A74A4F609BE65DB0403425F54821 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
22:37:37.0909 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll - ok
22:37:37.0909 3812  [ 923AEF2769500FA55D3C13B200634854 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
22:37:37.0909 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
22:37:37.0924 3812  [ FC23815ADDB59AA92EDF79AE31200EEE ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
22:37:37.0924 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
22:37:37.0924 3812  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
22:37:37.0924 3812  C:\Windows\System32\wbem\esscli.dll - ok
22:37:37.0924 3812  [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
22:37:37.0924 3812  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
22:37:37.0924 3812  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
22:37:37.0924 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
22:37:37.0940 3812  [ E11AE58B6D040AE7E1E55741CB9C6694 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
22:37:37.0940 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll - ok
22:37:37.0940 3812  [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
22:37:37.0940 3812  C:\Windows\System32\iphlpsvc.dll - ok
22:37:37.0940 3812  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
22:37:37.0940 3812  C:\Windows\System32\sqmapi.dll - ok
22:37:37.0940 3812  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
22:37:37.0940 3812  C:\Windows\System32\wdscore.dll - ok
22:37:37.0956 3812  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
22:37:37.0956 3812  C:\Windows\System32\srvsvc.dll - ok
22:37:37.0956 3812  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
22:37:37.0956 3812  C:\Windows\System32\browser.dll - ok
22:37:37.0956 3812  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
22:37:37.0956 3812  C:\Windows\System32\wbem\wbemsvc.dll - ok
22:37:37.0971 3812  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
22:37:37.0971 3812  C:\Windows\System32\rasppp.dll - ok
22:37:37.0971 3812  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
22:37:37.0971 3812  C:\Windows\System32\vpnike.dll - ok
22:37:37.0971 3812  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
22:37:37.0971 3812  C:\Windows\System32\netmsg.dll - ok
22:37:37.0971 3812  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
22:37:37.0971 3812  C:\Windows\System32\wbem\wmiutils.dll - ok
22:37:37.0987 3812  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
22:37:37.0987 3812  C:\Windows\System32\wbem\repdrvfs.dll - ok
22:37:37.0987 3812  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
22:37:37.0987 3812  C:\Windows\System32\sscore.dll - ok
22:37:37.0987 3812  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
22:37:37.0987 3812  C:\Windows\System32\clusapi.dll - ok
22:37:37.0987 3812  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
22:37:37.0987 3812  C:\Windows\System32\resutils.dll - ok
22:37:38.0002 3812  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
22:37:38.0002 3812  C:\Windows\System32\hnetcfg.dll - ok
22:37:38.0002 3812  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
22:37:38.0002 3812  C:\Windows\System32\raschap.dll - ok
22:37:38.0002 3812  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
22:37:38.0002 3812  C:\Windows\System32\ipnathlp.dll - ok
22:37:38.0002 3812  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
22:37:38.0002 3812  C:\Windows\System32\mprapi.dll - ok
22:37:38.0002 3812  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
22:37:38.0002 3812  C:\Windows\System32\netshell.dll - ok
22:37:38.0018 3812  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
22:37:38.0018 3812  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
22:37:38.0018 3812  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
22:37:38.0018 3812  C:\Windows\System32\ncobjapi.dll - ok
22:37:38.0018 3812  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
22:37:38.0018 3812  C:\Windows\System32\wbem\wbemess.dll - ok
22:37:38.0018 3812  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
22:37:38.0034 3812  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
22:37:38.0034 3812  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
22:37:38.0034 3812  C:\Windows\System32\wdi.dll - ok
22:37:38.0034 3812  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
22:37:38.0034 3812  C:\Windows\System32\appinfo.dll - ok
22:37:38.0034 3812  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
22:37:38.0034 3812  C:\Windows\System32\wpdbusenum.dll - ok
22:37:38.0034 3812  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
22:37:38.0034 3812  C:\Windows\System32\perftrack.dll - ok
22:37:38.0049 3812  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
22:37:38.0049 3812  C:\Windows\System32\PortableDeviceApi.dll - ok
22:37:38.0049 3812  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
22:37:38.0049 3812  C:\Windows\System32\diagperf.dll - ok
22:37:38.0049 3812  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
22:37:38.0049 3812  C:\Windows\System32\wer.dll - ok
22:37:38.0049 3812  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
22:37:38.0049 3812  C:\Windows\System32\npmproxy.dll - ok
22:37:38.0065 3812  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
22:37:38.0065 3812  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
22:37:38.0065 3812  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
22:37:38.0065 3812  C:\Windows\System32\Apphlpdm.dll - ok
22:37:38.0065 3812  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
22:37:38.0065 3812  C:\Windows\System32\pnpts.dll - ok
22:37:38.0065 3812  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
22:37:38.0065 3812  C:\Windows\System32\aelupsvc.dll - ok
22:37:38.0080 3812  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
22:37:38.0080 3812  C:\Windows\System32\IPSECSVC.DLL - ok
22:37:38.0080 3812  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
22:37:38.0080 3812  C:\Windows\System32\wbem\cimwin32.dll - ok
22:37:38.0080 3812  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
22:37:38.0080 3812  C:\Windows\System32\wdiasqmmodule.dll - ok
22:37:38.0080 3812  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
22:37:38.0080 3812  C:\Windows\System32\FwRemoteSvr.dll - ok
22:37:38.0096 3812  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
22:37:38.0096 3812  C:\Windows\System32\runonce.exe - ok
22:37:38.0096 3812  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
22:37:38.0096 3812  C:\Windows\System32\dimsjob.dll - ok
22:37:38.0096 3812  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
22:37:38.0096 3812  C:\Windows\System32\pautoenr.dll - ok
22:37:38.0096 3812  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
22:37:38.0096 3812  C:\Windows\System32\framedynos.dll - ok
22:37:38.0096 3812  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
22:37:38.0096 3812  C:\Windows\System32\certcli.dll - ok
22:37:38.0112 3812  [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
22:37:38.0112 3812  C:\Windows\System32\security.dll - ok
22:37:38.0112 3812  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
22:37:38.0112 3812  C:\Windows\SysWOW64\runonce.exe - ok
22:37:38.0112 3812  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
22:37:38.0112 3812  C:\Windows\System32\dssenh.dll - ok
22:37:38.0127 3812  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
22:37:38.0127 3812  C:\Windows\System32\browcli.dll - ok
22:37:38.0127 3812  [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
22:37:38.0127 3812  C:\Windows\System32\schedcli.dll - ok
22:37:38.0127 3812  [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
22:37:38.0127 3812  C:\Windows\System32\wmi.dll - ok
22:37:38.0127 3812  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
22:37:38.0127 3812  C:\Windows\System32\CertEnroll.dll - ok
22:37:38.0143 3812  [ 660C8E78B94F483E44B0243A774A4746 ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
22:37:38.0143 3812  C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL - ok
22:37:38.0143 3812  [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
22:37:38.0143 3812  C:\Windows\System32\mprmsg.dll - ok
22:37:38.0143 3812  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
22:37:38.0143 3812  C:\Windows\System32\ndiscapCfg.dll - ok
22:37:38.0143 3812  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
22:37:38.0143 3812  C:\Windows\System32\rascfg.dll - ok
22:37:38.0158 3812  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
22:37:38.0158 3812  C:\Windows\System32\tcpipcfg.dll - ok
22:37:38.0158 3812  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
22:37:38.0158 3812  C:\Windows\System32\nci.dll - ok
22:37:38.0158 3812  [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
22:37:38.0158 3812  C:\Windows\System32\wlaninst.dll - ok
22:37:38.0158 3812  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
22:37:38.0158 3812  C:\Windows\System32\wwaninst.dll - ok
22:37:38.0174 3812  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
22:37:38.0174 3812  C:\Windows\System32\rundll32.exe - ok
22:37:38.0174 3812  [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
22:37:38.0174 3812  C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
22:37:38.0174 3812  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
22:37:38.0174 3812  C:\Windows\System32\actxprxy.dll - ok
22:37:38.0174 3812  [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
22:37:38.0174 3812  C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
22:37:38.0190 3812  [ A0E89D070F76E587837C3DDABF476E26 ] C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
22:37:38.0190 3812  C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe - ok
22:37:38.0190 3812  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
22:37:38.0190 3812  C:\Windows\SysWOW64\drprov.dll - ok
22:37:38.0190 3812  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
22:37:38.0190 3812  C:\Windows\SysWOW64\browcli.dll - ok
22:37:38.0190 3812  [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
22:37:38.0190 3812  C:\Windows\SysWOW64\davclnt.dll - ok
22:37:38.0190 3812  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
22:37:38.0190 3812  C:\Windows\SysWOW64\davhlpr.dll - ok
22:37:38.0205 3812  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
22:37:38.0205 3812  C:\Windows\SysWOW64\ntlanman.dll - ok
22:37:38.0205 3812  [ C7CFB71A0147F6499316833D18B7F879 ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll
22:37:38.0205 3812  C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok
22:37:38.0205 3812  [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
22:37:38.0205 3812  C:\Windows\System32\msvcp100.dll - ok
22:37:38.0205 3812  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
22:37:38.0205 3812  C:\Windows\SysWOW64\comdlg32.dll - ok
22:37:38.0221 3812  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
22:37:38.0221 3812  C:\Windows\SysWOW64\cmd.exe - ok
22:37:38.0221 3812  [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
22:37:38.0221 3812  C:\Windows\System32\spfileq.dll - ok
22:37:38.0221 3812  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
22:37:38.0221 3812  C:\Windows\SysWOW64\riched20.dll - ok
22:37:38.0221 3812  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
22:37:38.0221 3812  C:\Windows\SysWOW64\credssp.dll - ok
22:37:38.0236 3812  [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
22:37:38.0236 3812  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
22:37:38.0236 3812  [ FCC8F25A5F5A4D6BD57D917DB7A00D78 ] C:\Windows\SysWOW64\crtdll.dll
22:37:38.0236 3812  C:\Windows\SysWOW64\crtdll.dll - ok
22:37:38.0236 3812  [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
22:37:38.0236 3812  C:\Windows\System32\conhost.exe - ok
22:37:38.0236 3812  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
22:37:38.0236 3812  C:\Windows\SysWOW64\devenum.dll - ok
22:37:38.0252 3812  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
22:37:38.0252 3812  C:\Windows\SysWOW64\MMDevAPI.dll - ok
22:37:38.0252 3812  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
22:37:38.0252 3812  C:\Windows\SysWOW64\msdmo.dll - ok
22:37:38.0252 3812  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
22:37:38.0252 3812  C:\Windows\SysWOW64\avrt.dll - ok
22:37:38.0252 3812  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
22:37:38.0252 3812  C:\Windows\SysWOW64\ksuser.dll - ok
22:37:38.0268 3812  [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
22:37:38.0268 3812  C:\Windows\SysWOW64\wdmaud.drv - ok
22:37:38.0268 3812  [ 6FEBD94624EB67AE438096F42BDDFCBC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\avs.ppl
22:37:38.0268 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\avs.ppl - ok
22:37:38.0268 3812  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
22:37:38.0268 3812  C:\Windows\SysWOW64\AudioSes.dll - ok
22:37:38.0268 3812  [ D61F7832DAB5A2267569CECCD019627A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dmap.ppl
22:37:38.0268 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dmap.ppl - ok
22:37:38.0283 3812  [ 191DBD9DDDE40962B832AE15DEF3F5D9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threatsmanager.dll
22:37:38.0283 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threatsmanager.dll - ok
22:37:38.0283 3812  [ 34F23BAE6F7732F80321EC433AD5B1FC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\qb.ppl
22:37:38.0283 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\qb.ppl - ok
22:37:38.0283 3812  [ 4177F7840572920573FA800B3519C744 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\avengine.dll.4177f7840572920573fa800b3519c744
22:37:38.0283 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\avengine.dll.4177f7840572920573fa800b3519c744 - ok
22:37:38.0299 3812  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
22:37:38.0299 3812  C:\Windows\SysWOW64\winbrand.dll - ok
22:37:38.0299 3812  [ 536518BD3AA8EEC5802B2E822096404F ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavbase.kdl.536518bd3aa8eec5802b2e822096404f
22:37:38.0299 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavbase.kdl.536518bd3aa8eec5802b2e822096404f - ok
22:37:38.0299 3812  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
22:37:38.0299 3812  C:\Windows\SysWOW64\msacm32.dll - ok
22:37:38.0299 3812  [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
22:37:38.0299 3812  C:\Windows\SysWOW64\msacm32.drv - ok
22:37:38.0314 3812  [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
22:37:38.0314 3812  C:\Windows\SysWOW64\midimap.dll - ok
22:37:38.0314 3812  [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
22:37:38.0314 3812  C:\Windows\SysWOW64\hnetcfg.dll - ok
22:37:38.0314 3812  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
22:37:38.0314 3812  C:\Windows\SysWOW64\slc.dll - ok
22:37:38.0314 3812  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
22:37:38.0314 3812  C:\Windows\SysWOW64\dsound.dll - ok
22:37:38.0330 3812  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
22:37:38.0330 3812  C:\Windows\SysWOW64\powrprof.dll - ok
22:37:38.0330 3812  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
22:37:38.0330 3812  C:\Windows\System32\wbem\NCProv.dll - ok
22:37:38.0330 3812  [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\SysWOW64\ieframe.dll
22:37:38.0330 3812  C:\Windows\SysWOW64\ieframe.dll - ok
22:37:38.0330 3812  [ D7D20BC36610E84BD80CE42AF1EE8C5E ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.d7d20bc36610e84bd80ce42af1ee8c5e
22:37:38.0330 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.d7d20bc36610e84bd80ce42af1ee8c5e - ok
22:37:38.0346 3812  [ 01795AEDFA570A09106A387E4EF34E1B ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.01795aedfa570a09106a387e4ef34e1b
22:37:38.0346 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.01795aedfa570a09106a387e4ef34e1b - ok
22:37:38.0346 3812  [ FED411A74CC5C5DAC6AC7D81339FC781 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781
22:37:38.0346 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781 - ok
22:37:38.0346 3812  [ DD55BF01982B299CB867ACAD1944E6B6 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.dd55bf01982b299cb867acad1944e6b6
22:37:38.0346 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.dd55bf01982b299cb867acad1944e6b6 - ok
22:37:38.0346 3812  [ 41DC267440BC79CB8C2216BD28F1F254 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254
22:37:38.0346 3812  C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254 - ok
22:37:38.0361 3812  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
22:37:38.0361 3812  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
22:37:38.0361 3812  [ 0DEEBC119418EACDF5ED9BF5DCD3F767 ] C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_en.dll
22:37:38.0361 3812  C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_en.dll - ok
22:37:38.0361 3812  [ CA818189BD5209BCB627633A92C5F19B ] C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll
22:37:38.0361 3812  C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll - ok
22:37:38.0361 3812  [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
22:37:38.0361 3812  C:\Windows\SysWOW64\shdocvw.dll - ok
22:37:38.0377 3812  [ 5D76B4F0F415BB1FAA6695C360ED0F3A ] C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll
22:37:38.0377 3812  C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll - ok
22:37:38.0377 3812  [ 057DA7D1C60042EEF2398F72D86745D4 ] C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll
22:37:38.0377 3812  C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll - ok
22:37:38.0377 3812  [ A34FC9FDEA5D54BC8AB70A1B50223F82 ] C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
22:37:38.0377 3812  C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe - ok
22:37:38.0377 3812  [ A2B4F5412C204B823C2D20FDA2CBA693 ] C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
22:37:38.0377 3812  C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe - ok
22:37:38.0392 3812  [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
22:37:38.0392 3812  C:\Windows\SysWOW64\vfwwdm32.dll - ok
22:37:38.0392 3812  [ B492E85A40741A77C5B5D438381F5474 ] C:\Windows\System32\api-ms-win-service-management-l1-1-0.dll
22:37:38.0392 3812  C:\Windows\System32\api-ms-win-service-management-l1-1-0.dll - ok
22:37:38.0392 3812  [ 03164C3DD1DCE155A2528DE6CC878975 ] C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
22:37:38.0392 3812  C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll - ok
22:37:38.0408 3812  [ 580BE75B6D90FF6D0C08E5AAD2213C55 ] C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
22:37:38.0408 3812  C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll - ok
22:37:38.0408 3812  [ A05FA0E17EA9ADE6DC9B5C2BEC224030 ] C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
22:37:38.0408 3812  C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll - ok
22:37:38.0408 3812  [ DF38FFD9127965E857E6E8BF41E3AD66 ] C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
22:37:38.0408 3812  C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll - ok
22:37:38.0408 3812  [ 7FDFD0AF74C84A34A5EF289EB6044F32 ] C:\Windows\System32\api-ms-win-service-core-l1-1-0.dll
22:37:38.0408 3812  C:\Windows\System32\api-ms-win-service-core-l1-1-0.dll - ok
22:37:38.0424 3812  [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
22:37:38.0424 3812  C:\Windows\SysWOW64\credui.dll - ok
22:37:38.0424 3812  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
22:37:38.0424 3812  C:\Windows\SysWOW64\devrtl.dll - ok
22:37:38.0424 3812  [ 6EEEB6C90D19918A927CF0028BB5C535 ] C:\Windows\SysWOW64\puiapi.dll
22:37:38.0424 3812  C:\Windows\SysWOW64\puiapi.dll - ok
22:37:38.0424 3812  [ 28DC7159AC48CF4622D3D222590897C8 ] C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
22:37:38.0424 3812  C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll - ok
22:37:38.0439 3812  [ 20DC238620F694575DDEE8EC95265774 ] C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
22:37:38.0439 3812  C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll - ok
22:37:38.0439 3812  [ CD2FCB8F13EABE7702A8AE7DE49E90E5 ] C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
22:37:38.0439 3812  C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll - ok
22:37:38.0439 3812  [ BA959333F88D1FAF934CC1318AC3B69E ] C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
22:37:38.0439 3812  C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll - ok
22:37:38.0439 3812  [ 9335B95493FA6CBDF553E36820983A29 ] C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
22:37:38.0439 3812  C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll - ok
22:37:38.0455 3812  [ 244483EF6648ABE51A12C7EB01EB0A60 ] C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
22:37:38.0455 3812  C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll - ok
22:37:38.0455 3812  [ 028685592EF723982C5D6B98D6C4893D ] C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
22:37:38.0455 3812  C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll - ok
22:37:38.0455 3812  [ 07D74D633327AFF7E2360F32F83D8200 ] C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
22:37:38.0455 3812  C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll - ok
22:37:38.0455 3812  [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
22:37:38.0455 3812  C:\Windows\SysWOW64\adsldpc.dll - ok
22:37:38.0470 3812  [ 7B02A73700CC99A0B9E4D4C0AA2028BA ] C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
22:37:38.0470 3812  C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll - ok
22:37:38.0470 3812  [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
22:37:38.0470 3812  C:\Windows\SysWOW64\activeds.dll - ok
22:37:38.0470 3812  [ EAAA1E6695B3D5F834E91F41EB1BD9B2 ] C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
22:37:38.0470 3812  C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll - ok
22:37:38.0470 3812  [ C1D840725CBC18F1232B832083EAE51D ] C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
22:37:38.0470 3812  C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll - ok
22:37:38.0486 3812  [ D98882549D5D1246039BCF421202EB2E ] C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
22:37:38.0486 3812  C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll - ok
22:37:38.0486 3812  [ B45124A0A5E60906AB72B48C25348835 ] C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
22:37:38.0486 3812  C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll - ok
22:37:38.0486 3812  [ ED6346350B051FA98F755518E1DBC9C4 ] C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
22:37:38.0486 3812  C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll - ok
22:37:38.0486 3812  [ 18B5290C01924D87DDD0480BC8FAB8D6 ] C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
22:37:38.0486 3812  C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll - ok
22:37:38.0502 3812  [ 695612AA7E235938E1683CD00D61D157 ] C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
22:37:38.0502 3812  C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll - ok
22:37:38.0502 3812  [ 545466F436F875D0FFC171C12CAC3244 ] C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
22:37:38.0502 3812  C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll - ok
22:37:38.0502 3812  [ 9DF9B31EAC1669F244C02B61F10D123A ] C:\Windows\SysWOW64\printui.dll
22:37:38.0502 3812  C:\Windows\SysWOW64\printui.dll - ok
22:37:38.0502 3812  [ DE4B59CD672B016B0827D7FBBBB13B74 ] C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
22:37:38.0502 3812  C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll - ok
22:37:38.0517 3812  [ D0867BBAA5A1913DAAAB4687618FB0CE ] C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
22:37:38.0517 3812  C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll - ok
22:37:38.0517 3812  [ B1A6900FE182F839DA1B58CDC9E0B3AE ] C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
22:37:38.0517 3812  C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll - ok
22:37:38.0517 3812  [ E06E5AA16B3F7C72CDE3593CE87411BB ] C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
22:37:38.0517 3812  C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll - ok
22:37:38.0533 3812  [ 818C4DEC5316EA1147D059E4CAE75453 ] C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
22:37:38.0533 3812  C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll - ok
22:37:38.0533 3812  [ 42B7B6D5D9AE16C5793CE28029174D5E ] C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
22:37:38.0533 3812  C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll - ok
22:37:38.0533 3812  [ 9E229D60DA2FAB875C6A6AA451E6D028 ] C:\Windows\System32\api-ms-win-service-winsvc-l1-1-0.dll
22:37:38.0533 3812  C:\Windows\System32\api-ms-win-service-winsvc-l1-1-0.dll - ok
22:37:38.0533 3812  [ F74D145F733EF4ACE3E1BF38EC4E4418 ] C:\Windows\System32\api-ms-win-service-management-l2-1-0.dll
22:37:38.0533 3812  C:\Windows\System32\api-ms-win-service-management-l2-1-0.dll - ok
22:37:38.0548 3812  [ 927E0723FF793440B001289C4296FA98 ] C:\Windows\System32\puiapi.dll
22:37:38.0548 3812  C:\Windows\System32\puiapi.dll - ok
22:37:38.0548 3812  [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
22:37:38.0548 3812  C:\Windows\System32\adsldpc.dll - ok
22:37:38.0548 3812  [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\SysWOW64\newdev.dll
22:37:38.0548 3812  C:\Windows\SysWOW64\newdev.dll - ok
22:37:38.0564 3812  [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
22:37:38.0564 3812  C:\Windows\System32\activeds.dll - ok
22:37:38.0564 3812  [ BA0F80C7878558C28B1B298E94D259FF ] C:\Windows\System32\printui.dll
22:37:38.0564 3812  C:\Windows\System32\printui.dll - ok
22:37:38.0564 3812  [ BB7E865599FA258C70DF8B1F70109F6F ] C:\Windows\System32\newdev.dll
22:37:38.0564 3812  C:\Windows\System32\newdev.dll - ok
22:37:38.0564 3812  [ 2F87E55E937A91AAE118E3B89DE8BD6D ] C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll
22:37:38.0564 3812  C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll - ok
22:37:38.0580 3812  [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\KS\AppData\Local\Temp\F0222887-A5DF-435F-948C-CAC5644F814B.exe
22:37:38.0580 3812  C:\Users\KS\AppData\Local\Temp\F0222887-A5DF-435F-948C-CAC5644F814B.exe - ok
22:37:38.0580 3812  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
22:37:38.0580 3812  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
22:37:38.0580 3812  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
22:37:38.0580 3812  C:\Windows\SysWOW64\EhStorShell.dll - ok
22:37:38.0580 3812  [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
22:37:38.0580 3812  C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
22:37:38.0595 3812  [ EB77DB354791A5932CA559B6F6374E95 ] C:\Windows\SysWOW64\ntshrui.dll
22:37:38.0595 3812  C:\Windows\SysWOW64\ntshrui.dll - ok
22:37:38.0595 3812  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
22:37:38.0595 3812  C:\Windows\SysWOW64\imageres.dll - ok
22:37:38.0595 3812  [ 1FCB1A72BF5C784F7358E6BEF38E4571 ] C:\Windows\System32\timedate.cpl
22:37:38.0595 3812  C:\Windows\System32\timedate.cpl - ok
22:37:38.0595 3812  [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
22:37:38.0595 3812  C:\Windows\System32\shdocvw.dll - ok
22:37:38.0611 3812  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
22:37:38.0611 3812  C:\Windows\System32\linkinfo.dll - ok
22:37:38.0611 3812  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
22:37:38.0611 3812  C:\Windows\System32\msiltcfg.dll - ok
22:37:38.0611 3812  [ 8CF768306BF942A31169FABE70B7F5DD ] C:\Program Files\NetSpeedMonitor\nsm.dll
22:37:38.0611 3812  C:\Program Files\NetSpeedMonitor\nsm.dll - ok
22:37:38.0611 3812  [ E5DC4D49C90A70D7F848416915D39E49 ] C:\PROGRA~2\SOCIAL~1\MUITRA~1\PCMENV~1.DLL
22:37:38.0611 3812  C:\PROGRA~2\SOCIAL~1\MUITRA~1\PCMENV~1.DLL - ok
22:37:38.0626 3812  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
22:37:38.0626 3812  C:\Windows\System32\msftedit.dll - ok
22:37:38.0626 3812  [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
22:37:38.0626 3812  C:\Windows\System32\msls31.dll - ok
22:37:38.0626 3812  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
22:37:38.0626 3812  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
22:37:38.0626 3812  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
22:37:38.0626 3812  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
22:37:38.0642 3812  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
22:37:38.0642 3812  C:\Windows\System32\gameux.dll - ok
22:37:38.0642 3812  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
22:37:38.0642 3812  C:\Windows\SysWOW64\duser.dll - ok
22:37:38.0642 3812  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
22:37:38.0642 3812  C:\Windows\SysWOW64\dui70.dll - ok
22:37:38.0642 3812  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
22:37:38.0642 3812  C:\Windows\System32\DeviceCenter.dll - ok
22:37:38.0658 3812  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
22:37:38.0658 3812  C:\Windows\System32\UIAnimation.dll - ok
22:37:38.0658 3812  [ 30CCA31D938B70FB98343EB857F02945 ] C:\Windows\PLFSetI.exe
22:37:38.0658 3812  C:\Windows\PLFSetI.exe - ok
22:37:38.0658 3812  [ 1A493ED42BA0FA488518A79C3A96B46A ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
22:37:38.0658 3812  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
22:37:38.0658 3812  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
22:37:38.0658 3812  C:\Windows\System32\networkexplorer.dll - ok
22:37:38.0673 3812  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
22:37:38.0673 3812  C:\Windows\System32\drprov.dll - ok
22:37:38.0673 3812  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
22:37:38.0673 3812  C:\Windows\System32\ntlanman.dll - ok
22:37:38.0673 3812  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
22:37:38.0673 3812  C:\Windows\System32\davclnt.dll - ok
22:37:38.0673 3812  [ 35872462A15E749270213EDD3D1DF6E1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:37:38.0673 3812  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
22:37:38.0689 3812  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
22:37:38.0689 3812  C:\Windows\SysWOW64\oledlg.dll - ok
22:37:38.0689 3812  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
22:37:38.0689 3812  C:\Windows\SysWOW64\olepro32.dll - ok
22:37:38.0689 3812  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
22:37:38.0689 3812  C:\Windows\System32\davhlpr.dll - ok
22:37:38.0689 3812  [ 0DC4F0282238AAF4F044626B1BFBB1D4 ] C:\Windows\System32\SynCOM.dll
22:37:38.0689 3812  C:\Windows\System32\SynCOM.dll - ok
22:37:38.0689 3812  [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
22:37:38.0689 3812  C:\Windows\SysWOW64\ksproxy.ax - ok
22:37:38.0704 3812  [ 10D333207797686BBAEF0E4879CB0EFC ] C:\Windows\System32\SynTPAPI.dll
22:37:38.0704 3812  C:\Windows\System32\SynTPAPI.dll - ok
22:37:38.0704 3812  [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
22:37:38.0704 3812  C:\Windows\SysWOW64\vidcap.ax - ok
22:37:38.0704 3812  [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
22:37:38.0704 3812  C:\Windows\SysWOW64\Kswdmcap.ax - ok
22:37:38.0704 3812  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
22:37:38.0704 3812  C:\Windows\SysWOW64\mfc42.dll - ok
22:37:38.0720 3812  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
22:37:38.0720 3812  C:\Windows\SysWOW64\odbc32.dll - ok
22:37:38.0720 3812  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
22:37:38.0720 3812  C:\Windows\SysWOW64\odbcint.dll - ok
22:37:38.0720 3812  [ 391CD109EF28629644C267C855314DEE ] C:\Windows\System32\ieframe.dll
22:37:38.0720 3812  C:\Windows\System32\ieframe.dll - ok
22:37:38.0720 3812  [ BE9320CEB453839E3C85615937C1D4F5 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
22:37:38.0720 3812  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
22:37:38.0736 3812  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
22:37:38.0736 3812  C:\Windows\System32\dsound.dll - ok
22:37:38.0736 3812  [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
22:37:38.0736 3812  C:\Windows\System32\opengl32.dll - ok
22:37:38.0736 3812  [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
22:37:38.0736 3812  C:\Windows\System32\glu32.dll - ok
22:37:38.0736 3812  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
22:37:38.0736 3812  C:\Windows\System32\ddraw.dll - ok
22:37:38.0751 3812  [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
22:37:38.0751 3812  C:\Windows\System32\dciman32.dll - ok
22:37:38.0751 3812  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
22:37:38.0751 3812  C:\Windows\System32\oledlg.dll - ok
22:37:38.0751 3812  [ 3C02700EF2D1F93F83383918CCB6B5A1 ] C:\Windows\System32\RtkCfg64.dll
22:37:38.0751 3812  C:\Windows\System32\RtkCfg64.dll - ok
22:37:38.0751 3812  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
22:37:38.0751 3812  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
22:37:38.0767 3812  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
22:37:38.0767 3812  C:\Windows\System32\stobject.dll - ok
22:37:38.0767 3812  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
22:37:38.0767 3812  C:\Windows\System32\batmeter.dll - ok
22:37:38.0767 3812  [ 3F317440210CA5238F493F9FF5103C2D ] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
22:37:38.0767 3812  C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe - ok
22:37:38.0767 3812  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
22:37:38.0767 3812  C:\Windows\System32\prnfldr.dll - ok
22:37:38.0767 3812  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
22:37:38.0767 3812  C:\Windows\System32\DXP.dll - ok
22:37:38.0782 3812  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
22:37:38.0782 3812  C:\Windows\System32\Syncreg.dll - ok
22:37:38.0782 3812  [ 31922B07EE9CC358072C6B48ACB7CCC1 ] C:\Program Files\Gateway\Gateway Power Management\BrightnessControl.dll
22:37:38.0782 3812  C:\Program Files\Gateway\Gateway Power Management\BrightnessControl.dll - ok
22:37:38.0782 3812  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
22:37:38.0782 3812  C:\Windows\ehome\ehSSO.dll - ok
22:37:38.0782 3812  [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
22:37:38.0782 3812  C:\Windows\System32\dxva2.dll - ok
22:37:38.0798 3812  [ C4FE2A93FF7AF4665A640C33A4B7758C ] C:\Program Files\Gateway\Gateway Power Management\NetAdapterControl.dll
22:37:38.0798 3812  C:\Program Files\Gateway\Gateway Power Management\NetAdapterControl.dll - ok
22:37:38.0798 3812  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
22:37:38.0798 3812  C:\Windows\System32\wlanapi.dll - ok
22:37:38.0798 3812  [ 7254CB6191CE161F84924FFDCD46A7D9 ] C:\Program Files\Gateway\Gateway Power Management\CommonControl.dll
22:37:38.0798 3812  C:\Program Files\Gateway\Gateway Power Management\CommonControl.dll - ok
22:37:38.0814 3812  [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe
22:37:38.0814 3812  C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe - ok
22:37:38.0814 3812  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
22:37:38.0814 3812  C:\Windows\System32\thumbcache.dll - ok
22:37:38.0814 3812  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
22:37:38.0814 3812  C:\Windows\System32\WPDShServiceObj.dll - ok
22:37:38.0814 3812  [ 1F3A8448323CFA5E66AF02B1EDC2EEE4 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
22:37:38.0814 3812  C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
22:37:38.0829 3812  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
22:37:38.0829 3812  C:\Windows\System32\PortableDeviceTypes.dll - ok
22:37:38.0829 3812  [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
22:37:38.0829 3812  C:\Windows\System32\wbem\unsecapp.exe - ok
22:37:38.0829 3812  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
22:37:38.0829 3812  C:\Windows\System32\srchadmin.dll - ok
22:37:38.0845 3812  [ DD7DAE4E8F169D1FF4511FC292FF6FF6 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
22:37:38.0845 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
22:37:38.0845 3812  [ AD31942BDF3D594C404874613BC2FE4D ] C:\Windows\System32\SearchIndexer.exe
22:37:38.0845 3812  C:\Windows\System32\SearchIndexer.exe - ok
22:37:38.0845 3812  [ EBB4DD78A1165909FA207328BE5016D0 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
22:37:38.0845 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe - ok
22:37:38.0845 3812  [ FE7777B912168D900C2806E088A827FA ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
22:37:38.0845 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok
22:37:38.0860 3812  [ BE46DA4F746EA88DED1BC45F704D28E1 ] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\MUI\0409\Lang.dll
22:37:38.0860 3812  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\MUI\0409\Lang.dll - ok
22:37:38.0860 3812  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
22:37:38.0860 3812  C:\Windows\System32\ActionCenter.dll - ok
22:37:38.0860 3812  [ 30273CDB6D7175A8B3BC83706BFB7EB5 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
22:37:38.0860 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
22:37:38.0876 3812  [ A9B36CAB809EF486D456FA1A3B204152 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
22:37:38.0876 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll - ok
22:37:38.0876 3812  [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\goopdate.dll
22:37:38.0876 3812  C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\goopdate.dll - ok
22:37:38.0876 3812  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
22:37:38.0876 3812  C:\Windows\System32\AltTab.dll - ok
22:37:38.0892 3812  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
22:37:38.0892 3812  C:\Windows\System32\pnidui.dll - ok
22:37:38.0892 3812  [ A48D8166AB57CA6FF6D06FE6957D872A ] C:\Program Files (x86)\Video Web Camera\traybar.exe
22:37:38.0892 3812  C:\Program Files (x86)\Video Web Camera\traybar.exe - ok
22:37:38.0892 3812  [ 42251362E097134CCA9FC60A1B932EF8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
22:37:38.0892 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll - ok
22:37:38.0892 3812  [ 6C597496AB646EB9F31C68241050F771 ] C:\Windows\System32\tquery.dll
22:37:38.0892 3812  C:\Windows\System32\tquery.dll - ok
22:37:38.0907 3812  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
22:37:38.0907 3812  C:\Windows\System32\wbem\wmiprov.dll - ok
22:37:38.0907 3812  [ B283F9A1DEABD43ACC7481F893CF21E9 ] C:\Program Files (x86)\Launch Manager\LManager.exe
22:37:38.0907 3812  C:\Program Files (x86)\Launch Manager\LManager.exe - ok
22:37:38.0907 3812  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
22:37:38.0907 3812  C:\Windows\System32\QUTIL.DLL - ok
22:37:38.0923 3812  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
22:37:38.0923 3812  C:\Windows\SysWOW64\wlanapi.dll - ok
22:37:38.0923 3812  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
22:37:38.0923 3812  C:\Windows\System32\rasdlg.dll - ok
22:37:38.0923 3812  [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
22:37:38.0923 3812  C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
22:37:38.0923 3812  [ 017F5CE9BC2333FE0FB738B0A9C13C2F ] C:\Windows\System32\mssrch.dll
22:37:38.0923 3812  C:\Windows\System32\mssrch.dll - ok
22:37:38.0938 3812  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
22:37:38.0938 3812  C:\Windows\SysWOW64\wlanutil.dll - ok
22:37:38.0938 3812  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
22:37:38.0938 3812  C:\Windows\System32\dot3api.dll - ok
22:37:38.0938 3812  [ A07F12FA297F3F074D496B333C259AFA ] C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL
22:37:38.0938 3812  C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL - ok
22:37:38.0954 3812  [ 632A6D75FEEABC846EE9AEC33345EF34 ] C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL
22:37:38.0954 3812  C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL - ok
22:37:38.0954 3812  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
22:37:38.0954 3812  C:\Windows\System32\wlanhlp.dll - ok
22:37:38.0954 3812  [ 69259DD752862F5665413AFCFB4C0B0E ] C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL
22:37:38.0954 3812  C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL - ok
22:37:38.0954 3812  [ A53F59BC46766CE79E407AB6F451100D ] C:\Program Files (x86)\Launch Manager\WND2FILE.DLL
22:37:38.0954 3812  C:\Program Files (x86)\Launch Manager\WND2FILE.DLL - ok
22:37:38.0970 3812  [ 71FC112959B07D686E71541BD9D4F237 ] C:\Program Files (x86)\Launch Manager\PowerUtl.dll
22:37:38.0970 3812  C:\Program Files (x86)\Launch Manager\PowerUtl.dll - ok
22:37:38.0970 3812  [ 20D30D8717E9DFF90224B5AB37410D9D ] C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL
22:37:38.0970 3812  C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL - ok
22:37:38.0970 3812  [ FD5A0A28AAEA0421039242A9D592212B ] C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL
22:37:38.0970 3812  C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL - ok
22:37:38.0985 3812  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
22:37:38.0985 3812  C:\Windows\System32\WWanAPI.dll - ok
22:37:38.0985 3812  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
22:37:38.0985 3812  C:\Windows\System32\msidle.dll - ok
22:37:38.0985 3812  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
22:37:38.0985 3812  C:\Windows\System32\wwapi.dll - ok
22:37:38.0985 3812  [ EF4284C7256C66684C5FDA2043F63A10 ] C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll
22:37:38.0985 3812  C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll - ok
22:37:39.0001 3812  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
22:37:39.0001 3812  C:\Windows\System32\mssprxy.dll - ok
22:37:39.0001 3812  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
22:37:39.0001 3812  C:\Windows\System32\FXSST.dll - ok
22:37:39.0001 3812  [ C19AAD30985941B6B7E8D3A7BEFF715B ] C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
22:37:39.0001 3812  C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe - ok
22:37:39.0001 3812  [ 4879B16C91F56DCA20DDC598A96D476D ] C:\Program Files (x86)\Launch Manager\LmSmbKel.dll
22:37:39.0001 3812  C:\Program Files (x86)\Launch Manager\LmSmbKel.dll - ok
22:37:39.0016 3812  [ 61E4289E91E88C90478D7F4BEB10DCF7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
22:37:39.0016 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
22:37:39.0016 3812  [ 948B0B8A31017E7A0AC9B5B76702130E ] C:\Program Files (x86)\Launch Manager\MMDUtl.dll
22:37:39.0016 3812  C:\Program Files (x86)\Launch Manager\MMDUtl.dll - ok
22:37:39.0016 3812  [ E5AA46171E105F2BDA55B710070268AF ] C:\Program Files (x86)\Launch Manager\aipflib.dll
22:37:39.0016 3812  C:\Program Files (x86)\Launch Manager\aipflib.dll - ok
22:37:39.0016 3812  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
22:37:39.0016 3812  C:\Windows\System32\FXSAPI.dll - ok
22:37:39.0016 3812  [ 0D67A518BE3BC74C63423AC5595C7251 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
22:37:39.0016 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe - ok
22:37:39.0032 3812  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
22:37:39.0032 3812  C:\Windows\System32\FXSRESM.dll - ok
22:37:39.0032 3812  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
22:37:39.0032 3812  C:\Windows\System32\en-US\tquery.dll.mui - ok
22:37:39.0032 3812  [ C788F8A3286247E18D3B2109AD751FEE ] C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
22:37:39.0032 3812  C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe - ok
22:37:39.0032 3812  [ 92A9797D368E5952E753CC24321A7A0A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll
22:37:39.0032 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll - ok
22:37:39.0048 3812  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
22:37:39.0048 3812  C:\Windows\System32\QAGENT.DLL - ok
22:37:39.0048 3812  [ 13820B972D74B3DE4F6552A57AC799A7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
22:37:39.0048 3812  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
22:37:39.0048 3812  [ FE821F6FA60E9DF9FDEE69A23488BBAB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:37:39.0048 3812  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
22:37:39.0048 3812  [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
22:37:39.0048 3812  C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
22:37:39.0063 3812  [ F383B9F3E958F4AA543D2326876B985F ] C:\Program Files\Gateway\Gateway Power Management\SysHook.dll
22:37:39.0063 3812  C:\Program Files\Gateway\Gateway Power Management\SysHook.dll - ok
22:37:39.0063 3812  [ 5AAA9F136A6DEC2992529F5258AE4F54 ] C:\Program Files (x86)\Launch Manager\LMworker.exe
22:37:39.0063 3812  C:\Program Files (x86)\Launch Manager\LMworker.exe - ok
22:37:39.0063 3812  [ C71F26B6C46AF8C2003524AED21DBD18 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll
22:37:39.0063 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll - ok
22:37:39.0063 3812  [ 76BBDFDDBDAF651409D7ECA767D9A81C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll
22:37:39.0063 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll - ok
22:37:39.0079 3812  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
22:37:39.0079 3812  C:\Windows\System32\FXSSVC.exe - ok
22:37:39.0079 3812  [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
22:37:39.0079 3812  C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
22:37:39.0079 3812  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
22:37:39.0079 3812  C:\Windows\SysWOW64\shfolder.dll - ok
22:37:39.0079 3812  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
22:37:39.0079 3812  C:\Windows\SysWOW64\pdh.dll - ok
22:37:39.0094 3812  [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
22:37:39.0094 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
22:37:39.0094 3812  [ 063F592B4C0AE7F786BC1A1460FB380E ] C:\Program Files (x86)\Launch Manager\VistaVol.dll
22:37:39.0094 3812  C:\Program Files (x86)\Launch Manager\VistaVol.dll - ok
22:37:39.0094 3812  [ 4860790FA0F039A2C094BE4BF0CC5858 ] C:\Program Files (x86)\Launch Manager\CdDirIo.dll
22:37:39.0094 3812  C:\Program Files (x86)\Launch Manager\CdDirIo.dll - ok
22:37:39.0094 3812  [ 35460DE2379887F2EF69BEDD7698E013 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll
22:37:39.0094 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll - ok
22:37:39.0110 3812  [ 07BDE9690FDC796705E8BB811F61237B ] C:\Program Files (x86)\Launch Manager\NTKCUtl.dll
22:37:39.0110 3812  C:\Program Files (x86)\Launch Manager\NTKCUtl.dll - ok
22:37:39.0110 3812  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
22:37:39.0110 3812  C:\Windows\SysWOW64\cryptui.dll - ok
22:37:39.0110 3812  [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
22:37:39.0110 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
22:37:39.0110 3812  [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
22:37:39.0110 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
22:37:39.0126 3812  [ CA0C67BA7AEBA6AED5DDB852E6EEA811 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
22:37:39.0126 3812  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
22:37:39.0126 3812  [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
22:37:39.0126 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
22:37:39.0126 3812  [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
22:37:39.0126 3812  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
22:37:39.0126 3812  [ D9A08472D8D0218A0AE2C9D9F63EA531 ] C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
22:37:39.0126 3812  C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe - ok
22:37:39.0141 3812  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
22:37:39.0141 3812  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
22:37:39.0141 3812  [ 3D24A66867ECE2A70223A83A1B18248D ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
22:37:39.0141 3812  C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
22:37:39.0141 3812  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
22:37:39.0141 3812  C:\Windows\System32\qmgr.dll - ok
22:37:39.0141 3812  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
22:37:39.0157 3812  C:\Windows\System32\bitsperf.dll - ok
22:37:39.0157 3812  [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
22:37:39.0157 3812  C:\Windows\SysWOW64\mfc100u.dll - ok
22:37:39.0157 3812  [ 48E6868781B4E8BF4B77DBEC7694BCE8 ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
22:37:39.0157 3812  C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe - ok
22:37:39.0157 3812  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
22:37:39.0157 3812  C:\Windows\System32\bitsigd.dll - ok
22:37:39.0172 3812  [ 3F36BE4C340A9854F38C346A8F11D1A2 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
22:37:39.0172 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
22:37:39.0172 3812  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
22:37:39.0172 3812  C:\Windows\System32\upnp.dll - ok
22:37:39.0172 3812  [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll
22:37:39.0172 3812  C:\Windows\SysWOW64\shsvcs.dll - ok
22:37:39.0172 3812  [ 68BA12701DD6C9478B3A55FBD42C687B ] C:\Program Files (x86)\Skype\Updater\Updater.dll
22:37:39.0172 3812  C:\Program Files (x86)\Skype\Updater\Updater.dll - ok
22:37:39.0188 3812  [ EE5B38DD8B8EBBE8868B9EF00B815585 ] C:\Program Files (x86)\Real\RealPlayer\Update\setu3270.dll
22:37:39.0188 3812  C:\Program Files (x86)\Real\RealPlayer\Update\setu3270.dll - ok
22:37:39.0188 3812  [ 6ADF4A6E8A24784BCBA9A89823CC0094 ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
22:37:39.0188 3812  C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
22:37:39.0188 3812  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
22:37:39.0188 3812  C:\Windows\System32\ssdpsrv.dll - ok
22:37:39.0188 3812  [ 7301A8574C11A22CB63C45260F69988D ] C:\Program Files (x86)\Real\RealPlayer\realjbox.exe
22:37:39.0188 3812  C:\Program Files (x86)\Real\RealPlayer\realjbox.exe - ok
22:37:39.0204 3812  [ 01243FA89FBEC041E873DE8386138440 ] C:\Program Files (x86)\Real\RealPlayer\realplay.exe
22:37:39.0204 3812  C:\Program Files (x86)\Real\RealPlayer\realplay.exe - ok
22:37:39.0204 3812  [ 8A707C5CAE7065A2A570ACC2515DF799 ] C:\Windows\SysWOW64\nvd3dum.dll
22:37:39.0204 3812  C:\Windows\SysWOW64\nvd3dum.dll - ok
22:37:39.0204 3812  [ 6061114558D3D1CBE66F2EF2AF148966 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll
22:37:39.0204 3812  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll - ok
22:37:39.0204 3812  [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
22:37:39.0204 3812  C:\Windows\SysWOW64\mfc100enu.dll - ok
22:37:39.0219 3812  [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
22:37:39.0219 3812  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
22:37:39.0219 3812  [ 53AF191201128256DA822DC7994C0FC8 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
22:37:39.0219 3812  C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
22:37:39.0219 3812  [ 0F7BA40DF8393E2B644AD47A2B82EAF0 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
22:37:39.0219 3812  C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
22:37:39.0219 3812  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
22:37:39.0219 3812  C:\Windows\System32\msxml3.dll - ok
22:37:39.0235 3812  [ B1FDCFFF7609E121C10751A669AB1611 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
22:37:39.0235 3812  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
22:37:39.0235 3812  [ 11BE2933DA0600DE6A644C3A492675F4 ] C:\Windows\System32\irprops.cpl
22:37:39.0235 3812  C:\Windows\System32\irprops.cpl - ok
22:37:39.0235 3812  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
22:37:39.0235 3812  C:\Windows\System32\wsock32.dll - ok
22:37:39.0235 3812  [ 2E6373BDCA6C5690A9E5138CB75CE363 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
22:37:39.0235 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
22:37:39.0250 3812  [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
22:37:39.0250 3812  C:\Windows\System32\qmgrprxy.dll - ok
22:37:39.0250 3812  [ F01DD7190E67A45BD1D5FA4A12A78AA7 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
22:37:39.0250 3812  C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
22:37:39.0250 3812  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
22:37:39.0250 3812  C:\Windows\SysWOW64\qmgrprxy.dll - ok
22:37:39.0266 3812  [ A9F9D081518AC03A51C1195986076F42 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
22:37:39.0266 3812  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
22:37:39.0266 3812  [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
22:37:39.0266 3812  C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
22:37:39.0266 3812  [ BFEBEA1302E37FBB257431B14C569C7E ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
22:37:39.0266 3812  C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
22:37:39.0266 3812  [ 020D5F7ABD814935C1BBD55D97F11DB8 ] C:\Program Files (x86)\Real\RealPlayer\rpwa3260.dll
22:37:39.0266 3812  C:\Program Files (x86)\Real\RealPlayer\rpwa3260.dll - ok
22:37:39.0282 3812  [ 8637EE0160F32CC321A571F9D10E5E24 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dcc781ebbddf98a9cf6dd4f3b17f1063\System.Web.ni.dll
22:37:39.0282 3812  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dcc781ebbddf98a9cf6dd4f3b17f1063\System.Web.ni.dll - ok
22:37:39.0282 3812  [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
22:37:39.0282 3812  C:\Windows\SysWOW64\gameux.dll - ok
22:37:39.0282 3812  [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
22:37:39.0282 3812  C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok
22:37:39.0282 3812  [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
22:37:39.0282 3812  C:\Windows\SysWOW64\wer.dll - ok
22:37:39.0297 3812  [ C653D7F4BDC08A06A187BF48050FE23C ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
22:37:39.0297 3812  C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
22:37:39.0297 3812  [ C83470111578D3039DB619529AF40720 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
22:37:39.0297 3812  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
22:37:39.0297 3812  [ 5E21285DA720664CEC9B57664D4D2407 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
22:37:39.0297 3812  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
22:37:39.0297 3812  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
22:37:39.0297 3812  C:\Windows\SysWOW64\linkinfo.dll - ok
22:37:39.0313 3812  [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
22:37:39.0313 3812  C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok
22:37:39.0313 3812  [ B356974843FABDF2ECE17097C0D72EE8 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
22:37:39.0313 3812  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
22:37:39.0313 3812  [ B80B70609797F944517186DDAC174A50 ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll
22:37:39.0313 3812  C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok
22:37:39.0313 3812  [ 730E90935150048A4E5F392FCDD49DA3 ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
22:37:39.0313 3812  C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok
22:37:39.0328 3812  [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
22:37:39.0328 3812  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
22:37:39.0328 3812  [ 0FF335D687C85097725A53458160E81E ] C:\Program Files\iPod\bin\iPodService.exe
22:37:39.0328 3812  C:\Program Files\iPod\bin\iPodService.exe - ok
22:37:39.0328 3812  [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
22:37:39.0328 3812  C:\Windows\SysWOW64\perfproc.dll - ok
22:37:39.0344 3812  [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
22:37:39.0344 3812  C:\Windows\SysWOW64\perfdisk.dll - ok
22:37:39.0344 3812  [ 3C39BB6AF56C339EB141C2CBE5D5C95C ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
22:37:39.0344 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
22:37:39.0344 3812  [ 1A1A837A3377722129D94DF0B848870E ] C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
22:37:39.0344 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll - ok
22:37:39.0344 3812  [ 00BAE825E9917E3115843F85E09FDF55 ] C:\Users\KS\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
22:37:39.0344 3812  C:\Users\KS\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll - ok
22:37:39.0360 3812  [ D438E10D47A654C06D7A70C94D1A4DBF ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
22:37:39.0360 3812  C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
22:37:39.0360 3812  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
22:37:39.0360 3812  C:\Windows\SysWOW64\rundll32.exe - ok
22:37:39.0360 3812  [ 21029085C3A8856E794F30DF261AC408 ] C:\Windows\System32\XPSSHHDR.dll
22:37:39.0360 3812  C:\Windows\System32\XPSSHHDR.dll - ok
22:37:39.0360 3812  [ 75EAA6150FD1D7B0C042A1A48AEF1752 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
22:37:39.0360 3812  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
22:37:39.0375 3812  [ 52F71A5790E1B6FFC34648F3B311EEE1 ] C:\Windows\SysWOW64\jscript.dll
22:37:39.0375 3812  C:\Windows\SysWOW64\jscript.dll - ok
22:37:39.0375 3812  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
22:37:39.0375 3812  C:\Windows\SysWOW64\perfos.dll - ok
22:37:39.0375 3812  [ F1C48535CD981B0E024D139C21529E7F ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
22:37:39.0375 3812  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
22:37:39.0375 3812  [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
22:37:39.0375 3812  C:\Windows\AppPatch\AcLayers.dll - ok
22:37:39.0391 3812  [ C0DE9F616610BE344F2FF58009845100 ] C:\Windows\System32\xpssvcs.dll
22:37:39.0391 3812  C:\Windows\System32\xpssvcs.dll - ok
22:37:39.0391 3812  [ BFC68382466436FAE8B7A27966FB98CB ] C:\Windows\AppPatch\acwow64.dll
22:37:39.0391 3812  C:\Windows\AppPatch\acwow64.dll - ok
22:37:39.0391 3812  [ 0B69A4E57113D3140D6511E50016CE70 ] C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll
22:37:39.0391 3812  C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll - ok
22:37:39.0391 3812  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
22:37:39.0391 3812  C:\Windows\SysWOW64\msimtf.dll - ok
22:37:39.0406 3812  [ CB811C14C225DD07B98E676DFB0221E6 ] C:\Windows\SysWOW64\jscript9.dll
22:37:39.0406 3812  C:\Windows\SysWOW64\jscript9.dll - ok
22:37:39.0406 3812  [ 53D225764FBE85BBBA747F6DD4C02A54 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll
22:37:39.0406 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll - ok
22:37:39.0406 3812  [ A7E763DE54F5A3514523E5161DAC780F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll
22:37:39.0406 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll - ok
22:37:39.0406 3812  [ 4B6341866AB377401CF542C48167A42D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll
22:37:39.0406 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll - ok
22:37:39.0422 3812  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
22:37:39.0422 3812  C:\Windows\SysWOW64\msxml3.dll - ok
22:37:39.0422 3812  [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
22:37:39.0422 3812  C:\Windows\SysWOW64\d2d1.dll - ok
22:37:39.0422 3812  [ 624CD4A603105D62E1CFCD4677BE2C82 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll
22:37:39.0422 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll - ok
22:37:39.0438 3812  [ F188E231B46A90DBB53A3461CE97E850 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll
22:37:39.0438 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll - ok
22:37:39.0438 3812  [ 738AD6DF5AEA144D0B0AA8F9348DC946 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll
22:37:39.0438 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll - ok
22:37:39.0438 3812  [ E7382FE735687351D3D0B6A2954A14FA ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll
22:37:39.0438 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll - ok
22:37:39.0438 3812  [ 3F78C35AE4C322E1C21BA6A59415623E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd
22:37:39.0438 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd - ok
22:37:39.0453 3812  [ EF8E5E4FD6C023B1E6F26E947EDD1DD4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll
22:37:39.0453 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll - ok
22:37:39.0453 3812  [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\SysWOW64\DWrite.dll
22:37:39.0453 3812  C:\Windows\SysWOW64\DWrite.dll - ok
22:37:39.0453 3812  [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
22:37:39.0453 3812  C:\Windows\SysWOW64\d3d10warp.dll - ok
22:37:39.0453 3812  [ D18DFBAC909527D5405802EAFBCC0B51 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd
22:37:39.0453 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd - ok
22:37:39.0469 3812  [ 1276B62E3CA847317F5083DEAD342DCA ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd
22:37:39.0469 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd - ok
22:37:39.0469 3812  [ 611E983C8D4F640405CE5DE80EA1F786 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd
22:37:39.0469 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd - ok
22:37:39.0469 3812  [ 151F7343580AFFB4AEC72AD24D075DE2 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd
22:37:39.0469 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd - ok
22:37:39.0469 3812  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
22:37:39.0469 3812  C:\Windows\SysWOW64\schannel.dll - ok
22:37:39.0484 3812  [ 5C600B263C535BA148D87C0CCBC0BFB4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd
22:37:39.0484 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd - ok
22:37:39.0484 3812  [ AC76F190F4E13B171AD059069F5853AF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll
22:37:39.0484 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll - ok
22:37:39.0484 3812  [ 8F0322CEA3CEFA07F4F25EB6D73FEC0D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll
22:37:39.0484 3812  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll - ok
22:37:39.0500 3812  [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
22:37:39.0500 3812  C:\Windows\SysWOW64\msls31.dll - ok
22:37:39.0500 3812  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
22:37:39.0500 3812  C:\Windows\SysWOW64\mlang.dll - ok
22:37:39.0500 3812  ============================================================
22:37:39.0500 3812  Scan finished
22:37:39.0500 3812  ============================================================
22:37:39.0500 5336  Detected object count: 2
22:37:39.0500 5336  Actual detected object count: 2
22:39:51.0436 5336  C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE - copied to quarantine
22:39:51.0436 5336  !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
22:39:51.0577 5336  C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe - copied to quarantine
22:39:51.0577 5336  NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
22:41:10.0091 4540  Deinitialize success
 


OTL logfile created on: 7/17/2013 10:45:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KS\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
 
3.87 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 45.06% Memory free
7.73 Gb Paging File | 5.36 Gb Available in Paging File | 69.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 73.86 Gb Free Space | 16.35% Space Free | Partition Type: NTFS
 
Computer Name: KS-PC | User Name: KS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/07/17 21:58:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KS\Downloads\OTL.exe
PRC - [2013/07/17 21:57:46 | 002,240,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\KS\AppData\Local\Temp\F0222887-A5DF-435F-948C-CAC5644F814B.exe
PRC - [2013/07/08 23:09:10 | 011,596,128 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/07/08 23:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/07/08 22:59:02 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/03/27 14:02:42 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013/03/27 13:31:18 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013/01/06 14:25:22 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/11/29 19:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/04 19:27:08 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2011/06/01 17:57:16 | 000,561,984 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
PRC - [2010/04/08 16:18:40 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/04/08 16:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/04/08 16:18:40 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/03/25 19:57:06 | 000,600,688 | ---- | M] (Chicony) -- C:\Program Files (x86)\Video Web Camera\traybar.exe
PRC - [2010/03/18 16:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 16:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/09 11:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
PRC - [2010/03/09 11:55:42 | 000,252,928 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
PRC - [2010/02/26 17:39:02 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/01/29 11:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2010/01/09 01:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
PRC - [2009/12/24 12:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/24 12:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/12 17:35:38 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
MOD - [2013/07/12 17:34:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/12 17:34:24 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/12 17:33:35 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/12 17:33:20 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/12 17:33:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/12 17:33:14 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/12 17:32:46 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/09 12:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
MOD - [2010/02/26 17:39:02 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 18:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/05/27 17:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/12 21:00:24 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/11/23 02:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV:64bit: - [2010/03/26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/03/17 10:56:12 | 000,866,336 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/29 11:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 12:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2013/07/08 23:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/03 19:52:16 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/27 20:26:06 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/24 21:53:50 | 000,034,528 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/03/27 14:02:42 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/11/29 19:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/04 19:27:08 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/06/26 05:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/04/08 16:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/03/18 16:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 16:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/09 11:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/01/16 09:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/09 01:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/12/24 12:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/10/10 14:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/11 09:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/04/24 21:53:52 | 000,036,736 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/03/29 02:53:48 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/21 14:44:14 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/02/08 03:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/02/08 03:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/02/08 03:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/02/08 03:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/02/08 03:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/13 10:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2012/11/23 02:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2012/11/15 21:06:04 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012/09/04 19:27:09 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/20 11:46:54 | 000,099,192 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_7111_21451.SYS -- (NEOFLTR_7111_21451)
DRV:64bit: - [2012/03/01 18:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/23 04:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 09:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/11/21 01:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 01:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 01:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 23:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/26 05:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/04/19 20:56:42 | 000,245,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/21 21:59:08 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/03/06 13:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/02 18:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/03/02 17:25:00 | 001,098,784 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010/02/15 23:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/02/10 19:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/28 23:55:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/01/14 18:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/01/14 18:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/12/18 05:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/12/10 23:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 17:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 13:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 13:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 13:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 08:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 08:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 08:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 08:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/06 11:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 11:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2009/07/14 13:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enNZ448
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACGW_enNZ448NZ448
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B34712C68-7391-4c47-94F3-8F88D49AD632%7D:1.3.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: addon%40freecorder.com:7.0.0.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KS\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013/02/20 21:18:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013/02/20 21:18:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/06 14:25:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/03 19:52:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/03 19:52:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/10/30 09:15:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Extensions
[2013/07/17 18:29:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions
[2012/10/08 16:16:43 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2013/06/26 18:58:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/06/27 21:16:01 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\addon@freecorder.com
[2013/07/17 18:29:09 | 000,535,736 | ---- | M] () (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/15 13:56:46 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/13 10:41:46 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\9ci6q575.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/07/03 19:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/03 19:52:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/03 19:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/03 19:52:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/03 19:52:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/01/06 14:25:51 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\KS\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\KS\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\KS\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\KS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: FreeHDSport.TV = C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok\1.2_0\
CHR - Extension: User-Agent Switcher for Chrome = C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.26_0\
CHR - Extension: Resolution Test = C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhfcdbheobinplaamokffboaccidbal\2.0_0\
CHR - Extension: RealDownloader = C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Skype Click to Call = C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
 
O1 HOSTS File: ([2012/09/10 20:19:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.5.20.3\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.5.20.3\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Video Web Camera\traybar.exe (Chicony)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vralisausydhb11.connectge.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{115BBA5D-E946-4CE4-A5AC-1E32BEEB82F2}: DhcpNameServer = 10.1.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\common~1\jaksta~1\audioc~1\jaudcap.dll) - c:\Program Files (x86)\Common Files\Jaksta Technologies\Audio Capture\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/07/17 22:39:51 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/07/17 22:08:07 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013/07/11 21:02:37 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\TeamViewer
[2013/07/09 17:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/07/06 20:03:39 | 000,000,000 | ---D | C] -- C:\Users\KS\Desktop\RK_Quarantine
[2013/07/03 19:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/06/30 20:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32
[2013/06/30 20:24:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GnuWin32
[2013/06/29 17:41:24 | 000,000,000 | R--D | C] -- C:\Users\KS\Dropbox
[2013/06/29 17:39:41 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/06/29 17:39:03 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\Dropbox
[2013/06/28 19:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/06/27 21:48:42 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Audio
[2013/06/27 21:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2013/06/27 21:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2013/06/27 21:46:58 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Video
[2013/06/27 21:42:39 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Screen
[2013/06/27 21:42:38 | 000,000,000 | ---D | C] -- C:\Users\KS\Documents\Freecorder
[2013/06/27 21:42:37 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Local\Jaksta_Technologies_Pty_L
[2013/06/27 21:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/06/27 21:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Jaksta Technologies
[2013/06/27 21:19:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Jaksta Technologies
[2013/06/27 21:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian Technologies
[2013/06/27 21:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder extension x64
[2013/06/27 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Local\TechSmith
[2013/06/27 19:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2013/06/27 19:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013/06/25 17:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/06/25 17:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/06/25 17:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/06/25 17:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/06/25 17:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/06/23 14:17:13 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/06/23 13:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/06/23 13:25:18 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Local\Programs
[2013/06/22 19:52:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin
[2013/06/22 19:17:15 | 000,000,000 | ---D | C] -- C:\cygwin
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/17 22:45:02 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/17 22:41:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/17 22:41:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/17 22:33:36 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/17 22:33:31 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_KS.job
[2013/07/17 22:32:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/17 22:32:38 | 3113,254,912 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/17 22:28:13 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/17 22:09:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2684684423-307724796-3963157818-1001UA.job
[2013/07/17 22:08:07 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013/07/17 17:09:07 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2684684423-307724796-3963157818-1001Core.job
[2013/07/17 16:59:46 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_KS.job
[2013/07/14 09:52:27 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_KS.job
[2013/07/13 11:25:41 | 000,001,129 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat
[2013/07/12 17:30:53 | 000,427,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/11 21:44:13 | 000,784,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/11 21:44:13 | 000,652,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/11 21:44:13 | 000,121,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/10 00:03:33 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/07/09 17:20:10 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/06/29 17:41:24 | 000,001,041 | ---- | M] () -- C:\Users\KS\Desktop\Dropbox.lnk
[2013/06/29 17:39:55 | 000,000,274 | ---- | M] () -- C:\Windows\wininit.ini
[2013/06/28 19:35:46 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/28 19:21:11 | 000,764,810 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/27 22:15:35 | 000,001,437 | ---- | M] () -- C:\Users\KS\Desktop\Screen - Shortcut.lnk
[2013/06/25 17:27:47 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/06/23 14:17:14 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/06/23 13:25:36 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/23 13:21:41 | 000,000,479 | ---- | M] () -- C:\Users\KS\Desktop\Desktop.lnk
[2013/06/22 19:52:15 | 000,000,579 | ---- | M] () -- C:\Users\Public\Desktop\Cygwin Terminal.lnk
[2013/06/20 20:37:06 | 000,000,258 | RHS- | M] () -- C:\Users\KS\ntuser.pol
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/13 11:17:01 | 000,001,129 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat
[2013/06/29 17:41:24 | 000,001,041 | ---- | C] () -- C:\Users\KS\Desktop\Dropbox.lnk
[2013/06/28 19:35:46 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/27 22:15:47 | 000,001,437 | ---- | C] () -- C:\Users\KS\Desktop\Screen - Shortcut.lnk
[2013/06/27 18:49:29 | 000,764,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/25 17:27:47 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/06/23 13:25:36 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/23 13:21:24 | 000,000,479 | ---- | C] () -- C:\Users\KS\Desktop\Desktop.lnk
[2013/06/22 19:52:15 | 000,000,579 | ---- | C] () -- C:\Users\Public\Desktop\Cygwin Terminal.lnk
[2013/06/20 20:37:06 | 000,000,258 | RHS- | C] () -- C:\Users\KS\ntuser.pol
[2013/06/19 18:30:14 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_KS.job
[2013/06/19 18:30:13 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_KS.job
[2013/06/19 18:30:06 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_KS.job
[2013/03/12 20:24:06 | 000,003,584 | ---- | C] () -- C:\Users\KS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/29 15:57:35 | 000,000,274 | ---- | C] () -- C:\Windows\wininit.ini
[2012/09/01 10:25:36 | 000,000,000 | ---- | C] () -- C:\Users\KS\defogger_reenable
[2012/05/19 23:34:19 | 000,034,814 | ---- | C] () -- C:\Users\KS\AppData\Local\dt.dat
[2011/12/09 22:23:03 | 000,000,600 | ---- | C] () -- C:\Users\KS\AppData\Local\PUTTY.RND
[2011/09/04 01:16:21 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/09/04 01:16:21 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
 
========== ZeroAccess Check ==========
 
[2009/07/14 16:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 17:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 16:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 13:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 13:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/01/16 16:26:24 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\.emacs.d
[2012/05/27 09:55:34 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Ad-Aware Antivirus
[2012/12/16 20:41:37 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\AVG2013
[2013/05/30 20:59:53 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2013/05/31 18:13:46 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\BitTorrent
[2013/07/11 21:12:45 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\CheckPoint
[2013/03/11 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Chief Architect Inc
[2013/07/06 07:18:46 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Chief Architect Premier X5
[2013/07/06 07:11:21 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Dropbox
[2012/07/07 21:04:27 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\eTeks
[2013/06/27 21:48:42 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Audio
[2013/06/27 21:42:39 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Screen
[2013/06/27 21:46:58 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Video
[2013/03/11 18:51:47 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\GetRightToGo
[2012/10/29 15:58:38 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Juniper Networks
[2012/05/19 23:23:08 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\MusicNet
[2013/07/17 23:00:07 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\NetSpeedMonitor
[2012/04/12 21:30:16 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Notepad++
[2012/07/21 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\npm
[2013/07/10 20:48:29 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\npm-cache
[2012/05/30 23:39:59 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\ooVoo Details
[2011/09/13 10:07:30 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\SNS
[2013/07/11 21:02:37 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\TeamViewer
[2012/12/16 20:31:37 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\TuneUp Software
[2013/06/15 17:19:51 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< c:\windows\*. /SL >
[2009/07/14 17:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 17:08:49 | 000,032,644 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/06 09:41:03 | 000,000,894 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/09/06 09:41:03 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011/10/31 17:51:47 | 000,000,844 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2684684423-307724796-3963157818-1001Core.job
[2011/10/31 17:51:47 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2684684423-307724796-3963157818-1001UA.job
[2013/06/07 17:17:34 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/06/19 18:30:06 | 000,000,354 | ---- | C] () -- C:\Windows\Tasks\ReclaimerUpdateXML_KS.job
[2013/06/19 18:30:13 | 000,000,358 | ---- | C] () -- C:\Windows\Tasks\ReclaimerUpdateFiles_KS.job
[2013/06/19 18:30:14 | 000,000,364 | ---- | C] () -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_KS.job
 
< c:\windows\*. /RP >
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2013/01/16 16:26:24 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\.emacs.d
[2012/05/27 09:55:34 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Ad-Aware Antivirus
[2013/05/30 20:59:14 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Adobe
[2013/05/25 13:13:02 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Apple Computer
[2012/12/16 20:41:37 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\AVG2013
[2011/11/06 18:48:36 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\AVS4YOU
[2013/05/30 20:59:53 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2013/05/31 18:13:46 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\BitTorrent
[2013/07/11 21:12:45 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\CheckPoint
[2013/03/11 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Chief Architect Inc
[2013/07/06 07:18:46 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Chief Architect Premier X5
[2011/12/23 11:23:50 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\CyberLink
[2013/07/06 07:11:21 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Dropbox
[2013/06/19 19:30:41 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\dvdcss
[2012/07/07 21:04:27 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\eTeks
[2013/06/27 21:48:42 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Audio
[2013/06/27 21:42:39 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Screen
[2013/06/27 21:46:58 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Freecorder 8 Video
[2013/03/11 18:51:47 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\GetRightToGo
[2011/09/06 09:17:00 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Google
[2011/09/04 01:04:49 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Identities
[2011/09/04 01:17:25 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\InstallShield
[2011/09/04 01:05:27 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Intel Corporation
[2012/10/29 15:58:38 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Juniper Networks
[2011/09/04 01:05:13 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Macromedia
[2012/05/29 00:04:28 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Malwarebytes
[2009/07/14 19:44:38 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Media Center Programs
[2013/02/15 18:01:36 | 000,000,000 | --SD | M] -- C:\Users\KS\AppData\Roaming\Microsoft
[2011/10/30 09:15:36 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Mozilla
[2012/05/19 23:23:08 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\MusicNet
[2012/03/18 15:26:26 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Nero
[2013/07/17 23:00:07 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\NetSpeedMonitor
[2012/04/12 21:30:16 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Notepad++
[2012/07/21 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\npm
[2013/07/10 20:48:29 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\npm-cache
[2012/05/30 23:39:59 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\ooVoo Details
[2013/01/06 14:26:07 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Real
[2013/01/06 14:26:14 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\RealNetworks
[2013/07/14 09:51:56 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Skype
[2011/09/13 10:07:30 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\SNS
[2012/05/28 22:22:53 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\SUPERAntiSpyware.com
[2013/07/11 21:02:37 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\TeamViewer
[2012/12/16 20:31:37 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\TuneUp Software
[2013/06/15 17:19:51 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\uTorrent
[2012/05/09 23:16:18 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Vidalia
[2013/06/28 20:50:06 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\vlc
 
< %APPDATA%\*.exe /s >
[2013/06/22 11:35:02 | 027,995,640 | ---- | M] (Dropbox, Inc.) -- C:\Users\KS\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013/06/22 11:35:12 | 000,229,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\KS\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2013/06/22 11:35:06 | 000,919,120 | ---- | M] (Dropbox, Inc.) -- C:\Users\KS\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2011/09/06 12:07:34 | 000,303,936 | ---- | M] (OPSWAT, Inc.) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Host Checker\64bitProxy.exe
[2012/07/20 12:10:10 | 000,334,960 | ---- | M] (Juniper Networks") -- C:\Users\KS\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe
[2012/07/20 12:10:12 | 000,253,040 | ---- | M] (Juniper Networks) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Host Checker\dsHostCheckerProxy.exe
[2012/07/20 12:10:12 | 000,171,120 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Host Checker\InstallHelper.exe
[2012/07/20 12:10:26 | 000,057,920 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Host Checker\uninstall.exe
[2012/07/20 11:55:44 | 000,298,096 | ---- | M] (Juniper Networks) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe
[2012/07/20 11:55:44 | 000,050,152 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Juniper Terminal Services Client\uninstall.exe
[2012/06/09 03:46:02 | 000,149,400 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\dsmmf.exe
[2012/06/09 03:46:26 | 000,282,712 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\JuniperCompMgrInstaller.exe
[2012/06/09 03:45:58 | 000,571,288 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
[2012/06/09 03:45:28 | 000,348,432 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe
[2012/06/09 03:36:40 | 000,237,032 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupXP.exe
[2012/06/09 03:46:26 | 000,056,984 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\uninstall.exe
[2012/10/29 15:58:40 | 000,168,856 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\x86_Microsoft.VC80.CRTP_8.0.50727.762.exe
[2012/10/29 15:58:38 | 000,298,904 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Juniper Networks\Setup Client\x86_Microsoft.VC80.CRTR_8.0.50727.762.exe
[2013/05/30 20:58:56 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\KS\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/07/21 20:41:15 | 000,099,678 | R--- | M] () -- C:\Users\KS\AppData\Roaming\Microsoft\Installer\{F4DF5913-B07E-473F-8BD6-BA7B8F06F196}\node.exe
[2012/09/26 19:35:30 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2013/07/01 18:26:00 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg10\rnupgagent.exe
[2013/07/08 18:26:13 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg11\rnupgagent.exe
[2012/12/17 20:47:54 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2013/01/06 14:18:28 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
[2013/03/23 20:26:57 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg6\rnupgagent.exe
[2013/04/05 21:52:44 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg7\rnupgagent.exe
[2013/06/19 18:25:50 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\temp\~Upg9\rnupgagent.exe
[2013/06/19 18:25:50 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
[2013/06/19 18:32:17 | 038,433,696 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\RealPlayer.exe
[2013/06/19 18:30:33 | 000,775,344 | ---- | M] (RealNetworks, Inc.) -- C:\Users\KS\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_exe\RealPlayer.exe
[2013/05/31 18:09:44 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\KS\AppData\Roaming\uTorrent\uTorrent.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\drivers\*.sys /90 >

< End of report >
 



#14 hattricknz

hattricknz
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 17 July 2013 - 06:21 AM

OTL Extras logfile created on: 7/17/2013 10:45:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KS\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
 
3.87 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 45.06% Memory free
7.73 Gb Paging File | 5.36 Gb Available in Paging File | 69.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 73.86 Gb Free Space | 16.35% Space Free | Partition Type: NTFS
 
Computer Name: KS-PC | User Name: KS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04262B7D-52A8-4772-A748-DE2665AF30DC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{051D24C9-AF12-4932-BE76-4AC5CFF3E96B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B5BA6A7-AF0A-41FC-A8A5-8FA60A399D12}" = lport=139 | protocol=6 | dir=in | app=system |
"{13FF787B-59C7-4E8A-89E9-1B9DAC06B274}" = rport=137 | protocol=17 | dir=out | app=system |
"{27609DF6-A3E2-449D-971A-7276888C576C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A219DD1-0FD7-4C00-9B97-72BE259C7D6D}" = lport=137 | protocol=17 | dir=in | app=system |
"{32565AC8-3C5C-4859-A3C5-8BFDCC744FE3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{36528D1A-C8B5-4AD9-A193-1A48758FE195}" = lport=138 | protocol=17 | dir=in | app=system |
"{366303B2-0BEB-463F-A313-1083B33DA06B}" = rport=445 | protocol=6 | dir=out | app=system |
"{3B5FE1DA-8F73-4A07-9BDE-7CF99A1AD129}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4172B282-4ECF-4D86-8A3B-B38E1DD07399}" = lport=445 | protocol=6 | dir=in | app=system |
"{5E52FAB4-DC06-4668-A661-620DE9C60D2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{66E4E96A-969B-46FB-863B-C54B6127B7CA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{720BC212-7B73-4256-A9A5-205E962DD5F1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{808A1DEB-BF43-4878-AB85-D074CDCFE8F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8332628C-08D9-4B28-BE3A-ACC47B36E9E6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{88DDE78F-01A7-4FA3-BC0E-87A38C717C8E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9C69EDFE-0EB4-49CE-9500-486337BFA7F2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A93AA1A4-5DC5-412E-AAD9-3CE69EC3CA64}" = rport=139 | protocol=6 | dir=out | app=system |
"{AC80742F-13EA-4CAB-9B13-A63482017EB7}" = rport=138 | protocol=17 | dir=out | app=system |
"{BF4EAAC3-63A0-48CA-9F6D-D01D0E2DAC56}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C66410BA-2EFF-4C74-B276-56D729EEA9B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7F7A52F-D865-49F4-AD2A-B38ACBD25E1C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7A21E78-61C7-4C24-8380-02EEB1C889BF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3CF0EE8-55B7-4CA7-A271-4F6119E8B4EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C7404D-2803-46B1-811D-24800BFD8A90}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{0DB1D050-9B23-4D24-911A-964DB432670A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0FC78CEB-B2FD-4AB4-9789-21FD85BE8A78}" = protocol=17 | dir=in | app=c:\users\ks\appdata\roaming\dropbox\bin\dropbox.exe |
"{0FF40F81-5219-4D8C-A5C6-934FB572D4DF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{10243FEF-B575-4396-9A5C-2A1E9F4D97ED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C0EE8A7-89B8-4BD9-8AB4-C712F6A69212}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1CE1CD3C-5B81-4E5B-92B5-96DDFB4A02F4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1CEA99AE-943E-4A47-B0A3-DC8CAAD44893}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1D8FA1C7-EBBF-49C3-B45B-D0D5859D585F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{1E1361E6-348A-4511-8B39-4429F55F86AA}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{1F64029B-72D2-455F-B3EF-A05878A33278}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{218EB135-4451-44B5-8979-612E53FA34AB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{25EADE60-9895-47F1-97CB-451B7FE2F354}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{29E52BBF-5E31-440B-8C91-B7703263337A}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{2B318C2F-F2F3-47F5-B59F-0487ED66F612}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DD40AFB-9251-40A3-B05D-DE70DBF42F93}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{319EE9D3-DB5B-4D25-8F90-0903D86583FD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{325BDCAF-FB0A-4358-9E18-998C4CD1BADA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3260D888-D7A2-4E6A-95B2-2E9B76EE0368}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{35E1F514-4D23-497E-8078-0B9F3EADAACC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{36A71D14-F14A-431E-BA78-358042EDD1C5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3A4990A8-94D0-479B-81C1-7735C60E25D7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3E05D364-CA1F-4873-A61A-2913BAF2A892}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{48260164-012F-42EE-917E-42E8DC5F2533}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{49A9D8F9-9E32-487C-B7B5-8CF75A1AED14}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4E5C4267-38E4-4C50-A6F8-56C16F3960D2}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{599B138F-A9D7-40C9-BE79-1CE625F65B2F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5B295D71-0463-48E5-9271-A2E861994676}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5F2947F2-2257-4A76-A2D4-FEC941B47EE9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{68000A57-E228-44E9-BDC0-821AE8644696}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{68B64BF2-7A7A-4614-8C53-9187C57C0139}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\freecorder 8 applications\torrent\aria2c.exe |
"{6A31D902-4FFA-4688-A29E-760B7049F372}" = protocol=6 | dir=in | app=c:\users\ks\appdata\roaming\utorrent\utorrent.exe |
"{6F0B1E34-1B9B-475F-ABE9-C81919F5C0C5}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{71510411-3088-4E03-8809-F1B94DF0AF9E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{7CEE0807-8FB4-453A-9352-0920E77304E3}" = protocol=17 | dir=in | app=c:\users\ks\appdata\roaming\utorrent\utorrent.exe |
"{7CEF8498-081E-48D0-A8B7-70F8EDF94575}" = protocol=6 | dir=out | app=system |
"{7DE36C47-1E7D-43A6-88E9-FC584D29E471}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{80BC94DA-21EB-40A1-8F45-D66179AC7A04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{852BC885-AF6B-4961-9B94-2180445A9C5A}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{86172620-0A58-458B-967B-B879A1E6A513}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{88C6D2C9-8BE4-42C3-A895-161C5DCB2D2B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{8AF58AA6-A9D2-4252-9575-37F9759CBF64}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{8B3A9E97-EB19-46A1-8636-CDC92828C6C1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{8B95576F-C1C8-4F52-A99C-E431F720BA72}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{93CA4BA1-48E9-44E2-9447-CC5E9AF45694}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9A87CAF2-7560-453D-8DF9-6ED87BEEBD4E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A053287B-AB91-4BA8-A6B7-852E50DC7EA5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{A299E3E2-6BEB-46B2-B417-B6621BA2C708}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5407DF5-A880-4967-8B32-75C104F5EE5B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{A830A125-708B-40E3-BECE-CF8BB1857476}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{AA733E9B-AC90-494F-9A1D-72E6A71325AE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B442F30A-3878-42A8-B063-BEEAE46C63DF}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{BF81669F-8881-4187-9042-25A186EB0BD6}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{C28F0F25-F813-4B7B-A297-5B261D1CB022}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C6E08495-1212-4BD0-A1F0-7901907C780E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C79F76FE-48BB-4B70-8336-6CF5D4738911}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{C7F72F07-4465-4964-A3D2-266289A17253}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{C8F62C71-8515-4E9B-BE76-676EBDA9DD06}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D123B430-2E28-45A9-ABDF-86EE1FE16BB7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D436C798-2408-4C43-8B0E-54B7B3D06BAA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{D512B68B-6BE3-4267-820B-1218D60CB05E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{DAD4C0D7-E881-4F89-8913-D327AAC23A09}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{DBA43D4E-BA25-4180-85DE-70E9C02AB910}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\freecorder 8 applications\torrent\aria2c.exe |
"{E3EBB465-9394-4FE3-8193-1846DA0CD794}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E42343E9-2D0E-48D7-AFAB-1989EC0AE3C5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB5ACE99-A33B-4A24-B8D2-FF9394AAA430}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{EC40EC90-3BD8-41B7-8460-A24C7D33B40C}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{EEA712E5-EEA9-4DCA-90AA-1D39F394567A}" = protocol=6 | dir=in | app=c:\users\ks\appdata\roaming\dropbox\bin\dropbox.exe |
"{EF2B230B-C375-48F4-A47D-65E6DAD605D3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F0A19EC4-0271-4AA8-9F14-A92E56EE41EC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F2F36446-2455-41C0-9320-C2F71B06B2E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F3D5D200-6C8A-40F8-A04B-1B8ADB53E2C2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{F449662C-0072-46A0-A541-C5C73E7FC7D8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{FDAE41F0-6B38-4A24-9FEB-E2863A12AAEC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{287120CD-867F-44BA-86D3-9521D0D7109D}" = Chief Architect Premier X5 (64 bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{78B5B205-2F59-4D96-9D83-DEB94CD5229B}" = AVG 2013
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE7891D8-2340-4CD6-BA0A-6C8C01F7B4B4}" = AVG 2013
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22800204-9E53-45C7-B6F3-5BB0F1C1A147}" = Jing
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{265E2F1D-0025-45DF-B83B-8320466108A8}" = Python 3.2 pygame-1.9.2a0
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{325988C2-8D7B-460E-8F6F-4747129CA495}" = ZoneAlarm Security
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Gateway Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{53652DA6-AD2D-4B0F-80BA-6F3CFE2B48D7}" = ZoneAlarm Security
"{54CCA4E2-D15D-4927-A866-2D33BFED4A8E}" = ZoneAlarm Firewall
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Gateway Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6ADCBB79-7B9A-449B-AE31-E1C7116042B9}" = ZoneAlarm Firewall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{789C9644-9F82-44d3-B4CA-AC31F46F5882}" = Python 3.2.3
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8F157931-6E16-4AB6-BCAF-0C56D286CE3E}" = ZoneAlarm Antivirus
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI
"{AE010604-007D-11DD-A3C1-001636EEECBD}" = Google App Engine
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{c25cac75-0ca2-4a35-9734-0cac6c70e003}" = Nero 9 Essentials
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D5359CF5-01CE-49FA-B450-20F3A90363B9}_is1" = Booktrack
"{D6A0DD73-6EF2-9A8D-6F60-4F338F922B37}" = BBC iPlayer Desktop
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F4DF5913-B07E-473F-8BD6-BA7B8F06F196}" = Node.js
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7CA0FDB-0C97-480B-A532-2A579917CFDB}" = Standard ML of New Jersey
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android SDK Tools" = Android SDK Tools
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"BitTorrent" = BitTorrent
"Codec-V" = Codec-V
"Elite Proxy Switcher_is1" = Elite Proxy Switcher 1.17
"Freecorder 8 Applications" = Freecorder 8 Applications (8.0.0.97)
"Freecorder extension for Firefox" = Freecorder extension for Firefox
"Freecorder extension x64" = Freecorder extension x64
"Freecorder5.04" = Freecorder 5
"Gateway Game Console" = Gateway Game Console
"Gateway InfoCentre" = Gateway InfoCentre
"Gateway Registration" = Gateway Registration
"Gateway Screensaver" = Gateway ScreenSaver
"Gateway Welcome Center" = Welcome Center
"HMA! Pro VPN" = HMA! Pro VPN 2.8.0.8
"Identity Card" = Identity Card
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Gateway Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Gateway MyBackup
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mgeni" = Mgeni Snapshot (10-22-2009)
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Notepad++" = Notepad++
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PFPortChecker" = PFPortChecker 1.0.39
"RealPlayer 16.0" = RealPlayer
"SopCast" = SopCast 3.4.0
"Sweet Home 3D_is1" = Sweet Home 3D version 3.5
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.7
"Wget-1.11.4-1_is1" = GnuWin32: Wget-1.11.4-1
"WildTangent gateway Master Uninstall" = Gateway Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WT078871" = Bejeweled 2 Deluxe
"WT078886" = Insaniquarium Deluxe
"WT078903" = Zuma Deluxe
"WT078959" = Blasterball 3
"WT078963" = Bob the Builder Can-Do-Zoo
"WT079019" = Faerie Solitaire
"WT079063" = Jewel Quest
"WT079067" = Jewel Quest Solitaire 3
"WT079107" = Penguins!
"WT079115" = Polar Bowler
"WT079119" = Polar Golfer
"WT079123" = Polar Pool
"WT079176" = Virtual Villagers - A New Home
"WT079182" = Yahtzee
"WT079239" = Build-a-lot 2
"WT079245" = Chicken Invaders 3 - Revenge of the Yolk
"WT079258" = Escape Rosecliff Island
"WT079263" = Mahjongg Artifacts
"WT079419" = Virtual Families
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BTGuard 2.4" = BTGuard 2.4
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/9/2013 8:09:27 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 7/9/2013 8:09:27 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 34195
 
Error - 7/9/2013 8:09:27 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 34195
 
Error - 7/9/2013 8:09:28 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 7/9/2013 8:09:28 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 35194
 
Error - 7/9/2013 8:09:28 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 35194
 
Error - 7/9/2013 8:09:29 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 7/9/2013 8:09:29 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36192
 
Error - 7/9/2013 8:09:29 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36192
 
Error - 7/9/2013 8:09:30 AM | Computer Name = KS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ System Events ]
Error - 7/11/2013 5:10:25 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 7/11/2013 5:10:54 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the avgwd service.
 
Error - 7/11/2013 5:13:15 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the TeamViewer8 service.
 
Error - 7/11/2013 5:47:20 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 7/12/2013 1:31:19 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 7/12/2013 1:33:53 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the TeamViewer8 service.
 
Error - 7/17/2013 6:15:47 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 7/17/2013 6:25:08 AM | Computer Name = KS-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:22:53 p.m. on ?17/?07/?2013 was
 unexpected.
 
Error - 7/17/2013 6:31:35 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
 a preshutdown control.
 
Error - 7/17/2013 6:31:36 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
 
< End of report >
 



#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:17 AM

Posted 17 July 2013 - 09:14 PM

HOw is your machine runnning now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users