Trojan Infection

tjacke_88 · August 22, 2012

Been infected it seems with some nasty bastards

Operating memory = taskhost.exe(1908) - a variant of Win32/Spy.Zbot.ZR.trojan

Operating memory = C:\Windows\system32\svchost.exe - a variant of Win32/IRCBot.NFU.trojan

To be honest, been planning a clean out of my system since I found it got infected

DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33

Run by Tom at 14:12:29 on 2012-08-22

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3070.1558 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hotspot Shield\bin\openvpnas.exe

C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

C:\Program Files\Hotspot Shield\bin\hsswd.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Classic Shell\ClassicStartMenu.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\FindAndRunRobotPortable\FindAndRunRobot.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskeng.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe --HiddenServiceDir "C:\Users\Tom\AppData\Roaming\tor\hidden_service" --HiddenServicePort "55080 127.0.0.1:55080"

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe (null)

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Windows\system32\DllHost.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\IrfanView\IrfanView.exe

C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe

c:\program files\windows defender\MpCmdRun.exe

C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://www.google.co.uk/

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: ExplorerBHO Class: {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - c:\program files\classic shell\ClassicExplorer32.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll

TB: Classic Explorer Bar: {553891b7-a0d5-4526-be18-d3ce461d6310} - c:\program files\classic shell\ClassicExplorer32.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll

uRun: [uIWatcher] c:\program files\ashampoo\ashampoo uninstaller 4\UIWatcher.exe

uRun: [{DBDB888B-4ED5-5CE5-8AF1-C7D6C508F97D}] c:\users\tom\appdata\roaming\ekysh\ceoqo.exe

mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

mRun: [FontExpertType1Loader] c:\program files\fontexpert\Type1Loader.exe

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [Classic Start Menu] c:\program files\classic shell\ClassicStartMenu.exe

mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe

StartupFolder: c:\users\tom\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\tom\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\tom\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE

StartupFolder: c:\users\tom\appdata\roaming\micros~1\windows\startm~1\programs\startup\findan~1.lnk - c:\program files\findandrunrobotportable\FindAndRunRobot.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm

IE: Download with IDM - c:\program files\internet download manager\IEExt.htm

IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\program files\classic shell\ClassicExplorer32.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{31056056-54C5-4C7B-971B-107026E18ED9} : NameServer = 10.63.80.1

TCP: Interfaces\{B09A8AB5-CD2E-4EBE-B327-3BD046E9D27C} : NameServer = 8.8.4.4,8.8.8.8

TCP: Interfaces\{B09A8AB5-CD2E-4EBE-B327-3BD046E9D27C} : DhcpNameServer = 192.168.1.254

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

IFEO: taskmgr.exe - "c:\program files\processexplorer\PROCEXP.EXE"

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\tom\appdata\roaming\mozilla\firefox\profiles\q8u6qu7g.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\users\tom\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\users\tom\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_270.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

============= SERVICES / DRIVERS ===============

.

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-1-20 21992]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-7-29 136632]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-8-12 810144]

R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-7-29 96920]

R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-4-11 542552]

R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe -product hss --> c:\program files\hotspot shield\bin\hsswd.exe -product HSS [?]

R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-4-25 86792]

R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-7-5 374184]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-8-11 47640]

R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI32.sys [2009-6-23 487936]

R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]

R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-7-13 52768]

R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2011-8-22 13312]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-5-20 314368]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-6-8 12856]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-31 250056]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-8-21 30312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-8 22712]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-6-8 39984]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-8-21 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-8-21 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-8-21 136808]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-7 52224]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2011-2-10 10064]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-2 1343400]

S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-6-27 25704]

S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-6-27 25704]

S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-6-27 25704]

S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-6-27 25704]

S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2011-6-27 25704]

S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-6-1 176128]

S4 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]

S4 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]

S4 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-8 366640]

S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2011-3-30 1523008]

.

=============== Created Last 30 ================

.

2012-08-22 11:20:59 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ce00a8d3-3574-4e6d-9be4-ffe5dc8e400a}\offreg.dll

2012-08-21 22:51:25 -------- d-----w- c:\program files\DVD Audio Extractor

2012-08-21 22:51:15 4181504 ----a-w- c:\program files\dvdae-gui.exe

2012-08-21 22:51:11 8398048 ----a-w- c:\program files\Setup.exe

2012-08-21 22:40:03 -------- d-----w- c:\users\tom\appdata\roaming\Raavi

2012-08-21 22:40:03 -------- d-----w- c:\users\tom\appdata\roaming\Ekysh

2012-08-21 09:40:25 7023536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ce00a8d3-3574-4e6d-9be4-ffe5dc8e400a}\mpengine.dll

2012-08-20 21:21:29 -------- d-----w- c:\users\tom\appdata\roaming\dvdae

2012-08-20 16:34:34 -------- d-----w- c:\program files\CodeStuff

2012-08-19 16:07:48 -------- d-----w- c:\program files\Xilisoft.DVD.Ripper.Ultimate.7.v7.4.0.20120710.Incl.Keygen-Lz0

2012-08-19 15:29:12 -------- d-----w- c:\program files\ImTOO

2012-08-19 12:11:10 -------- d-----w- c:\users\tom\appdata\roaming\Opsan

2012-08-19 12:11:10 -------- d-----w- c:\users\tom\appdata\roaming\Ezkoxi

2012-08-19 12:11:07 -------- d-----w- c:\users\tom\appdata\roaming\tor

2012-08-19 12:03:45 -------- d-----w- c:\program files\NewsLeecher

2012-08-15 14:16:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-15 14:16:01 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll

2012-08-15 14:16:01 140920 ----a-w- c:\program files\internet explorer\sqmapi.dll

2012-08-15 14:16:00 194048 ----a-w- c:\program files\internet explorer\IEShims.dll

2012-08-15 08:37:06 400896 ----a-w- c:\windows\system32\srcore.dll

2012-08-15 08:37:05 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-08-15 08:37:03 492032 ----a-w- c:\windows\system32\win32spl.dll

2012-08-15 08:37:03 317440 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-15 08:36:58 41984 ----a-w- c:\windows\system32\browcli.dll

2012-08-15 08:36:58 102912 ----a-w- c:\windows\system32\browser.dll

2012-08-15 08:36:54 769024 ----a-w- c:\windows\system32\localspl.dll

2012-08-13 15:28:57 -------- d-----w- c:\users\tom\appdata\roaming\SuperNZB

2012-08-11 22:57:35 -------- d-----w- c:\users\tom\appdata\local\LogMeIn

2012-08-11 22:57:29 52128 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll

2012-08-11 22:57:29 30624 ----a-w- c:\windows\system32\LMIport.dll

2012-08-11 22:57:28 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

2012-08-11 22:57:28 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys

2012-08-11 22:57:22 87456 ----a-w- c:\windows\system32\LMIinit.dll

2012-08-11 22:57:15 -------- d-----w- c:\programdata\LogMeIn

2012-08-11 22:56:55 -------- d-----w- c:\program files\LogMeIn

2012-08-11 14:16:01 -------- d-----w- c:\users\tom\appdata\roaming\TagScanner

2012-08-11 14:15:24 -------- d-----w- c:\program files\TagScanner

2012-08-11 14:00:57 -------- d-----w- c:\users\tom\appdata\roaming\Littlelan

2012-08-11 14:00:57 -------- d-----w- c:\programdata\Installer

2012-08-11 14:00:45 -------- d-----w- c:\program files\Littlelan

2012-08-02 20:39:06 -------- d-----w- c:\users\tom\appdata\local\Macromedia

2012-07-27 11:21:12 -------- d-----w- c:\program files\PhotoZoom Pro 4

.

==================== Find3M ====================

.

2012-08-22 11:11:23 44544 ----a-w- c:\windows\system32\agremove.exe

2012-08-15 18:27:51 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-15 18:27:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-06 11:29:50 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-07-06 11:29:50 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-08 11:05:56 25248 ----a-w- c:\windows\system32\lmimirr.dll

2012-06-08 11:05:56 11552 ----a-w- c:\windows\system32\lmimirr2.dll

2012-06-08 11:05:56 10144 ----a-w- c:\windows\system32\drivers\lmimirr.sys

2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 04:06:50 2174976 ----a-w- c:\program files\common files\atimpenc.dll

2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 14:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 14:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll

2012-05-31 11:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 14:13:09.69 ===============

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 01/06/2011 17:31:19

System Uptime: 22/08/2012 12:07:33 (2 hours ago)

.

Motherboard: TOSHIBA | | Satellite A300

Processor: Intel® Core2 Duo CPU T8100 @ 2.10GHz | U2E1 | 2101/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 100 GiB total, 68.122 GiB free.

D: is FIXED (NTFS) - 366 GiB total, 208.977 GiB free.

E: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP220: 15/08/2012 15:14:55 - Windows Update

RP221: 20/08/2012 21:16:17 - Removed Anvil Studio 2011

RP222: 20/08/2012 21:17:53 - Removed Sibelius 7 OpenType Fonts

RP223: 20/08/2012 21:18:14 - Removed Sibelius Scorch (Firefox, Opera, Netscape only)

RP224: 20/08/2012 21:22:01 - Removed Sibelius Scorch (Firefox, Opera, Netscape only)

RP226: 20/08/2012 21:27:35 - Removed Camera Assistant Software for Toshiba

RP227: 21/08/2012 10:39:38 - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Center 2.0

Adobe Media Player

Adobe Premiere Pro 2.0

Adobe Shockwave Player 11.6

Adobe Stock Photos 1.0

Album Art Downloader XUI 0.38.3

Amazon Kindle

Amazon MP3 Downloader 1.0.9

Ashampoo UnInstaller 4.04

ATI Catalyst Install Manager

µTorrent

Audacity 1.2.6

Audiogalaxy

AutoShutdown

Avid License Control

BenVista PhotoZoom Pro 4.1.4

Boilsoft Video Splitter 6.34

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Classic Menu 4.x for Office 2007

Classic Shell

CmdHere Powertoy For Windows XP

CodeStuff Starter

ColorPic

Command Prompt Here PowerToy

Conexant Audio Driver For AMD HDMI Codec

Conexant HD Audio

CopyFilenames 3.1

CPUID CPU-Z 1.59

CutePDF Writer 2.8

D-Fend Reloaded 1.1.0 (deinstall)

D3DX10

dBpoweramp [Calculate Audio CRC] Codec

dBpoweramp [iD Tag Update] Codec

dBpoweramp [Length Split] Codec

dBpoweramp [Multi Encoder] Codec

dBpoweramp [Tag From Filename] Codec

dBpoweramp CD Writer

dBpoweramp Dalet Codec

dBpoweramp DSP Effects

dBpoweramp FLAC Codec

dBpoweramp Monkeys Audio Codec

dBpoweramp Mp2 and BwfMp2 codec

dBpoweramp mp3 (Fraunhofer IIS) Codec

dBpoweramp Music Converter

dBpoweramp Ogg Vorbis Codec

dBpoweramp Real Audio (Helix) Encoder

dBPoweramp tooLame MP2 codec

dBpoweramp Wave64 Codec

dBpoweramp WavPack Codec

DivX Setup

Driving Test Success - All Tests (2008-2009)

Dropbox

DVD-lab PRO 2.4

DVD Audio Extractor 7.0.0

DVD Audio Ripper 4

DVD Shrink 3.2

ERUNT 1.1j

ESET NOD32 Antivirus

ESET Online Scanner v3

Facebook Video Calling 1.2.0.159

FileZilla Client 3.5.0

Font Viewer 2.0

FontExpert 2009

Foxit Reader

Gold Wave Editor Pro v10.5.5

Google Chrome

Hazard Perception Training 2003-2004

HostsMan 3.2.73

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

Hotspot Shield 2.53

Instant Eyedropper 1.75

Internet Download Manager

Java Auto Updater

Java 6 Update 33

JeS Updater

KaraFun 1.16a

Karaoke CD+G Creator Pro

Karma

LastPass (uninstall only)

Launchy 2.5

LogMeIn

MainConcept MPEG Encoder

Malwarebytes' Anti-Malware version 1.51.0.1200

Marvell Miniport Driver

Media Tagger v1.3.5

MediaHuman YouTube to MP3 Converter version 2.3.3

MediaMonkey 4.0

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Minilyrics(remove only)

mIRC

Mozilla Firefox 9.0.1 (x86 en-US)

Mp3tag v2.49

MSVCRT

Mullvad

MusicBrainz Picard

MusicRemoteControl Plugin 0.4

NewsBin Pro

NewsLeecher v4.0 Final

Notepad++

NoteWorthy Composer 2

Nuclear Coffee - VideoGet

NVH Production - KaraFun Studio 1.20

O2Micro Flash Memory Card Reader Driver

PdaNet for Android 3.02

PeerBlock 1.1 (r518)

Picasa 3

Pixel Ruler

PL-2303 USB-to-Serial

Plustek OpticBook 3600

PowerISO

Project64 1.6

QuickPar 0.9

QuickTime Alternative 3.2.2

REAPER

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Scanitto Pro

ScummVM Git

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Sibelius Scorch (Firefox, Opera, Netscape only)

SIM MAX

Skype Toolbars

Skype™ 5.3

Snagit 10.0.1

SolveigMM Video Splitter

SopCast 3.5.0

Sophos Anti-Rootkit 1.5.20

SUPERAntiSpyware

swMSM

Tag&Rename 3.5.7

TagScanner 5.1.620

Tixati

TMPGEnc 4.0 XPress

TopStyle 4

TOSHIBA ConfigFree

TOSHIBA Value Added Package

TrueCrypt

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

Unlocker 1.9.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

VC80CRTRedist - 8.0.50727.6195

Vector Magic

Virtual Magnifying Glass v3.5

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VLC media player 1.1.11

WinDirStat 1.1.2

Windows Driver Package - Plustek Image (05/02/2007 2.0.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinFF 1.4.0

WinRAR 4.01 (32-bit)

XAMPP 1.7.4

Xilisoft DVD Ripper Ultimate

Xilisoft Video Converter Ultimate 6

Zip Motion Block Video codec (Remove Only)

.

==== Event Viewer Messages From Past Week ========

.

22/08/2012 14:11:55, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort1.

22/08/2012 13:44:51, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

22/08/2012 12:12:05, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

22/08/2012 12:08:45, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

22/08/2012 12:08:22, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PxHelp20 vkdmri

22/08/2012 12:07:47, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter

22/08/2012 12:07:47, Error: atikmdag [43029] - Display is not active

22/08/2012 11:30:39, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

22/08/2012 11:30:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

22/08/2012 11:30:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

22/08/2012 11:30:27, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

22/08/2012 11:30:18, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache ehdrv NetBIOS NetBT nsiproxy Psched PxHelp20 rdbss SASDIFSV SASKUTIL SCDEmu spldr sptd tdx truecrypt vkdmri Wanarpv6 WfpLwf

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The Hotspot Shield Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

22/08/2012 11:30:16, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

22/08/2012 11:29:54, Error: sptd [4] - Driver detected an internal error in its data structures for .

22/08/2012 00:48:09, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.

20/08/2012 16:02:59, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

20/08/2012 16:00:59, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache ehdrv NetBIOS NetBT nsiproxy Psched PxHelp20 rdbss SASDIFSV SASKUTIL SCDEmu spldr sptd tdx truecrypt Wanarpv6 WfpLwf

20/08/2012 15:07:31, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD blbdrive cdrom DfsC discache ehdrv mssmbios NetBIOS NetBT nsiproxy Psched PxHelp20 rdbss SASDIFSV SASKUTIL SCDEmu spldr sptd tdx TermDD truecrypt Wanarpv6 WfpLwf

20/08/2012 15:00:11, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PxHelp20

20/08/2012 14:27:12, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

20/08/2012 14:27:09, Error: Service Control Manager [7031] - The Hotspot Shield Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

19/08/2012 15:34:39, Error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).

19/08/2012 15:34:31, Error: Service Control Manager [7034] - The LMIGuardianSvc service terminated unexpectedly. It has done this 1 time(s).

19/08/2012 15:34:30, Error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s).

19/08/2012 10:05:46, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

16/08/2012 10:23:23, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

16/08/2012 10:20:43, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147024882

16/08/2012 10:16:22, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:.

.

==== End Of File ===========================

Maniac · August 22, 2012

Hello tjacke_88 and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Step 1

Please uninstall this application: µTorrent

Step 2

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log

tjacke_88 · August 22, 2012

I've decided to follow through with the disinfection instructions at this moment in time and will post back shortly with my results

tjacke_88 · August 22, 2012

TDSSKiller

16:28:30.0635 2444 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll

16:28:30.0635 2444 C:\Windows\System32\netapi32.dll - ok

16:28:30.0651 2444 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll

16:28:30.0651 2444 C:\Windows\System32\netutils.dll - ok

16:28:30.0651 2444 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll

16:28:30.0651 2444 C:\Windows\System32\wkscli.dll - ok

16:28:30.0651 2444 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll

16:28:30.0651 2444 C:\Windows\System32\certCredProvider.dll - ok

16:28:30.0651 2444 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll

16:28:30.0651 2444 C:\Windows\System32\samcli.dll - ok

16:28:30.0666 2444 [ EFDA8576B2BA177AE3DF78B29EA0C45B ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL

16:28:30.0666 2444 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok

16:28:30.0666 2444 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll

16:28:30.0666 2444 C:\Windows\System32\rasplap.dll - ok

16:28:30.0666 2444 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll

16:28:30.0666 2444 C:\Windows\System32\rasapi32.dll - ok

16:28:30.0682 2444 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll

16:28:30.0682 2444 C:\Windows\System32\rasman.dll - ok

16:28:30.0682 2444 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll

16:28:30.0682 2444 C:\Windows\System32\rtutils.dll - ok

16:28:30.0682 2444 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll

16:28:30.0682 2444 C:\Windows\System32\UXInit.dll - ok

16:28:30.0682 2444 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL

16:28:30.0682 2444 C:\Windows\System32\PSHED.DLL - ok

16:28:30.0698 2444 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll

16:28:30.0698 2444 C:\Windows\System32\shsvcs.dll - ok

16:28:30.0698 2444 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll

16:28:30.0698 2444 C:\Windows\System32\netcfgx.dll - ok

16:28:30.0698 2444 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll

16:28:30.0698 2444 C:\Windows\System32\imageres.dll - ok

16:28:30.0698 2444 [ F35314802B20CE37AF5F700A252812DD ] C:\Windows\System32\mpnotify.exe

16:28:30.0698 2444 C:\Windows\System32\mpnotify.exe - ok

16:28:30.0713 2444 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll

16:28:30.0713 2444 C:\Windows\System32\schedsvc.dll - ok

16:28:30.0713 2444 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll

16:28:30.0713 2444 C:\Windows\System32\ktmw32.dll - ok

16:28:30.0713 2444 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

16:28:30.0713 2444 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

16:28:30.0713 2444 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll

16:28:30.0713 2444 C:\Windows\System32\taskcomp.dll - ok

16:28:30.0729 2444 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll

16:28:30.0729 2444 C:\Windows\System32\fveapi.dll - ok

16:28:30.0729 2444 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll

16:28:30.0729 2444 C:\Windows\System32\fvecerts.dll - ok

16:28:30.0729 2444 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll

16:28:30.0729 2444 C:\Windows\System32\tbs.dll - ok

16:28:30.0744 2444 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys

16:28:30.0744 2444 C:\Windows\System32\drivers\http.sys - ok

16:28:30.0744 2444 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll

16:28:30.0744 2444 C:\Windows\System32\wiarpc.dll - ok

16:28:30.0744 2444 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe

16:28:30.0744 2444 C:\Windows\System32\spoolsv.exe - ok

16:28:30.0744 2444 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL

16:28:30.0744 2444 C:\Windows\System32\BFE.DLL - ok

16:28:30.0760 2444 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys

16:28:30.0760 2444 C:\Windows\System32\drivers\bowser.sys - ok

16:28:30.0760 2444 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys

16:28:30.0760 2444 C:\Windows\System32\drivers\mpsdrv.sys - ok

16:28:30.0760 2444 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys

16:28:30.0760 2444 C:\Windows\System32\drivers\mrxsmb.sys - ok

16:28:30.0760 2444 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys

16:28:30.0760 2444 C:\Windows\System32\drivers\mrxsmb10.sys - ok

16:28:30.0776 2444 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys

16:28:30.0776 2444 C:\Windows\System32\drivers\mrxsmb20.sys - ok

16:28:30.0776 2444 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll

16:28:30.0776 2444 C:\Windows\System32\MPSSVC.dll - ok

16:28:30.0776 2444 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll

16:28:30.0776 2444 C:\Windows\System32\wfapigp.dll - ok

16:28:30.0791 2444 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll

16:28:30.0791 2444 C:\Windows\System32\wkssvc.dll - ok

16:28:30.0791 2444 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys

16:28:30.0791 2444 C:\Windows\System32\drivers\parport.sys - ok

16:28:30.0791 2444 [ EE1E9C3BB8228AE423DD38DB69128E71 ] C:\Windows\System32\bdesvc.dll

16:28:30.0791 2444 C:\Windows\System32\bdesvc.dll - ok

16:28:30.0791 2444 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll

16:28:30.0791 2444 C:\Windows\System32\dps.dll - ok

16:28:30.0807 2444 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] C:\Windows\System32\drivers\cpuz135_x32.sys

16:28:30.0807 2444 C:\Windows\System32\drivers\cpuz135_x32.sys - ok

16:28:30.0807 2444 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\System32\cryptnet.dll

16:28:30.0807 2444 C:\Windows\System32\cryptnet.dll - ok

16:28:30.0807 2444 [ 06E771AA596B8761107AB57E99F128D7 ] C:\Windows\System32\cryptsvc.dll

16:28:30.0807 2444 C:\Windows\System32\cryptsvc.dll - ok

16:28:30.0822 2444 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll

16:28:30.0822 2444 C:\Windows\System32\mscms.dll - ok

16:28:30.0822 2444 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll

16:28:30.0822 2444 C:\Windows\System32\taskschd.dll - ok

16:28:30.0822 2444 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll

16:28:30.0822 2444 C:\Windows\System32\wdi.dll - ok

16:28:30.0822 2444 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll

16:28:30.0822 2444 C:\Windows\System32\pcasvc.dll - ok

16:28:30.0838 2444 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe

16:28:30.0838 2444 C:\Windows\System32\snmptrap.exe - ok

16:28:30.0838 2444 [ DD4952E744611DD061201C2B081ED875 ] C:\Windows\System32\LMIRfsClientNP.dll

16:28:30.0838 2444 C:\Windows\System32\LMIRfsClientNP.dll - ok

16:28:30.0838 2444 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll

16:28:30.0838 2444 C:\Windows\System32\mpr.dll - ok

16:28:30.0838 2444 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll

16:28:30.0838 2444 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok

16:28:30.0854 2444 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll

16:28:30.0854 2444 C:\Windows\System32\provsvc.dll - ok

16:28:30.0854 2444 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll

16:28:30.0854 2444 C:\Windows\System32\sstpsvc.dll - ok

16:28:30.0854 2444 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll

16:28:30.0854 2444 C:\Windows\System32\vssapi.dll - ok

16:28:30.0869 2444 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll

16:28:30.0869 2444 C:\Windows\System32\vsstrace.dll - ok

16:28:30.0869 2444 [ EFA198F8983D064A81052851F7BB80C2 ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

16:28:30.0869 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe - ok

16:28:30.0869 2444 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

16:28:30.0869 2444 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

16:28:30.0869 2444 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

16:28:30.0869 2444 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

16:28:30.0885 2444 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll

16:28:30.0885 2444 C:\Windows\System32\dssenh.dll - ok

16:28:30.0885 2444 [ 96F9030CA15A8D2E8D44E53C1F0E842D ] C:\Windows\System32\drivers\epfwwfpr.sys

16:28:30.0885 2444 C:\Windows\System32\drivers\epfwwfpr.sys - ok

16:28:30.0885 2444 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll

16:28:30.0885 2444 C:\Windows\System32\FDResPub.dll - ok

16:28:30.0900 2444 [ B7CFE93627E7796624004687125A729F ] C:\Program Files\Hotspot Shield\bin\openvpnas.exe

16:28:30.0900 2444 C:\Program Files\Hotspot Shield\bin\openvpnas.exe - ok

16:28:30.0900 2444 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll

16:28:30.0900 2444 C:\Windows\System32\WSDApi.dll - ok

16:28:30.0900 2444 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll

16:28:30.0900 2444 C:\Windows\System32\webservices.dll - ok

16:28:30.0900 2444 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll

16:28:30.0900 2444 C:\Windows\System32\fundisc.dll - ok

16:28:30.0916 2444 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\System32\schedcli.dll

16:28:30.0916 2444 C:\Windows\System32\schedcli.dll - ok

16:28:30.0916 2444 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll

16:28:30.0916 2444 C:\Windows\System32\sfc.dll - ok

16:28:30.0916 2444 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll

16:28:30.0916 2444 C:\Windows\System32\sfc_os.dll - ok

16:28:30.0916 2444 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll

16:28:30.0916 2444 C:\Windows\System32\winhttp.dll - ok

16:28:30.0932 2444 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll

16:28:30.0932 2444 C:\Windows\System32\webio.dll - ok

16:28:30.0932 2444 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll

16:28:30.0932 2444 C:\Windows\System32\httpapi.dll - ok

16:28:30.0932 2444 [ 1CD292E65D973D7EE568811AAC8D9E44 ] C:\Program Files\Hotspot Shield\bin\libcurl.dll

16:28:30.0932 2444 C:\Program Files\Hotspot Shield\bin\libcurl.dll - ok

16:28:30.0932 2444 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll

16:28:30.0932 2444 C:\Windows\System32\winmm.dll - ok

16:28:30.0947 2444 [ 21C2B1B55D24FBFF03ECFB9788C0BB77 ] C:\Program Files\Hotspot Shield\bin\libidn-11.dll

16:28:30.0947 2444 C:\Program Files\Hotspot Shield\bin\libidn-11.dll - ok

16:28:30.0947 2444 [ 661B770BC4CB72EE4E4B17C5A62B994F ] C:\Program Files\Hotspot Shield\bin\libeay32.dll

16:28:30.0947 2444 C:\Program Files\Hotspot Shield\bin\libeay32.dll - ok

16:28:30.0947 2444 [ DF49CC0F2A00FA5CD2C79ABD9C269796 ] C:\Program Files\Hotspot Shield\bin\libssl32.dll

16:28:30.0947 2444 C:\Program Files\Hotspot Shield\bin\libssl32.dll - ok

16:28:30.0963 2444 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll

16:28:30.0963 2444 C:\Windows\System32\wsock32.dll - ok

16:28:30.0963 2444 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll

16:28:30.0963 2444 C:\Windows\System32\NapiNSP.dll - ok

16:28:30.0963 2444 [ 2CFEA9C337B699ACA38487E8A7438F35 ] C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

16:28:30.0963 2444 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe - ok

16:28:30.0963 2444 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

16:28:30.0963 2444 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

16:28:30.0978 2444 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll

16:28:30.0978 2444 C:\Windows\System32\pnrpnsp.dll - ok

16:28:30.0978 2444 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll

16:28:30.0978 2444 C:\Windows\System32\winrnr.dll - ok

16:28:30.0978 2444 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe

16:28:30.0978 2444 C:\Windows\System32\dllhost.exe - ok

16:28:30.0978 2444 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

16:28:30.0978 2444 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

16:28:30.0994 2444 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll

16:28:30.0994 2444 C:\Windows\System32\IDStore.dll - ok

16:28:30.0994 2444 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll

16:28:30.0994 2444 C:\Windows\System32\rasadhlp.dll - ok

16:28:30.0994 2444 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe

16:28:30.0994 2444 C:\Windows\System32\taskhost.exe - ok

16:28:31.0010 2444 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll

16:28:31.0010 2444 C:\Windows\System32\PlaySndSrv.dll - ok

16:28:31.0010 2444 [ 564BAB77CD96CE0E3FD5BBCDDED142DF ] C:\Program Files\Hotspot Shield\bin\hsswd.exe

16:28:31.0010 2444 C:\Program Files\Hotspot Shield\bin\hsswd.exe - ok

16:28:31.0010 2444 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe

16:28:31.0010 2444 C:\Windows\System32\AtBroker.exe - ok

16:28:31.0010 2444 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe

16:28:31.0010 2444 C:\Windows\System32\userinit.exe - ok

16:28:31.0025 2444 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe

16:28:31.0025 2444 C:\Windows\System32\dwm.exe - ok

16:28:31.0025 2444 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll

16:28:31.0025 2444 C:\Windows\System32\dwmredir.dll - ok

16:28:31.0025 2444 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll

16:28:31.0025 2444 C:\Windows\System32\localspl.dll - ok

16:28:31.0025 2444 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll

16:28:31.0025 2444 C:\Windows\System32\MsCtfMonitor.dll - ok

16:28:31.0041 2444 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll

16:28:31.0041 2444 C:\Windows\System32\msxml3.dll - ok

16:28:31.0041 2444 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll

16:28:31.0041 2444 C:\Windows\System32\dwmcore.dll - ok

16:28:31.0041 2444 [ E7E1C00A45E188FB1A3745DDD991FFFA ] C:\Windows\System32\drivers\idmwfp.sys

16:28:31.0041 2444 C:\Windows\System32\drivers\idmwfp.sys - ok

16:28:31.0056 2444 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe

16:28:31.0056 2444 C:\Windows\explorer.exe - ok

16:28:31.0056 2444 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

16:28:31.0056 2444 C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe - ok

16:28:31.0056 2444 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll

16:28:31.0056 2444 C:\Windows\System32\d3d10_1.dll - ok

16:28:31.0056 2444 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll

16:28:31.0056 2444 C:\Windows\System32\d3d10_1core.dll - ok

16:28:31.0072 2444 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll

16:28:31.0072 2444 C:\Windows\System32\dxgi.dll - ok

16:28:31.0072 2444 [ 375FE18FCDBDB14E4F2704D602216DFD ] C:\Windows\System32\atidxx32.dll

16:28:31.0072 2444 C:\Windows\System32\atidxx32.dll - ok

16:28:31.0072 2444 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll

16:28:31.0072 2444 C:\Windows\System32\uDWM.dll - ok

16:28:31.0072 2444 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll

16:28:31.0072 2444 C:\Windows\System32\HotStartUserAgent.dll - ok

16:28:31.0088 2444 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll

16:28:31.0088 2444 C:\Windows\System32\msutb.dll - ok

16:28:31.0088 2444 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll

16:28:31.0088 2444 C:\Windows\System32\SensApi.dll - ok

16:28:31.0088 2444 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll

16:28:31.0088 2444 C:\Windows\System32\spoolss.dll - ok

16:28:31.0103 2444 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv

16:28:31.0103 2444 C:\Windows\System32\winspool.drv - ok

16:28:31.0103 2444 [ 61062968B59B97BE9568E68B4B527CB2 ] C:\Windows\System32\CNBLM4.DLL

16:28:31.0103 2444 C:\Windows\System32\CNBLM4.DLL - ok

16:28:31.0103 2444 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll

16:28:31.0103 2444 C:\Windows\System32\PrintIsolationProxy.dll - ok

16:28:31.0103 2444 [ 58C8D45C571AA9235FB296B383B89887 ] C:\Windows\System32\cpwmon2k.dll

16:28:31.0103 2444 C:\Windows\System32\cpwmon2k.dll - ok

16:28:31.0119 2444 [ 7B27637E896DBA10895ECFDECDB1F1FA ] C:\Windows\System32\LMIport.dll

16:28:31.0119 2444 C:\Windows\System32\LMIport.dll - ok

16:28:31.0119 2444 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll

16:28:31.0119 2444 C:\Windows\System32\FXSMON.dll - ok

16:28:31.0119 2444 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll

16:28:31.0119 2444 C:\Windows\System32\tcpmon.dll - ok

16:28:31.0119 2444 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll

16:28:31.0119 2444 C:\Windows\System32\snmpapi.dll - ok

16:28:31.0134 2444 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll

16:28:31.0134 2444 C:\Windows\System32\usbmon.dll - ok

16:28:31.0134 2444 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll

16:28:31.0134 2444 C:\Windows\System32\WSDMon.dll - ok

16:28:31.0134 2444 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll

16:28:31.0134 2444 C:\Windows\System32\wsnmp32.dll - ok

16:28:31.0150 2444 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll

16:28:31.0150 2444 C:\Windows\System32\fdPnp.dll - ok

16:28:31.0150 2444 [ C00CC74FC1D7B3F4CB3F7BEDD3482447 ] C:\Windows\System32\spool\prtprocs\w32x86\CNBPP4.DLL

16:28:31.0150 2444 C:\Windows\System32\spool\prtprocs\w32x86\CNBPP4.DLL - ok

16:28:31.0150 2444 [ D94E0BC61DC5DD928D91FD5B9F016197 ] C:\Windows\System32\spool\prtprocs\w32x86\LMIproc.dll

16:28:31.0150 2444 C:\Windows\System32\spool\prtprocs\w32x86\LMIproc.dll - ok

16:28:31.0150 2444 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

16:28:31.0150 2444 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok

16:28:31.0166 2444 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll

16:28:31.0166 2444 C:\Windows\System32\win32spl.dll - ok

16:28:31.0166 2444 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll

16:28:31.0166 2444 C:\Windows\System32\inetpp.dll - ok

16:28:31.0166 2444 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll

16:28:31.0166 2444 C:\Windows\System32\cscapi.dll - ok

16:28:31.0166 2444 [ 94A0ED766A374A960982BEDAB874C7AE ] C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll

16:28:31.0166 2444 C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll - ok

16:28:31.0181 2444 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] C:\Program Files\LogMeIn\x86\rainfo.sys

16:28:31.0181 2444 C:\Program Files\LogMeIn\x86\rainfo.sys - ok

16:28:31.0181 2444 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] C:\Program Files\LogMeIn\x86\ramaint.exe

16:28:31.0181 2444 C:\Program Files\LogMeIn\x86\ramaint.exe - ok

16:28:31.0181 2444 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll

16:28:31.0181 2444 C:\Windows\System32\ExplorerFrame.dll - ok

16:28:31.0197 2444 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

16:28:31.0197 2444 C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok

16:28:31.0197 2444 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Tom\AppData\Roaming\Dropbox\bin\msvcp71.dll

16:28:31.0197 2444 C:\Users\Tom\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok

16:28:31.0197 2444 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Tom\AppData\Roaming\Dropbox\bin\msvcr71.dll

16:28:31.0197 2444 C:\Users\Tom\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok

16:28:31.0197 2444 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll

16:28:31.0197 2444 C:\Windows\System32\EhStorShell.dll - ok

16:28:31.0212 2444 [ DAB830F7254055DCDC1870BDF922D0F4 ] C:\Program Files\Classic Shell\ClassicExplorer32.dll

16:28:31.0212 2444 C:\Program Files\Classic Shell\ClassicExplorer32.dll - ok

16:28:31.0212 2444 [ EA5F4104261DF59C58C90BA0C99622E1 ] C:\Program Files\Internet Download Manager\IDMShellExt.dll

16:28:31.0212 2444 C:\Program Files\Internet Download Manager\IDMShellExt.dll - ok

16:28:31.0212 2444 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll

16:28:31.0212 2444 C:\Windows\System32\oleacc.dll - ok

16:28:31.0212 2444 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll

16:28:31.0212 2444 C:\Windows\System32\ntshrui.dll - ok

16:28:31.0228 2444 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll

16:28:31.0228 2444 C:\Windows\System32\IconCodecService.dll - ok

16:28:31.0228 2444 [ 89F5770AD1E9D9CEF93D00303135EC33 ] C:\Windows\System32\ntprint.dll

16:28:31.0228 2444 C:\Windows\System32\ntprint.dll - ok

16:28:31.0228 2444 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe

16:28:31.0228 2444 C:\Windows\System32\runonce.exe - ok

16:28:31.0244 2444 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe

16:28:31.0244 2444 C:\Windows\System32\cmd.exe - ok

16:28:31.0244 2444 [ 7B162F044B225FE0CF25CACB5F05B07E ] C:\Windows\System32\conhost.exe

16:28:31.0244 2444 C:\Windows\System32\conhost.exe - ok

16:28:31.0244 2444 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll

16:28:31.0244 2444 C:\Windows\System32\browcli.dll - ok

16:28:31.0244 2444 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\System32\ieframe.dll

16:28:31.0244 2444 C:\Windows\System32\ieframe.dll - ok

16:28:31.0259 2444 [ 7AA994D0757EF3FDB4F3F7656E1E4D60 ] C:\Windows\System32\dfscli.dll

16:28:31.0259 2444 C:\Windows\System32\dfscli.dll - ok

16:28:31.0259 2444 [ BF7DDBE14FA4B68AAB6A3C78EF5C96B8 ] C:\Windows\System32\inetmib1.dll

16:28:31.0259 2444 C:\Windows\System32\inetmib1.dll - ok

16:28:31.0259 2444 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll

16:28:31.0259 2444 C:\Windows\System32\shdocvw.dll - ok

16:28:31.0259 2444 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\Users\Tom\AppData\Local\Temp\D76CB0B8-2FCC-4AB3-A059-B46ACDEB4B0C.exe

16:28:31.0259 2444 C:\Users\Tom\AppData\Local\Temp\D76CB0B8-2FCC-4AB3-A059-B46ACDEB4B0C.exe - ok

16:28:31.0275 2444 [ 432618FA75B61059D2C57D6A7E55147A ] C:\Program Files\LogMeIn\x86\LogMeIn.exe

16:28:31.0275 2444 C:\Program Files\LogMeIn\x86\LogMeIn.exe - ok

16:28:31.0275 2444 [ 3FAA563DDF853320F90259D455A01D79 ] C:\Windows\System32\drivers\LMIRfsDriver.sys

16:28:31.0275 2444 C:\Windows\System32\drivers\LMIRfsDriver.sys - ok

16:28:31.0275 2444 [ 36D58DB4AD9C00247AD07C6CFD1B8692 ] C:\Program Files\LogMeIn\x86\LogMeIn.dll

16:28:31.0275 2444 C:\Program Files\LogMeIn\x86\LogMeIn.dll - ok

16:28:31.0275 2444 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys

16:28:31.0275 2444 C:\Windows\System32\drivers\PEAuth.sys - ok

16:28:31.0290 2444 [ 2D762AC60763E732EBD667179AA19577 ] C:\Windows\System32\rpcnetp.exe

16:28:31.0290 2444 C:\Windows\System32\rpcnetp.exe - ok

16:28:31.0290 2444 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

16:28:31.0290 2444 C:\Windows\System32\drivers\secdrv.sys - ok

16:28:31.0290 2444 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys

16:28:31.0290 2444 C:\Windows\System32\drivers\srvnet.sys - ok

16:28:31.0306 2444 [ 20C9DF804ACA0B7084D52C7957473300 ] C:\Windows\System32\rpcnetp.dll

16:28:31.0306 2444 C:\Windows\System32\rpcnetp.dll - ok

16:28:31.0306 2444 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll

16:28:31.0306 2444 C:\Windows\System32\sysmain.dll - ok

16:28:31.0306 2444 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll

16:28:31.0306 2444 C:\Windows\System32\ncsi.dll - ok

16:28:31.0306 2444 [ 912084381D30D8B89EC4E293053F4710 ] C:\Windows\System32\nlasvc.dll

16:28:31.0306 2444 C:\Windows\System32\nlasvc.dll - ok

16:28:31.0322 2444 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll

16:28:31.0322 2444 C:\Windows\System32\ssdpapi.dll - ok

16:28:31.0322 2444 [ CCA24162E055C3714CE5A88B100C64ED ] C:\Windows\System32\drivers\tcpipreg.sys

16:28:31.0322 2444 C:\Windows\System32\drivers\tcpipreg.sys - ok

16:28:31.0322 2444 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll

16:28:31.0322 2444 C:\Windows\System32\trkwks.dll - ok

16:28:31.0322 2444 [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\System32\netbios.dll

16:28:31.0322 2444 C:\Windows\System32\netbios.dll - ok

16:28:31.0337 2444 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

16:28:31.0337 2444 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok

16:28:31.0337 2444 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll

16:28:31.0337 2444 C:\Windows\System32\wbem\WMIsvc.dll - ok

16:28:31.0337 2444 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll

16:28:31.0337 2444 C:\Windows\System32\wbemcomn.dll - ok

16:28:31.0337 2444 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll

16:28:31.0353 2444 C:\Windows\System32\wbem\WinMgmtR.dll - ok

16:28:31.0353 2444 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL

16:28:31.0353 2444 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok

16:28:31.0353 2444 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll

16:28:31.0353 2444 C:\Windows\System32\wer.dll - ok

16:28:31.0353 2444 [ 9C879E1C3B27085FB46EFECCD7120D51 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

16:28:31.0353 2444 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok

16:28:31.0368 2444 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys

16:28:31.0368 2444 C:\Windows\System32\drivers\srv2.sys - ok

16:28:31.0368 2444 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys

16:28:31.0368 2444 C:\Windows\System32\drivers\srv.sys - ok

16:28:31.0368 2444 [ 4D65A07B795D6674312F879D09AA7663 ] C:\Windows\System32\iphlpsvc.dll

16:28:31.0368 2444 C:\Windows\System32\iphlpsvc.dll - ok

16:28:31.0368 2444 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll

16:28:31.0368 2444 C:\Windows\System32\sqmapi.dll - ok

16:28:31.0384 2444 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll

16:28:31.0384 2444 C:\Windows\System32\wdscore.dll - ok

16:28:31.0384 2444 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll

16:28:31.0384 2444 C:\Windows\System32\wbem\wbemprox.dll - ok

16:28:31.0384 2444 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll

16:28:31.0384 2444 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

16:28:31.0384 2444 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll

16:28:31.0384 2444 C:\Windows\System32\wbem\fastprox.dll - ok

16:28:31.0400 2444 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll

16:28:31.0400 2444 C:\Windows\System32\ntdsapi.dll - ok

16:28:31.0400 2444 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll

16:28:31.0400 2444 C:\Windows\System32\srvsvc.dll - ok

16:28:31.0400 2444 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll

16:28:31.0400 2444 C:\Windows\System32\browser.dll - ok

16:28:31.0415 2444 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll

16:28:31.0415 2444 C:\Windows\System32\netmsg.dll - ok

16:28:31.0415 2444 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll

16:28:31.0415 2444 C:\Windows\System32\sscore.dll - ok

16:28:31.0415 2444 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll

16:28:31.0415 2444 C:\Windows\System32\clusapi.dll - ok

16:28:31.0415 2444 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll

16:28:31.0415 2444 C:\Windows\System32\resutils.dll - ok

16:28:31.0431 2444 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll

16:28:31.0431 2444 C:\Windows\System32\hnetcfg.dll - ok

16:28:31.0431 2444 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll

16:28:31.0431 2444 C:\Windows\System32\nci.dll - ok

16:28:31.0431 2444 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll

16:28:31.0431 2444 C:\Windows\System32\wbem\wbemcore.dll - ok

16:28:31.0431 2444 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll

16:28:31.0431 2444 C:\Windows\System32\wbem\esscli.dll - ok

16:28:31.0446 2444 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll

16:28:31.0446 2444 C:\Windows\System32\wbem\wbemsvc.dll - ok

16:28:31.0446 2444 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll

16:28:31.0446 2444 C:\Windows\System32\wbem\repdrvfs.dll - ok

16:28:31.0446 2444 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll

16:28:31.0446 2444 C:\Windows\System32\wbem\wmiutils.dll - ok

16:28:31.0446 2444 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll

16:28:31.0446 2444 C:\Windows\System32\netprofm.dll - ok

16:28:31.0462 2444 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll

16:28:31.0462 2444 C:\Windows\System32\ncobjapi.dll - ok

16:28:31.0462 2444 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll

16:28:31.0462 2444 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

16:28:31.0462 2444 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll

16:28:31.0462 2444 C:\Windows\System32\wbem\wbemess.dll - ok

16:28:31.0478 2444 [ A14D9E43BA94D78BBA68EE9A9891CB44 ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll

16:28:31.0478 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll - ok

16:28:31.0478 2444 [ 06A55658B781EE045C2BDE16B73E9F4D ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll

16:28:31.0478 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll - ok

16:28:31.0478 2444 [ 34CEFEFEBD8AE513F4927B0E43F8F5CA ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll

16:28:31.0478 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll - ok

16:28:31.0478 2444 [ D38DEE988862AF60716A0EC7BBD1875C ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll

16:28:31.0478 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll - ok

16:28:31.0493 2444 [ C95FD762058EBAB2FADB1E9F6FEEC776 ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll

16:28:31.0493 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll - ok

16:28:31.0493 2444 [ 2CF4290BB2AAD96E6AB621322A1BD393 ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll

16:28:31.0493 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll - ok

16:28:31.0493 2444 [ CA70572B19D6964D4C1E5D7C8B9F61B8 ] C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll

16:28:31.0493 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll - ok

16:28:31.0493 2444 [ 3888AF0D0AEB7BEE34058957AB723AFF ] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll

16:28:31.0493 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll - ok

16:28:31.0509 2444 [ 41862FF34D00F0DD7F5F6DAD4CCA8714 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll

16:28:31.0509 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll - ok

16:28:31.0509 2444 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll

16:28:31.0509 2444 C:\Windows\System32\mprapi.dll - ok

16:28:31.0509 2444 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll

16:28:31.0509 2444 C:\Windows\System32\ndiscapCfg.dll - ok

16:28:31.0524 2444 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll

16:28:31.0524 2444 C:\Windows\System32\rascfg.dll - ok

16:28:31.0524 2444 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll

16:28:31.0524 2444 C:\Windows\System32\mprmsg.dll - ok

16:28:31.0524 2444 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll

16:28:31.0524 2444 C:\Windows\System32\tcpipcfg.dll - ok

16:28:31.0524 2444 [ EB41E23923D266BC06189A2DCC2A8E64 ] C:\Program Files\ESET\ESET NOD32 Antivirus\PPESET.dll

16:28:31.0524 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\PPESET.dll - ok

16:28:31.0540 2444 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll

16:28:31.0540 2444 C:\Windows\System32\wscapi.dll - ok

16:28:31.0540 2444 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll

16:28:31.0540 2444 C:\Windows\System32\wscisvif.dll - ok

16:28:31.0540 2444 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll

16:28:31.0540 2444 C:\Windows\System32\security.dll - ok

16:28:31.0540 2444 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll

16:28:31.0540 2444 C:\Windows\System32\wuapi.dll - ok

16:28:31.0556 2444 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll

16:28:31.0556 2444 C:\Windows\System32\cabinet.dll - ok

16:28:31.0556 2444 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll

16:28:31.0556 2444 C:\Windows\System32\wups.dll - ok

16:28:31.0556 2444 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll

16:28:31.0556 2444 C:\Windows\System32\wshnetbs.dll - ok

16:28:31.0556 2444 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll

16:28:31.0556 2444 C:\Windows\System32\wlaninst.dll - ok

16:28:31.0571 2444 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll

16:28:31.0571 2444 C:\Windows\System32\wwaninst.dll - ok

16:28:31.0571 2444 [ 234051C0D242A6F4A79AE5212C1323D4 ] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

16:28:31.0571 2444 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe - ok

16:28:31.0571 2444 [ 697281830297B87B6544EF9F4F67AD71 ] C:\Program Files\LogMeIn\x86\LogMeInSystray.dll

16:28:31.0571 2444 C:\Program Files\LogMeIn\x86\LogMeInSystray.dll - ok

16:28:31.0571 2444 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe

16:28:31.0571 2444 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

16:28:31.0587 2444 [ 60BC67FAC9DFF89B17F5792844DE1B7D ] C:\Program Files\LogMeIn\x86\rntfywnd.dll

16:28:31.0587 2444 C:\Program Files\LogMeIn\x86\rntfywnd.dll - ok

16:28:31.0587 2444 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll

16:28:31.0587 2444 C:\Windows\System32\dsound.dll - ok

16:28:31.0587 2444 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll

(Post continued below)

tjacke_88 · August 22, 2012

16:28:31.0587 2444 C:\Windows\System32\wbem\cimwin32.dll - ok

16:28:31.0602 2444 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll

16:28:31.0602 2444 C:\Windows\System32\framedynos.dll - ok

16:28:31.0602 2444 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll

16:28:31.0602 2444 C:\Windows\System32\ksuser.dll - ok

16:28:31.0602 2444 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv

16:28:31.0602 2444 C:\Windows\System32\wdmaud.drv - ok

16:28:31.0602 2444 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll

16:28:31.0602 2444 C:\Windows\System32\AudioSes.dll - ok

16:28:31.0618 2444 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll

16:28:31.0618 2444 C:\Windows\System32\msacm32.dll - ok

16:28:31.0618 2444 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv

16:28:31.0618 2444 C:\Windows\System32\msacm32.drv - ok

16:28:31.0618 2444 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll

16:28:31.0618 2444 C:\Windows\System32\midimap.dll - ok

16:28:31.0618 2444 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll

16:28:31.0618 2444 C:\Windows\System32\wpdbusenum.dll - ok

16:28:31.0634 2444 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll

16:28:31.0634 2444 C:\Windows\System32\perftrack.dll - ok

16:28:31.0634 2444 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll

16:28:31.0634 2444 C:\Windows\System32\diagperf.dll - ok

16:28:31.0634 2444 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll

16:28:31.0634 2444 C:\Windows\System32\aepic.dll - ok

16:28:31.0649 2444 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll

16:28:31.0649 2444 C:\Windows\System32\radardt.dll - ok

16:28:31.0649 2444 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll

16:28:31.0649 2444 C:\Windows\System32\Apphlpdm.dll - ok

16:28:31.0649 2444 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll

16:28:31.0649 2444 C:\Windows\System32\npmproxy.dll - ok

16:28:31.0649 2444 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll

16:28:31.0649 2444 C:\Windows\System32\pnpts.dll - ok

16:28:31.0665 2444 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll

16:28:31.0665 2444 C:\Windows\System32\wdiasqmmodule.dll - ok

16:28:31.0665 2444 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll

16:28:31.0665 2444 C:\Windows\System32\PortableDeviceApi.dll - ok

16:28:31.0665 2444 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll

16:28:31.0665 2444 C:\Windows\System32\shfolder.dll - ok

16:28:31.0665 2444 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll

16:28:31.0665 2444 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

16:28:31.0680 2444 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll

16:28:31.0680 2444 C:\Windows\System32\linkinfo.dll - ok

16:28:31.0680 2444 [ 96CAE7C81F62B52D1C4DC1438BC8BFE3 ] C:\Program Files\LogMeIn\x86\LogMeInToolkit.exe

16:28:31.0680 2444 C:\Program Files\LogMeIn\x86\LogMeInToolkit.exe - ok

16:28:31.0680 2444 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll

16:28:31.0680 2444 C:\Windows\System32\riched20.dll - ok

16:28:31.0696 2444 [ B5506B451BFE7148ECA7056BDA2970BD ] C:\Windows\System32\riched32.dll

16:28:31.0696 2444 C:\Windows\System32\riched32.dll - ok

16:28:31.0696 2444 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll

16:28:31.0696 2444 C:\Windows\System32\aelupsvc.dll - ok

16:28:31.0696 2444 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll

16:28:31.0696 2444 C:\Windows\System32\spfileq.dll - ok

16:28:31.0696 2444 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe

16:28:31.0696 2444 C:\Windows\System32\taskeng.exe - ok

16:28:31.0712 2444 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll

16:28:31.0712 2444 C:\Windows\System32\TSChannel.dll - ok

16:28:31.0712 2444 [ 886C16114E2C2F8F91710B334692803C ] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

16:28:31.0712 2444 C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe - ok

16:28:31.0712 2444 [ 84C786D303C79C4E61FEFD6C9FFD56A4 ] C:\Program Files\TOSHIBA\ConfigFree\CFWlApi.dll

16:28:31.0712 2444 C:\Program Files\TOSHIBA\ConfigFree\CFWlApi.dll - ok

16:28:31.0712 2444 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll

16:28:31.0712 2444 C:\Windows\System32\wlanapi.dll - ok

16:28:31.0727 2444 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll

16:28:31.0727 2444 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok

16:28:31.0727 2444 [ ADB67488447D0FF271355A4451ED6C73 ] C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll

16:28:31.0727 2444 C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll - ok

16:28:31.0727 2444 [ C7F070BDD9700BD4A482401334D3488E ] C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll

16:28:31.0727 2444 C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll - ok

16:28:31.0727 2444 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll

16:28:31.0727 2444 C:\Windows\System32\rasdlg.dll - ok

16:28:31.0743 2444 [ 15936A348676D246A41A4781E6A34692 ] C:\Program Files\TOSHIBA\ConfigFree\NDSMUI.dll

16:28:31.0743 2444 C:\Program Files\TOSHIBA\ConfigFree\NDSMUI.dll - ok

16:28:31.0743 2444 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll

16:28:31.0743 2444 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok

16:28:31.0743 2444 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll

16:28:31.0743 2444 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok

16:28:31.0743 2444 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll

16:28:31.0743 2444 C:\Windows\System32\wmi.dll - ok

16:28:31.0743 2444 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

16:28:31.0743 2444 C:\Windows\System32\ie4uinit.exe - ok

16:28:31.0758 2444 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

16:28:31.0758 2444 C:\Windows\System32\iedkcs32.dll - ok

16:28:31.0758 2444 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl

16:28:31.0758 2444 C:\Windows\System32\timedate.cpl - ok

16:28:31.0758 2444 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll

16:28:31.0758 2444 C:\Windows\System32\actxprxy.dll - ok

16:28:31.0758 2444 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll

16:28:31.0758 2444 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok

16:28:31.0774 2444 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll

16:28:31.0774 2444 C:\Windows\System32\msftedit.dll - ok

16:28:31.0774 2444 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

16:28:31.0774 2444 C:\Windows\System32\msls31.dll - ok

16:28:31.0774 2444 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

16:28:31.0774 2444 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok

16:28:31.0774 2444 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll

16:28:31.0774 2444 C:\Windows\System32\gameux.dll - ok

16:28:31.0774 2444 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll

16:28:31.0774 2444 C:\Windows\System32\aeevts.dll - ok

16:28:31.0790 2444 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll

16:28:31.0790 2444 C:\Windows\System32\thumbcache.dll - ok

16:28:31.0790 2444 [ 23C808FC2FC9F0F55AD268686EC1B0B2 ] C:\Program Files\FontExpert\Type1Loader.exe

16:28:31.0790 2444 C:\Program Files\FontExpert\Type1Loader.exe - ok

16:28:31.0790 2444 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll

16:28:31.0790 2444 C:\Windows\System32\DeviceCenter.dll - ok

16:28:31.0790 2444 [ CBE195127A3A162865F2396B3CF11A75 ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

16:28:31.0790 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe - ok

16:28:31.0805 2444 [ 9E392BB2E0ADDE9E007B290357C0A36A ] C:\Program Files\Classic Shell\ClassicStartMenu.exe

16:28:31.0805 2444 C:\Program Files\Classic Shell\ClassicStartMenu.exe - ok

16:28:31.0805 2444 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll

16:28:31.0805 2444 C:\Windows\System32\networkexplorer.dll - ok

16:28:31.0805 2444 [ 63994F16B3A6130F6CB7937BCB1A7995 ] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll

16:28:31.0805 2444 C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll - ok

16:28:31.0805 2444 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll

16:28:31.0805 2444 C:\Windows\System32\msimg32.dll - ok

16:28:31.0821 2444 [ E1B256B757927A1A11FB000B8367BC97 ] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

16:28:31.0821 2444 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe - ok

16:28:31.0821 2444 [ EF20F570E8C376B142140724BCF728A7 ] C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe

16:28:31.0821 2444 C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe - ok

16:28:31.0821 2444 [ 15A5CD23D96D9B2C9A661DCCD0EFF091 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll

16:28:31.0821 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll - ok

16:28:31.0821 2444 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\22641282.sys

16:28:31.0821 2444 C:\Windows\System32\drivers\22641282.sys - ok

16:28:31.0821 2444 [ EFBB5C82ADA23BB8DADE9D757C636D8E ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll

16:28:31.0821 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll - ok

16:28:31.0836 2444 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll

16:28:31.0836 2444 C:\Windows\System32\msi.dll - ok

16:28:31.0836 2444 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll

16:28:31.0836 2444 C:\Windows\System32\msiltcfg.dll - ok

16:28:31.0836 2444 [ 47316E319360C65A7C86A468DD430EA0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll

16:28:31.0836 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll - ok

16:28:31.0836 2444 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\System32\hhctrl.ocx

16:28:31.0836 2444 C:\Windows\System32\hhctrl.ocx - ok

16:28:31.0852 2444 [ 2C338F5C1929FFDF7330CC57D94B1FDB ] C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\ash_inet.dll

16:28:31.0852 2444 C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\ash_inet.dll - ok

16:28:31.0852 2444 [ 5FE935C3329EC9DE10111B76CC95695A ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll

16:28:31.0852 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll - ok

16:28:31.0852 2444 [ 88C9085F1332ADFBCC30E50F03E64048 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll

16:28:31.0852 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll - ok

16:28:31.0852 2444 [ 436EE0F9B3D62875F6075AE9246740E5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll

16:28:31.0868 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll - ok

16:28:31.0868 2444 [ FD59640966349E41B48687A0C0F64539 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll

16:28:31.0868 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll - ok

16:28:31.0868 2444 [ C8A4EE543E8A05B6CE0818AEBADC3854 ] C:\Users\Tom\AppData\Roaming\Ekysh\ceoqo.exe

16:28:31.0868 2444 C:\Users\Tom\AppData\Roaming\Ekysh\ceoqo.exe - ok

16:28:31.0868 2444 [ 51464B6C373CD07E7D4A6CC9294ED67C ] C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe

16:28:31.0868 2444 C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok

16:28:31.0868 2444 [ C3F095D0614D2B3B999F892CA17A1936 ] C:\Windows\System32\atipdlxx.dll

16:28:31.0868 2444 C:\Windows\System32\atipdlxx.dll - ok

16:28:31.0883 2444 [ E00DE20F0F6BED5CD2160247DDC9443B ] C:\Program Files\ERUNT\AUTOBACK.EXE

16:28:31.0883 2444 C:\Program Files\ERUNT\AUTOBACK.EXE - ok

16:28:31.0883 2444 [ CD6D69761BCD72F33090C249FD1F5CB0 ] C:\Program Files\FindAndRunRobotPortable\FindAndRunRobot.exe

16:28:31.0883 2444 C:\Program Files\FindAndRunRobotPortable\FindAndRunRobot.exe - ok

16:28:31.0883 2444 [ 8A07221789D46B2EA7DFCA2BC807572A ] C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

16:28:31.0883 2444 C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe - ok

16:28:31.0883 2444 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL

16:28:31.0883 2444 C:\Windows\System32\KBDUS.DLL - ok

16:28:31.0899 2444 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\System32\olepro32.dll

16:28:31.0899 2444 C:\Windows\System32\olepro32.dll - ok

16:28:31.0899 2444 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll

16:28:31.0899 2444 C:\Windows\System32\AudioEng.dll - ok

16:28:31.0899 2444 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll

16:28:31.0899 2444 C:\Windows\System32\AUDIOKSE.dll - ok

16:28:31.0899 2444 [ A0FCE1458281C61F5BEE69C05E3E30EB ] C:\Windows\System32\CX32MP19.dll

16:28:31.0899 2444 C:\Windows\System32\CX32MP19.dll - ok

16:28:31.0914 2444 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll

16:28:31.0914 2444 C:\Windows\System32\WMALFXGFXDSP.dll - ok

16:28:31.0914 2444 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll

16:28:31.0914 2444 C:\Windows\System32\mfplat.dll - ok

16:28:31.0914 2444 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll

16:28:31.0914 2444 C:\Windows\System32\stobject.dll - ok

16:28:31.0914 2444 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll

16:28:31.0914 2444 C:\Windows\System32\batmeter.dll - ok

16:28:31.0914 2444 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll

16:28:31.0914 2444 C:\Windows\System32\prnfldr.dll - ok

16:28:31.0930 2444 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll

16:28:31.0930 2444 C:\Windows\System32\DXP.dll - ok

16:28:31.0930 2444 [ 3745419BCB39E63C0CD5009E03BD76EE ] C:\Windows\Installer\{22FC7536-BE5C-4E88-8069-C24689D34EC5}\Icon0E6ED660.exe

16:28:31.0930 2444 C:\Windows\Installer\{22FC7536-BE5C-4E88-8069-C24689D34EC5}\Icon0E6ED660.exe - ok

16:28:31.0930 2444 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll

16:28:31.0930 2444 C:\Windows\System32\Syncreg.dll - ok

16:28:31.0930 2444 [ 2339760B238226DAD9ED03F939D92323 ] C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe

16:28:31.0930 2444 C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe - ok

16:28:31.0946 2444 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll

16:28:31.0946 2444 C:\Windows\ehome\ehSSO.dll - ok

16:28:31.0946 2444 [ B0FD3872F6958AA93D6A7103AC01852C ] C:\Program Files\VideoLAN\VLC\vlc.exe

16:28:31.0946 2444 C:\Program Files\VideoLAN\VLC\vlc.exe - ok

16:28:31.0946 2444 [ C6D9383C4119A59AAD70DBC4A974B8B4 ] C:\Program Files\IrfanView\IrfanView.exe

16:28:31.0946 2444 C:\Program Files\IrfanView\IrfanView.exe - ok

16:28:31.0946 2444 [ E701B8A239462A3A9098D407A6E53C47 ] C:\Program Files\CCleaner\CCleaner.exe

16:28:31.0946 2444 C:\Program Files\CCleaner\CCleaner.exe - ok

16:28:31.0961 2444 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll

16:28:31.0961 2444 C:\Windows\System32\netshell.dll - ok

16:28:31.0961 2444 [ C9EAF5950986FDBD13A8C40640B47EE3 ] C:\Program Files\DVD Audio Extractor\dvdae-gui.exe

16:28:31.0961 2444 C:\Program Files\DVD Audio Extractor\dvdae-gui.exe - ok

16:28:31.0961 2444 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll

16:28:31.0961 2444 C:\Windows\System32\AltTab.dll - ok

16:28:31.0977 2444 [ 360ADD3E6F3271D9667A5B9E31922382 ] C:\Program Files\ImTOO\DVD Audio Ripper 4\dvdrip.exe

16:28:31.0977 2444 C:\Program Files\ImTOO\DVD Audio Ripper 4\dvdrip.exe - ok

16:28:31.0977 2444 [ 43BEDE5AA6285F0B3BDFD2E200654B17 ] C:\Program Files\MediaMonkey\MediaMonkey.exe

16:28:31.0977 2444 C:\Program Files\MediaMonkey\MediaMonkey.exe - ok

16:28:31.0977 2444 [ 45C0DF404182850C21749AF7763C095F ] C:\Windows\System32\accessibilitycpl.dll

16:28:31.0977 2444 C:\Windows\System32\accessibilitycpl.dll - ok

16:28:31.0992 2444 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll

16:28:31.0992 2444 C:\Windows\System32\WPDShServiceObj.dll - ok

16:28:31.0992 2444 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll

16:28:31.0992 2444 C:\Windows\System32\PortableDeviceTypes.dll - ok

16:28:31.0992 2444 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll

16:28:31.0992 2444 C:\Windows\System32\pnidui.dll - ok

16:28:31.0992 2444 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL

16:28:31.0992 2444 C:\Windows\System32\QUTIL.DLL - ok

16:28:32.0008 2444 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll

16:28:32.0008 2444 C:\Windows\System32\srchadmin.dll - ok

16:28:32.0008 2444 [ 39A71908A62C5476EAAEEC9195147066 ] C:\Program Files\FileZilla FTP Client\fzshellext.dll

16:28:32.0008 2444 C:\Program Files\FileZilla FTP Client\fzshellext.dll - ok

16:28:32.0008 2444 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

16:28:32.0008 2444 C:\Windows\System32\webcheck.dll - ok

16:28:32.0008 2444 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll

16:28:32.0008 2444 C:\Windows\System32\mlang.dll - ok

16:28:32.0024 2444 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll

16:28:32.0024 2444 C:\Windows\System32\SyncCenter.dll - ok

16:28:32.0024 2444 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll

16:28:32.0024 2444 C:\Windows\System32\netman.dll - ok

16:28:32.0024 2444 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll

16:28:32.0024 2444 C:\Windows\System32\ActionCenter.dll - ok

16:28:32.0024 2444 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll

16:28:32.0024 2444 C:\Windows\System32\imapi2.dll - ok

16:28:32.0039 2444 [ E62BF5A49D8023F2384AB7F31031535B ] C:\Windows\System32\Magnify.exe

16:28:32.0039 2444 C:\Windows\System32\Magnify.exe - ok

16:28:32.0039 2444 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll

16:28:32.0039 2444 C:\Windows\System32\FXSST.dll - ok

16:28:32.0039 2444 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll

16:28:32.0039 2444 C:\Windows\System32\FXSAPI.dll - ok

16:28:32.0039 2444 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll

16:28:32.0039 2444 C:\Windows\System32\FXSRESM.dll - ok

16:28:32.0055 2444 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe

16:28:32.0055 2444 C:\Windows\System32\FXSSVC.exe - ok

16:28:32.0055 2444 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll

16:28:32.0055 2444 C:\Windows\System32\hgcpl.dll - ok

16:28:32.0055 2444 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll

16:28:32.0055 2444 C:\Windows\System32\dot3api.dll - ok

16:28:32.0055 2444 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll

16:28:32.0055 2444 C:\Windows\System32\wlanhlp.dll - ok

16:28:32.0055 2444 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll

16:28:32.0055 2444 C:\Windows\System32\WWanAPI.dll - ok

16:28:32.0070 2444 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll

16:28:32.0070 2444 C:\Windows\System32\wwapi.dll - ok

16:28:32.0070 2444 [ 95DE3CF54E0A360EED766DBDDF152F0D ] C:\Windows\System32\Narrator.exe

16:28:32.0070 2444 C:\Windows\System32\Narrator.exe - ok

16:28:32.0070 2444 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL

16:28:32.0070 2444 C:\Windows\System32\QAGENT.DLL - ok

16:28:32.0070 2444 [ F0CE586AEAF318BDDD443651A2E672E7 ] C:\Windows\System32\osk.exe

16:28:32.0070 2444 C:\Windows\System32\osk.exe - ok

16:28:32.0086 2444 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl

16:28:32.0086 2444 C:\Windows\System32\bthprops.cpl - ok

16:28:32.0086 2444 [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\System32\notepad.exe

16:28:32.0086 2444 C:\Windows\System32\notepad.exe - ok

16:28:32.0086 2444 [ 93569D46D79F9756ED077156496AFE23 ] C:\Program Files\Internet Explorer\iexplore.exe

16:28:32.0086 2444 C:\Program Files\Internet Explorer\iexplore.exe - ok

16:28:32.0086 2444 [ 050A774CF85E04EE4387515994B8455D ] C:\Windows\System32\eudcedit.exe

16:28:32.0086 2444 C:\Windows\System32\eudcedit.exe - ok

16:28:32.0086 2444 [ 92B3C63CC94C80A6C6AA477413467026 ] C:\Program Files\AlbumArtDownloader\AlbumArt.exe

16:28:32.0086 2444 C:\Program Files\AlbumArtDownloader\AlbumArt.exe - ok

16:28:32.0102 2444 [ 734C6704965C25C1B23E0DB3C763642E ] C:\Program Files\AlbumArtDownloader\uninst.exe

16:28:32.0102 2444 C:\Program Files\AlbumArtDownloader\uninst.exe - ok

16:28:32.0102 2444 [ 12D81E625EDBA10EC8CB916F6A678DC8 ] C:\Program Files\Amazon\Kindle\Kindle.exe

16:28:32.0102 2444 C:\Program Files\Amazon\Kindle\Kindle.exe - ok

16:28:32.0102 2444 [ 65C3C3C75161A214FB2CE30F58341411 ] C:\Program Files\Amazon\Kindle\uninstall.exe

16:28:32.0102 2444 C:\Program Files\Amazon\Kindle\uninstall.exe - ok

16:28:32.0102 2444 [ 5C24B49CE135018CEAC38355B5AFF583 ] C:\Users\Tom\AppData\Local\Audiogalaxy\Audiogalaxy.exe

16:28:32.0102 2444 C:\Users\Tom\AppData\Local\Audiogalaxy\Audiogalaxy.exe - ok

16:28:32.0117 2444 [ F3AC9FE99FE1A336E5662393C16EDB1C ] C:\Users\Tom\AppData\Local\Audiogalaxy\uninstall.exe

16:28:32.0117 2444 C:\Users\Tom\AppData\Local\Audiogalaxy\uninstall.exe - ok

16:28:32.0117 2444 [ 8E8ACBC4DD2DF7140FA44ADB1B665C5A ] C:\Program Files\CodeStuff\Starter\Starter.exe

16:28:32.0117 2444 C:\Program Files\CodeStuff\Starter\Starter.exe - ok

16:28:32.0117 2444 [ E3F9E1DE063D8579D82F674D850CD06B ] C:\Program Files\CodeStuff\Starter\unStarter.exe

16:28:32.0117 2444 C:\Program Files\CodeStuff\Starter\unStarter.exe - ok

16:28:32.0117 2444 [ F2EEADEFFE7F2C5D9194DDFCE0D82F13 ] C:\Users\Tom\AppData\Roaming\Dropbox\bin\Uninstall.exe

16:28:32.0117 2444 C:\Users\Tom\AppData\Roaming\Dropbox\bin\Uninstall.exe - ok

16:28:32.0133 2444 [ 1A4006DDAF436002795DB63EAA13A2FC ] C:\Program Files\FontExpert\FontExpertReg.exe

16:28:32.0133 2444 C:\Program Files\FontExpert\FontExpertReg.exe - ok

16:28:32.0133 2444 [ 9B90B0C78671A4881D06C91941F6F379 ] C:\Windows\hh.exe

16:28:32.0133 2444 C:\Windows\hh.exe - ok

16:28:32.0133 2444 [ 9CA6BB3D54C4CA7F62B72D22EECF2E4D ] C:\Program Files\FontExpert\FontExpert AflatoonS.exe

16:28:32.0133 2444 C:\Program Files\FontExpert\FontExpert AflatoonS.exe - ok

16:28:32.0133 2444 [ 8BAA7CF3BB0B57883D34D365C41DB96F ] C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE

16:28:32.0133 2444 C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE - ok

16:28:32.0133 2444 [ B3DD214F23037E3D3C27D6C9447B40B5 ] C:\Program Files\Windows NT\Accessories\wordpad.exe

16:28:32.0133 2444 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok

16:28:32.0148 2444 [ 28779E74C30F438013F53C515C19A600 ] C:\Users\Tom\AppData\Local\Google\Chrome\Application\21.0.1180.83\Installer\setup.exe

16:28:32.0148 2444 C:\Users\Tom\AppData\Local\Google\Chrome\Application\21.0.1180.83\Installer\setup.exe - ok

16:28:32.0148 2444 [ 0ACEA00EABCA445D0FC68A12BC8A7335 ] C:\Program Files\Internet Download Manager\IDMan.exe

16:28:32.0148 2444 C:\Program Files\Internet Download Manager\IDMan.exe - ok

16:28:32.0148 2444 [ CAC89BDC6D3FA9821636099D3D55C86B ] C:\Program Files\Internet Download Manager\Uninstall.exe

16:28:32.0148 2444 C:\Program Files\Internet Download Manager\Uninstall.exe - ok

16:28:32.0148 2444 [ 2A82B9C3DDC3AFB498621C618C078CA0 ] C:\Program Files\LastPass\lastpass.exe

16:28:32.0148 2444 C:\Program Files\LastPass\lastpass.exe - ok

16:28:32.0164 2444 [ CE4B32B15A2A49C5B0AED9651CFAECB8 ] C:\Program Files\Launchy\Launchy.exe

16:28:32.0164 2444 C:\Program Files\Launchy\Launchy.exe - ok

16:28:32.0164 2444 [ 3359039F8B8F9307AFE30E32D866D0A1 ] C:\Program Files\Launchy\unins000.exe

16:28:32.0164 2444 C:\Program Files\Launchy\unins000.exe - ok

16:28:32.0164 2444 [ 480A86D82E57A9209F23F003A00C06FF ] C:\Program Files\NewsBin\nbpro.exe

16:28:32.0164 2444 C:\Program Files\NewsBin\nbpro.exe - ok

16:28:32.0164 2444 [ 6B2F6FF608FF9B2B45541A1DB07AF3D5 ] C:\Program Files\NewsBin\Uninst.exe

16:28:32.0164 2444 C:\Program Files\NewsBin\Uninst.exe - ok

16:28:32.0180 2444 [ 3CF02ECB903BA0D172ACC38D5C5525CA ] C:\Program Files\PhotoZoom Pro 4\PhotoZoom Pro 4.exe

16:28:32.0180 2444 C:\Program Files\PhotoZoom Pro 4\PhotoZoom Pro 4.exe - ok

16:28:32.0180 2444 [ 5EB6F880B9A37C7C88022C6C1E1582AB ] C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe

16:28:32.0180 2444 C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe - ok

16:28:32.0180 2444 [ D4A2BF172C16552E4CEDCA7050BA43F9 ] C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}\SIMEditor.exe_DAC0B88953594FDC893A2B8EF6B71B6F.exe

16:28:32.0180 2444 C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}\SIMEditor.exe_DAC0B88953594FDC893A2B8EF6B71B6F.exe - ok

16:28:32.0180 2444 [ 49A7EC711D33A86CCBFA0A5F1A3781CD ] C:\Program Files\tixati\tixati.exe

16:28:32.0180 2444 C:\Program Files\tixati\tixati.exe - ok

16:28:32.0195 2444 [ C341C51D39B82C2D923D7345AE2C0DD8 ] C:\Program Files\Unlocker\Unlocker.exe

16:28:32.0195 2444 C:\Program Files\Unlocker\Unlocker.exe - ok

16:28:32.0195 2444 [ 838997426DB271D4B34BFC617B3BE4AD ] C:\Program Files\Unlocker\uninst.exe

16:28:32.0195 2444 C:\Program Files\Unlocker\uninst.exe - ok

16:28:32.0195 2444 [ E9754643FA678D2F95D7223A833814A7 ] C:\Program Files\Vector Magic\Uninstall.exe

16:28:32.0195 2444 C:\Program Files\Vector Magic\Uninstall.exe - ok

16:28:32.0195 2444 [ D35C2D8F4971B97677D7A4A3B018179E ] C:\Program Files\Vector Magic\vmde.exe

16:28:32.0195 2444 C:\Program Files\Vector Magic\vmde.exe - ok

16:28:32.0211 2444 [ 66E9F5121482A086CF77B8A40827E922 ] C:\Program Files\WinRAR\WinRAR.exe

16:28:32.0211 2444 C:\Program Files\WinRAR\WinRAR.exe - ok

16:28:32.0211 2444 [ 590C4EE14FCB81AC0DFEFB3FE4ADAC59 ] C:\Program Files\MediaHuman\YouTube to MP3 Converter\YouTubeToMp3.exe

16:28:32.0211 2444 C:\Program Files\MediaHuman\YouTube to MP3 Converter\YouTubeToMp3.exe - ok

16:28:32.0211 2444 [ BE54E44F60F121782B84E5B1BFADF315 ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl

16:28:32.0211 2444 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok

16:28:32.0211 2444 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\System32\calc.exe

16:28:32.0211 2444 C:\Windows\System32\calc.exe - ok

16:28:32.0226 2444 [ BA4E1A60BD20CA7978C76D79F19E37F0 ] C:\Windows\System32\DisplaySwitch.exe

16:28:32.0226 2444 C:\Windows\System32\DisplaySwitch.exe - ok

16:28:32.0226 2444 [ 7B554081A0A80B14F1E5D06441DBAF58 ] C:\Program Files\Common Files\microsoft shared\ink\mip.exe

16:28:32.0226 2444 C:\Program Files\Common Files\microsoft shared\ink\mip.exe - ok

16:28:32.0226 2444 [ B5FFA9977015ED3E1B2C3FF266A1BEB9 ] C:\Windows\System32\mblctr.exe

16:28:32.0226 2444 C:\Windows\System32\mblctr.exe - ok

16:28:32.0226 2444 [ E97295DE2A9FDE547FEAB4FE41DF16CA ] C:\Windows\System32\mspaint.exe

16:28:32.0226 2444 C:\Windows\System32\mspaint.exe - ok

16:28:32.0226 2444 [ 68B4A549D0B56A4DD9A488751037CF09 ] C:\Windows\System32\mstsc.exe

16:28:32.0226 2444 C:\Windows\System32\mstsc.exe - ok

16:28:32.0242 2444 [ 32BE4A1FAFCCD5CA9AB0CE772C43D5E2 ] C:\Windows\System32\SnippingTool.exe

16:28:32.0242 2444 C:\Windows\System32\SnippingTool.exe - ok

16:28:32.0242 2444 [ 2A40F6AD59D3E598ECDAA6CAB90360A4 ] C:\Windows\System32\SoundRecorder.exe

16:28:32.0242 2444 C:\Windows\System32\SoundRecorder.exe - ok

16:28:32.0242 2444 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5 ] C:\Windows\System32\StikyNot.exe

16:28:32.0242 2444 C:\Windows\System32\StikyNot.exe - ok

16:28:32.0242 2444 [ CCA67BD391CFC9F036323B2522887A6A ] C:\Windows\System32\mobsync.exe

16:28:32.0242 2444 C:\Windows\System32\mobsync.exe - ok

16:28:32.0258 2444 [ ACA7A810549BD74EB1643BAAF0971EFC ] C:\Windows\System32\charmap.exe

16:28:32.0258 2444 C:\Windows\System32\charmap.exe - ok

16:28:32.0258 2444 [ FB036244DBD2FADC225AD8650886B641 ] C:\Windows\System32\dfrgui.exe

16:28:32.0258 2444 C:\Windows\System32\dfrgui.exe - ok

16:28:32.0258 2444 [ 500CA0B50ED17BD76F60085F97885AD1 ] C:\Windows\System32\cleanmgr.exe

16:28:32.0258 2444 C:\Windows\System32\cleanmgr.exe - ok

16:28:32.0258 2444 [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\System32\wdc.dll

16:28:32.0258 2444 C:\Windows\System32\wdc.dll - ok

16:28:32.0258 2444 [ 5F2122888583347C9B81724CF169EFC6 ] C:\Windows\System32\msinfo32.exe

16:28:32.0258 2444 C:\Windows\System32\msinfo32.exe - ok

16:28:32.0273 2444 [ 78079EB83665E1AC18AC9C5E273845BF ] C:\Windows\System32\rstrui.exe

16:28:32.0273 2444 C:\Windows\System32\rstrui.exe - ok

16:28:32.0273 2444 [ B72F77DA5A69F5626696182E17B503BA ] C:\Windows\System32\miguiresource.dll

16:28:32.0273 2444 C:\Windows\System32\miguiresource.dll - ok

16:28:32.0273 2444 [ 66DAA4B08C56D44A2FB154357C2FF364 ] C:\Windows\System32\migwiz\PostMig.exe

16:28:32.0273 2444 C:\Windows\System32\migwiz\PostMig.exe - ok

16:28:32.0289 2444 [ AF2340DC7B439FC3429DA92E8EA35750 ] C:\Windows\System32\migwiz\migwiz.exe

16:28:32.0289 2444 C:\Windows\System32\migwiz\migwiz.exe - ok

16:28:32.0289 2444 [ 5BCB0EB1A8EC016C03375E5C87344400 ] C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe

16:28:32.0289 2444 C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe - ok

16:28:32.0289 2444 [ 21E01FD4147EA1B952E4CD9928B879B8 ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

16:28:32.0289 2444 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok

16:28:32.0289 2444 [ 5AF22331F2CA24D7688DE5C374519BA3 ] C:\Program Files\Windows Journal\Journal.exe

16:28:32.0289 2444 C:\Program Files\Windows Journal\Journal.exe - ok

16:28:32.0304 2444 [ 38AAD0496ED6459106FA6BAA00AFA13D ] C:\Windows\Branding\ShellBrd\shellbrd.dll

16:28:32.0304 2444 C:\Windows\Branding\ShellBrd\shellbrd.dll - ok

16:28:32.0304 2444 [ B3CC5F3514BF58EE55153795CF183754 ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe

16:28:32.0304 2444 C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok

16:28:32.0304 2444 [ 92F44E405DB16AC55D97E3BFE3B132FA ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

16:28:32.0304 2444 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok

16:28:32.0320 2444 [ 0BBDB0F5A25A2FE0502F44CA7D04AB61 ] C:\Windows\System32\mycomput.dll

16:28:32.0320 2444 C:\Windows\System32\mycomput.dll - ok

16:28:32.0320 2444 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll

16:28:32.0320 2444 C:\Windows\System32\odbcint.dll - ok

16:28:32.0320 2444 [ F945ADCEF203E6104AEC8EC9C337CFD0 ] C:\Windows\System32\iscsicpl.dll

16:28:32.0320 2444 C:\Windows\System32\iscsicpl.dll - ok

16:28:32.0320 2444 [ 4D05BDE56A7116B744B04192173A0122 ] C:\Windows\System32\MdSched.exe

16:28:32.0320 2444 C:\Windows\System32\MdSched.exe - ok

16:28:32.0320 2444 [ A3E23DD82AA7963D9F7D184BEEEE5448 ] C:\Windows\System32\filemgmt.dll

16:28:32.0320 2444 C:\Windows\System32\filemgmt.dll - ok

16:28:32.0336 2444 [ A00075951E38A73FE2F9D8384311710A ] C:\Windows\System32\msconfig.exe

16:28:32.0336 2444 C:\Windows\System32\msconfig.exe - ok

16:28:32.0336 2444 [ 81241E7723D5675AF6E27A7F0E7F3324 ] C:\Windows\System32\AuthFWGP.dll

16:28:32.0336 2444 C:\Windows\System32\AuthFWGP.dll - ok

16:28:32.0336 2444 [ 475DF5742BC3151428DAFFF449910FFE ] C:\Program Files\Adobe Media Player\Adobe Media Player.exe

16:28:32.0336 2444 C:\Program Files\Adobe Media Player\Adobe Media Player.exe - ok

16:28:32.0336 2444 [ 47FAE63BEEEECCADDDC33C0CCC40DB08 ] C:\Program Files\Adobe\Adobe Help\Adobe Help.exe

16:28:32.0336 2444 C:\Program Files\Adobe\Adobe Help\Adobe Help.exe - ok

16:28:32.0336 2444 [ 642E47FB6B67D5AB8D7DF196581B5933 ] C:\Program Files\Amazon\MP3 Downloader\AmazonMP3Downloader.exe

16:28:32.0336 2444 C:\Program Files\Amazon\MP3 Downloader\AmazonMP3Downloader.exe - ok

16:28:32.0351 2444 [ 45A8E91913BA3864562DD9727BE631D2 ] C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe

16:28:32.0351 2444 C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe - ok

16:28:32.0351 2444 [ 8D920D606053072FE2EE6F85C3D78A18 ] C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\Uninstaller.exe

16:28:32.0351 2444 C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\Uninstaller.exe - ok

16:28:32.0351 2444 [ 01FA2B66B00B34AF21C77F774E7DD230 ] C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\unins000.exe

16:28:32.0351 2444 C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\unins000.exe - ok

16:28:32.0367 2444 [ 7D821FF8789BF6F5CB1ED8755E647770 ] C:\Program Files\Audacity\audacity.exe

16:28:32.0367 2444 C:\Program Files\Audacity\audacity.exe - ok

16:28:32.0367 2444 [ E0A9A1D822F204870F1C72A68CA5C85A ] C:\Program Files\AutoShutdown\AutoShutdown.exe

16:28:32.0367 2444 C:\Program Files\AutoShutdown\AutoShutdown.exe - ok

16:28:32.0367 2444 [ 973567B98CDFC147DF4E60471D9DF072 ] C:\Program Files\AutoShutdown\UNWISE.EXE

16:28:32.0367 2444 C:\Program Files\AutoShutdown\UNWISE.EXE - ok

16:28:32.0367 2444 [ 988A120B9E025366FDB69BB7B67AA8DA ] C:\Windows\Installer\{89A9B9EE-839E-4820-9450-2912C82F46AF}\NewShortcut1_D1D572C6FCBA4504ACB2148585EE63D6.exe

16:28:32.0367 2444 C:\Windows\Installer\{89A9B9EE-839E-4820-9450-2912C82F46AF}\NewShortcut1_D1D572C6FCBA4504ACB2148585EE63D6.exe - ok

16:28:32.0382 2444 [ 7CD0D42AA030FA713C8D09CB0C90178A ] C:\Program Files\Boilsoft\Boilsoft Video Splitter\VideoSplitter.exe

16:28:32.0382 2444 C:\Program Files\Boilsoft\Boilsoft Video Splitter\VideoSplitter.exe - ok

16:28:32.0382 2444 [ 512E69908DC96D69184C78B1AB2D761C ] C:\Program Files\Boilsoft\Boilsoft Video Splitter\unins000.exe

16:28:32.0382 2444 C:\Program Files\Boilsoft\Boilsoft Video Splitter\unins000.exe - ok

16:28:32.0382 2444 [ A166843E2BA10A7EBC123FF255EC3CDF ] C:\Program Files\CCleaner\uninst.exe

16:28:32.0382 2444 C:\Program Files\CCleaner\uninst.exe - ok

16:28:32.0382 2444 [ 4160107C0506D52C8CFC173B50253103 ] C:\Program Files\Classic Menu for Office\unins000.exe

16:28:32.0382 2444 C:\Program Files\Classic Menu for Office\unins000.exe - ok

16:28:32.0398 2444 [ 48208CC3525A8B525772B1AA373E941F ] C:\Program Files\Classic Shell\ClassicExplorerSettings.exe

16:28:32.0398 2444 C:\Program Files\Classic Shell\ClassicExplorerSettings.exe - ok

16:28:32.0398 2444 [ 1A04ECFEFEC96A31A89E2AC3EE96C1B9 ] C:\Program Files\ColorPic 4.1\ColorPic.exe

16:28:32.0398 2444 C:\Program Files\ColorPic 4.1\ColorPic.exe - ok

16:28:32.0398 2444 [ 8FF71B68852C8DE7E9323D72A61A7DAD ] C:\Windows\ColorPic Uninstaller.exe

16:28:32.0398 2444 C:\Windows\ColorPic Uninstaller.exe - ok

16:28:32.0398 2444 [ D840A3D860437318FFE031959026C2F6 ] C:\Program Files\CPUID\CPU-Z\cpuz.exe

16:28:32.0398 2444 C:\Program Files\CPUID\CPU-Z\cpuz.exe - ok

16:28:32.0414 2444 [ F697B36C8CA0574B199959C0C4E75B73 ] C:\Program Files\CPUID\CPU-Z\unins000.exe

16:28:32.0414 2444 C:\Program Files\CPUID\CPU-Z\unins000.exe - ok

16:28:32.0414 2444 [ 4BFE292AB7141A157AB2EF64A4F6D3D5 ] C:\Program Files\D-Fend Reloaded\DFend.exe

16:28:32.0414 2444 C:\Program Files\D-Fend Reloaded\DFend.exe - ok

16:28:32.0414 2444 [ 33294E0A8B970B8DE45CE446E2ADD783 ] C:\Program Files\D-Fend Reloaded\DOSBox\DOSBox.exe

16:28:32.0414 2444 C:\Program Files\D-Fend Reloaded\DOSBox\DOSBox.exe - ok

16:28:32.0429 2444 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe

16:28:32.0429 2444 C:\Windows\System32\rundll32.exe - ok

16:28:32.0429 2444 [ 80CC7C4E40C8790724B895AB7673145E ] C:\Program Files\D-Fend Reloaded\Uninstall.exe

16:28:32.0429 2444 C:\Program Files\D-Fend Reloaded\Uninstall.exe - ok

16:28:32.0429 2444 [ FAC5B4422E6A8719928A30E5FDADBBC2 ] C:\Program Files\Illustrate\dBpoweramp\dBConfig.exe

16:28:32.0429 2444 C:\Program Files\Illustrate\dBpoweramp\dBConfig.exe - ok

16:28:32.0429 2444 [ AE9645666AD178964255D6826289EAC4 ] C:\Program Files\Illustrate\dBpoweramp\DMCFileSelector.exe

16:28:32.0429 2444 C:\Program Files\Illustrate\dBpoweramp\DMCFileSelector.exe - ok

16:28:32.0445 2444 [ 8DD05D56F8D91A2B55DB99BBF456A679 ] C:\Program Files\Illustrate\dBpoweramp\CDGrab.exe

16:28:32.0445 2444 C:\Program Files\Illustrate\dBpoweramp\CDGrab.exe - ok

16:28:32.0445 2444 [ 99413B3062A9741ADB477E6936898F3E ] C:\Program Files\Illustrate\dBpoweramp\CDWriter.exe

16:28:32.0445 2444 C:\Program Files\Illustrate\dBpoweramp\CDWriter.exe - ok

16:28:32.0445 2444 [ 7961B380DE0D3026DBB77F8F42E93424 ] C:\Program Files\Illustrate\dBpoweramp\MusicConverter.exe

16:28:32.0445 2444 C:\Program Files\Illustrate\dBpoweramp\MusicConverter.exe - ok

16:28:32.0445 2444 [ D7E8F7CF2AB1F05C6FF52B37C7A2EF85 ] C:\Windows\System32\SpoonUninstall.exe

16:28:32.0445 2444 C:\Windows\System32\SpoonUninstall.exe - ok

16:28:32.0460 2444 [ 368CDD1DA6886849F29E6002810AD1E4 ] C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe

16:28:32.0460 2444 C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe - ok

16:28:32.0460 2444 [ C52E66F5FB59B4FC986771B891BE426E ] C:\Windows\System32\url.dll

16:28:32.0460 2444 C:\Windows\System32\url.dll - ok

16:28:32.0460 2444 [ 33294E0A8B970B8DE45CE446E2ADD783 ] C:\Program Files\DOSBox-0.74\DOSBox.exe

16:28:32.0460 2444 C:\Program Files\DOSBox-0.74\DOSBox.exe - ok

16:28:32.0476 2444 [ 660792CA809D5487D76F22EF700B596B ] C:\Program Files\DOSBox-0.74\uninstall.exe

16:28:32.0476 2444 C:\Program Files\DOSBox-0.74\uninstall.exe - ok

16:28:32.0476 2444 [ 232BEF2EE1028E08E2C6353F1FB6E4A8 ] C:\Program Files\Driving Test Success - All Tests (2008-2009)\HPT_Diag.exe

16:28:32.0476 2444 C:\Program Files\Driving Test Success - All Tests (2008-2009)\HPT_Diag.exe - ok

16:28:32.0476 2444 [ 47DB9B99F6AA34A7485A847C19B8DB44 ] C:\Program Files\Driving Test Success - All Tests (2008-2009)\unins000.exe

16:28:32.0476 2444 C:\Program Files\Driving Test Success - All Tests (2008-2009)\unins000.exe - ok

16:28:32.0476 2444 [ B4DE5660A5E04E88C7185B62E6BD801F ] C:\Program Files\DVD Audio Extractor\unins000.exe

16:28:32.0476 2444 C:\Program Files\DVD Audio Extractor\unins000.exe - ok

16:28:32.0492 2444 [ 0A87198FACE29466307AEC11AE1AFC6B ] C:\Program Files\DVD Shrink\DVD Shrink 3.2.exe

16:28:32.0492 2444 C:\Program Files\DVD Shrink\DVD Shrink 3.2.exe - ok

16:28:32.0492 2444 [ BF15CE70E055955FAFD81A18EC1C0771 ] C:\Program Files\DVD Shrink\unins000.exe

16:28:32.0492 2444 C:\Program Files\DVD Shrink\unins000.exe - ok

16:28:32.0492 2444 [ E7A4D1926BDBE0D84C8F35F8DFB99D8D ] C:\Program Files\DVDlabPro2\DVDlabPRO.exe

16:28:32.0492 2444 C:\Program Files\DVDlabPro2\DVDlabPRO.exe - ok

16:28:32.0492 2444 [ 2E0323A94915FAAB10A25F3BABF82584 ] C:\Program Files\ERUNT\ERUNT.EXE

16:28:32.0492 2444 C:\Program Files\ERUNT\ERUNT.EXE - ok

16:28:32.0507 2444 [ 8AAF428210575AED5CEBC1B5702FB366 ] C:\Program Files\ERUNT\NTREGOPT.EXE

16:28:32.0507 2444 C:\Program Files\ERUNT\NTREGOPT.EXE - ok

16:28:32.0507 2444 [ BF15CE70E055955FAFD81A18EC1C0771 ] C:\Program Files\ERUNT\unins000.exe

16:28:32.0507 2444 C:\Program Files\ERUNT\unins000.exe - ok

16:28:32.0507 2444 [ 18728141E66B2B86E1C0DE315140A1F2 ] C:\Windows\Installer\{D02EDDE7-B5C5-40A2-AF57-73A3278F4EEB}\egui.exe

16:28:32.0507 2444 C:\Windows\Installer\{D02EDDE7-B5C5-40A2-AF57-73A3278F4EEB}\egui.exe - ok

16:28:32.0507 2444 [ 9944983F0E40BDBFA4B3C43A2E82B4E5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\SysInspector.exe

16:28:32.0507 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\SysInspector.exe - ok

16:28:32.0523 2444 [ C2964DDD7097603610C8012B062092A7 ] C:\Program Files\ESET\ESET NOD32 Antivirus\SysRescue.exe

16:28:32.0523 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\SysRescue.exe - ok

16:28:32.0523 2444 [ 38AA740B7987728DE9E8ED4AD6D23886 ] C:\Program Files\FileZilla FTP Client\filezilla.exe

16:28:32.0523 2444 C:\Program Files\FileZilla FTP Client\filezilla.exe - ok

16:28:32.0523 2444 [ B791E895DA11125320ADC703432175DE ] C:\Program Files\FileZilla FTP Client\uninstall.exe

16:28:32.0523 2444 C:\Program Files\FileZilla FTP Client\uninstall.exe - ok

16:28:32.0523 2444 [ 73C229BDC15A952BFF7A049F1C872E97 ] C:\Program Files\Thinking BIG\Font Viewer\Font Viewer.exe

16:28:32.0523 2444 C:\Program Files\Thinking BIG\Font Viewer\Font Viewer.exe - ok

16:28:32.0538 2444 [ FF196B3BE692D8A7E887D0291CE89C7E ] C:\Program Files\Thinking BIG\Font Viewer\unins000.exe

16:28:32.0538 2444 C:\Program Files\Thinking BIG\Font Viewer\unins000.exe - ok

16:28:32.0538 2444 [ 42A4A0A0DD2BF6F0F54B71CB7E37365E ] C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe

16:28:32.0538 2444 C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe - ok

16:28:32.0538 2444 [ 9DCBAABC84523B3FCA1DFE2C8BB39571 ] C:\Program Files\Microsoft Games\Chess\Chess.exe

16:28:32.0538 2444 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok

16:28:32.0554 2444 [ 58B73DCC82770CE13A94770F2C50C400 ] C:\Program Files\D-Fend Reloaded\Bin\DFendGameExplorerData.dll

16:28:32.0554 2444 C:\Program Files\D-Fend Reloaded\Bin\DFendGameExplorerData.dll - ok

16:28:32.0554 2444 [ 7B38143A929CFD306A29B33DA166E521 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe

16:28:32.0554 2444 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok

16:28:32.0554 2444 [ 49A6B6E597D999D763EF13FEA3454EEC ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe

16:28:32.0554 2444 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok

16:28:32.0554 2444 [ BA536F08F9F3CC762B0429085D88F83D ] C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe

16:28:32.0554 2444 C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe - ok

16:28:32.0570 2444 [ 2E436ECB9920C2480F0721EAFE756A99 ] C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe

16:28:32.0570 2444 C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe - ok

16:28:32.0570 2444 [ F2F29D23B3FFD02B2EF62D338601CA27 ] C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe

16:28:32.0570 2444 C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe - ok

16:28:32.0570 2444 [ 8F9401FEA49AE62A83A728342997764A ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe

16:28:32.0570 2444 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok

16:28:32.0585 2444 [ 7E7ECE595A0D7EA9EE912EFA20118AA3 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe

16:28:32.0585 2444 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok

16:28:32.0585 2444 [ 7FC255DF13B3345B9F7C3AA0E542A76D ] C:\Program Files\Microsoft Games\More Games\MoreGames.dll

16:28:32.0585 2444 C:\Program Files\Microsoft Games\More Games\MoreGames.dll - ok

16:28:32.0585 2444 [ 3101C183BA62870E94782C7D31564E72 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe

16:28:32.0585 2444 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok

16:28:32.0585 2444 [ 8481F88ACB60C4CEA5DD028D2C1F4128 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe

16:28:32.0585 2444 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok

16:28:32.0601 2444 [ 39DFC1401B7DB273933B5FB08E8394F8 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe

16:28:32.0601 2444 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok

16:28:32.0601 2444 [ 234418684CA870BEEF416817557BEB0C ] C:\Program Files\Gold Wave Editor Pro\GoldWaveEditor.exe

16:28:32.0601 2444 C:\Program Files\Gold Wave Editor Pro\GoldWaveEditor.exe - ok

16:28:32.0601 2444 [ F01E2B95D0EAC9712EB4B772BA658D30 ] C:\Program Files\Gold Wave Editor Pro\unins000.exe

16:28:32.0601 2444 C:\Program Files\Gold Wave Editor Pro\unins000.exe - ok

16:28:32.0616 2444 [ DF4DC389BE472E3A0004134D33AA5086 ] C:\Windows\Installer\{6112DD9A-2A3B-4487-8271-ADBA4A390287}\NewShortcut4_2.exe

16:28:32.0616 2444 C:\Windows\Installer\{6112DD9A-2A3B-4487-8271-ADBA4A390287}\NewShortcut4_2.exe - ok

16:28:32.0616 2444 [ 641FF330F56BC3752ED3A7A93642531C ] C:\Windows\Installer\{6112DD9A-2A3B-4487-8271-ADBA4A390287}\NewShortcut1_1.exe

16:28:32.0616 2444 C:\Windows\Installer\{6112DD9A-2A3B-4487-8271-ADBA4A390287}\NewShortcut1_1.exe - ok

16:28:32.0616 2444 [ 6E621E4C417B7434803D6DA3E60ED32B ] C:\Program Files\HostsMan\hm.exe

16:28:32.0616 2444 C:\Program Files\HostsMan\hm.exe - ok

16:28:32.0616 2444 [ 8BEBAC4CB105CE836D52998A3350B473 ] C:\Program Files\HostsMan\hostssrv.exe

16:28:32.0616 2444 C:\Program Files\HostsMan\hostssrv.exe - ok

16:28:32.0632 2444 [ 3B26B972B476045D268439B8A333E5ED ] C:\Program Files\HostsMan\uninstall.exe

16:28:32.0632 2444 C:\Program Files\HostsMan\uninstall.exe - ok

16:28:32.0632 2444 [ EA064EEC760C056E5C756915B9B7F2BB ] C:\Program Files\Hotspot Shield\bin\openvpntray.exe

16:28:32.0632 2444 C:\Program Files\Hotspot Shield\bin\openvpntray.exe - ok

16:28:32.0632 2444 [ 4FDBC6A689D331DA86DFD375284F6002 ] C:\Program Files\Hotspot Shield\Uninstall.exe

16:28:32.0632 2444 C:\Program Files\Hotspot Shield\Uninstall.exe - ok

16:28:32.0632 2444 [ C00BF2442C6285FE95E8D60C6BDED3AF ] C:\Program Files\ImTOO\DVD Audio Ripper 4\Uninstall.exe

16:28:32.0632 2444 C:\Program Files\ImTOO\DVD Audio Ripper 4\Uninstall.exe - ok

16:28:32.0648 2444 [ 925F39488F2ADD1A1A31AF32B6ECC160 ] C:\Program Files\InstantEyedropper\InstantEyedropper.exe

16:28:32.0648 2444 C:\Program Files\InstantEyedropper\InstantEyedropper.exe - ok

16:28:32.0648 2444 [ 01A0964DE8B2F3A32FCC8119B0D531B8 ] C:\Program Files\InstantEyedropper\unins000.exe

16:28:32.0648 2444 C:\Program Files\InstantEyedropper\unins000.exe - ok

16:28:32.0648 2444 [ 7FC67C066A104CD566DE764979585E2F ] C:\Windows\Installer\{E413B1E3-06C3-4E17-8DC1-A6CB58F792CC}\NewShortcut2_45E6A2AFE8B04509AC764EDF721ED35D.exe

16:28:32.0648 2444 C:\Windows\Installer\{E413B1E3-06C3-4E17-8DC1-A6CB58F792CC}\NewShortcut2_45E6A2AFE8B04509AC764EDF721ED35D.exe - ok

16:28:32.0648 2444 [ 715C5540F8DC49995D3A2B2FC0C1CABE ] C:\Windows\Installer\{E413B1E3-06C3-4E17-8DC1-A6CB58F792CC}\NewShortcut3_C5337134BDDF405084DDC2A3DE58479D.exe

16:28:32.0648 2444 C:\Windows\Installer\{E413B1E3-06C3-4E17-8DC1-A6CB58F792CC}\NewShortcut3_C5337134BDDF405084DDC2A3DE58479D.exe - ok

16:28:32.0663 2444 [ BC57A2D53154634C8AA7BCCC7D4CB7F9 ] C:\Program Files\KaraFun\KaraFun.exe

16:28:32.0663 2444 C:\Program Files\KaraFun\KaraFun.exe - ok

16:28:32.0663 2444 [ BDEC145EFDAA6A026B1F3591399C4CA6 ] C:\Program Files\KaraFun\unins000.exe

16:28:32.0663 2444 C:\Program Files\KaraFun\unins000.exe - ok

16:28:32.0663 2444 [ 57B16E05260DD3960F0010EF147BA8BC ] C:\Program Files\NVH Production\KaraFun Studio 1.20\Uninstall.exe

16:28:32.0663 2444 C:\Program Files\NVH Production\KaraFun Studio 1.20\Uninstall.exe - ok

16:28:32.0663 2444 [ A0A3F4DBCCD4E598C843C0FB28C4493F ] C:\Program Files\Karaoke CD+G Creator Pro\KaraokeCDGCreatorPro.exe

16:28:32.0663 2444 C:\Program Files\Karaoke CD+G Creator Pro\KaraokeCDGCreatorPro.exe - ok

16:28:32.0679 2444 [ C3C4D17ABA92EA96969A32E99AB82A0B ] C:\Program Files\Karaoke CD+G Creator Pro\PowerCDGPlayer.exe

16:28:32.0679 2444 C:\Program Files\Karaoke CD+G Creator Pro\PowerCDGPlayer.exe - ok

16:28:32.0679 2444 [ A6F3B39FDB2AFAB405EEAB8CDB6E04D2 ] C:\Program Files\Karaoke CD+G Creator Pro\BINInterleave.exe

16:28:32.0679 2444 C:\Program Files\Karaoke CD+G Creator Pro\BINInterleave.exe - ok

16:28:32.0679 2444 [ F82BB83E6CEAC610B0ED49100C73C84B ] C:\Program Files\Karaoke CD+G Creator Pro\CUECreator.exe

16:28:32.0679 2444 C:\Program Files\Karaoke CD+G Creator Pro\CUECreator.exe - ok

16:28:32.0694 2444 [ CAF9211C51320C072C9D976F8AE48E30 ] C:\Program Files\Karaoke CD+G Creator Pro\unins000.exe

16:28:32.0694 2444 C:\Program Files\Karaoke CD+G Creator Pro\unins000.exe - ok

16:28:32.0694 2444 [ DEC6F2E19335AE2BD345B93FFE92C41B ] C:\Program Files\MainConcept\MPEG Encoder\mcmpgenc.exe

16:28:32.0694 2444 C:\Program Files\MainConcept\MPEG Encoder\mcmpgenc.exe - ok

16:28:32.0694 2444 [ F6E015DA6BBF4F2036650C246F019F3C ] C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe

16:28:32.0694 2444 C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe - ok

16:28:32.0694 2444 [ E24BB41C4EFC309A14709FC127A3B847 ] C:\Windows\System32\sdcpl.dll

16:28:32.0694 2444 C:\Windows\System32\sdcpl.dll - ok

16:28:32.0710 2444 [ 7635B6502882E4B1713F049FD8FD2EA4 ] C:\Windows\System32\recdisc.exe

16:28:32.0710 2444 C:\Windows\System32\recdisc.exe - ok

16:28:32.0710 2444 [ 4AC5B4A0B8D22185C09EE5584BF1CFB5 ] C:\Windows\System32\msra.exe

16:28:32.0710 2444 C:\Windows\System32\msra.exe - ok

16:28:32.0710 2444 [ 2487C45B64790FC210547919F18FAC71 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

16:28:32.0710 2444 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok

16:28:32.0710 2444 [ C8DE25FEFB17627E2237B320CCF30EE1 ] C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

16:28:32.0710 2444 C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe - ok

16:28:32.0726 2444 [ B0222BD0F9D97488D691BCC02B051A92 ] C:\Windows\ehome\ehshell.exe

16:28:32.0726 2444 C:\Windows\ehome\ehshell.exe - ok

16:28:32.0726 2444 [ DF33A516301DF5FEEABA2B550BDFF2F4 ] C:\Program Files\Media Tagger\Media Tagger.exe

16:28:32.0726 2444 C:\Program Files\Media Tagger\Media Tagger.exe - ok

16:28:32.0726 2444 [ 873B2A4BFA47F0BD2ED51A8B1E096E8A ] C:\Program Files\Media Tagger\unins000.exe

16:28:32.0726 2444 C:\Program Files\Media Tagger\unins000.exe - ok

16:28:32.0741 2444 [ D951FB3EB548B3884FFDE3F1DBC59777 ] C:\Program Files\MediaMonkey\unins000.exe

16:28:32.0741 2444 C:\Program Files\MediaMonkey\unins000.exe - ok

16:28:32.0741 2444 [ 051023B22D675856D49360356293A939 ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll

16:28:32.0741 2444 C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll - ok

16:28:32.0741 2444 [ AF297A3A509E6EEDB07810282169A814 ] C:\Program Files\Minilyrics\MLStart.exe

16:28:32.0741 2444 C:\Program Files\Minilyrics\MLStart.exe - ok

16:28:32.0741 2444 [ BD43866E186B7B6A058DC6989A3EEFE7 ] C:\Program Files\Minilyrics\MLSetup.exe

16:28:32.0741 2444 C:\Program Files\Minilyrics\MLSetup.exe - ok

16:28:32.0757 2444 [ DC98B40158E478932CDBF642F5128B76 ] C:\Program Files\Minilyrics\uninst-ml.exe

16:28:32.0757 2444 C:\Program Files\Minilyrics\uninst-ml.exe - ok

16:28:32.0757 2444 [ 8E8A91BA46B2677FA0D42D68F68BEA49 ] C:\Program Files\mIRC\mirc.exe

16:28:32.0757 2444 C:\Program Files\mIRC\mirc.exe - ok

16:28:32.0757 2444 [ 11CCA710674739E3DB8F7450A5B650B6 ] C:\Program Files\Mozilla Firefox\firefox.exe

16:28:32.0757 2444 C:\Program Files\Mozilla Firefox\firefox.exe - ok

16:28:32.0757 2444 [ B5EED5E000DDA3610A341EFB422A2B17 ] C:\Program Files\Mp3tag\Mp3tag.exe

16:28:32.0757 2444 C:\Program Files\Mp3tag\Mp3tag.exe - ok

16:28:32.0772 2444 [ BA959CCC44CCFE0E532D8870AC711826 ] C:\Program Files\Mp3tag\Mp3tagUninstall.exe

16:28:32.0772 2444 C:\Program Files\Mp3tag\Mp3tagUninstall.exe - ok

16:28:32.0772 2444 [ 905CAEC3528DAF0F132FE0B43C79EF44 ] C:\Program Files\Mullvad\mullvad.exe

16:28:32.0772 2444 C:\Program Files\Mullvad\mullvad.exe - ok

16:28:32.0772 2444 [ 1B60C57CFD2F424B71377D75E1C759A8 ] C:\Program Files\NewsLeecher\newsLeecher.exe

16:28:32.0772 2444 C:\Program Files\NewsLeecher\newsLeecher.exe - ok

16:28:32.0772 2444 [ D6BB68DAD379AC14A774FF38A4EA9277 ] C:\Program Files\Notepad++\notepad++.exe

16:28:32.0772 2444 C:\Program Files\Notepad++\notepad++.exe - ok

16:28:32.0788 2444 [ 74A74BAC1862B6694814A8E96FB5CE8F ] C:\Program Files\Noteworthy Software\NoteWorthy Composer 2\NWC2.exe

16:28:32.0788 2444 C:\Program Files\Noteworthy Software\NoteWorthy Composer 2\NWC2.exe - ok

16:28:32.0788 2444 [ 1567AC2069A3F0C8E9B6F287BAE91632 ] C:\Program Files\Noteworthy Software\NoteWorthy Composer 2\Uninstall.exe

16:28:32.0788 2444 C:\Program Files\Noteworthy Software\NoteWorthy Composer 2\Uninstall.exe - ok

16:28:32.0788 2444 [ 2C4164C44B2681378CDA6A5A82F3BB12 ] C:\Program Files\PdaNet for Android\drvins.exe

16:28:32.0788 2444 C:\Program Files\PdaNet for Android\drvins.exe - ok

16:28:32.0788 2444 [ 934829C1B9E1BFE2FCA0E8D7E396F435 ] C:\Program Files\PdaNet for Android\PdaNetPC.exe

16:28:32.0788 2444 C:\Program Files\PdaNet for Android\PdaNetPC.exe - ok

16:28:32.0804 2444 [ 03739E363F8C9FEA3E3E8A8175C353DB ] C:\Program Files\PdaNet for Android\unins000.exe

16:28:32.0804 2444 C:\Program Files\PdaNet for Android\unins000.exe - ok

16:28:32.0804 2444 [ D90CCD7E9D2843E9F26B4323B3A13F46 ] C:\Program Files\PeerBlock\peerblock.exe

16:28:32.0804 2444 C:\Program Files\PeerBlock\peerblock.exe - ok

16:28:32.0804 2444 [ 0BD8F90130C1C347A642C629B17B1CE3 ] C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe

16:28:32.0804 2444 C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe - ok

16:28:32.0804 2444 [ 06DC277C7A54550F65558182BA8208EA ] C:\Program Files\Google\Picasa3\Picasa3.exe

16:28:32.0804 2444 C:\Program Files\Google\Picasa3\Picasa3.exe - ok

16:28:32.0819 2444 [ 59B5B68435E53BA2D251A28BA96E5101 ] C:\Program Files\Google\Picasa3\Uninstall.exe

16:28:32.0819 2444 C:\Program Files\Google\Picasa3\Uninstall.exe - ok

16:28:32.0819 2444 [ F0F75FE3107F172E8AB4104ED679D81C ] C:\Program Files\Plustek\OpticBook 3600\Am32Plus.exe

16:28:32.0819 2444 C:\Program Files\Plustek\OpticBook 3600\Am32Plus.exe - ok

16:28:32.0819 2444 [ 5F5BCDA68F818CB7E2FA57C294B0AE1E ] C:\Program Files\Plustek\OpticBook 3600\Button Manager.exe

16:28:32.0819 2444 C:\Program Files\Plustek\OpticBook 3600\Button Manager.exe - ok

16:28:32.0835 2444 [ D31CEFD11C89EA0B18D6C162090CBD08 ] C:\Program Files\Plustek\OpticBook 3600\Scanner Utility.exe

16:28:32.0835 2444 C:\Program Files\Plustek\OpticBook 3600\Scanner Utility.exe - ok

16:28:32.0835 2444 [ 4EE76D4CB055E8EC281177771345E8B3 ] C:\Program Files\PowerISO\PWRISOVM.EXE

16:28:32.0835 2444 C:\Program Files\PowerISO\PWRISOVM.EXE - ok

16:28:32.0835 2444 [ DDCA30123B71DBD8928D13398DD192C8 ] C:\Program Files\PowerISO\PowerISO.exe

16:28:32.0835 2444 C:\Program Files\PowerISO\PowerISO.exe - ok

16:28:32.0835 2444 [ C5BF6AB55CA10283272FCD2710060506 ] C:\Program Files\PowerISO\uninstall.exe

16:28:32.0835 2444 C:\Program Files\PowerISO\uninstall.exe - ok

16:28:32.0850 2444 [ B993B88C8D0D4053ED71D9AF3B5214A4 ] C:\Program Files\QuickPar\QuickPar.exe

16:28:32.0850 2444 C:\Program Files\QuickPar\QuickPar.exe - ok

16:28:32.0850 2444 [ ED8047EC2E557F7380B7BAE78528282E ] C:\Program Files\QuickPar\uninst.exe

16:28:32.0850 2444 C:\Program Files\QuickPar\uninst.exe - ok

16:28:32.0850 2444 [ 6F289C4E6771C3E8C87E2852B237F481 ] C:\Program Files\QuickTime Alternative\QTSystem\QuickTime.cpl

16:28:32.0850 2444 C:\Program Files\QuickTime Alternative\QTSystem\QuickTime.cpl - ok

16:28:32.0850 2444 [ FE34CFC04F093099F4D42D6043C445C5 ] C:\Program Files\QuickTime Alternative\unins000.exe

16:28:32.0850 2444 C:\Program Files\QuickTime Alternative\unins000.exe - ok

16:28:32.0866 2444 [ C20ED7E679917AF0C008F9AB8D49F90E ] C:\Program Files\REAPER\reamote.exe

16:28:32.0866 2444 C:\Program Files\REAPER\reamote.exe - ok

16:28:32.0866 2444 [ FF90DADF1278DC785DA1C19A9103AD07 ] C:\Program Files\REAPER\reaper.exe

16:28:32.0866 2444 C:\Program Files\REAPER\reaper.exe - ok

16:28:32.0866 2444 [ 0E5561554FAB7232C5805AC5250885E6 ] C:\Program Files\REAPER\Uninstall.exe

16:28:32.0866 2444 C:\Program Files\REAPER\Uninstall.exe - ok

16:28:32.0882 2444 [ 65BAD554473A3C2A314AAACC193A4C0C ] C:\Program Files\Samsung\Kies\Kies.exe

16:28:32.0882 2444 C:\Program Files\Samsung\Kies\Kies.exe - ok

16:28:32.0882 2444 [ EC39A40D9A714084FBB9E098DB454A14 ] C:\Program Files\Scanitto Pro\scanittopro.exe

16:28:32.0882 2444 C:\Program Files\Scanitto Pro\scanittopro.exe - ok

16:28:32.0882 2444 [ CF9D55847534369B2EDD417081ACD632 ] C:\Program Files\Scanitto Pro\unins000.exe

16:28:32.0882 2444 C:\Program Files\Scanitto Pro\unins000.exe - ok

16:28:32.0882 2444 [ 528B30DEA03416DDCD4FC3A519869A6D ] C:\Program Files\ScummVM\scummvm.exe

16:28:32.0882 2444 C:\Program Files\ScummVM\scummvm.exe - ok

16:28:32.0897 2444 [ 49F44204D54DF81ED7FE23D88025FCCB ] C:\Program Files\ScummVM\unins000.exe

16:28:32.0897 2444 C:\Program Files\ScummVM\unins000.exe - ok

16:28:32.0897 2444 [ 20AA5135C856C44B08333365EBFA8087 ] C:\Program Files\Internet Explorer\ieproxy.dll

16:28:32.0897 2444 C:\Program Files\Internet Explorer\ieproxy.dll - ok

16:28:32.0897 2444 [ DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe

16:28:32.0897 2444 C:\Program Files\Windows Sidebar\sidebar.exe - ok

16:28:32.0897 2444 [ D5E00A92B66366CCAB2E20D7DDE189E2 ] C:\Windows\Installer\{5335DADB-34BA-4AE8-A519-648D78498846}\SkypeIcon.exe

16:28:32.0897 2444 C:\Windows\Installer\{5335DADB-34BA-4AE8-A519-648D78498846}\SkypeIcon.exe - ok

16:28:32.0913 2444 [ 5170D04359E5D54A06B084AA5D833115 ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll

16:28:32.0913 2444 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok

16:28:32.0913 2444 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll

16:28:32.0913 2444 C:\Windows\System32\d3d9.dll - ok

16:28:32.0913 2444 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll

16:28:32.0913 2444 C:\Windows\System32\d3d8thk.dll - ok

16:28:32.0913 2444 [ 107B4B572E74DA61658DBFABDB00A71D ] C:\Program Files\Windows Photo Viewer\PhotoBase.dll

16:28:32.0913 2444 C:\Program Files\Windows Photo Viewer\PhotoBase.dll - ok

16:28:32.0928 2444 [ BFCBD5B0D38D09E0C58F16E80FED3127 ] C:\Program Files\Solveig Multimedia\SolveigMM Video Splitter\SMM_BatchSplit.exe

16:28:32.0928 2444 C:\Program Files\Solveig Multimedia\SolveigMM Video Splitter\SMM_BatchSplit.exe - ok

16:28:32.0928 2444 [ 083F57EAFF1AA33AD1402822A0EEB0EA ] C:\Program Files\Solveig Multimedia\SolveigMM Video Splitter\SMMVSplitter.exe

16:28:32.0928 2444 C:\Program Files\Solveig Multimedia\SolveigMM Video Splitter\SMMVSplitter.exe - ok

16:28:32.0928 2444 [ 4CA7B5C9C128316FD6328BD0142053E3 ] C:\Program Files\Solveig Multimedia\SolveigMM Video Splitter\Uninstall.exe

16:28:32.0928 2444 C:\Program Files\Solveig Multimedia\SolveigMM Video Splitter\Uninstall.exe - ok

16:28:32.0944 2444 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll

16:28:32.0944 2444 C:\Windows\System32\esent.dll - ok

16:28:32.0944 2444 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll

16:28:32.0944 2444 C:\Windows\System32\wbem\NCProv.dll - ok

16:28:32.0944 2444 [ 5FAA40BA21AD5EBBF06698F1E2524B40 ] C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exe

16:28:32.0944 2444 C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exe - ok

16:28:32.0944 2444 [ 2FABE8932B741228BAFCBC9B194C9931 ] C:\Program Files\SopCast\SopCast.exe

16:28:32.0944 2444 C:\Program Files\SopCast\SopCast.exe - ok

16:28:32.0960 2444 [ 5270CF1A59520FDE77908A0579A32068 ] C:\Program Files\SopCast\uninst.exe

tjacke_88 · August 22, 2012

(Post Continued)

16:28:32.0960 2444 C:\Program Files\SopCast\uninst.exe - ok

16:28:32.0960 2444 [ E3A85BB574A464E3A41393B140119DF3 ] C:\Users\Tom\Desktop\Sophos Anti Rootkit\sargui.exe

16:28:32.0960 2444 C:\Users\Tom\Desktop\Sophos Anti Rootkit\sargui.exe - ok

16:28:32.0960 2444 [ AB674D00551D8328EA54ADA02301F54A ] C:\Users\Tom\Desktop\Sophos Anti Rootkit\helper.exe

16:28:32.0960 2444 C:\Users\Tom\Desktop\Sophos Anti Rootkit\helper.exe - ok

16:28:32.0975 2444 [ 36B6A233F8EF82B2653885589D3BDB4B ] C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE

16:28:32.0975 2444 C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE - ok

16:28:32.0975 2444 [ 269D2FCFFCC542B8908786F324074E36 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

16:28:32.0975 2444 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok

16:28:32.0975 2444 [ 9A2D520DE21F0E6966C5829645845D4B ] C:\Program Files\TagRename\TagRename.exe

16:28:32.0975 2444 C:\Program Files\TagRename\TagRename.exe - ok

16:28:32.0975 2444 [ A6B4C2C192D85356CDB65B196D16844B ] C:\Program Files\TagScanner\Tagscan.exe

16:28:32.0975 2444 C:\Program Files\TagScanner\Tagscan.exe - ok

16:28:32.0991 2444 [ CFED6EA5AFF7220DC8EAC638A4A5FE3A ] C:\Program Files\TagScanner\unins000.exe

16:28:32.0991 2444 C:\Program Files\TagScanner\unins000.exe - ok

16:28:32.0991 2444 [ 561143892E76D9C279B0DE3D4A5748A3 ] C:\Windows\Installer\{8ED6F771-FB0F-4B34-8DAD-757A20F6A27D}\NewShortcut2_85D6ED5C0A5C4423B575A88AD0ACDE6A_1.exe

16:28:32.0991 2444 C:\Windows\Installer\{8ED6F771-FB0F-4B34-8DAD-757A20F6A27D}\NewShortcut2_85D6ED5C0A5C4423B575A88AD0ACDE6A_1.exe - ok

16:28:32.0991 2444 [ CA9EFDC1957717639FFDD07698D05FF0 ] C:\Windows\Installer\{8ED6F771-FB0F-4B34-8DAD-757A20F6A27D}\NewShortcut1_85D6ED5C0A5C4423B575A88AD0ACDE6A.exe

16:28:32.0991 2444 C:\Windows\Installer\{8ED6F771-FB0F-4B34-8DAD-757A20F6A27D}\NewShortcut1_85D6ED5C0A5C4423B575A88AD0ACDE6A.exe - ok

16:28:32.0991 2444 [ 752FAFCF9DD61F8C5851B36284CCB65F ] C:\Program Files\TopStyle 4\TopStyle4.exe

16:28:33.0006 2444 C:\Program Files\TopStyle 4\TopStyle4.exe - ok

16:28:33.0006 2444 [ B65938E5B2A5D3FDEC759E30534DB586 ] C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut7_AB05B6BCB03E4528A26F4FB0484E03F4.exe

16:28:33.0006 2444 C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut7_AB05B6BCB03E4528A26F4FB0484E03F4.exe - ok

16:28:33.0006 2444 [ B65938E5B2A5D3FDEC759E30534DB586 ] C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut5_9EC784E5826947F28FB36C279055F467.exe

16:28:33.0006 2444 C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut5_9EC784E5826947F28FB36C279055F467.exe - ok

16:28:33.0006 2444 [ B65938E5B2A5D3FDEC759E30534DB586 ] C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut4_D237393E877E4D0E9088B6350726D470.exe

16:28:33.0006 2444 C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut4_D237393E877E4D0E9088B6350726D470.exe - ok

16:28:33.0022 2444 [ B65938E5B2A5D3FDEC759E30534DB586 ] C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut5_FDF27F7628D24FB3B2A16429C1F9D2D1.exe

16:28:33.0022 2444 C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut5_FDF27F7628D24FB3B2A16429C1F9D2D1.exe - ok

16:28:33.0022 2444 [ B65938E5B2A5D3FDEC759E30534DB586 ] C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut2_2139E168930340A1B4767FEBA36CEBB7.exe

16:28:33.0022 2444 C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut2_2139E168930340A1B4767FEBA36CEBB7.exe - ok

16:28:33.0022 2444 [ B65938E5B2A5D3FDEC759E30534DB586 ] C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut1_CFF1182D9BBA4E7CAD81B2415EF018A6.exe

16:28:33.0022 2444 C:\Windows\Installer\{F3529665-D75E-4D6D-98F0-745C78C68E9B}\NewShortcut1_CFF1182D9BBA4E7CAD81B2415EF018A6.exe - ok

16:28:33.0022 2444 [ 74D4EC2218D8B0FFF0EEC278050A6BFC ] C:\Program Files\TOSHIBA\Utilities\TACSPROP.exe

16:28:33.0022 2444 C:\Program Files\TOSHIBA\Utilities\TACSPROP.exe - ok

16:28:33.0038 2444 [ 6354B5755B6DF195C7916F5BF61D66FB ] C:\Program Files\TOSHIBA\PCDiag\PCDiag.exe

16:28:33.0038 2444 C:\Program Files\TOSHIBA\PCDiag\PCDiag.exe - ok

16:28:33.0038 2444 [ D147DD9CD841067B7DC0ADB69DB8B504 ] C:\Program Files\TOSHIBA\FlashCards\TfcRst.exe

16:28:33.0038 2444 C:\Program Files\TOSHIBA\FlashCards\TfcRst.exe - ok

16:28:33.0038 2444 [ 64A0B1516C9939D2937F61B93FEAEEFB ] C:\Program Files\TOSHIBA\FlashCards\TfcConf\TfcConf.exe

16:28:33.0038 2444 C:\Program Files\TOSHIBA\FlashCards\TfcConf\TfcConf.exe - ok

16:28:33.0038 2444 [ A00FB26A7167E634EDAA1DFF6E04D7BB ] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

16:28:33.0038 2444 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe - ok

16:28:33.0053 2444 [ FA8F08013422A4EB68072668B3A73293 ] C:\Program Files\TrueCrypt\TrueCrypt.exe

16:28:33.0053 2444 C:\Program Files\TrueCrypt\TrueCrypt.exe - ok

16:28:33.0053 2444 [ 7A23AC83A0856C352025A6F7C9CC1526 ] C:\Program Files\TrueCrypt\TrueCrypt Setup.exe

16:28:33.0053 2444 C:\Program Files\TrueCrypt\TrueCrypt Setup.exe - ok

16:28:33.0053 2444 [ EE51EFEC8FFDF175AE371D479CF8767E ] C:\Program Files\TuneUp Utilities 2011\OneClick.exe

16:28:33.0053 2444 C:\Program Files\TuneUp Utilities 2011\OneClick.exe - ok

16:28:33.0069 2444 [ 5A1696A0491C2DC9A855AA97632093B5 ] C:\Program Files\TuneUp Utilities 2011\DiskDoctor.exe

16:28:33.0069 2444 C:\Program Files\TuneUp Utilities 2011\DiskDoctor.exe - ok

16:28:33.0069 2444 [ EF555E27A5218385F089499A899882FA ] C:\Program Files\TuneUp Utilities 2011\DiskExplorer.exe

16:28:33.0069 2444 C:\Program Files\TuneUp Utilities 2011\DiskExplorer.exe - ok

16:28:33.0069 2444 [ 101E4FF4F44A05FC289313C80A208334 ] C:\Program Files\TuneUp Utilities 2011\DriveDefrag.exe

16:28:33.0069 2444 C:\Program Files\TuneUp Utilities 2011\DriveDefrag.exe - ok

16:28:33.0069 2444 [ D8288B53E6666A77371CC5CDB864E2C2 ] C:\Program Files\TuneUp Utilities 2011\Integrator.exe

16:28:33.0069 2444 C:\Program Files\TuneUp Utilities 2011\Integrator.exe - ok

16:28:33.0084 2444 [ 247059AB4AAC57D69878B028D7B2641D ] C:\Program Files\TuneUp Utilities 2011\LiveOptimizer.exe

16:28:33.0084 2444 C:\Program Files\TuneUp Utilities 2011\LiveOptimizer.exe - ok

16:28:33.0084 2444 [ 1060530D2887082C19AA59024DBDDE29 ] C:\Program Files\TuneUp Utilities 2011\Report.exe

16:28:33.0084 2444 C:\Program Files\TuneUp Utilities 2011\Report.exe - ok

16:28:33.0084 2444 [ 4CBD2A5EC5224DA940F57B0BCADF2D61 ] C:\Program Files\TuneUp Utilities 2011\ProcessManager.exe

16:28:33.0084 2444 C:\Program Files\TuneUp Utilities 2011\ProcessManager.exe - ok

16:28:33.0084 2444 [ 9368661060EB550B7BED06487869CE9C ] C:\Program Files\TuneUp Utilities 2011\ProgramDeactivator.exe

16:28:33.0100 2444 C:\Program Files\TuneUp Utilities 2011\ProgramDeactivator.exe - ok

16:28:33.0100 2444 [ 4047285F55787544CCEBBD81E7155020 ] C:\Program Files\TuneUp Utilities 2011\RegistryCleaner.exe

16:28:33.0100 2444 C:\Program Files\TuneUp Utilities 2011\RegistryCleaner.exe - ok

16:28:33.0100 2444 [ F6B0880546A5BC749CF702A92547ECFC ] C:\Program Files\TuneUp Utilities 2011\RegistryDefrag.exe

16:28:33.0100 2444 C:\Program Files\TuneUp Utilities 2011\RegistryDefrag.exe - ok

16:28:33.0100 2444 [ 98BE436975810A5EAAE18B4DB05DB033 ] C:\Program Files\TuneUp Utilities 2011\RegistryEditor.exe

16:28:33.0100 2444 C:\Program Files\TuneUp Utilities 2011\RegistryEditor.exe - ok

16:28:33.0116 2444 [ 25FF8F3AE6CBD347AB1F9DC1D893EF30 ] C:\Program Files\TuneUp Utilities 2011\RepairWizard.exe

16:28:33.0116 2444 C:\Program Files\TuneUp Utilities 2011\RepairWizard.exe - ok

16:28:33.0116 2444 [ A65EFF9094793DD9EE72DEB5A43334A0 ] C:\Program Files\TuneUp Utilities 2011\RescueCenter.exe

16:28:33.0116 2444 C:\Program Files\TuneUp Utilities 2011\RescueCenter.exe - ok

16:28:33.0116 2444 [ DF6C927C245FEC970891E00DFE52AFE3 ] C:\Program Files\TuneUp Utilities 2011\ShortcutCleaner.exe

16:28:33.0116 2444 C:\Program Files\TuneUp Utilities 2011\ShortcutCleaner.exe - ok

16:28:33.0116 2444 [ 5E48FEA2484E840D8144DB301C9B890D ] C:\Program Files\TuneUp Utilities 2011\Shredder.exe

16:28:33.0116 2444 C:\Program Files\TuneUp Utilities 2011\Shredder.exe - ok

16:28:33.0131 2444 [ F8F8E17510AD33F9C8C08654BE57C279 ] C:\Program Files\TuneUp Utilities 2011\StartUpManager.exe

16:28:33.0131 2444 C:\Program Files\TuneUp Utilities 2011\StartUpManager.exe - ok

16:28:33.0131 2444 [ AF41C38D263A9BAD35611F7C8E277925 ] C:\Program Files\TuneUp Utilities 2011\StartupOptimizer.exe

16:28:33.0131 2444 C:\Program Files\TuneUp Utilities 2011\StartupOptimizer.exe - ok

16:28:33.0131 2444 [ 67A0CAA4C7C1E2B0161AF5914E24D94C ] C:\Program Files\TuneUp Utilities 2011\WinStyler.exe

16:28:33.0131 2444 C:\Program Files\TuneUp Utilities 2011\WinStyler.exe - ok

16:28:33.0147 2444 [ D38EB1F9B5DC6B6EB93DEF115489E2E9 ] C:\Program Files\TuneUp Utilities 2011\SystemControl.exe

16:28:33.0147 2444 C:\Program Files\TuneUp Utilities 2011\SystemControl.exe - ok

16:28:33.0147 2444 [ EBCA5E6967E9DBD2CFE3C8ABDF95FF4F ] C:\Program Files\TuneUp Utilities 2011\SystemInformation.exe

16:28:33.0147 2444 C:\Program Files\TuneUp Utilities 2011\SystemInformation.exe - ok

16:28:33.0147 2444 [ 0BC7AFCE425B658657825E8945136A44 ] C:\Program Files\TuneUp Utilities 2011\Undelete.exe

16:28:33.0147 2444 C:\Program Files\TuneUp Utilities 2011\Undelete.exe - ok

16:28:33.0147 2444 [ 9661A488B96173185CE659AD561AEC45 ] C:\Program Files\TuneUp Utilities 2011\UninstallManager.exe

16:28:33.0147 2444 C:\Program Files\TuneUp Utilities 2011\UninstallManager.exe - ok

16:28:33.0162 2444 [ 50E7B71CB9782D68733BDF14C43A0C39 ] C:\Program Files\TuneUp Utilities 2011\UpdateWizard.exe

16:28:33.0162 2444 C:\Program Files\TuneUp Utilities 2011\UpdateWizard.exe - ok

16:28:33.0162 2444 [ 5520AF73EF1A64A5AEDA2EE11E20D689 ] C:\Program Files\Nuclear Coffee\VideoGet\unins000.exe

16:28:33.0162 2444 C:\Program Files\Nuclear Coffee\VideoGet\unins000.exe - ok

16:28:33.0162 2444 [ 52B9C6A502A401FE353D9B2912C65408 ] C:\Program Files\Nuclear Coffee\VideoGet\VideoGet.exe

16:28:33.0162 2444 C:\Program Files\Nuclear Coffee\VideoGet\VideoGet.exe - ok

16:28:33.0178 2444 [ E2C02412CC0BAC66CD8A53341E9571F3 ] C:\Program Files\Virtual Magnifying Glass\unins000.exe

16:28:33.0178 2444 C:\Program Files\Virtual Magnifying Glass\unins000.exe - ok

16:28:33.0178 2444 [ 3BDEB2931A3D0EA251CB6D343C593339 ] C:\Program Files\Virtual Magnifying Glass\magnifier.exe

16:28:33.0178 2444 C:\Program Files\Virtual Magnifying Glass\magnifier.exe - ok

16:28:33.0178 2444 [ 3A259D7C2636E1FD1674ECB4521157B7 ] C:\Program Files\VistaSwitcher\vswitch.exe

16:28:33.0178 2444 C:\Program Files\VistaSwitcher\vswitch.exe - ok

16:28:33.0178 2444 [ A127E6118B9DD2F9D5A7CC4D697A0105 ] C:\Program Files\WinDirStat\Uninstall.exe

16:28:33.0178 2444 C:\Program Files\WinDirStat\Uninstall.exe - ok

16:28:33.0194 2444 [ 24CD9A82FCFC658DD3AE7BA25C958FFB ] C:\Program Files\WinDirStat\windirstat.exe

16:28:33.0194 2444 C:\Program Files\WinDirStat\windirstat.exe - ok

16:28:33.0194 2444 [ 90766F3987AA34BC5D6EAE8A38C1F533 ] C:\Windows\System32\WindowsAnytimeUpgradeui.exe

16:28:33.0194 2444 C:\Windows\System32\WindowsAnytimeUpgradeui.exe - ok

16:28:33.0194 2444 [ 5A8EBF167F36A7C0D6E9BDD027D55EEB ] C:\Program Files\DVD Maker\DVDMaker.exe

16:28:33.0194 2444 C:\Program Files\DVD Maker\DVDMaker.exe - ok

16:28:33.0194 2444 [ E49EF627A75C0BAD02180C97AC527C33 ] C:\Windows\System32\WFSR.dll

16:28:33.0194 2444 C:\Windows\System32\WFSR.dll - ok

16:28:33.0209 2444 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files\Windows Media Player\wmplayer.exe

16:28:33.0209 2444 C:\Program Files\Windows Media Player\wmplayer.exe - ok

16:28:33.0209 2444 [ 3D1DA3DAEE88CA0898E5789DEB27C038 ] C:\Program Files\WinFF\unins000.exe

16:28:33.0209 2444 C:\Program Files\WinFF\unins000.exe - ok

16:28:33.0209 2444 [ C9E9159420E9E6E230C15EA7677EFAA0 ] C:\Program Files\WinFF\winff.exe

16:28:33.0209 2444 C:\Program Files\WinFF\winff.exe - ok

16:28:33.0209 2444 [ 21BF9C03566F69BD81BC938B5B72A2C3 ] C:\Program Files\Xilisoft\DVD Ripper Ultimate\dr_buy.exe

16:28:33.0209 2444 C:\Program Files\Xilisoft\DVD Ripper Ultimate\dr_buy.exe - ok

16:28:33.0225 2444 [ E520F741FE808CA14A81FBB348E28987 ] C:\Program Files\Xilisoft\DVD Ripper Ultimate\Uninstall.exe

16:28:33.0225 2444 C:\Program Files\Xilisoft\DVD Ripper Ultimate\Uninstall.exe - ok

16:28:33.0225 2444 [ C76ED3B6C0872FF61445305EDD580325 ] C:\Program Files\Xilisoft\DVD Ripper Ultimate\drloader.exe

16:28:33.0225 2444 C:\Program Files\Xilisoft\DVD Ripper Ultimate\drloader.exe - ok

16:28:33.0225 2444 [ AD0884F289FE7406DCC2CC986F74A646 ] C:\Program Files\Xilisoft\Video Converter Ultimate 6\vc_buy.exe

16:28:33.0225 2444 C:\Program Files\Xilisoft\Video Converter Ultimate 6\vc_buy.exe - ok

16:28:33.0240 2444 [ 478053E7AD3801B16150054E4CA492BA ] C:\Program Files\Xilisoft\Video Converter Ultimate 6\Uninstall.exe

16:28:33.0240 2444 C:\Program Files\Xilisoft\Video Converter Ultimate 6\Uninstall.exe - ok

16:28:33.0240 2444 [ 75BD3B8D4E6C137877935A6198A2F0D8 ] C:\Program Files\Xilisoft\Video Converter Ultimate 6\vcloader.exe

16:28:33.0240 2444 C:\Program Files\Xilisoft\Video Converter Ultimate 6\vcloader.exe - ok

16:28:33.0240 2444 [ 59B7280D73906B43B13B273A1F9CC3DD ] C:\Windows\System32\xpsrchvw.exe

16:28:33.0240 2444 C:\Windows\System32\xpsrchvw.exe - ok

16:28:33.0240 2444 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll

16:28:33.0240 2444 C:\Windows\System32\wucltux.dll - ok

16:28:33.0256 2444 [ 3925944734DFC5D2253F3DC5923F797D ] C:\Windows\System32\powercpl.dll

16:28:33.0256 2444 C:\Windows\System32\powercpl.dll - ok

16:28:33.0256 2444 [ 7717A57C01812C3714BA25B96C36BF39 ] C:\Windows\System32\taskbarcpl.dll

16:28:33.0256 2444 C:\Windows\System32\taskbarcpl.dll - ok

16:28:33.0256 2444 [ 669E18322F05A14356E8F6DA16D15DA0 ] C:\Windows\System32\Vault.dll

16:28:33.0256 2444 C:\Windows\System32\Vault.dll - ok

16:28:33.0272 2444 [ BD2978E85EF0007A89F7BB1367C007DD ] C:\Windows\System32\TSWorkspace.dll

16:28:33.0272 2444 C:\Windows\System32\TSWorkspace.dll - ok

16:28:33.0272 2444 [ 4C1125D4E222A47FEACE545C979F5723 ] C:\Program Files\Windows Live\Installer\LangSelectorRes.dll

16:28:33.0272 2444 C:\Program Files\Windows Live\Installer\LangSelectorRes.dll - ok

16:28:33.0272 2444 [ 84897874906481E0B3F4045DAD90D69F ] C:\Windows\System32\FirewallControlPanel.dll

16:28:33.0272 2444 C:\Windows\System32\FirewallControlPanel.dll - ok

16:28:33.0272 2444 [ 0386FF59D0F5C1CDE453A3780353069F ] C:\Windows\System32\telephon.cpl

16:28:33.0272 2444 C:\Windows\System32\telephon.cpl - ok

16:28:33.0287 2444 [ DED3A46587F677DFB18C51B0BF6B292F ] C:\Program Files\Java\jre6\bin\javacpl.exe

16:28:33.0287 2444 C:\Program Files\Java\jre6\bin\javacpl.exe - ok

16:28:33.0287 2444 [ 93A245CE653E613E5AFD985F2919D733 ] C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll

16:28:33.0287 2444 C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll - ok

16:28:33.0287 2444 [ D83841B6EE406B58461ACE8A6308AA2D ] C:\Windows\System32\usercpl.dll

16:28:33.0287 2444 C:\Windows\System32\usercpl.dll - ok

16:28:33.0287 2444 [ 0FE24BD8E67F3A6757A5D193A7A9B287 ] C:\Windows\System32\intl.cpl

16:28:33.0287 2444 C:\Windows\System32\intl.cpl - ok

16:28:33.0303 2444 [ BA2B249CD7C8CE15E1A8D69ECAEE5FA3 ] C:\Windows\System32\main.cpl

16:28:33.0303 2444 C:\Windows\System32\main.cpl - ok

16:28:33.0303 2444 [ F5F9CB23EDBF2C77AAE5A2A2FC4FC333 ] C:\Windows\System32\devmgr.dll

16:28:33.0303 2444 C:\Windows\System32\devmgr.dll - ok

16:28:33.0303 2444 [ CE7B235C57F3E16654875A41B20448C4 ] C:\Windows\System32\icardres.dll

16:28:33.0303 2444 C:\Windows\System32\icardres.dll - ok

16:28:33.0303 2444 [ 013CB5286ABB32259349AD858087068C ] C:\Windows\System32\PerfCenterCPL.dll

16:28:33.0303 2444 C:\Windows\System32\PerfCenterCPL.dll - ok

16:28:33.0318 2444 [ 5ABBEF3B5984C29BD9D7CB1C7F35B323 ] C:\Windows\System32\netcenter.dll

16:28:33.0318 2444 C:\Windows\System32\netcenter.dll - ok

16:28:33.0318 2444 [ BFDC1FE9B277779E3263B0B2A9DC3E0D ] C:\Windows\System32\wpccpl.dll

16:28:33.0318 2444 C:\Windows\System32\wpccpl.dll - ok

16:28:33.0318 2444 [ DFA05B91BA331F7407F5F50EEAA9E2B2 ] C:\Windows\System32\autoplay.dll

16:28:33.0318 2444 C:\Windows\System32\autoplay.dll - ok

16:28:33.0318 2444 [ A664679445BFF4FA5A39D933F1AD7F12 ] C:\Windows\System32\inetcpl.cpl

16:28:33.0318 2444 C:\Windows\System32\inetcpl.cpl - ok

16:28:33.0334 2444 [ 031183B7923637CBB3E99CBBE5E821CA ] C:\Windows\System32\colorcpl.exe

16:28:33.0334 2444 C:\Windows\System32\colorcpl.exe - ok

16:28:33.0334 2444 [ 54DEFF61C4E6AF1581DA2F236154BA4C ] C:\Windows\System32\ActionCenterCPL.dll

16:28:33.0334 2444 C:\Windows\System32\ActionCenterCPL.dll - ok

16:28:33.0334 2444 [ 69C81451DCE63069A036FBF646A86996 ] C:\Windows\System32\fontext.dll

16:28:33.0334 2444 C:\Windows\System32\fontext.dll - ok

16:28:33.0350 2444 [ 14558D849EC14160AC3DACD8AC36E10A ] C:\Windows\System32\Display.dll

16:28:33.0350 2444 C:\Windows\System32\Display.dll - ok

16:28:33.0350 2444 [ 3E158EB9DC295CA3EF8D1F1EF57ABEDD ] C:\Windows\System32\DiagCpl.dll

16:28:33.0350 2444 C:\Windows\System32\DiagCpl.dll - ok

16:28:33.0350 2444 [ 151E7B80AAB7524A69A5C046BCCD3206 ] C:\Program Files\Mioplanet\Pixel Ruler\Pixel Ruler.exe

16:28:33.0350 2444 C:\Program Files\Mioplanet\Pixel Ruler\Pixel Ruler.exe - ok

16:28:33.0350 2444 [ EFD4E29FED530564BE4C3076C806FB65 ] C:\Program Files\Windows Defender\MsMpRes.dll

16:28:33.0350 2444 C:\Program Files\Windows Defender\MsMpRes.dll - ok

16:28:33.0365 2444 [ 9FE62954FD1162671CB295577F9969BE ] C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe

16:28:33.0365 2444 C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe - ok

16:28:33.0365 2444 [ E8CB091A918C1C687B087389D9A66B39 ] C:\Windows\System32\SensorsCpl.dll

16:28:33.0365 2444 C:\Windows\System32\SensorsCpl.dll - ok

16:28:33.0365 2444 [ 64B628C5258625129288F2D0C75268DA ] C:\Windows\System32\themecpl.dll

16:28:33.0365 2444 C:\Windows\System32\themecpl.dll - ok

16:28:33.0365 2444 [ 53E054880ADBB856ECE6EB10EDBB8A32 ] C:\Windows\System32\mmsys.cpl

16:28:33.0365 2444 C:\Windows\System32\mmsys.cpl - ok

16:28:33.0381 2444 [ 4154A3678BCF729F6C6AB2297A92F939 ] C:\Windows\System32\FlashPlayerCPLApp.cpl

16:28:33.0381 2444 C:\Windows\System32\FlashPlayerCPLApp.cpl - ok

16:28:33.0381 2444 [ 171004AEE7B0D07592A04A587AF5499D ] C:\Windows\System32\DivXControlPanelApplet.cpl

16:28:33.0381 2444 C:\Windows\System32\DivXControlPanelApplet.cpl - ok

16:28:33.0381 2444 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\System32\wscui.cpl

16:28:33.0381 2444 C:\Windows\System32\wscui.cpl - ok

16:28:33.0381 2444 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\Users\Tom\Desktop\tdsskiller.exe

16:28:33.0381 2444 C:\Users\Tom\Desktop\tdsskiller.exe - ok

16:28:33.0396 2444 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:28:33.0396 2444 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

16:28:33.0396 2444 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

16:28:33.0396 2444 C:\Windows\System32\msvcr100_clr0400.dll - ok

16:28:33.0396 2444 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll

16:28:33.0396 2444 C:\Windows\System32\mscoree.dll - ok

16:28:33.0412 2444 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe

16:28:33.0412 2444 C:\Windows\System32\sppsvc.exe - ok

16:28:33.0412 2444 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys

16:28:33.0412 2444 C:\Windows\System32\drivers\spsys.sys - ok

16:28:33.0412 2444 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll

16:28:33.0412 2444 C:\Windows\System32\sppwinob.dll - ok

16:28:33.0412 2444 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll

16:28:33.0412 2444 C:\Program Files\Windows Defender\MpSvc.dll - ok

16:28:33.0428 2444 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll

16:28:33.0428 2444 C:\Windows\System32\sppobjs.dll - ok

16:28:33.0428 2444 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll

16:28:33.0428 2444 C:\Program Files\Windows Defender\MpClient.dll - ok

16:28:33.0428 2444 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe

16:28:33.0428 2444 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

16:28:33.0428 2444 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll

16:28:33.0428 2444 C:\Windows\System32\wmdrmdev.dll - ok

16:28:33.0443 2444 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll

16:28:33.0443 2444 C:\Windows\System32\drmv2clt.dll - ok

16:28:33.0443 2444 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll

16:28:33.0443 2444 C:\Windows\System32\wscsvc.dll - ok

16:28:33.0443 2444 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

16:28:33.0443 2444 C:\Windows\System32\wuaueng.dll - ok

16:28:33.0459 2444 [ 25F12779A5D93BD4705B36A55D9D6E95 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key

16:28:33.0459 2444 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok

16:28:33.0459 2444 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll

16:28:33.0459 2444 C:\Windows\System32\mspatcha.dll - ok

16:28:33.0459 2444 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll

16:28:33.0459 2444 C:\Windows\System32\p2pcollab.dll - ok

16:28:33.0459 2444 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL

16:28:33.0459 2444 C:\Windows\System32\QAGENTRT.DLL - ok

16:28:33.0474 2444 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll

16:28:33.0474 2444 C:\Windows\System32\fveui.dll - ok

16:28:33.0474 2444 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll

16:28:33.0474 2444 C:\Windows\System32\wups2.dll - ok

16:28:33.0474 2444 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll

16:28:33.0474 2444 C:\Windows\System32\upnp.dll - ok

16:28:33.0474 2444 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll

16:28:33.0474 2444 C:\Windows\System32\ssdpsrv.dll - ok

16:28:33.0490 2444 [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll

16:28:33.0490 2444 C:\Program Files\Windows Defender\MpRTP.dll - ok

16:28:33.0490 2444 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll

16:28:33.0490 2444 C:\Windows\System32\tdh.dll - ok

16:28:33.0490 2444 [ 9EC7467CF286E52F85F5E6B1C58C542F ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm

16:28:33.0490 2444 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok

16:28:33.0490 2444 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll

16:28:33.0490 2444 C:\Windows\System32\wmp.dll - ok

16:28:33.0506 2444 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL

16:28:33.0506 2444 C:\Windows\System32\wmploc.DLL - ok

16:28:33.0506 2444 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll

16:28:33.0506 2444 C:\Windows\System32\wersvc.dll - ok

16:28:33.0506 2444 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll

16:28:33.0506 2444 C:\Windows\System32\wmpps.dll - ok

16:28:33.0521 2444 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll

16:28:33.0521 2444 C:\Windows\System32\wmpmde.dll - ok

16:28:33.0521 2444 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll

16:28:33.0521 2444 C:\Windows\System32\WinSATAPI.dll - ok

16:28:33.0521 2444 [ 253973CA45D11D646D5FD23F205B8922 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE00A8D3-3574-4E6D-9BE4-FFE5DC8E400A}\mpengine.dll

16:28:33.0521 2444 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE00A8D3-3574-4E6D-9BE4-FFE5DC8E400A}\mpengine.dll - ok

16:28:33.0521 2444 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL

16:28:33.0521 2444 C:\Windows\System32\MSMPEG2ENC.DLL - ok

16:28:33.0537 2444 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll

16:28:33.0537 2444 C:\Windows\System32\devenum.dll - ok

16:28:33.0537 2444 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll

16:28:33.0537 2444 C:\Windows\System32\msdmo.dll - ok

16:28:33.0537 2444 [ E43369C78BDAEBADBB302FADF899140D ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE00A8D3-3574-4E6D-9BE4-FFE5DC8E400A}\mpasbase.vdm

16:28:33.0537 2444 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE00A8D3-3574-4E6D-9BE4-FFE5DC8E400A}\mpasbase.vdm - ok

16:28:33.0552 2444 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll

16:28:33.0552 2444 C:\Windows\System32\upnphost.dll - ok

16:28:33.0552 2444 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll

16:28:33.0552 2444 C:\Windows\System32\wbem\wmiprov.dll - ok

16:28:33.0552 2444 [ 9EC7467CF286E52F85F5E6B1C58C542F ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{249F5B42-F0D3-498F-A4C1-E287B86D805B}\mpasdlta.vdm

16:28:33.0552 2444 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{249F5B42-F0D3-498F-A4C1-E287B86D805B}\mpasdlta.vdm - ok

16:28:33.0552 2444 [ 5A6B8F3729D3CDB454306BF9F1479A24 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE00A8D3-3574-4E6D-9BE4-FFE5DC8E400A}\mpasdlta.vdm

16:28:33.0552 2444 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE00A8D3-3574-4E6D-9BE4-FFE5DC8E400A}\mpasdlta.vdm - ok

16:28:33.0568 2444 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll

16:28:33.0568 2444 C:\Windows\System32\udhisapi.dll - ok

16:28:33.0568 2444 [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll

16:28:33.0568 2444 C:\Program Files\Windows Defender\MsMpLics.dll - ok

16:28:33.0568 2444 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll

16:28:33.0568 2444 C:\Windows\System32\wscproxystub.dll - ok

16:28:33.0568 2444 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll

16:28:33.0568 2444 C:\Windows\System32\drprov.dll - ok

16:28:33.0584 2444 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll

16:28:33.0584 2444 C:\Windows\System32\davclnt.dll - ok

16:28:33.0584 2444 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll

16:28:33.0584 2444 C:\Windows\System32\ntlanman.dll - ok

16:28:33.0584 2444 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll

16:28:33.0584 2444 C:\Windows\System32\davhlpr.dll - ok

16:28:33.0584 2444 [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\System32\wscinterop.dll

16:28:33.0584 2444 C:\Windows\System32\wscinterop.dll - ok

16:28:33.0599 2444 [ 1869BD251211FB6275067372A45682D6 ] C:\Windows\System32\werconcpl.dll

16:28:33.0599 2444 C:\Windows\System32\werconcpl.dll - ok

16:28:33.0599 2444 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll

16:28:33.0599 2444 C:\Windows\System32\wercplsupport.dll - ok

16:28:33.0599 2444 [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\System32\hcproviders.dll

16:28:33.0599 2444 C:\Windows\System32\hcproviders.dll - ok

16:28:33.0599 2444 [ 43BE3B9CA431F88E049928DC45C4365C ] C:\Windows\System32\wbem\wmipcima.dll

16:28:33.0599 2444 C:\Windows\System32\wbem\wmipcima.dll - ok

16:28:33.0615 2444 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\System32\wbem\WMIADAP.exe

16:28:33.0615 2444 C:\Windows\System32\wbem\WMIADAP.exe - ok

16:28:33.0615 2444 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\System32\loadperf.dll

16:28:33.0615 2444 C:\Windows\System32\loadperf.dll - ok

16:28:33.0615 2444 [ 198366199A9F342EF87978D79308B49F ] C:\Windows\System32\RacEngn.dll

16:28:33.0615 2444 C:\Windows\System32\RacEngn.dll - ok

16:28:33.0615 2444 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\System32\sqlceoledb30.dll

16:28:33.0615 2444 C:\Windows\System32\sqlceoledb30.dll - ok

16:28:33.0630 2444 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\System32\sqlcese30.dll

16:28:33.0630 2444 C:\Windows\System32\sqlcese30.dll - ok

16:28:33.0630 2444 [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\System32\sqlceqp30.dll

16:28:33.0630 2444 C:\Windows\System32\sqlceqp30.dll - ok

16:28:33.0630 2444 [ 4EF9575BC4EFBF650789224D16C3D0D5 ] C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll

16:28:33.0630 2444 C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll - ok

16:28:33.0646 2444 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

16:28:33.0646 2444 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

16:28:33.0646 2444 [ DD56E3271D8D63D655454B3F5C0F5C01 ] C:\Program Files\Hotspot Shield\HssIE\HssIE.dll

16:28:33.0646 2444 C:\Program Files\Hotspot Shield\HssIE\HssIE.dll - ok

16:28:33.0646 2444 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\System32\wpdshext.dll

16:28:33.0646 2444 C:\Windows\System32\wpdshext.dll - ok

16:28:33.0646 2444 [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\System32\audiodev.dll

16:28:33.0646 2444 C:\Windows\System32\audiodev.dll - ok

16:28:33.0662 2444 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL

16:28:33.0662 2444 C:\Windows\System32\WMVCORE.DLL - ok

16:28:33.0662 2444 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL

16:28:33.0662 2444 C:\Windows\System32\WMASF.DLL - ok

16:28:33.0662 2444 [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\System32\EhStorAPI.dll

16:28:33.0662 2444 C:\Windows\System32\EhStorAPI.dll - ok

16:28:33.0677 2444 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\System32\StructuredQuery.dll

16:28:33.0677 2444 C:\Windows\System32\StructuredQuery.dll - ok

16:28:33.0677 2444 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll

16:28:33.0677 2444 C:\Windows\System32\SearchFolder.dll - ok

16:28:33.0677 2444 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\System32\NaturalLanguage6.dll

16:28:33.0677 2444 C:\Windows\System32\NaturalLanguage6.dll - ok

16:28:33.0677 2444 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\System32\NlsData0009.dll

16:28:33.0677 2444 C:\Windows\System32\NlsData0009.dll - ok

16:28:33.0693 2444 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\System32\NlsLexicons0009.dll

16:28:33.0693 2444 C:\Windows\System32\NlsLexicons0009.dll - ok

16:28:33.0693 2444 [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

16:28:33.0693 2444 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

16:28:33.0693 2444 [ 449D46B95A41FFB44383EE98DD6E95A3 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

16:28:33.0693 2444 C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll - ok

16:28:33.0693 2444 [ D7064DBA39D806503B812AED707C11AC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll

16:28:33.0693 2444 C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll - ok

16:28:33.0708 2444 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

16:28:33.0708 2444 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

16:28:33.0708 2444 [ B9D947029A84B9731AE4311DF035E136 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

16:28:33.0708 2444 C:\Windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll - ok

16:28:33.0708 2444 [ 737AFC772243C75E6AD17A7A8E8E23F9 ] C:\Windows\System32\fms.dll

16:28:33.0708 2444 C:\Windows\System32\fms.dll - ok

16:28:33.0724 2444 [ B29280AA00BC34FEECDC0426B11B9DAC ] C:\Windows\System32\RstrtMgr.dll

16:28:33.0724 2444 C:\Windows\System32\RstrtMgr.dll - ok

16:28:33.0724 2444 [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0 ] C:\Windows\System32\twext.dll

16:28:33.0724 2444 C:\Windows\System32\twext.dll - ok

16:28:33.0724 2444 [ 49B6AF547ED4BA1FB07BF6F384FDA841 ] C:\Program Files\Unlocker\UnlockerCOM.dll

16:28:33.0724 2444 C:\Program Files\Unlocker\UnlockerCOM.dll - ok

16:28:33.0724 2444 [ 545F106781B7AB23651E77C8E5E104C9 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

16:28:33.0724 2444 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll - ok

16:28:33.0740 2444 [ A2F0B6A45EF5B68173AAA2A39690904E ] C:\Windows\System32\zipfldr.dll

16:28:33.0740 2444 C:\Windows\System32\zipfldr.dll - ok

16:28:33.0740 2444 [ D617404D119B1DB10366692447D8A648 ] C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL

16:28:33.0740 2444 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - ok

16:28:33.0740 2444 [ 835B8F5523F2DC6B3F09B52DEA5B7623 ] C:\Program Files\WinRAR\RarExt.dll

16:28:33.0740 2444 C:\Program Files\WinRAR\RarExt.dll - ok

16:28:33.0740 2444 [ 5CF4FBB63F1D393034D9F189DEA95075 ] C:\Program Files\TagRename\TRshell.dll

16:28:33.0740 2444 C:\Program Files\TagRename\TRshell.dll - ok

16:28:33.0755 2444 [ 938CE732A5E160B2724F0D25DC6B318B ] C:\Program Files\TuneUp Utilities 2011\SDShelEx-win32.dll

16:28:33.0755 2444 C:\Program Files\TuneUp Utilities 2011\SDShelEx-win32.dll - ok

16:28:33.0755 2444 [ A5A649003DAA230C2CCFA04E50A6973F ] C:\Program Files\TechSmith\Snagit 10\SnagitShellExt.dll

16:28:33.0755 2444 C:\Program Files\TechSmith\Snagit 10\SnagitShellExt.dll - ok

16:28:33.0755 2444 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

16:28:33.0755 2444 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok

16:28:33.0771 2444 [ BCC93087D218E08C1162A64A327952C2 ] C:\Program Files\TechSmith\Snagit 10\SnagitShellExtRes.dll

16:28:33.0771 2444 C:\Program Files\TechSmith\Snagit 10\SnagitShellExtRes.dll - ok

16:28:33.0771 2444 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL

16:28:33.0771 2444 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok

16:28:33.0771 2444 [ 07E4F155997D1ECD4F70987C1B513FCD ] C:\Program Files\PowerISO\PWRISOSH.DLL

16:28:33.0771 2444 C:\Program Files\PowerISO\PWRISOSH.DLL - ok

16:28:33.0771 2444 [ 12816E6EAFC814DF2ECACA498DE422A0 ] C:\Program Files\Mp3tag\Mp3tagShell32.dll

16:28:33.0771 2444 C:\Program Files\Mp3tag\Mp3tagShell32.dll - ok

16:28:33.0786 2444 [ 86A591473178AA6B6400A8DA225DF04F ] C:\Program Files\Notepad++\NppShell_04.dll

16:28:33.0786 2444 C:\Program Files\Notepad++\NppShell_04.dll - ok

16:28:33.0786 2444 [ D65C8AA00859970387D1FF71B3A6091B ] C:\Program Files\Media Tagger\MTShell.dll

16:28:33.0786 2444 C:\Program Files\Media Tagger\MTShell.dll - ok

16:28:33.0786 2444 [ 8DC09E45E33C679F8BAD8C3C72132670 ] C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll

16:28:33.0786 2444 C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll - ok

16:28:33.0786 2444 [ DC3AE9B975FD0D9AEEFF609885576E59 ] C:\Program Files\CopyFilenames\CopyFilenames32.ocx

16:28:33.0786 2444 C:\Program Files\CopyFilenames\CopyFilenames32.ocx - ok

16:28:33.0802 2444 [ 98ECA04A6B5319043583FE00FC3C22EE ] C:\Windows\System32\synceng.dll

16:28:33.0802 2444 C:\Windows\System32\synceng.dll - ok

16:28:33.0802 2444 [ 20A20A911CD79A6F6839167149A05668 ] C:\Windows\System32\syncui.dll

16:28:33.0802 2444 C:\Windows\System32\syncui.dll - ok

16:28:33.0802 2444 [ 726DFDB9E283B0CB78D87DDD7469BAF3 ] C:\Windows\System32\sendmail.dll

16:28:33.0802 2444 C:\Windows\System32\sendmail.dll - ok

16:28:33.0818 2444 [ 50BB4FBC720D23497EEB5C9DAC497405 ] C:\Windows\System32\mydocs.dll

16:28:33.0818 2444 C:\Windows\System32\mydocs.dll - ok

16:28:33.0818 2444 [ BB879DCFD22926EFBEB3298129898CBB ] C:\Program Files\Unlocker\UnlockerDriver5.sys

16:28:33.0818 2444 C:\Program Files\Unlocker\UnlockerDriver5.sys - ok

16:28:33.0818 2444 [ 1319CD4619E96B156911CA3897563EBC ] C:\Windows\System32\ci.dll

16:28:33.0818 2444 C:\Windows\System32\ci.dll - ok

16:28:33.0818 2444 [ C9905EA4C326DAB778B9297BA5BD1889 ] C:\Windows\System32\wermgr.exe

16:28:33.0818 2444 C:\Windows\System32\wermgr.exe - ok

16:28:33.0833 2444 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\66697505.sys

16:28:33.0833 2444 C:\Windows\System32\drivers\66697505.sys - ok

16:28:33.0833 2444 [ 9CBD37ADD6FA76A9326C6CE081364BFD ] C:\Users\Tom\Desktop\sar_15_sfx.exe

16:28:33.0833 2444 C:\Users\Tom\Desktop\sar_15_sfx.exe - ok

16:28:33.0833 2444 [ AA1FFCCE383A227144FD62A019CD27CE ] C:\Users\Tom\Desktop\esetsmartinstaller_enu.exe

16:28:33.0833 2444 C:\Users\Tom\Desktop\esetsmartinstaller_enu.exe - ok

16:28:33.0833 2444 [ F72CDD99A8626538F3ED924EF7DBA703 ] C:\Program Files\Windows Sidebar\sbdrop.dll

16:28:33.0833 2444 C:\Program Files\Windows Sidebar\sbdrop.dll - ok

16:28:33.0849 2444 [ 3DF6F1F3292DA9B976D6C9DD22272633 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

16:28:33.0849 2444 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll - ok

16:28:33.0849 2444 [ 2E84724E785214F625E16D1E89519DA2 ] C:\Users\Tom\Desktop\dds.scr

16:28:33.0849 2444 C:\Users\Tom\Desktop\dds.scr - ok

16:28:33.0849 2444 [ 9F380C3DA2EABEB1404A447F3C06C5AF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll

16:28:33.0849 2444 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok

16:28:33.0849 2444 [ 3E175EDE04DEC9E227091ED6E3DBE6F3 ] C:\Windows\System32\atiadlxx.dll

16:28:33.0849 2444 C:\Windows\System32\atiadlxx.dll - ok

16:28:33.0864 2444 [ 2723652E8757255E6A55499494932123 ] C:\Program Files\Common Files\System\wab32res.dll

16:28:33.0864 2444 C:\Program Files\Common Files\System\wab32res.dll - ok

16:28:33.0864 2444 [ EF162817C730DB9355F6C28F2445D206 ] C:\Program Files\Windows Mail\wab.exe

16:28:33.0864 2444 C:\Program Files\Windows Mail\wab.exe - ok

16:28:33.0864 2444 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\91943592.sys

16:28:33.0864 2444 C:\Windows\System32\drivers\91943592.sys - ok

16:28:33.0864 2444 [ A9D3B95E8466BD58EEB8A1154654E162 ] C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe

16:28:33.0864 2444 C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe - ok

16:28:33.0880 2444 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\68333263.sys

16:28:33.0880 2444 C:\Windows\System32\drivers\68333263.sys - ok

16:28:33.0880 2444 [ 1ABF96D2DDEC838763CEC88285A1FC6F ] C:\Program Files\Photoshop Portable\CS\Photoshop CS Portable.exe

16:28:33.0880 2444 C:\Program Files\Photoshop Portable\CS\Photoshop CS Portable.exe - ok

16:28:33.0880 2444 ============================================================

16:28:33.0880 2444 Scan finished

16:28:33.0880 2444 ============================================================

16:28:33.0896 1580 Detected object count: 6

16:28:33.0896 1580 Actual detected object count: 6

16:28:37.0733 1580 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user

16:28:37.0733 1580 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:28:37.0733 1580 FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user

16:28:37.0733 1580 FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:28:37.0733 1580 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

16:28:37.0733 1580 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:28:37.0733 1580 mysql ( UnsignedFile.Multi.Generic ) - skipped by user

16:28:37.0733 1580 mysql ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:28:37.0749 1580 sptd ( LockedFile.Multi.Generic ) - skipped by user

16:28:37.0749 1580 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

16:28:37.0749 1580 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user

16:28:37.0749 1580 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:28:40.0463 1604 Deinitialize success

tjacke_88 · August 22, 2012

Malware Bytes

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 912082205

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

22/08/2012 16:52:40

mbam-log-2012-08-22 (16-52-40).txt

Scan type: Quick scan

Objects scanned: 208698

Time elapsed: 6 minute(s), 56 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{DBDB888B-4ED5-5CE5-8AF1-C7D6C508F97D} (Trojan.ZbotR.Gen) -> Value: {DBDB888B-4ED5-5CE5-8AF1-C7D6C508F97D} -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\Tom\AppData\Roaming\Ekysh\ceoqo.exe (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.

DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33

Run by Tom at 16:57:34 on 2012-08-22

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3070.2107 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hotspot Shield\bin\openvpnas.exe

C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Hotspot Shield\bin\hsswd.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

C:\Program Files\LogMeIn\x86\RaMaint.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\LogMeIn\x86\LogMeIn.exe

C:\Program Files\Classic Shell\ClassicStartMenu.exe

C:\Windows\System32\rpcnetp.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe

C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\FindAndRunRobotPortable\FindAndRunRobot.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskeng.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\DllHost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE